Skip to content

chore(lib): update dependency bootstrap to v5 [security] #170

chore(lib): update dependency bootstrap to v5 [security]

chore(lib): update dependency bootstrap to v5 [security] #170

name: Test and deploy environment
on:
workflow_dispatch:
push:
branches-ignore:
- main
- production
concurrency:
group: ${{ github.workflow }}-${{ github.ref_name }}
cancel-in-progress: true
jobs:
prepare:
runs-on: ubuntu-latest
outputs:
env_name: ${{ steps.env_name.outputs.env_name }}
build_matrix: ${{ steps.config.outputs.build }}
deploy_matrix: ${{ steps.config.outputs.deploy }}
test_matrix: ${{ steps.config.outputs.test }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref_name }}
fetch-depth: 0
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: "20.17"
- name: Get environment name
id: env_name
working-directory: devops/scripts
run: |
env_name=$(node get-environment-name.js ${{ github.ref_name }})
echo "env_name: $env_name"
echo "env_name=$env_name" >> $GITHUB_OUTPUT
- name: Get matrices configuration
id: config
run: |
# BUILD MATRIX
echo "[]" \
| jq '. + [{name:"api", tag:$tag}]' --arg tag "$(git log --max-count=1 --oneline -- api packages/lib package-lock.json | cut -d " " -f 1)" \
| jq '. + [{name:"apiv2", tag:$tag}]' --arg tag "$(git log --max-count=1 --oneline -- apiv2 packages/lib package-lock.json | cut -d " " -f 1)" \
| jq '. + [{name:"app", tag:$tag}]' --arg tag "$(git log --max-count=1 --oneline -- app packages package-lock.json | cut -d " " -f 1)" \
| jq '. + [{name:"admin", tag:$tag}]' --arg tag "$(git log --max-count=1 --oneline -- admin packages package-lock.json | cut -d " " -f 1)" > build.json
echo "Build matrix"
cat build.json
echo "build=$(jq -c < build.json)" >> $GITHUB_OUTPUT
# DEPLOY MATRIX
cat build.json > deploy.json
echo "Deploy matrix"
cat deploy.json
echo "deploy=$(jq -c < deploy.json)" >> $GITHUB_OUTPUT
# TEST MATRIX
git switch main
echo "[]" \
| jq '. + [{name:"api", run_test:$tag}]' --arg tag "$(git log --max-count=1 --oneline main..${{ github.ref_name }} -- api packages/lib package-lock.json | cut -d " " -f 1)" \
| jq '. + [{name:"apiv2", run_test:$tag}]' --arg tag "$(git log --max-count=1 --oneline main..${{ github.ref_name }} -- apiv2 packages/lib package-lock.json | cut -d " " -f 1)" \
| jq '. + [{name:"app", run_test:$tag}]' --arg tag "$(git log --max-count=1 --oneline main..${{ github.ref_name }} -- app packages package-lock.json | cut -d " " -f 1)" \
| jq '. + [{name:"admin", run_test:$tag}]' --arg tag "$(git log --max-count=1 --oneline main..${{ github.ref_name }} -- admin packages package-lock.json | cut -d " " -f 1)" \
| jq '. + [{name:"lib", run_test:$tag}]' --arg tag "$(git log --max-count=1 --oneline main..${{ github.ref_name }} -- packages package-lock.json | cut -d " " -f 1)" > test.json
echo "Test matrix"
cat test.json
echo "test=$(jq -c < test.json)" >> $GITHUB_OUTPUT
test:
needs: prepare
runs-on: ubuntu-latest
strategy:
matrix:
app: ${{ fromJSON(needs.prepare.outputs.test_matrix) }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref_name }}
- name: Run tests
uses: jenseng/dynamic-uses@v1
if: ${{matrix.app.run_test}}
with:
uses: ./.github/actions/run-tests-${{matrix.app.name}}
with: '{"branch_name": "${{ github.ref_name }}", "CC_TEST_REPORTER_ID": "${{ secrets.CC_TEST_REPORTER_ID }}" }'
create_environment:
if: |
!(contains(github.ref_name, '-no-ci-') ||
startsWith(github.ref_name, 'no-ci-') ||
endsWith(github.ref_name, 'no-ci') ||
contains(github.ref_name, '_no_ci_') ||
startsWith(github.ref_name, 'no_ci_') ||
endsWith(github.ref_name, '_no_ci') ||
startsWith(github.ref_name, 'renovate') ||
startsWith(github.ref_name, 'gh-readonly-')
)
needs: prepare
runs-on: ubuntu-latest
outputs:
registry: ${{ steps.registry.outputs.registry }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref_name }}
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: "20.17"
- name: Create environment
id: registry
working-directory: devops/scripts
env:
SCW_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }}
SCW_SECRET_KEY: ${{ secrets.SCW_CI_DEPLOY_SECRET_KEY }}
run: |
node create-environment.js ${{ needs.prepare.outputs.env_name }}
registry=$(node get-environment-registry.js ${{ needs.prepare.outputs.env_name }})
echo "registry: $registry"
echo "registry=$registry" >> $GITHUB_OUTPUT
build:
needs: [prepare, create_environment]
runs-on: ubuntu-latest
strategy:
matrix:
app: ${{ fromJSON(needs.prepare.outputs.build_matrix) }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref_name }}
- name: Login to Docker Container Registry
uses: docker/login-action@v2
with:
username: nologin
password: ${{ secrets.SCW_CI_DEPLOY_SECRET_KEY }}
registry: ${{ needs.create_environment.outputs.registry }}
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: "20.17"
- name: Build image
working-directory: devops/scripts
env:
SCW_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }}
SCW_SECRET_KEY: ${{ secrets.SCW_CI_DEPLOY_SECRET_KEY }}
run: |
node build-application-docker.js --push ${{ needs.prepare.outputs.env_name }} ${{matrix.app.name}} ${{matrix.app.tag}}
deploy:
needs: [prepare, build]
runs-on: ubuntu-latest
strategy:
matrix:
app: ${{ fromJSON(needs.prepare.outputs.deploy_matrix) }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref_name }}
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: "20.17"
- name: Deploy image on Scaleway
working-directory: devops/scripts
env:
SCW_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }}
SCW_SECRET_KEY: ${{ secrets.SCW_CI_DEPLOY_SECRET_KEY }}
run: |
node deploy-scaleway.js ${{ needs.prepare.outputs.env_name }} ${{matrix.app.name}} ${{matrix.app.tag}}