From 3526e4879466eca6c7c0eba50d6ad7790d5ad890 Mon Sep 17 00:00:00 2001 From: Rachael Booth Date: Wed, 8 Nov 2023 16:08:47 +0000 Subject: [PATCH] Revert "Deploy to staging on pushes to branch" This reverts commit b05f13d474607299a4fc2407d864bff644d48a3d. --- .github/workflows/staging_pipeline.yml | 229 ++++++++++++++++++++++++- 1 file changed, 223 insertions(+), 6 deletions(-) diff --git a/.github/workflows/staging_pipeline.yml b/.github/workflows/staging_pipeline.yml index 94208f876..342f091f9 100644 --- a/.github/workflows/staging_pipeline.yml +++ b/.github/workflows/staging_pipeline.yml @@ -3,7 +3,7 @@ name: Staging CI/CD Pipeline on: push: branches: - - cldc-2812-run-app-from-relative-url + - main pull_request: types: - opened @@ -15,14 +15,231 @@ defaults: shell: bash jobs: + test: + name: Tests + runs-on: ubuntu-latest + + services: + postgres: + image: postgres:13.5 + env: + POSTGRES_PASSWORD: password + POSTGRES_USER: postgres + POSTGRES_DB: data_collector + ports: + - 5432:5432 + # Needed because the Postgres container does not provide a health check + # tmpfs makes database faster by using RAM + options: >- + --mount type=tmpfs,destination=/var/lib/postgresql/data + --health-cmd pg_isready + --health-interval 10s + --health-timeout 5s + --health-retries 5 + + env: + RAILS_ENV: test + GEMFILE_RUBY_VERSION: 3.1.1 + DB_HOST: localhost + DB_DATABASE: data_collector + DB_USERNAME: postgres + DB_PASSWORD: password + RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }} + PARALLEL_TEST_PROCESSORS: 4 + + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + + - name: Set up Node.js + uses: actions/setup-node@v3 + with: + cache: yarn + node-version: 18 + + - name: Create database + run: | + bundle exec rake parallel:setup + + - name: Compile assets + run: | + bundle exec rake assets:precompile + + - name: Run tests + run: | + bundle exec rake parallel:spec['spec\/(?!features)'] + + feature_test: + name: Feature Tests + runs-on: ubuntu-latest + + services: + postgres: + image: postgres:13.5 + env: + POSTGRES_PASSWORD: password + POSTGRES_USER: postgres + POSTGRES_DB: data_collector + ports: + - 5432:5432 + # Needed because the Postgres container does not provide a health check + # tmpfs makes database faster by using RAM + options: >- + --mount type=tmpfs,destination=/var/lib/postgresql/data + --health-cmd pg_isready + --health-interval 10s + --health-timeout 5s + --health-retries 5 + + env: + RAILS_ENV: test + GEMFILE_RUBY_VERSION: 3.1.1 + DB_HOST: localhost + DB_DATABASE: data_collector + DB_USERNAME: postgres + DB_PASSWORD: password + RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }} + + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + + - name: Set up Node.js + uses: actions/setup-node@v3 + with: + cache: yarn + node-version: 18 + + - name: Create database + run: | + bundle exec rake db:prepare + + - name: Compile assets + run: | + bundle exec rake assets:precompile + + - name: Run tests + run: | + bundle exec rspec spec/features --fail-fast + + lint: + name: Lint + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + + - name: Set up Node.js + uses: actions/setup-node@v3 + with: + cache: yarn + node-version: 18 + + - name: Install packages and symlink local dependencies + run: | + yarn install --immutable --immutable-cache --check-cache + + - name: Lint + run: | + bundle exec rake lint + + audit: + name: Audit dependencies + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + + - name: Audit + run: | + bundle exec bundler-audit + + deploy: + name: Deploy + concurrency: staging + runs-on: ubuntu-latest + environment: staging + if: github.ref == 'refs/heads/main' + needs: [lint, test, feature_test, audit] + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Install Cloud Foundry CLI + run: | + wget --user-agent "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3 Safari/605.1.15" -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add - + echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list + sudo apt-get update + sudo apt-get install cf8-cli + + - name: Deploy + env: + CF_USERNAME: ${{ secrets.CF_USERNAME }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_API_ENDPOINT: ${{ secrets.CF_API_ENDPOINT }} + CF_SPACE: ${{ secrets.CF_SPACE }} + CF_ORG: ${{ secrets.CF_ORG }} + API_USER: ${{ secrets.API_USER }} + API_KEY: ${{ secrets.API_KEY }} + APP_NAME: dluhc-core-staging + GOVUK_NOTIFY_API_KEY: ${{ secrets.GOVUK_NOTIFY_API_KEY }} + APP_HOST: ${{ secrets.APP_HOST }} + RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }} + OS_DATA_KEY: ${{ secrets.OS_DATA_KEY }} + IMPORT_PAAS_INSTANCE: ${{ secrets.IMPORT_PAAS_INSTANCE }} + EXPORT_PAAS_INSTANCE: ${{ secrets.EXPORT_PAAS_INSTANCE }} + S3_CONFIG: ${{ secrets.S3_CONFIG }} + CSV_DOWNLOAD_PAAS_INSTANCE: ${{ secrets.CSV_DOWNLOAD_PAAS_INSTANCE }} + SENTRY_DSN: ${{ secrets.SENTRY_DSN }} + run: | + cf api $CF_API_ENDPOINT + cf auth + cf target -o $CF_ORG -s $CF_SPACE + cf set-env $APP_NAME API_USER $API_USER + cf set-env $APP_NAME API_KEY $API_KEY + cf set-env $APP_NAME GOVUK_NOTIFY_API_KEY $GOVUK_NOTIFY_API_KEY + cf set-env $APP_NAME APP_HOST $APP_HOST + cf set-env $APP_NAME RAILS_MASTER_KEY $RAILS_MASTER_KEY + cf set-env $APP_NAME OS_DATA_KEY $OS_DATA_KEY + cf set-env $APP_NAME IMPORT_PAAS_INSTANCE $IMPORT_PAAS_INSTANCE + cf set-env $APP_NAME EXPORT_PAAS_INSTANCE $EXPORT_PAAS_INSTANCE + cf set-env $APP_NAME S3_CONFIG $S3_CONFIG + cf set-env $APP_NAME CSV_DOWNLOAD_PAAS_INSTANCE $CSV_DOWNLOAD_PAAS_INSTANCE + cf set-env $APP_NAME SENTRY_DSN $SENTRY_DSN + cf push $APP_NAME --strategy rolling -t 180 + aws_deploy: name: AWS Deploy - if: github.ref == 'refs/heads/cldc-2812-run-app-from-relative-url' + if: github.ref == 'refs/heads/main' + needs: [lint, test, feature_test, audit] uses: ./.github/workflows/aws_deploy.yml with: - aws_account_id: 837698168072 - aws_role_prefix: core-dev - aws_task_prefix: core-review-0 - environment: review + aws_account_id: 107155005276 + aws_role_prefix: core-staging + aws_task_prefix: core-staging + environment: staging permissions: id-token: write