submit-social-housing-letti.../.github/workflows/review_pipeline.yml

name: Review app pipeline

concurrency:
  group: review-${{ github.event.pull_request.number }}

on:
  pull_request:
    types:
      - opened
      - synchronize
      - reopened
  workflow_dispatch:

defaults:
  run:
    shell: bash

env:
  app_repo_role: arn:aws:iam::815624722760:role/core-application-repo
  aws_region: eu-west-2

jobs:
  infra:
    name: Deploy review app infrastructure
    uses: communitiesuk/submit-social-housing-lettings-and-sales-data-infrastructure/.github/workflows/create_review_app_infra.yml@main
    with:
      key: ${{ github.event.pull_request.number }}
      app_repo_role: arn:aws:iam::815624722760:role/core-application-repo
    permissions:
      id-token: write

  code:
    name: Deploy review app code
    needs: [infra]
    uses: ./.github/workflows/aws_deploy.yml
    with:
      aws_account_id: 837698168072
      aws_role_prefix: core-dev
      aws_task_prefix: core-review-${{ github.event.pull_request.number }}
      concurrency_tag: ${{ github.event.pull_request.number }}
      environment: review
    permissions:
      id-token: write

  performance:
    needs: [code]
    runs-on: ubuntu-latest
    with:
    aws_role_prefix: core-dev
    aws_task_prefix: core-review-${{ github.event.pull_request.number }}
    environment: review

    steps:
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v3
        with:
          aws-region: ${{ env.aws_region }}
          role-to-assume: ${{ env.app_repo_role }}

      - name: Login to Amazon ECR
        id: ecr-login
        uses: aws-actions/amazon-ecr-login@v1
        with:
          mask-password: "true"

      - name: Run Performance Test
        env:
          ad_hoc_task_definition: ${{ inputs.aws_task_prefix }}-ad-hoc
          cluster: ${{ inputs.aws_task_prefix }}-app
          service: ${{ inputs.aws_task_prefix }}-app
          email: performance_testing_user@example.com
          password: password
        run: |
          network=$(aws ecs describe-services --cluster $cluster --services $service --query services[0].networkConfiguration)
          overrides='{ "containerOverrides" : [{ "name" : "app", "command" : ["bundle", "exec", "rake", "performance:run_ab[$email,$password]"]}]}'
          arn=$(aws ecs run-task --cluster $cluster --task-definition $ad_hoc_task_definition --network-configuration "$network" --overrides "$overrides" --group migrations --launch-type FARGATE --query tasks[0].taskArn)
          echo "Waiting for performance test task to complete"
          temp=${arn##*/}
          id=${temp%*\"}
          aws ecs wait tasks-stopped --cluster $cluster --tasks $id
          succeeded=$(aws ecs describe-tasks --cluster $cluster --tasks $id --query "tasks[0].stopCode == 'EssentialContainerExited' && to_string(tasks[0].containers[0].exitCode) == '0'")
          if [ $succeeded == true ]; then exit 0; else exit 1; fi
    env:
      PERFORMANCE_TESTING_USER_EMAIL: coordinator1@example.com
      PERFORMANCE_TESTING_USER_PASSWORD: password

  comment:
    name: Add link to PR
    needs: [code]
    runs-on: ubuntu-latest
    permissions:
      issues: write
      pull-requests: write

    steps:
      - name: Comment on PR with URL
        uses: unsplash/comment-on-pr@v1.3.0
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          msg: "Created review app at https://review.submit-social-housing-data.levellingup.gov.uk/${{ github.event.pull_request.number }}"
          check_for_duplicate_msg: true
          duplicate_msg_pattern: Created review app at*
Add review app pipeline (#993) * Add review app pipeline * disable 2FA on review apps * update infrastructure docs about review apps 2 years ago			`name: Review app pipeline`

Review apps on AWS (#2062) * CLDC-2812: update app config to run from relative root * Deploy to staging on pushes to branch * Add action mailer relative root config for review envs * Temporary pipeline to deploy this branch for testing * Update aws deploy pipeline to allow different prefixes for roles and tasks * Prepare database when deploying review apps * Update app nav and sentry to take account of relative root * Update more fixed paths * Update header root link path * Rack attack path * Revert "Deploy to staging on pushes to branch" This reverts commit b05f13d474607299a4fc2407d864bff644d48a3d. * Start updating workflows * Update teardown pipeline to drop database * Ensure destroy infra step runs after drop database * Remove user_password_path because it can't be found * Don't override path helpers in navigation items helper tests * Checkout infra code to run workflow * Try separating workflow call to job * Sync with infra repo updates * Use workflow on dev * Don't trigger on push to branch * Avoid rack attack path helper issue * Update review apps teardown pipeline * Update infra repo reference to main * Fix linting * Fix /logs redirect * Fix lettings_logs_current and sales_logs_current checks in navigation items helper * Fix existing bug in schemes nav item highlighting * Use starts with rather than == in logs nav items current checks * Split off non-support schemes current nav item checks --------- Co-authored-by: Sam Seed <sam.seed@softwire.com> 1 year ago			`concurrency:`
			`group: review-${{ github.event.pull_request.number }}`
limit review pipeline to single concurrency (#1033) 2 years ago
Add review app pipeline (#993) * Add review app pipeline * disable 2FA on review apps * update infrastructure docs about review apps 2 years ago			`on:`
			`pull_request:`
			`types:`
			`- opened`
			`- synchronize`
			`- reopened`
			`workflow_dispatch:`

			`defaults:`
			`run:`
			`shell: bash`

Add performance test task 4 months ago			`env:`
			`app_repo_role: arn:aws:iam::815624722760:role/core-application-repo`
			`aws_region: eu-west-2`

Add review app pipeline (#993) * Add review app pipeline * disable 2FA on review apps * update infrastructure docs about review apps 2 years ago			`jobs:`
Review apps on AWS (#2062) * CLDC-2812: update app config to run from relative root * Deploy to staging on pushes to branch * Add action mailer relative root config for review envs * Temporary pipeline to deploy this branch for testing * Update aws deploy pipeline to allow different prefixes for roles and tasks * Prepare database when deploying review apps * Update app nav and sentry to take account of relative root * Update more fixed paths * Update header root link path * Rack attack path * Revert "Deploy to staging on pushes to branch" This reverts commit b05f13d474607299a4fc2407d864bff644d48a3d. * Start updating workflows * Update teardown pipeline to drop database * Ensure destroy infra step runs after drop database * Remove user_password_path because it can't be found * Don't override path helpers in navigation items helper tests * Checkout infra code to run workflow * Try separating workflow call to job * Sync with infra repo updates * Use workflow on dev * Don't trigger on push to branch * Avoid rack attack path helper issue * Update review apps teardown pipeline * Update infra repo reference to main * Fix linting * Fix /logs redirect * Fix lettings_logs_current and sales_logs_current checks in navigation items helper * Fix existing bug in schemes nav item highlighting * Use starts with rather than == in logs nav items current checks * Split off non-support schemes current nav item checks --------- Co-authored-by: Sam Seed <sam.seed@softwire.com> 1 year ago			`infra:`
			`name: Deploy review app infrastructure`
			`uses: communitiesuk/submit-social-housing-lettings-and-sales-data-infrastructure/.github/workflows/create_review_app_infra.yml@main`
			`with:`
			`key: ${{ github.event.pull_request.number }}`
			`app_repo_role: arn:aws:iam::815624722760:role/core-application-repo`
			`permissions:`
			`id-token: write`

			`code:`
			`name: Deploy review app code`
			`needs: [infra]`
			`uses: ./.github/workflows/aws_deploy.yml`
			`with:`
			`aws_account_id: 837698168072`
			`aws_role_prefix: core-dev`
			`aws_task_prefix: core-review-${{ github.event.pull_request.number }}`
Ensure aws_deploy has different concurrency groups for different review apps (#2079) 1 year ago			`concurrency_tag: ${{ github.event.pull_request.number }}`
Review apps on AWS (#2062) * CLDC-2812: update app config to run from relative root * Deploy to staging on pushes to branch * Add action mailer relative root config for review envs * Temporary pipeline to deploy this branch for testing * Update aws deploy pipeline to allow different prefixes for roles and tasks * Prepare database when deploying review apps * Update app nav and sentry to take account of relative root * Update more fixed paths * Update header root link path * Rack attack path * Revert "Deploy to staging on pushes to branch" This reverts commit b05f13d474607299a4fc2407d864bff644d48a3d. * Start updating workflows * Update teardown pipeline to drop database * Ensure destroy infra step runs after drop database * Remove user_password_path because it can't be found * Don't override path helpers in navigation items helper tests * Checkout infra code to run workflow * Try separating workflow call to job * Sync with infra repo updates * Use workflow on dev * Don't trigger on push to branch * Avoid rack attack path helper issue * Update review apps teardown pipeline * Update infra repo reference to main * Fix linting * Fix /logs redirect * Fix lettings_logs_current and sales_logs_current checks in navigation items helper * Fix existing bug in schemes nav item highlighting * Use starts with rather than == in logs nav items current checks * Split off non-support schemes current nav item checks --------- Co-authored-by: Sam Seed <sam.seed@softwire.com> 1 year ago			`environment: review`
			`permissions:`
			`id-token: write`
Add review app pipeline (#993) * Add review app pipeline * disable 2FA on review apps * update infrastructure docs about review apps 2 years ago
Add performance test to review pipeline 4 months ago			`performance:`
			`needs: [code]`
			`runs-on: ubuntu-latest`
Add performance test task 4 months ago			`with:`
			`aws_role_prefix: core-dev`
			`aws_task_prefix: core-review-${{ github.event.pull_request.number }}`
			`environment: review`
Add performance test to review pipeline 4 months ago
			`steps:`
Add performance test task 4 months ago			`- name: Configure AWS credentials`
			`uses: aws-actions/configure-aws-credentials@v3`
			`with:`
			`aws-region: ${{ env.aws_region }}`
			`role-to-assume: ${{ env.app_repo_role }}`

			`- name: Login to Amazon ECR`
			`id: ecr-login`
			`uses: aws-actions/amazon-ecr-login@v1`
			`with:`
			`mask-password: "true"`
Add performance test to review pipeline 4 months ago
			`- name: Run Performance Test`
Add performance test task 4 months ago			`env:`
			`ad_hoc_task_definition: ${{ inputs.aws_task_prefix }}-ad-hoc`
			`cluster: ${{ inputs.aws_task_prefix }}-app`
			`service: ${{ inputs.aws_task_prefix }}-app`
			`email: performance_testing_user@example.com`
			`password: password`
Add performance test to review pipeline 4 months ago			`run: \|`
Add performance test task 4 months ago			`network=$(aws ecs describe-services --cluster $cluster --services $service --query services[0].networkConfiguration)`
			`overrides='{ "containerOverrides" : [{ "name" : "app", "command" : ["bundle", "exec", "rake", "performance:run_ab[$email,$password]"]}]}'`
			`arn=$(aws ecs run-task --cluster $cluster --task-definition $ad_hoc_task_definition --network-configuration "$network" --overrides "$overrides" --group migrations --launch-type FARGATE --query tasks[0].taskArn)`
			`echo "Waiting for performance test task to complete"`
			`temp=${arn##*/}`
			`id=${temp%*\"}`
			`aws ecs wait tasks-stopped --cluster $cluster --tasks $id`
			`succeeded=$(aws ecs describe-tasks --cluster $cluster --tasks $id --query "tasks[0].stopCode == 'EssentialContainerExited' && to_string(tasks[0].containers[0].exitCode) == '0'")`
			`if [ $succeeded == true ]; then exit 0; else exit 1; fi`
Add performance test to review pipeline 4 months ago			`env:`
Try hardcoded test password 4 months ago			`PERFORMANCE_TESTING_USER_EMAIL: coordinator1@example.com`
			`PERFORMANCE_TESTING_USER_PASSWORD: password`
Add performance test to review pipeline 4 months ago
Review apps on AWS (#2062) * CLDC-2812: update app config to run from relative root * Deploy to staging on pushes to branch * Add action mailer relative root config for review envs * Temporary pipeline to deploy this branch for testing * Update aws deploy pipeline to allow different prefixes for roles and tasks * Prepare database when deploying review apps * Update app nav and sentry to take account of relative root * Update more fixed paths * Update header root link path * Rack attack path * Revert "Deploy to staging on pushes to branch" This reverts commit b05f13d474607299a4fc2407d864bff644d48a3d. * Start updating workflows * Update teardown pipeline to drop database * Ensure destroy infra step runs after drop database * Remove user_password_path because it can't be found * Don't override path helpers in navigation items helper tests * Checkout infra code to run workflow * Try separating workflow call to job * Sync with infra repo updates * Use workflow on dev * Don't trigger on push to branch * Avoid rack attack path helper issue * Update review apps teardown pipeline * Update infra repo reference to main * Fix linting * Fix /logs redirect * Fix lettings_logs_current and sales_logs_current checks in navigation items helper * Fix existing bug in schemes nav item highlighting * Use starts with rather than == in logs nav items current checks * Split off non-support schemes current nav item checks --------- Co-authored-by: Sam Seed <sam.seed@softwire.com> 1 year ago			`comment:`
			`name: Add link to PR`
			`needs: [code]`
Add review app pipeline (#993) * Add review app pipeline * disable 2FA on review apps * update infrastructure docs about review apps 2 years ago			`runs-on: ubuntu-latest`
Allow issues/pull-request write permissions for GitHub token (#1310) 2 years ago			`permissions:`
			`issues: write`
			`pull-requests: write`
Add review app pipeline (#993) * Add review app pipeline * disable 2FA on review apps * update infrastructure docs about review apps 2 years ago
			`steps:`
			`- name: Comment on PR with URL`
			`uses: unsplash/comment-on-pr@v1.3.0`
			`env:`
			`GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}`
			`with:`
Review apps on AWS (#2062) * CLDC-2812: update app config to run from relative root * Deploy to staging on pushes to branch * Add action mailer relative root config for review envs * Temporary pipeline to deploy this branch for testing * Update aws deploy pipeline to allow different prefixes for roles and tasks * Prepare database when deploying review apps * Update app nav and sentry to take account of relative root * Update more fixed paths * Update header root link path * Rack attack path * Revert "Deploy to staging on pushes to branch" This reverts commit b05f13d474607299a4fc2407d864bff644d48a3d. * Start updating workflows * Update teardown pipeline to drop database * Ensure destroy infra step runs after drop database * Remove user_password_path because it can't be found * Don't override path helpers in navigation items helper tests * Checkout infra code to run workflow * Try separating workflow call to job * Sync with infra repo updates * Use workflow on dev * Don't trigger on push to branch * Avoid rack attack path helper issue * Update review apps teardown pipeline * Update infra repo reference to main * Fix linting * Fix /logs redirect * Fix lettings_logs_current and sales_logs_current checks in navigation items helper * Fix existing bug in schemes nav item highlighting * Use starts with rather than == in logs nav items current checks * Split off non-support schemes current nav item checks --------- Co-authored-by: Sam Seed <sam.seed@softwire.com> 1 year ago			`msg: "Created review app at https://review.submit-social-housing-data.levellingup.gov.uk/${{ github.event.pull_request.number }}"`
Add review app pipeline (#993) * Add review app pipeline * disable 2FA on review apps * update infrastructure docs about review apps 2 years ago			`check_for_duplicate_msg: true`
			`duplicate_msg_pattern: Created review app at*`