From 3055079dbbf06c4af8fae93fadced9c2646eabfe Mon Sep 17 00:00:00 2001 From: Gary Crye Date: Mon, 31 Oct 2022 14:19:36 -0600 Subject: [PATCH] Split up `Deploy` workflow into multiple jobs --- .github/workflows/deploy.yml | 106 +++++++++++++++++++++++++++-------- 1 file changed, 83 insertions(+), 23 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 1f441201..746e2b84 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -87,16 +87,9 @@ jobs: outputs: matrix: ${{ env.matrix }} - build_and_deploy: - name: Build and Deploy + test: + name: Test runs-on: ubuntu-latest - needs: env - strategy: - matrix: ${{ fromJson(needs.env.outputs.matrix) }} - fail-fast: false - environment: - name: ${{ matrix.env.environment_name }} - url: https://${{ steps.url.outputs.stdout }} steps: - name: Check out uses: actions/checkout@v3 @@ -108,19 +101,11 @@ jobs: cache: npm cache-dependency-path: '**/package-lock.json' - - name: Audit - working-directory: src - run: npm audit --audit-level=critical - - - name: Build + - name: npm ci working-directory: src run: npm ci --prefer-offline - - name: Lint - working-directory: src - run: npm run lint - - - name: Test + - name: npm test working-directory: src run: npm test @@ -130,6 +115,85 @@ jobs: env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} + audit: + name: Audit + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Set up Node.js + uses: actions/setup-node@v3 + with: + node-version: ${{ env.node_version }} + + # We don't need to install deps to audit them + + - name: npm audit + working-directory: src + run: npm audit --audit-level=critical + + lint: + name: Lint + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Set up Node.js + uses: actions/setup-node@v3 + with: + node-version: ${{ env.node_version }} + cache: npm + cache-dependency-path: '**/package-lock.json' + + - name: npm ci + working-directory: src + run: npm ci --prefer-offline + + - name: npm lint + working-directory: src + run: npm run lint + + hadolint: + name: Lint Docker + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + # Hadolint follows semantic versioning, but doesn't have a @v2 release + - name: Lint Dockerfile + uses: hadolint/hadolint-action@v2.1.0 + with: + dockerfile: src/Dockerfile + + format: + name: Terraform Format + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Terraform Setup + uses: hashicorp/setup-terraform@v2 + with: + terraform_version: ${{ env.tf_version }} + + - name: Terraform Format + working-directory: terraform-iac + run: terraform fmt -check -recursive + + build_and_deploy: + name: Build and Deploy + runs-on: ubuntu-latest + needs: [env, test, audit, lint, hadolint, format] + strategy: + matrix: ${{ fromJson(needs.env.outputs.matrix) }} + fail-fast: false + environment: + name: ${{ matrix.env.environment_name }} + url: https://${{ steps.url.outputs.stdout }} + steps: + - name: Check out + uses: actions/checkout@v3 + - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: @@ -176,10 +240,6 @@ jobs: working-directory: ${{ matrix.env.tf_working_dir }} run: terraform init - - name: Terraform Format - working-directory: "./" - run: terraform fmt -check -recursive - - name: Terraform Plan working-directory: ${{ matrix.env.tf_working_dir }} run: terraform plan -var 'image_tag=${{ steps.date.outputs.timestamp }}' -input=false -out=plan