Skip to content

Merge pull request #208 from bcgov/yj #202

Merge pull request #208 from bcgov/yj

Merge pull request #208 from bcgov/yj #202

Workflow file for this run

name: Deploy Dev Environment
on:
workflow_dispatch:
push:
branches:
- main
paths-ignore:
- database/**
- package.json
- package-lock.json
- CHANGELOG.md
- .conventional-changelog.mjs
- .release-it.json
- postman/**
- localdb/**
- postgres/**
- crunchydb/**
jobs:
build-backend:
runs-on: ubuntu-22.04
timeout-minutes: 10
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Setup .NET
uses: actions/setup-dotnet@v3
with:
dotnet-version: '7.0.400'
- uses: actions/cache@v3
with:
path: ~/.nuget/packages
key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }}
restore-keys: |
${{ runner.os }}-nuget
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Build backend
run: |
pwd
dotnet build ./server/server.sln
- name: Test backend
run: dotnet test ./server/server.sln --no-build
build-frontend:
runs-on: ubuntu-22.04
timeout-minutes: 10
permissions:
contents: read
packages: write
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: '18'
- name: Install Angular CLI
run: |
cd ./frontend
npm install -g @angular/cli
- name: Install project dependencies
run: |
cd ./frontend
npm install
- name: Build frontend
run: |
cd ./frontend
ng build --configuration=production
- name: Run frontend tests
run: |
cd ./frontend
ng test --watch=false --progress=false --browsers=ChromeHeadless --code-coverage --source-map=false
continue-on-error: true
docker-build-backend:
needs: [build-backend]
runs-on: ubuntu-22.04
timeout-minutes: 10
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Build Docker image
run: cd server && docker build -t strdss-backend -f Dockerfile .
- name: Tag Docker image
run: docker tag strdss-backend artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-backend:latest
- name: Push Docker image to Artifactory
run: |
docker login artifacts.developer.gov.bc.ca -u ${{ secrets.JFROG_USERNAME }} -p ${{ secrets.JFROG_PASSWORD }}
docker push artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-backend:latest
docker-build-frontend:
needs: [build-frontend]
runs-on: ubuntu-22.04
timeout-minutes: 10
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Render style_nonce
id: render_style_nonce
run: echo "::set-output name=style_nonce::$(echo -n ${{ github.sha }} | base64)"
- name: Build Docker image
run: cd frontend && docker build -t strdss-frontend -f Dockerfile .
- name: Tag Docker image
run: docker tag strdss-frontend artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-frontend:latest
- name: Push Docker image to Artifactory
run: |
docker login artifacts.developer.gov.bc.ca -u ${{ secrets.JFROG_USERNAME }} -p ${{ secrets.JFROG_PASSWORD }}
docker push artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-frontend:latest
deploy:
needs: [docker-build-frontend, docker-build-backend]
runs-on: ubuntu-22.04
timeout-minutes: 5
permissions:
contents: read
environment:
name: dev
url: https://dev-strdata.apps.silver.devops.gov.bc.ca/
steps:
- uses: actions/checkout@v4
- name: Authenticate and set context
uses: redhat-actions/oc-login@v1.3
with:
openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }}
openshift_token: ${{ secrets.OPENSHIFT_TOKEN }}
namespace: f4a30d-dev
insecure_skip_tls_verify: true
- name: Deploy apps with Helm chart
run: |
make upgrade \
NAMESPACE=f4a30d-dev \
NAME=strdss-dev \
ENV_NAME=dev \
IMAGE_TAG_FRONTEND=latest \
IMAGE_TAG_BACKEND=latest \
working-directory: ./helm/main
- name: Wait for deployment to be ready
run: |
oc rollout status deployment/strdss-dev-frontend -n f4a30d-dev
timeout-minutes: 5
zap-scan:
needs: [deploy]
runs-on: ubuntu-22.04
timeout-minutes: 10
permissions:
contents: read
issues: write
steps:
- uses: hmarr/debug-action@a701ed95a46e6f2fb0df25e1a558c16356fae35a
- uses: actions/checkout@96f53100ba2a5449eb71d2e6604bbcd94b9449b5
with:
ref: main
- name: ZAP Scan
uses: zaproxy/action-full-scan@c8994d4f913cf872ec9964ac2d998c9bec369060
with:
token: ${{ secrets.GITHUB_TOKEN }}
target: https://dev-strdata.apps.silver.devops.gov.bc.ca/