diff --git a/.github/workflows/checkGraphql.yml b/.github/workflows/checkGraphql.yml index 85c159e4a17..5d3237c9a29 100644 --- a/.github/workflows/checkGraphql.yml +++ b/.github/workflows/checkGraphql.yml @@ -1,59 +1,59 @@ -name: Check Graphql - -on: - workflow_dispatch: - pull_request: - branches: - - "**" - merge_group: - types: - - checks_requested - push: - branches: - - main - -env: - NODE_VERSION: 18 - -defaults: - run: - working-directory: frontend - -jobs: - check-graphql-types: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Use Node.js ${{env.NODE_VERSION}} - uses: actions/setup-node@v4.0.0 - with: - node-version: ${{env.NODE_VERSION}} - - name: Cache yarn - uses: actions/cache@v3.3.2 - with: - path: ~/.cache/yarn - key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} - restore-keys: | - ${{ runner.os }}-yarn- - - name: Node setup - run: yarn install --prefer-offline - - name: Generate grahpql types - run: yarn codegen - - name: Lint generated files - run: yarn lint:write - - name: Check for changes - run: | - if [[ -z "$(git status --porcelain)" ]]; then - exit 0 - else - echo "Current generated code does not match code in latest commit. try running cd frontend/ && yarn codegen" - git diff >> diff.txt - exit 1 - fi - - name: Archive git diff - uses: actions/upload-artifact@v3 - if: failure() - with: - name: files changed - path: frontend/diff.txt - retention-days: 7 +#name: Check Graphql +# +#on: +# workflow_dispatch: +# pull_request: +# branches: +# - "**" +# merge_group: +# types: +# - checks_requested +# push: +# branches: +# - main +# +#env: +# NODE_VERSION: 18 +# +#defaults: +# run: +# working-directory: frontend +# +#jobs: +# check-graphql-types: +# runs-on: ubuntu-latest +# steps: +# - uses: actions/checkout@v4 +# - name: Use Node.js ${{env.NODE_VERSION}} +# uses: actions/setup-node@v4.0.0 +# with: +# node-version: ${{env.NODE_VERSION}} +# - name: Cache yarn +# uses: actions/cache@v3.3.2 +# with: +# path: ~/.cache/yarn +# key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} +# restore-keys: | +# ${{ runner.os }}-yarn- +# - name: Node setup +# run: yarn install --prefer-offline +# - name: Generate grahpql types +# run: yarn codegen +# - name: Lint generated files +# run: yarn lint:write +# - name: Check for changes +# run: | +# if [[ -z "$(git status --porcelain)" ]]; then +# exit 0 +# else +# echo "Current generated code does not match code in latest commit. try running cd frontend/ && yarn codegen" +# git diff >> diff.txt +# exit 1 +# fi +# - name: Archive git diff +# uses: actions/upload-artifact@v3 +# if: failure() +# with: +# name: files changed +# path: frontend/diff.txt +# retention-days: 7 diff --git a/.github/workflows/chromatic.yml b/.github/workflows/chromatic.yml index c76021d4631..6786b235be0 100644 --- a/.github/workflows/chromatic.yml +++ b/.github/workflows/chromatic.yml @@ -1,64 +1,64 @@ -name: Chromatic - -on: - workflow_dispatch: - pull_request: - branches: - - "**" - paths: - - "frontend/**" - push: - branches: - - main - paths: - - "frontend/**" - -env: - NODE_VERSION: 18 - -jobs: - chromatic-deployment: - runs-on: ubuntu-latest - steps: - - - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Chromatic wants the history - - - uses: actions/setup-node@v4.0.0 - with: - node-version: ${{ env.NODE_VERSION }} - - - name: Install dependencies - run: yarn - working-directory: frontend - - - name: Publish to Chromatic - if: github.ref != 'refs/heads/main' - uses: chromaui/action@v10 - with: - workingDir: frontend - token: ${{ secrets.GITHUB_TOKEN }} - projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }} - ignoreLastBuildOnBranch: "**" # Better comparisons after rebasing - exitZeroOnChanges: true - exitOnceUploaded: true - - - name: Publish to Chromatic (auto-accept changes on merge main) - if: github.ref == 'refs/heads/main' - uses: chromaui/action@v10 - with: - workingDir: frontend - token: ${{ secrets.GITHUB_TOKEN }} - projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }} - ignoreLastBuildOnBranch: "**" - exitZeroOnChanges: true - exitOnceUploaded: true - autoAcceptChanges: true # handle squash-on-merge - - - name: Artifact Chromatic logs - if: failure() - uses: actions/upload-artifact@v3 - with: - name: logs - path: frontend/*.log +#name: Chromatic +# +#on: +# workflow_dispatch: +# pull_request: +# branches: +# - "**" +# paths: +# - "frontend/**" +# push: +# branches: +# - main +# paths: +# - "frontend/**" +# +#env: +# NODE_VERSION: 18 +# +#jobs: +# chromatic-deployment: +# runs-on: ubuntu-latest +# steps: +# +# - uses: actions/checkout@v4 +# with: +# fetch-depth: 0 # Chromatic wants the history +# +# - uses: actions/setup-node@v4.0.0 +# with: +# node-version: ${{ env.NODE_VERSION }} +# +# - name: Install dependencies +# run: yarn +# working-directory: frontend +# +# - name: Publish to Chromatic +# if: github.ref != 'refs/heads/main' +# uses: chromaui/action@v10 +# with: +# workingDir: frontend +# token: ${{ secrets.GITHUB_TOKEN }} +# projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }} +# ignoreLastBuildOnBranch: "**" # Better comparisons after rebasing +# exitZeroOnChanges: true +# exitOnceUploaded: true +# +# - name: Publish to Chromatic (auto-accept changes on merge main) +# if: github.ref == 'refs/heads/main' +# uses: chromaui/action@v10 +# with: +# workingDir: frontend +# token: ${{ secrets.GITHUB_TOKEN }} +# projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }} +# ignoreLastBuildOnBranch: "**" +# exitZeroOnChanges: true +# exitOnceUploaded: true +# autoAcceptChanges: true # handle squash-on-merge +# +# - name: Artifact Chromatic logs +# if: failure() +# uses: actions/upload-artifact@v3 +# with: +# name: logs +# path: frontend/*.log diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 4f7fb9d53aa..4230dc7f907 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,55 +1,55 @@ -name: "CodeQL" - -on: - push: - branches: [ "main" ] - pull_request: - branches: [ "main" ] - schedule: - - cron: "45 4 * * 3" - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -env: - JAVA_VERSION: 17 - JAVA_DISTRIBUTION: 'zulu' - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ javascript, java ] - - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - queries: +security-and-quality - - - name: Set up JDK - uses: actions/setup-java@v4 - with: - java-version: ${{env.JAVA_VERSION}} - distribution: ${{env.JAVA_DISTRIBUTION}} - - - name: Autobuild - uses: github/codeql-action/autobuild@v2 - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 - with: - category: "/language:${{ matrix.language }}" \ No newline at end of file +#name: "CodeQL" +# +#on: +# push: +# branches: [ "main" ] +# pull_request: +# branches: [ "main" ] +# schedule: +# - cron: "45 4 * * 3" +# +#concurrency: +# group: ${{ github.workflow }}-${{ github.ref }} +# cancel-in-progress: true +# +#env: +# JAVA_VERSION: 17 +# JAVA_DISTRIBUTION: 'zulu' +# +#jobs: +# analyze: +# name: Analyze +# runs-on: ubuntu-latest +# permissions: +# actions: read +# contents: read +# security-events: write +# +# strategy: +# fail-fast: false +# matrix: +# language: [ javascript, java ] +# +# steps: +# - name: Checkout +# uses: actions/checkout@v4 +# +# - name: Initialize CodeQL +# uses: github/codeql-action/init@v2 +# with: +# languages: ${{ matrix.language }} +# queries: +security-and-quality +# +# - name: Set up JDK +# uses: actions/setup-java@v4 +# with: +# java-version: ${{env.JAVA_VERSION}} +# distribution: ${{env.JAVA_DISTRIBUTION}} +# +# - name: Autobuild +# uses: github/codeql-action/autobuild@v2 +# +# - name: Perform CodeQL Analysis +# uses: github/codeql-action/analyze@v2 +# with: +# category: "/language:${{ matrix.language }}" \ No newline at end of file diff --git a/.github/workflows/e2eLocal.yml b/.github/workflows/e2eLocal.yml index a3dbf65bff5..8acee0cc6d4 100644 --- a/.github/workflows/e2eLocal.yml +++ b/.github/workflows/e2eLocal.yml @@ -1,148 +1,148 @@ -name: Run end-to-end tests - -on: - workflow_call: - secrets: - OKTA_API_KEY: - required: true - SMARTY_AUTH_ID: - required: true - SMARTY_AUTH_TOKEN: - required: true - CYPRESS_OKTA_USERNAME: - required: true - CYPRESS_OKTA_PASSWORD: - required: true - CYPRESS_OKTA_SECRET: - required: true - inputs: - DOCKER_BACKEND_IMAGE_VERSION: - required: false - type: string - DOCKER_CYPRESS_IMAGE_VERSION: - required: false - type: string - DOCKER_DATABASE_IMAGE_VERSION: - required: false - type: string - DOCKER_FRONTEND_IMAGE_VERSION: - required: false - type: string - DOCKER_NGINX_IMAGE_VERSION: - required: false - type: string - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }}-e2e-local - cancel-in-progress: true - -jobs: - - cypress-local-env: - runs-on: ubuntu-latest - steps: - - - name: Checkout - uses: actions/checkout@v4 - - - name: Set Swap Space - uses: ./.github/actions/set-swap-space - with: - swap-size-gb: 10 - - - name: Update files permissions - # Even though we don't use it, we need the .env file created here due to an issue similar to this one: https://github.com/mutagen-io/mutagen/issues/265 - run: | - echo "::group::Update permissions" - echo FAKE_ENV="true" >> .env - sudo chmod -R 777 backend - sudo chmod -R 777 frontend - echo "::endgroup::" - - - name: Log in to the Container registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Run Cypress - timeout-minutes: 30 - env: - # CI settings - CI: 1 - # docker settings - DOCKER_CLIENT_TIMEOUT: 180 - DOCKER_BACKEND_IMAGE_VERSION: ${{ inputs.DOCKER_BACKEND_IMAGE_VERSION }} - DOCKER_CYPRESS_IMAGE_VERSION: ${{ inputs.DOCKER_CYPRESS_IMAGE_VERSION }} - DOCKER_DATABASE_IMAGE_VERSION: ${{ inputs.DOCKER_DATABASE_IMAGE_VERSION }} - DOCKER_FRONTEND_IMAGE_VERSION: ${{ inputs.DOCKER_FRONTEND_IMAGE_VERSION }} - DOCKER_NGINX_IMAGE_VERSION: ${{ inputs.DOCKER_NGINX_IMAGE_VERSION }} - COMPOSE_HTTP_TIMEOUT: 180 - # backend settings - SPRING_PROFILES_ACTIVE: e2e,db-dockerized - OKTA_TESTING_DISABLEHTTPSCHECK: "true" - OKTA_API_KEY: ${{ secrets.OKTA_API_KEY }} - OKTA_OAUTH2_CLIENT_ID: 0oa1k0163nAwfVxNW1d7 - SMARTY_AUTH_ID: ${{ secrets.SMARTY_AUTH_ID }} - SMARTY_AUTH_TOKEN: ${{ secrets.SMARTY_AUTH_TOKEN }} - SPRING_LIQUIBASE_ENABLED: "true" - GIT_DISCOVERY_ACROSS_FILESYSTEM: 1 - WIREMOCK_URL: "http://wiremock:8088" - # cypress settings - CYPRESS_OKTA_REDIRECT_URI: "https%3A%2F%2Flocalhost.simplereport.gov%2Fapp" - CYPRESS_OKTA_USERNAME: ${{ secrets.CYPRESS_OKTA_USERNAME }} - CYPRESS_OKTA_PASSWORD: ${{ secrets.CYPRESS_OKTA_PASSWORD }} - CYPRESS_OKTA_SECRET: ${{ secrets.CYPRESS_OKTA_SECRET }} - CYPRESS_BACKEND_URL: "https://localhost.simplereport.gov/api" - SPEC_PATH: "cypress/e2e/**" - TEST_ENV: "https://localhost.simplereport.gov" - # frontend settings - REACT_APP_OKTA_URL: "http://wiremock:8088" - REACT_APP_OKTA_CLIENT_ID: 0oa1k0163nAwfVxNW1d7 - REACT_APP_BASE_URL: https://localhost.simplereport.gov - REACT_APP_BACKEND_URL: https://localhost.simplereport.gov/api - PUBLIC_URL: /app/ - REACT_APP_OKTA_ENABLED: "true" - REACT_APP_DISABLE_MAINTENANCE_BANNER: "true" - shell: bash - run: | - echo "::group::Run Cypress locally" - echo "Backend branch tag (or latest): ${{ inputs.DOCKER_BACKEND_IMAGE_VERSION }}" - echo "Cypress branch tag (or latest): ${{ inputs.DOCKER_CYPRESS_IMAGE_VERSION }}" - echo "Database branch tag (or latest): ${{ inputs.DOCKER_DATABASE_IMAGE_VERSION }}" - echo "Frontend branch tag (or latest): ${{ inputs.DOCKER_FRONTEND_IMAGE_VERSION }}" - echo "Nginx branch tag (or latest): ${{ inputs.DOCKER_NGINX_IMAGE_VERSION }}" - docker compose -f docker-compose.yml -f docker-compose.cypress.yml up --abort-on-container-exit --attach cypress --exit-code-from cypress --quiet-pull - echo "::endgroup::" - - - name: Get docker logs - if: always() - shell: bash - run: | - echo "Saving $container logs" - docker compose -f docker-compose.yml -f docker-compose.cypress.yml logs --timestamps >& cypress-run.log - - - name: Stop containers - if: always() - shell: bash - run: | - echo "::group::Stop Docker containers" - docker compose -f docker-compose.yml -f docker-compose.cypress.yml down - echo "::endgroup::" - - - name: Archive cypress failures - if: always() - uses: actions/upload-artifact@v3 - with: - name: cypress-results - path: | - cypress/videos/* - cypress/screenshots/* - - - name: Archive docker logs - if: always() - uses: actions/upload-artifact@v3 - with: - name: logs - path: cypress-run.log +#name: Run end-to-end tests +# +#on: +# workflow_call: +# secrets: +# OKTA_API_KEY: +# required: true +# SMARTY_AUTH_ID: +# required: true +# SMARTY_AUTH_TOKEN: +# required: true +# CYPRESS_OKTA_USERNAME: +# required: true +# CYPRESS_OKTA_PASSWORD: +# required: true +# CYPRESS_OKTA_SECRET: +# required: true +# inputs: +# DOCKER_BACKEND_IMAGE_VERSION: +# required: false +# type: string +# DOCKER_CYPRESS_IMAGE_VERSION: +# required: false +# type: string +# DOCKER_DATABASE_IMAGE_VERSION: +# required: false +# type: string +# DOCKER_FRONTEND_IMAGE_VERSION: +# required: false +# type: string +# DOCKER_NGINX_IMAGE_VERSION: +# required: false +# type: string +# +#concurrency: +# group: ${{ github.workflow }}-${{ github.ref }}-e2e-local +# cancel-in-progress: true +# +#jobs: +# +# cypress-local-env: +# runs-on: ubuntu-latest +# steps: +# +# - name: Checkout +# uses: actions/checkout@v4 +# +# - name: Set Swap Space +# uses: ./.github/actions/set-swap-space +# with: +# swap-size-gb: 10 +# +# - name: Update files permissions +# # Even though we don't use it, we need the .env file created here due to an issue similar to this one: https://github.com/mutagen-io/mutagen/issues/265 +# run: | +# echo "::group::Update permissions" +# echo FAKE_ENV="true" >> .env +# sudo chmod -R 777 backend +# sudo chmod -R 777 frontend +# echo "::endgroup::" +# +# - name: Log in to the Container registry +# uses: docker/login-action@v3 +# with: +# registry: ghcr.io +# username: ${{ github.actor }} +# password: ${{ secrets.GITHUB_TOKEN }} +# +# - name: Run Cypress +# timeout-minutes: 30 +# env: +# # CI settings +# CI: 1 +# # docker settings +# DOCKER_CLIENT_TIMEOUT: 180 +# DOCKER_BACKEND_IMAGE_VERSION: ${{ inputs.DOCKER_BACKEND_IMAGE_VERSION }} +# DOCKER_CYPRESS_IMAGE_VERSION: ${{ inputs.DOCKER_CYPRESS_IMAGE_VERSION }} +# DOCKER_DATABASE_IMAGE_VERSION: ${{ inputs.DOCKER_DATABASE_IMAGE_VERSION }} +# DOCKER_FRONTEND_IMAGE_VERSION: ${{ inputs.DOCKER_FRONTEND_IMAGE_VERSION }} +# DOCKER_NGINX_IMAGE_VERSION: ${{ inputs.DOCKER_NGINX_IMAGE_VERSION }} +# COMPOSE_HTTP_TIMEOUT: 180 +# # backend settings +# SPRING_PROFILES_ACTIVE: e2e,db-dockerized +# OKTA_TESTING_DISABLEHTTPSCHECK: "true" +# OKTA_API_KEY: ${{ secrets.OKTA_API_KEY }} +# OKTA_OAUTH2_CLIENT_ID: 0oa1k0163nAwfVxNW1d7 +# SMARTY_AUTH_ID: ${{ secrets.SMARTY_AUTH_ID }} +# SMARTY_AUTH_TOKEN: ${{ secrets.SMARTY_AUTH_TOKEN }} +# SPRING_LIQUIBASE_ENABLED: "true" +# GIT_DISCOVERY_ACROSS_FILESYSTEM: 1 +# WIREMOCK_URL: "http://wiremock:8088" +# # cypress settings +# CYPRESS_OKTA_REDIRECT_URI: "https%3A%2F%2Flocalhost.simplereport.gov%2Fapp" +# CYPRESS_OKTA_USERNAME: ${{ secrets.CYPRESS_OKTA_USERNAME }} +# CYPRESS_OKTA_PASSWORD: ${{ secrets.CYPRESS_OKTA_PASSWORD }} +# CYPRESS_OKTA_SECRET: ${{ secrets.CYPRESS_OKTA_SECRET }} +# CYPRESS_BACKEND_URL: "https://localhost.simplereport.gov/api" +# SPEC_PATH: "cypress/e2e/**" +# TEST_ENV: "https://localhost.simplereport.gov" +# # frontend settings +# REACT_APP_OKTA_URL: "http://wiremock:8088" +# REACT_APP_OKTA_CLIENT_ID: 0oa1k0163nAwfVxNW1d7 +# REACT_APP_BASE_URL: https://localhost.simplereport.gov +# REACT_APP_BACKEND_URL: https://localhost.simplereport.gov/api +# PUBLIC_URL: /app/ +# REACT_APP_OKTA_ENABLED: "true" +# REACT_APP_DISABLE_MAINTENANCE_BANNER: "true" +# shell: bash +# run: | +# echo "::group::Run Cypress locally" +# echo "Backend branch tag (or latest): ${{ inputs.DOCKER_BACKEND_IMAGE_VERSION }}" +# echo "Cypress branch tag (or latest): ${{ inputs.DOCKER_CYPRESS_IMAGE_VERSION }}" +# echo "Database branch tag (or latest): ${{ inputs.DOCKER_DATABASE_IMAGE_VERSION }}" +# echo "Frontend branch tag (or latest): ${{ inputs.DOCKER_FRONTEND_IMAGE_VERSION }}" +# echo "Nginx branch tag (or latest): ${{ inputs.DOCKER_NGINX_IMAGE_VERSION }}" +# docker compose -f docker-compose.yml -f docker-compose.cypress.yml up --abort-on-container-exit --attach cypress --exit-code-from cypress --quiet-pull +# echo "::endgroup::" +# +# - name: Get docker logs +# if: always() +# shell: bash +# run: | +# echo "Saving $container logs" +# docker compose -f docker-compose.yml -f docker-compose.cypress.yml logs --timestamps >& cypress-run.log +# +# - name: Stop containers +# if: always() +# shell: bash +# run: | +# echo "::group::Stop Docker containers" +# docker compose -f docker-compose.yml -f docker-compose.cypress.yml down +# echo "::endgroup::" +# +# - name: Archive cypress failures +# if: always() +# uses: actions/upload-artifact@v3 +# with: +# name: cypress-results +# path: | +# cypress/videos/* +# cypress/screenshots/* +# +# - name: Archive docker logs +# if: always() +# uses: actions/upload-artifact@v3 +# with: +# name: logs +# path: cypress-run.log diff --git a/.github/workflows/smokeTestDeploy.yml b/.github/workflows/smokeTestDeploy.yml index d80481929e2..9f26f58492f 100644 --- a/.github/workflows/smokeTestDeploy.yml +++ b/.github/workflows/smokeTestDeploy.yml @@ -2,10 +2,12 @@ name: Smoke test deploy run-name: Smoke test the deploy for ${{ inputs.deploy_env }} by @${{ github.actor }} on: + # DELETE ME WHEN MERGING + push: workflow_dispatch: inputs: deploy_env: - description: 'The environment to deploy to' + description: 'The environment to smoke test' required: true type: choice options: @@ -26,10 +28,6 @@ on: env: NODE_VERSION: 18 -concurrency: - group: ${{ github.event.inputs.deploy_env }}-deploy - cancel-in-progress: false - jobs: smoke-test-front-and-back-end: runs-on: ubuntu-latest diff --git a/.github/workflows/terraformChecks.yml b/.github/workflows/terraformChecks.yml index 09d341fbe4b..87f54826b78 100644 --- a/.github/workflows/terraformChecks.yml +++ b/.github/workflows/terraformChecks.yml @@ -1,101 +1,101 @@ -name: Terraform Checks - -on: - workflow_dispatch: # because sometimes you just want to force a branch to have tests run - pull_request: - branches: - - "**" - merge_group: - types: - - checks_requested - -defaults: - run: - working-directory: ./ops - -jobs: - check-terraform-formatting: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: hashicorp/setup-terraform@v3.0.0 - with: - terraform_version: 1.3.3 - - name: Terraform fmt - run: terraform fmt -check -recursive - - check-terraform-validity: - runs-on: ubuntu-latest - env: - TERRAFORM_DIRS: | - dev dev/persistent dev2 dev2/persistent dev3 dev3/persistent dev4 dev4/persistent - dev5 dev5/persistent dev6 dev6/persistent dev7 dev7/persistent - test test/persistent demo demo/persistent training training/persistent - stg stg/persistent pentest pentest/persistent prod prod/persistent - global - steps: - - uses: actions/checkout@v4 - - uses: hashicorp/setup-terraform@v3.0.0 - with: - terraform_version: 1.3.3 - - name: Terraform Init - run: | - for d in $TERRAFORM_DIRS - do - echo "Initializing $d"; - (cd $d && terraform init -backend=false) - done - - name: Terraform Validate - run: | - for d in $TERRAFORM_DIRS - do - echo "Validating $d"; - (cd $d && terraform validate) - done - - terraform-plan: - runs-on: ubuntu-latest - needs: [check-terraform-validity] - env: # all Azure interaction is through terraform - ARM_CLIENT_ID: ${{ secrets.TERRAFORM_ARM_CLIENT_ID }} - ARM_CLIENT_SECRET: ${{ secrets.TERRAFORM_ARM_CLIENT_SECRET }} - ARM_SUBSCRIPTION_ID: ${{ secrets.TERRAFORM_ARM_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.TERRAFORM_ARM_TENANT_ID }} - OKTA_API_TOKEN: ${{ secrets.OKTA_API_TOKEN }} - steps: - - uses: actions/checkout@v4 - - name: Dependabot bypass - if: ${{ github.actor == 'dependabot[bot]' }} - run: | - true - - uses: azure/login@v1 - if: ${{ github.actor != 'dependabot[bot]' }} - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - uses: hashicorp/setup-terraform@v3.0.0 - if: ${{ github.actor != 'dependabot[bot]' }} - with: - terraform_version: 1.3.3 - - name: Terraform Init Prod - if: ${{ github.actor != 'dependabot[bot]' }} - run: make init-prod - - name: Build ReportStream function app Prod - if: ${{ github.actor != 'dependabot[bot]' }} - uses: ./.github/actions/build-reportstream-functions - with: - deploy-env: ${{env.DEPLOY_ENV}} - - name: Terraform Plan Prod - if: ${{ github.actor != 'dependabot[bot]' }} - run: make plan-prod - - - name: Terraform Init Stg - if: ${{ github.actor != 'dependabot[bot]' }} - run: make init-stg - - name: Build ReportStream function app Stg - if: ${{ github.actor != 'dependabot[bot]' }} - uses: ./.github/actions/build-reportstream-functions - with: - deploy-env: stg - - name: Terraform plan Stg - if: ${{ github.actor != 'dependabot[bot]' }} - run: make plan-stg +#name: Terraform Checks +# +#on: +# workflow_dispatch: # because sometimes you just want to force a branch to have tests run +# pull_request: +# branches: +# - "**" +# merge_group: +# types: +# - checks_requested +# +#defaults: +# run: +# working-directory: ./ops +# +#jobs: +# check-terraform-formatting: +# runs-on: ubuntu-latest +# steps: +# - uses: actions/checkout@v4 +# - uses: hashicorp/setup-terraform@v3.0.0 +# with: +# terraform_version: 1.3.3 +# - name: Terraform fmt +# run: terraform fmt -check -recursive +# +# check-terraform-validity: +# runs-on: ubuntu-latest +# env: +# TERRAFORM_DIRS: | +# dev dev/persistent dev2 dev2/persistent dev3 dev3/persistent dev4 dev4/persistent +# dev5 dev5/persistent dev6 dev6/persistent dev7 dev7/persistent +# test test/persistent demo demo/persistent training training/persistent +# stg stg/persistent pentest pentest/persistent prod prod/persistent +# global +# steps: +# - uses: actions/checkout@v4 +# - uses: hashicorp/setup-terraform@v3.0.0 +# with: +# terraform_version: 1.3.3 +# - name: Terraform Init +# run: | +# for d in $TERRAFORM_DIRS +# do +# echo "Initializing $d"; +# (cd $d && terraform init -backend=false) +# done +# - name: Terraform Validate +# run: | +# for d in $TERRAFORM_DIRS +# do +# echo "Validating $d"; +# (cd $d && terraform validate) +# done +# +# terraform-plan: +# runs-on: ubuntu-latest +# needs: [check-terraform-validity] +# env: # all Azure interaction is through terraform +# ARM_CLIENT_ID: ${{ secrets.TERRAFORM_ARM_CLIENT_ID }} +# ARM_CLIENT_SECRET: ${{ secrets.TERRAFORM_ARM_CLIENT_SECRET }} +# ARM_SUBSCRIPTION_ID: ${{ secrets.TERRAFORM_ARM_SUBSCRIPTION_ID }} +# ARM_TENANT_ID: ${{ secrets.TERRAFORM_ARM_TENANT_ID }} +# OKTA_API_TOKEN: ${{ secrets.OKTA_API_TOKEN }} +# steps: +# - uses: actions/checkout@v4 +# - name: Dependabot bypass +# if: ${{ github.actor == 'dependabot[bot]' }} +# run: | +# true +# - uses: azure/login@v1 +# if: ${{ github.actor != 'dependabot[bot]' }} +# with: +# creds: ${{ secrets.AZURE_CREDENTIALS }} +# - uses: hashicorp/setup-terraform@v3.0.0 +# if: ${{ github.actor != 'dependabot[bot]' }} +# with: +# terraform_version: 1.3.3 +# - name: Terraform Init Prod +# if: ${{ github.actor != 'dependabot[bot]' }} +# run: make init-prod +# - name: Build ReportStream function app Prod +# if: ${{ github.actor != 'dependabot[bot]' }} +# uses: ./.github/actions/build-reportstream-functions +# with: +# deploy-env: ${{env.DEPLOY_ENV}} +# - name: Terraform Plan Prod +# if: ${{ github.actor != 'dependabot[bot]' }} +# run: make plan-prod +# +# - name: Terraform Init Stg +# if: ${{ github.actor != 'dependabot[bot]' }} +# run: make init-stg +# - name: Build ReportStream function app Stg +# if: ${{ github.actor != 'dependabot[bot]' }} +# uses: ./.github/actions/build-reportstream-functions +# with: +# deploy-env: stg +# - name: Terraform plan Stg +# if: ${{ github.actor != 'dependabot[bot]' }} +# run: make plan-stg diff --git a/.github/workflows/terraformPlan.yml b/.github/workflows/terraformPlan.yml index fbe8805fb62..23ba50ca096 100644 --- a/.github/workflows/terraformPlan.yml +++ b/.github/workflows/terraformPlan.yml @@ -1,77 +1,77 @@ -name: Ad-hoc Terraform Plan -run-name: Terraform plan ${{ inputs.env }} by @${{ github.actor }} - -on: - workflow_dispatch: - inputs: - env: - description: 'What to plan against' - required: true - type: choice - options: - - dev - - dev2 - - dev3 - - dev4 - - dev5 - - dev6 - - dev7 - - pentest - - test - - demo - - training - - stg - - prod - - all_environments - -env: - ARM_CLIENT_ID: ${{ secrets.TERRAFORM_ARM_CLIENT_ID }} - ARM_CLIENT_SECRET: ${{ secrets.TERRAFORM_ARM_CLIENT_SECRET }} - ARM_SUBSCRIPTION_ID: ${{ secrets.TERRAFORM_ARM_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.TERRAFORM_ARM_TENANT_ID }} - OKTA_API_TOKEN: ${{ secrets.OKTA_API_TOKEN_NONPROD }} - -jobs: - matrix_prep: - runs-on: ubuntu-latest - outputs: - matrix: ${{ steps.set_matrix.outputs.matrix }} - steps: - - uses: actions/checkout@v4 - - id: set_matrix - run: | - if [[ "${{ inputs.env }}" == "all_environments" ]]; then - matrix=[{\"env\":\"dev\"},{\"env\":\"dev2\"},{\"env\":\"dev3\"},{\"env\":\"dev4\"},{\"env\":\"dev5\"},{\"env\":\"dev6\"},{\"env\":\"dev7\"},{\"env\":\"pentest\"},{\"env\":\"test\"},{\"env\":\"demo\"},{\"env\":\"training\"},{\"env\":\"stg\"},{\"env\":\"prod\"}] - else - matrix=[{\"env\":\"${{ inputs.env }}\"}] - fi - echo "matrix={\"include\":$(echo $matrix)}" >> $GITHUB_OUTPUT - terraform_plan: - needs: matrix_prep - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: ${{fromJson(needs.matrix_prep.outputs.matrix)}} - defaults: - run: - working-directory: ./ops - steps: - - uses: actions/checkout@v4 - - uses: azure/login@v1 - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Use prod Okta token if required - if: ${{ matrix.env == 'prod' || matrix.env == 'stg' || matrix.env == 'training' }} - run: | - echo "OKTA_API_TOKEN=${{ secrets.OKTA_API_TOKEN }}" >> "$GITHUB_ENV" - - uses: hashicorp/setup-terraform@v3.0.0 - with: - terraform_version: 1.3.3 - - name: Terraform Init - run: make init-${{ matrix.env }} - - name: Build ReportStream function app - uses: ./.github/actions/build-reportstream-functions - with: - deploy-env: ${{ matrix.env }} - - name: Terraform plan - run: make plan-${{ matrix.env }} +#name: Ad-hoc Terraform Plan +#run-name: Terraform plan ${{ inputs.env }} by @${{ github.actor }} +# +#on: +# workflow_dispatch: +# inputs: +# env: +# description: 'What to plan against' +# required: true +# type: choice +# options: +# - dev +# - dev2 +# - dev3 +# - dev4 +# - dev5 +# - dev6 +# - dev7 +# - pentest +# - test +# - demo +# - training +# - stg +# - prod +# - all_environments +# +#env: +# ARM_CLIENT_ID: ${{ secrets.TERRAFORM_ARM_CLIENT_ID }} +# ARM_CLIENT_SECRET: ${{ secrets.TERRAFORM_ARM_CLIENT_SECRET }} +# ARM_SUBSCRIPTION_ID: ${{ secrets.TERRAFORM_ARM_SUBSCRIPTION_ID }} +# ARM_TENANT_ID: ${{ secrets.TERRAFORM_ARM_TENANT_ID }} +# OKTA_API_TOKEN: ${{ secrets.OKTA_API_TOKEN_NONPROD }} +# +#jobs: +# matrix_prep: +# runs-on: ubuntu-latest +# outputs: +# matrix: ${{ steps.set_matrix.outputs.matrix }} +# steps: +# - uses: actions/checkout@v4 +# - id: set_matrix +# run: | +# if [[ "${{ inputs.env }}" == "all_environments" ]]; then +# matrix=[{\"env\":\"dev\"},{\"env\":\"dev2\"},{\"env\":\"dev3\"},{\"env\":\"dev4\"},{\"env\":\"dev5\"},{\"env\":\"dev6\"},{\"env\":\"dev7\"},{\"env\":\"pentest\"},{\"env\":\"test\"},{\"env\":\"demo\"},{\"env\":\"training\"},{\"env\":\"stg\"},{\"env\":\"prod\"}] +# else +# matrix=[{\"env\":\"${{ inputs.env }}\"}] +# fi +# echo "matrix={\"include\":$(echo $matrix)}" >> $GITHUB_OUTPUT +# terraform_plan: +# needs: matrix_prep +# runs-on: ubuntu-latest +# strategy: +# fail-fast: false +# matrix: ${{fromJson(needs.matrix_prep.outputs.matrix)}} +# defaults: +# run: +# working-directory: ./ops +# steps: +# - uses: actions/checkout@v4 +# - uses: azure/login@v1 +# with: +# creds: ${{ secrets.AZURE_CREDENTIALS }} +# - name: Use prod Okta token if required +# if: ${{ matrix.env == 'prod' || matrix.env == 'stg' || matrix.env == 'training' }} +# run: | +# echo "OKTA_API_TOKEN=${{ secrets.OKTA_API_TOKEN }}" >> "$GITHUB_ENV" +# - uses: hashicorp/setup-terraform@v3.0.0 +# with: +# terraform_version: 1.3.3 +# - name: Terraform Init +# run: make init-${{ matrix.env }} +# - name: Build ReportStream function app +# uses: ./.github/actions/build-reportstream-functions +# with: +# deploy-env: ${{ matrix.env }} +# - name: Terraform plan +# run: make plan-${{ matrix.env }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 39cf5bc8585..5f6efad52f7 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,220 +1,220 @@ -name: Test - -on: - workflow_call: - secrets: - SONAR_TOKEN: - description: secrets.SONAR_TOKEN - required: true - TWILIO_ACCOUNT_SID: - description: secrets.TWILIO_TEST_ACCOUNT_SID - required: true - TWILIO_AUTH_TOKEN: - description: secrets.TWILIO_TEST_AUTH_TOKEN - required: true - inputs: - DOCKER_DATABASE_IMAGE_VERSION: - required: false - type: string - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }}-test - cancel-in-progress: true - -env: - NODE_VERSION: 18 - JAVA_VERSION: 17 - JAVA_DISTRIBUTION: 'zulu' - PROJECT_ROOT: /home/runner/work/prime-simplereport/prime-simplereport # Hardcoding this here because env.WORKSPACE_ROOT gets overridden by one of the steps downstream. We only need this for Sonar. - -defaults: - run: - working-directory: backend - -jobs: - backend-tests: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up JDK ${{ env.JAVA_VERSION }} - uses: actions/setup-java@v4 - with: - java-version: ${{ env.JAVA_VERSION }} - distribution: ${{ env.JAVA_DISTRIBUTION }} - - name: Cache Java Dependencies - uses: actions/cache@v3.3.2 - with: - path: | - ~/.gradle/caches - ~/.gradle/wrapper - key: gradle-${{ hashFiles('*.gradle', 'gradle/dependency-locks/*') }} - - name: Start DB - env: - DOCKER_DATABASE_IMAGE_VERSION: ${{ inputs.DOCKER_DATABASE_IMAGE_VERSION }} - run: touch ../.env && docker compose -f ../docker-compose.yml up -d db - - name: Run tests - env: - OKTA_TESTING_DISABLEHTTPS: true - TWILIO_ACCOUNT_SID: ${{ secrets.TWILIO_ACCOUNT_SID }} - TWILIO_AUTH_TOKEN: ${{ secrets.TWILIO_AUTH_TOKEN }} - run: ./gradlew jacocoTestReport -PtestDbPort=5432 - - name: Cache backend coverage results - uses: actions/cache@v3.3.2 - with: - path: backend/build/** - key: ${{ runner.os }}-backend-coverage-${{ github.run_id }}-${{ github.run_attempt }} - - name: Archive failed test results - uses: actions/upload-artifact@v3 - if: failure() - with: - name: backend-test-report - path: backend/build/reports/tests/test - retention-days: 7 - frontend-tests: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@v4.0.0 - with: - node-version: ${{ env.NODE_VERSION }} - - name: Cache yarn - uses: actions/cache@v3.3.2 - with: - path: ~/.cache/yarn - key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} - - name: Node setup - working-directory: ./frontend - run: yarn install --prefer-offline - - name: Run tests - working-directory: ./frontend - run: yarn test:ci - - name: Cache frontend coverage results - uses: actions/cache@v3.3.2 - with: - path: | - frontend/coverage/** - key: ${{ runner.os }}-frontend-coverage-${{ github.run_id }}-${{ github.run_attempt }} - function-tests: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: "Function Apps: yarn install" - working-directory: ./ops/services/app_functions/report_stream_batched_publisher/functions - run: yarn - - name: "Function Apps: Test" - working-directory: ./ops/services/app_functions/report_stream_batched_publisher/functions - run: yarn coverage - - name: Cache function coverage results - uses: actions/cache@v3.3.2 - with: - path: | - ops/services/app_functions/report_stream_batched_publisher/functions/coverage/** - key: ${{ runner.os }}-function-coverage-${{ github.run_id }}-${{ github.run_attempt }} - - name: Archive function coverage results - uses: actions/upload-artifact@v3 - with: - name: function-coverage - path: ops/services/app_functions/report_stream_batched_publisher/functions/coverage - sonar: - needs: [backend-tests, frontend-tests, function-tests] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - if: ${{ github.actor != 'dependabot[bot]' }} - with: - fetch-depth: 0 # Disable shallow clones so Sonar can have all the data - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any - - name: Restore backend cache - if: ${{ github.actor != 'dependabot[bot]' }} - uses: actions/cache@v3.3.2 - with: - path: | - backend/build/** - key: ${{ runner.os }}-backend-coverage-${{ github.run_id }}-${{ github.run_attempt }} - - name: Restore frontend cache - if: ${{ github.actor != 'dependabot[bot]' }} - uses: actions/cache@v3.3.2 - with: - path: | - frontend/coverage/** - key: ${{ runner.os }}-frontend-coverage-${{ github.run_id }}-${{ github.run_attempt }} - - name: Restore functions cache - if: ${{ github.actor != 'dependabot[bot]' }} - uses: actions/cache@v3.3.2 - with: - path: | - ops/services/app_functions/report_stream_batched_publisher/functions/coverage/** - key: ${{ runner.os }}-function-coverage-${{ github.run_id }}-${{ github.run_attempt }} - - name: Set up JDK - uses: actions/setup-java@v4 - with: - java-version: ${{ env.JAVA_VERSION }} - distribution: ${{ env.JAVA_DISTRIBUTION }} - - name: Sonar analysis - if: ${{ github.actor != 'dependabot[bot]' }} - run: ./gradlew sonarqube -Dsonar.projectBaseDir=${{ env.PROJECT_ROOT }} --info - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - build-jar: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up JDK ${{ env.JAVA_VERSION }} - uses: actions/setup-java@v4 - with: - java-version: ${{ env.JAVA_VERSION }} - distribution: ${{ env.JAVA_DISTRIBUTION }} - - name: Cache Java dependencies - uses: actions/cache@v3.3.2 - with: - path: | - ~/.gradle/caches - ~/.gradle/wrapper - key: gradle-${{ hashFiles('*.gradle', 'gradle/dependency-locks/*') }} - - name: Run Java build - run: ./gradlew assemble - backend-lint: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up JDK ${{ env.JAVA_VERSION }} - uses: actions/setup-java@v4 - with: - java-version: ${{ env.JAVA_VERSION }} - distribution: ${{ env.JAVA_DISTRIBUTION }} - - name: Cache Java dependencies - uses: actions/cache@v3.3.2 - with: - path: | - ~/.gradle/caches - ~/.gradle/wrapper - key: gradle-${{ hashFiles('*.gradle', 'gradle/dependency-locks/*') }} - - name: Run style checks - run: ./gradlew checkstyleMain checkstyleTest spotlessCheck --continue - frontend-lint-and-build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@v4.0.0 - with: - node-version: ${{ env.NODE_VERSION }} - - name: Cache yarn - uses: actions/cache@v3.3.2 - with: - path: ~/.cache/yarn - key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} - restore-keys: | - ${{ runner.os }}-yarn- - - name: Node setup - working-directory: ./frontend - run: yarn - - name: Lint front-end - working-directory: ./frontend - run: yarn lint - - name: Build release - working-directory: ./frontend - run: yarn build +#name: Test +# +#on: +# workflow_call: +# secrets: +# SONAR_TOKEN: +# description: secrets.SONAR_TOKEN +# required: true +# TWILIO_ACCOUNT_SID: +# description: secrets.TWILIO_TEST_ACCOUNT_SID +# required: true +# TWILIO_AUTH_TOKEN: +# description: secrets.TWILIO_TEST_AUTH_TOKEN +# required: true +# inputs: +# DOCKER_DATABASE_IMAGE_VERSION: +# required: false +# type: string +# +#concurrency: +# group: ${{ github.workflow }}-${{ github.ref }}-test +# cancel-in-progress: true +# +#env: +# NODE_VERSION: 18 +# JAVA_VERSION: 17 +# JAVA_DISTRIBUTION: 'zulu' +# PROJECT_ROOT: /home/runner/work/prime-simplereport/prime-simplereport # Hardcoding this here because env.WORKSPACE_ROOT gets overridden by one of the steps downstream. We only need this for Sonar. +# +#defaults: +# run: +# working-directory: backend +# +#jobs: +# backend-tests: +# runs-on: ubuntu-latest +# steps: +# - uses: actions/checkout@v4 +# - name: Set up JDK ${{ env.JAVA_VERSION }} +# uses: actions/setup-java@v4 +# with: +# java-version: ${{ env.JAVA_VERSION }} +# distribution: ${{ env.JAVA_DISTRIBUTION }} +# - name: Cache Java Dependencies +# uses: actions/cache@v3.3.2 +# with: +# path: | +# ~/.gradle/caches +# ~/.gradle/wrapper +# key: gradle-${{ hashFiles('*.gradle', 'gradle/dependency-locks/*') }} +# - name: Start DB +# env: +# DOCKER_DATABASE_IMAGE_VERSION: ${{ inputs.DOCKER_DATABASE_IMAGE_VERSION }} +# run: touch ../.env && docker compose -f ../docker-compose.yml up -d db +# - name: Run tests +# env: +# OKTA_TESTING_DISABLEHTTPS: true +# TWILIO_ACCOUNT_SID: ${{ secrets.TWILIO_ACCOUNT_SID }} +# TWILIO_AUTH_TOKEN: ${{ secrets.TWILIO_AUTH_TOKEN }} +# run: ./gradlew jacocoTestReport -PtestDbPort=5432 +# - name: Cache backend coverage results +# uses: actions/cache@v3.3.2 +# with: +# path: backend/build/** +# key: ${{ runner.os }}-backend-coverage-${{ github.run_id }}-${{ github.run_attempt }} +# - name: Archive failed test results +# uses: actions/upload-artifact@v3 +# if: failure() +# with: +# name: backend-test-report +# path: backend/build/reports/tests/test +# retention-days: 7 +# frontend-tests: +# runs-on: ubuntu-latest +# steps: +# - uses: actions/checkout@v4 +# - name: Use Node.js ${{ env.NODE_VERSION }} +# uses: actions/setup-node@v4.0.0 +# with: +# node-version: ${{ env.NODE_VERSION }} +# - name: Cache yarn +# uses: actions/cache@v3.3.2 +# with: +# path: ~/.cache/yarn +# key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} +# - name: Node setup +# working-directory: ./frontend +# run: yarn install --prefer-offline +# - name: Run tests +# working-directory: ./frontend +# run: yarn test:ci +# - name: Cache frontend coverage results +# uses: actions/cache@v3.3.2 +# with: +# path: | +# frontend/coverage/** +# key: ${{ runner.os }}-frontend-coverage-${{ github.run_id }}-${{ github.run_attempt }} +# function-tests: +# runs-on: ubuntu-latest +# steps: +# - uses: actions/checkout@v4 +# - name: "Function Apps: yarn install" +# working-directory: ./ops/services/app_functions/report_stream_batched_publisher/functions +# run: yarn +# - name: "Function Apps: Test" +# working-directory: ./ops/services/app_functions/report_stream_batched_publisher/functions +# run: yarn coverage +# - name: Cache function coverage results +# uses: actions/cache@v3.3.2 +# with: +# path: | +# ops/services/app_functions/report_stream_batched_publisher/functions/coverage/** +# key: ${{ runner.os }}-function-coverage-${{ github.run_id }}-${{ github.run_attempt }} +# - name: Archive function coverage results +# uses: actions/upload-artifact@v3 +# with: +# name: function-coverage +# path: ops/services/app_functions/report_stream_batched_publisher/functions/coverage +# sonar: +# needs: [backend-tests, frontend-tests, function-tests] +# runs-on: ubuntu-latest +# steps: +# - uses: actions/checkout@v4 +# if: ${{ github.actor != 'dependabot[bot]' }} +# with: +# fetch-depth: 0 # Disable shallow clones so Sonar can have all the data +# env: +# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any +# - name: Restore backend cache +# if: ${{ github.actor != 'dependabot[bot]' }} +# uses: actions/cache@v3.3.2 +# with: +# path: | +# backend/build/** +# key: ${{ runner.os }}-backend-coverage-${{ github.run_id }}-${{ github.run_attempt }} +# - name: Restore frontend cache +# if: ${{ github.actor != 'dependabot[bot]' }} +# uses: actions/cache@v3.3.2 +# with: +# path: | +# frontend/coverage/** +# key: ${{ runner.os }}-frontend-coverage-${{ github.run_id }}-${{ github.run_attempt }} +# - name: Restore functions cache +# if: ${{ github.actor != 'dependabot[bot]' }} +# uses: actions/cache@v3.3.2 +# with: +# path: | +# ops/services/app_functions/report_stream_batched_publisher/functions/coverage/** +# key: ${{ runner.os }}-function-coverage-${{ github.run_id }}-${{ github.run_attempt }} +# - name: Set up JDK +# uses: actions/setup-java@v4 +# with: +# java-version: ${{ env.JAVA_VERSION }} +# distribution: ${{ env.JAVA_DISTRIBUTION }} +# - name: Sonar analysis +# if: ${{ github.actor != 'dependabot[bot]' }} +# run: ./gradlew sonarqube -Dsonar.projectBaseDir=${{ env.PROJECT_ROOT }} --info +# env: +# SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} +# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +# build-jar: +# runs-on: ubuntu-latest +# steps: +# - uses: actions/checkout@v4 +# - name: Set up JDK ${{ env.JAVA_VERSION }} +# uses: actions/setup-java@v4 +# with: +# java-version: ${{ env.JAVA_VERSION }} +# distribution: ${{ env.JAVA_DISTRIBUTION }} +# - name: Cache Java dependencies +# uses: actions/cache@v3.3.2 +# with: +# path: | +# ~/.gradle/caches +# ~/.gradle/wrapper +# key: gradle-${{ hashFiles('*.gradle', 'gradle/dependency-locks/*') }} +# - name: Run Java build +# run: ./gradlew assemble +# backend-lint: +# runs-on: ubuntu-latest +# steps: +# - uses: actions/checkout@v4 +# - name: Set up JDK ${{ env.JAVA_VERSION }} +# uses: actions/setup-java@v4 +# with: +# java-version: ${{ env.JAVA_VERSION }} +# distribution: ${{ env.JAVA_DISTRIBUTION }} +# - name: Cache Java dependencies +# uses: actions/cache@v3.3.2 +# with: +# path: | +# ~/.gradle/caches +# ~/.gradle/wrapper +# key: gradle-${{ hashFiles('*.gradle', 'gradle/dependency-locks/*') }} +# - name: Run style checks +# run: ./gradlew checkstyleMain checkstyleTest spotlessCheck --continue +# frontend-lint-and-build: +# runs-on: ubuntu-latest +# steps: +# - uses: actions/checkout@v4 +# - name: Use Node.js ${{ env.NODE_VERSION }} +# uses: actions/setup-node@v4.0.0 +# with: +# node-version: ${{ env.NODE_VERSION }} +# - name: Cache yarn +# uses: actions/cache@v3.3.2 +# with: +# path: ~/.cache/yarn +# key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} +# restore-keys: | +# ${{ runner.os }}-yarn- +# - name: Node setup +# working-directory: ./frontend +# run: yarn +# - name: Lint front-end +# working-directory: ./frontend +# run: yarn lint +# - name: Build release +# working-directory: ./frontend +# run: yarn build