name: Production CI/CD Pipeline
on:
release:
types: [released]
workflow_dispatch:
env:
REPO_URL: communitiesuk/submit-social-housing-lettings-and-sales-data
defaults:
run:
shell: bash
jobs:
test:
name: Test
runs-on: ubuntu-latest
services:
postgres:
image: postgres:13.5
env:
POSTGRES_PASSWORD: password
POSTGRES_USER: postgres
POSTGRES_DB: data_collector
ports:
- 5432:5432
# Needed because the Postgres container does not provide a health check
# tmpfs makes database faster by using RAM
options: >-
--mount type=tmpfs,destination=/var/lib/postgresql/data
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
env:
RAILS_ENV: test
GEMFILE_RUBY_VERSION: 3.1.1
DB_HOST: localhost
DB_DATABASE: data_collector
DB_USERNAME: postgres
DB_PASSWORD: password
steps:
- name: Get latest release with tag
id: latestrelease
run: |
echo "::set-output name=releasetag::$(curl -s https://api.github.com/repos/${REPO_URL}/releases/latest | jq '.tag_name' | sed 's/\"//g')"
- name: Confirm release tag
run: |
echo ${{ steps.latestrelease.outputs.releasetag }}
- name: Checkout tag
uses: actions/checkout@v3
with:
ref: ${{ steps.latestrelease.outputs.releasetag }}
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Set up node
uses: actions/setup-node@v3
with:
cache: yarn
node-version: 16
- name: Create database
run: |
bundle exec rake db:prepare
- name: Compile Assets
run: |
bundle exec rake assets:precompile
- name: Run tests
run: |
bundle exec rspec
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Get latest release with tag
id: latestrelease
run: |
echo "::set-output name=releasetag::$(curl -s https://api.github.com/repos/${REPO_URL}/releases/latest | jq '.tag_name' | sed 's/\"//g')"
- name: Confirm release tag
run: |
echo ${{ steps.latestrelease.outputs.releasetag }}
- name: Checkout tag
uses: actions/checkout@v3
with:
ref: ${{ steps.latestrelease.outputs.releasetag }}
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Rubocop
run: |
bundle exec rubocop
audit:
name: Audit dependencies
runs-on: ubuntu-latest
steps:
- name: Get latest release with tag
id: latestrelease
run: |
echo "::set-output name=releasetag::$(curl -s https://api.github.com/repos/${REPO_URL}/releases/latest | jq '.tag_name' | sed 's/\"//g')"
- name: Confirm release tag
run: |
echo ${{ steps.latestrelease.outputs.releasetag }}
- name: Checkout tag
uses: actions/checkout@v3
with:
ref: ${{ steps.latestrelease.outputs.releasetag }}
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Audit
run: |
bundle exec bundler-audit
deploy:
name: Deploy
concurrency: "production"
runs-on: ubuntu-latest
environment: "production"
needs: [lint, test, audit]
steps:
- name: Get latest release with tag
id: latestrelease
run: |
echo "::set-output name=releasetag::$(curl -s https://api.github.com/repos/${REPO_URL}/releases/latest | jq '.tag_name' | sed 's/\"//g')"
- name: Confirm release tag
run: |
echo ${{ steps.latestrelease.outputs.releasetag }}
- name: Checkout tag
uses: actions/checkout@v3
with:
ref: ${{ steps.latestrelease.outputs.releasetag }}
- name: Install Cloud Foundry CLI
run: |
wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add -
echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list
sudo apt-get update
sudo apt-get install cf8-cli
- name: Deploy
env:
CF_USERNAME: ${{ secrets.CF_USERNAME }}
CF_PASSWORD: ${{ secrets.CF_PASSWORD }}
CF_API_ENDPOINT: ${{ secrets.CF_API_ENDPOINT }}
CF_SPACE: ${{ secrets.CF_SPACE }}
CF_ORG: ${{ secrets.CF_ORG }}
APP_NAME: dluhc-core-production
GOVUK_NOTIFY_API_KEY: ${{ secrets.GOVUK_NOTIFY_API_KEY }}
APP_HOST: ${{ secrets.APP_HOST }}
RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
IMPORT_PAAS_INSTANCE: ${{ secrets.IMPORT_PAAS_INSTANCE }}
EXPORT_PAAS_INSTANCE: ${{ secrets.EXPORT_PAAS_INSTANCE }}
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
run: |
cf api $CF_API_ENDPOINT
cf auth
cf target -o $CF_ORG -s $CF_SPACE
cf set-env $APP_NAME GOVUK_NOTIFY_API_KEY $GOVUK_NOTIFY_API_KEY
cf set-env $APP_NAME APP_HOST $APP_HOST
cf set-env $APP_NAME RAILS_MASTER_KEY $RAILS_MASTER_KEY
cf set-env $APP_NAME IMPORT_PAAS_INSTANCE $IMPORT_PAAS_INSTANCE
cf set-env $APP_NAME EXPORT_PAAS_INSTANCE $EXPORT_PAAS_INSTANCE
cf set-env $APP_NAME SENTRY_DSN $SENTRY_DSN
cf push $APP_NAME --strategy rolling