Browse Source

Production deployment action (#287)

* Production deployment action

* Add CI back to production deploy action

* Consistent naming

* Use PG13.5 everywhere

* Pipeline name

* No automated triggers

* Indentation

* Define workflow trigger

* Shouldn't need to set timezone as env var

* Add additional env vars

* Update node and ruby

* Checkout latest release tag for production pipeline

* cf8

* Fix repo name

* Repo name

* Env var for repo url
pull/336/head v0.0.1
baarkerlounger 3 years ago committed by GitHub
parent
commit
baea463723
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 188
      .github/workflows/production_pipeline.yml
  2. 41
      .github/workflows/staging_pipeline.yml

188
.github/workflows/production_pipeline.yml

@ -0,0 +1,188 @@
name: 'Production CI/CD Pipeline'
on:
release:
types: [released]
workflow_dispatch:
concurrency: 'production'
env:
REPO_URL: communitiesuk/mhclg-data-collection-beta
defaults:
run:
shell: bash
jobs:
test:
name: Test
runs-on: ubuntu-latest
services:
postgres:
image: postgres:13.5
env:
POSTGRES_PASSWORD: password
POSTGRES_USER: postgres
POSTGRES_DB: data_collector
ports:
- 5432:5432
# needed because the postgres container does not provide a healthcheck
# tmpfs makes DB faster by using RAM
options: >-
--mount type=tmpfs,destination=/var/lib/postgresql/data
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
env:
RAILS_ENV: test
GEMFILE_RUBY_VERSION: 3.1.0
DB_HOST: localhost
DB_DATABASE: data_collector
DB_USERNAME: postgres
DB_PASSWORD: password
steps:
- name: Get latest release with tag
id: latestrelease
run: |
echo "::set-output name=releasetag::$(curl -s https://api.github.com/repos/${REPO_URL}/releases/latest | jq '.tag_name' | sed 's/\"//g')"
- name: Confirm release tag
run: |
echo ${{ steps.latestrelease.outputs.releasetag }}
- name: Checkout tag
uses: actions/checkout@v2
with:
ref: ${{ steps.latestrelease.outputs.releasetag }}
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
# runs 'bundle install' and caches installed gems automatically
bundler-cache: true
- name: Set up node
uses: actions/setup-node@v2
with:
node-version: '16'
- name: Create DB
run: |
bundle exec rake db:prepare
- name: Compile Assets
run: |
bundle exec rake assets:precompile
- name: Run tests
run: |
bundle exec rspec
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Get latest release with tag
id: latestrelease
run: |
echo "::set-output name=releasetag::$(curl -s https://api.github.com/repos/${REPO_URL}/releases/latest | jq '.tag_name' | sed 's/\"//g')"
- name: Confirm release tag
run: |
echo ${{ steps.latestrelease.outputs.releasetag }}
- name: Checkout tag
uses: actions/checkout@v2
with:
ref: ${{ steps.latestrelease.outputs.releasetag }}
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
# runs 'bundle install' and caches installed gems automatically
bundler-cache: true
- name: Rubocop
run: |
bundle exec rubocop
audit:
name: Audit dependencies
runs-on: ubuntu-latest
steps:
- name: Get latest release with tag
id: latestrelease
run: |
echo "::set-output name=releasetag::$(curl -s https://api.github.com/repos/${REPO_URL}/releases/latest | jq '.tag_name' | sed 's/\"//g')"
- name: Confirm release tag
run: |
echo ${{ steps.latestrelease.outputs.releasetag }}
- name: Checkout tag
uses: actions/checkout@v2
with:
ref: ${{ steps.latestrelease.outputs.releasetag }}SS
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
# runs 'bundle install' and caches installed gems automatically
bundler-cache: true
- name: Audit
run: |
bundle exec bundler-audit
deploy:
name: Deploy
runs-on: ubuntu-latest
environment: 'production'
needs: [lint, test, audit]
steps:
- name: Get latest release with tag
id: latestrelease
run: |
echo "::set-output name=releasetag::$(curl -s https://api.github.com/repos/communitiesuk/mhclg-data-collection-beta/releases/latest | jq '.tag_name' | sed 's/\"//g')"
- name: Confirm release tag
run: |
echo ${{ steps.latestrelease.outputs.releasetag }}
- name: Checkout tag
uses: actions/checkout@v2
with:
ref: ${{ steps.latestrelease.outputs.releasetag }}
- name: Install Cloud Foundry CLI
run: |
wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add -
echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list
sudo apt-get update
sudo apt-get install cf8-cli
- name: Deploy
env:
CF_USERNAME: ${{ secrets.CF_USERNAME }}
CF_PASSWORD: ${{ secrets.CF_PASSWORD }}
CF_API_ENDPOINT: ${{ secrets.CF_API_ENDPOINT }}
CF_SPACE: ${{ secrets.CF_SPACE }}
CF_ORG: ${{ secrets.CF_ORG }}
API_USER: ${{ secrets.API_USER }}
API_KEY: ${{ secrets.API_KEY }}
APP_NAME: dluhc-core-staging
GOVUK_NOTIFY_API_KEY: ${{ secrets.GOVUK_NOTIFY_API_KEY }}
APP_HOST: ${{ secrets.APP_HOST }}
RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
IMPORT_PAAS_INSTANCE: ${{ secrets.IMPORT_PAAS_INSTANCE }}
EXPORT_PAAS_INSTANCE: ${{ secrets.EXPORT_PAAS_INSTANCE }}
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
run: |
cf api $CF_API_ENDPOINT
cf auth
cf target -o $CF_ORG -s $CF_SPACE
cf set-env $APP_NAME API_USER $API_USER
cf set-env $APP_NAME API_KEY $API_KEY
cf set-env $APP_NAME GOVUK_NOTIFY_API_KEY $GOVUK_NOTIFY_API_KEY
cf set-env $APP_NAME APP_HOST $APP_HOST
cf set-env $APP_NAME RAILS_MASTER_KEY $RAILS_MASTER_KEY
cf set-env $APP_NAME IMPORT_PAAS_INSTANCE $IMPORT_PAAS_INSTANCE
cf set-env $APP_NAME EXPORT_PAAS_INSTANCE $EXPORT_PAAS_INSTANCE
cf set-env $APP_NAME SENTRY_DSN $SENTRY_DSN
cf push $APP_NAME --strategy rolling

41
.github/workflows/pipeline.yml → .github/workflows/staging_pipeline.yml

@ -1,4 +1,4 @@
name: 'CI/CD Pipeline'
name: 'Staging CI/CD Pipeline'
on:
push:
@ -14,7 +14,6 @@ defaults:
shell: bash
jobs:
test:
name: Test
runs-on: ubuntu-latest
@ -44,10 +43,6 @@ jobs:
DB_USERNAME: postgres
DB_PASSWORD: password
# Rails verifies the time zone in DB is the same as the time zone of the Rails app
TZ: "Europe/London"
steps:
- name: Checkout
uses: actions/checkout@v2
@ -120,12 +115,12 @@ jobs:
- name: Checkout code
uses: actions/checkout@v2
- name: Install cf client
env:
CF_CLI_VERSION: 7.0.0-beta.30
- name: Install Cloud Foundry CLI
run: |
curl -L "https://packages.cloudfoundry.org/stable?release=linux64-binary&version=${CF_CLI_VERSION}" | tar -zx -C /tmp
sudo cp /tmp/cf7 /usr/local/bin/cf7
wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add -
echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list
sudo apt-get update
sudo apt-get install cf8-cli
- name: Deploy
env:
CF_USERNAME: ${{ secrets.CF_USERNAME }}
@ -143,15 +138,15 @@ jobs:
EXPORT_PAAS_INSTANCE: ${{ secrets.EXPORT_PAAS_INSTANCE }}
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
run: |
cf7 api $CF_API_ENDPOINT
cf7 auth
cf7 target -o $CF_ORG -s $CF_SPACE
cf7 set-env $APP_NAME API_USER $API_USER
cf7 set-env $APP_NAME API_KEY $API_KEY
cf7 set-env $APP_NAME GOVUK_NOTIFY_API_KEY $GOVUK_NOTIFY_API_KEY
cf7 set-env $APP_NAME APP_HOST $APP_HOST
cf7 set-env $APP_NAME RAILS_MASTER_KEY $RAILS_MASTER_KEY
cf7 set-env $APP_NAME IMPORT_PAAS_INSTANCE $IMPORT_PAAS_INSTANCE
cf7 set-env $APP_NAME EXPORT_PAAS_INSTANCE $EXPORT_PAAS_INSTANCE
cf7 set-env $APP_NAME SENTRY_DSN $SENTRY_DSN
cf7 push $APP_NAME --strategy rolling
cf api $CF_API_ENDPOINT
cf auth
cf target -o $CF_ORG -s $CF_SPACE
cf set-env $APP_NAME API_USER $API_USER
cf set-env $APP_NAME API_KEY $API_KEY
cf set-env $APP_NAME GOVUK_NOTIFY_API_KEY $GOVUK_NOTIFY_API_KEY
cf set-env $APP_NAME APP_HOST $APP_HOST
cf set-env $APP_NAME RAILS_MASTER_KEY $RAILS_MASTER_KEY
cf set-env $APP_NAME IMPORT_PAAS_INSTANCE $IMPORT_PAAS_INSTANCE
cf set-env $APP_NAME EXPORT_PAAS_INSTANCE $EXPORT_PAAS_INSTANCE
cf set-env $APP_NAME SENTRY_DSN $SENTRY_DSN
cf push $APP_NAME --strategy rolling
Loading…
Cancel
Save