Skip to content

Merge pull request #1000 from DFE-Digital/feature/157115-no-trust-spo… #448

Merge pull request #1000 from DFE-Digital/feature/157115-no-trust-spo…

Merge pull request #1000 from DFE-Digital/feature/157115-no-trust-spo… #448

name: Deploy to environment
on:
push:
branches:
- main
workflow_dispatch:
inputs:
environment:
type: environment
description: "Choose an environment to deploy to"
required: true
concurrency:
group: ${{ github.workflow }}-${{ github.event.inputs.environment }}
env:
DOCKER_IMAGE: a2bint-app
NODE_VERSION: 18.x
jobs:
set-env:
name: Determine environment
runs-on: ubuntu-22.04
outputs:
environment: ${{ steps.var.outputs.environment }}
branch: ${{ steps.var.outputs.branch }}
release: ${{ steps.var.outputs.release }}
checked-out-sha: ${{ steps.var.outputs.checked-out-sha }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref }}
- id: var
run: |
GIT_REF=${{ github.ref }}
GIT_BRANCH=${GIT_REF##*/}
INPUT=${{ github.event.inputs.environment }}
ENVIRONMENT=${INPUT:-"dev"}
RELEASE=${ENVIRONMENT,,}-`date +%Y-%m-%d`.${{ github.run_number }}
CHECKED_OUT_SHA="$(git log -1 '--format=format:%H')"
echo "environment=${ENVIRONMENT,,}" >> $GITHUB_OUTPUT
echo "branch=$GIT_BRANCH" >> $GITHUB_OUTPUT
echo "release=${RELEASE}" >> $GITHUB_OUTPUT
echo "checked-out-sha=${CHECKED_OUT_SHA}" >> $GITHUB_OUTPUT
build-and-push-image:
name: Build and push to ACR
needs: set-env
runs-on: ubuntu-22.04
environment: ${{ needs.set-env.outputs.environment }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref }}
- name: Azure Container Registry login
uses: docker/login-action@v2
with:
username: ${{ secrets.AZURE_ACR_CLIENTID }}
password: ${{ secrets.AZURE_ACR_SECRET }}
registry: ${{ secrets.AZURE_ACR_URL }}
- name: Build and push docker image
uses: docker/build-push-action@v5
with:
context: .
file: Dockerfile
build-args: COMMIT_SHA=${{ needs.set-env.outputs.checked-out-sha }}
secrets: github_token=${{ secrets.GITHUB_TOKEN }}
tags: |
${{ secrets.AZURE_ACR_URL }}/${{ env.DOCKER_IMAGE }}:${{ needs.set-env.outputs.branch }}
${{ secrets.AZURE_ACR_URL }}/${{ env.DOCKER_IMAGE }}:${{ needs.set-env.outputs.release }}
${{ secrets.AZURE_ACR_URL }}/${{ env.DOCKER_IMAGE }}:sha-${{ needs.set-env.outputs.checked-out-sha }}
${{ secrets.AZURE_ACR_URL }}/${{ env.DOCKER_IMAGE }}:latest
push: true
create-tag:
name: Tag and release
needs: set-env
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref }}
- name: Create tag
run: |
git tag ${{ needs.set-env.outputs.release }}
git push origin ${{ needs.set-env.outputs.release }}
- name: Create release
uses: "actions/github-script@v7"
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
script: |
try {
await github.rest.repos.createRelease({
draft: ${{ needs.set-env.outputs.environment == 'staging' }},
generate_release_notes: true,
name: "${{ needs.set-env.outputs.release }}",
owner: context.repo.owner,
prerelease: ${{ needs.set-env.outputs.environment == 'staging' }},
repo: context.repo.repo,
tag_name: "${{ needs.set-env.outputs.release }}",
});
} catch (error) {
core.setFailed(error.message);
}
deploy-image:
name: Deploy to ${{ needs.set-env.outputs.environment }} (${{ needs.set-env.outputs.release }})
needs: [ build-and-push-image, set-env ]
runs-on: ubuntu-22.04
environment: ${{ needs.set-env.outputs.environment }}
steps:
- name: Azure login with ACA credentials
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_ACA_CREDENTIALS }}
- name: Update Azure Container Apps Revision
uses: azure/CLI@v1
id: azure
with:
azcliversion: 2.45.0
inlineScript: |
az config set extension.use_dynamic_install=yes_without_prompt
az containerapp update \
--name ${{ secrets.AZURE_ACA_NAME }} \
--resource-group ${{ secrets.AZURE_ACA_RESOURCE_GROUP }} \
--image ${{ secrets.AZURE_ACR_URL }}/${{ env.DOCKER_IMAGE }}:${{ needs.set-env.outputs.release }} \
--output none
cypress-tests:
name: Run Cypress Tests
if: needs.set-env.outputs.environment == 'staging' || needs.set-env.outputs.environment == 'dev'
needs: [ deploy-image, set-env ]
runs-on: ubuntu-22.04
environment: ${{ needs.set-env.outputs.environment }}
defaults:
run:
working-directory: Dfe.PrepareConversions/Dfe.PrepareConversions.CypressTests
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref }}
- name: Setup node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
- name: Npm install
run: npm install
- name: Run cypress (staging)
if: needs.set-env.outputs.environment == 'staging'
run: npm run cy:run -- --env url='${{ secrets.AZURE_ENDPOINT }}',grep='-dao',cypressTestSecret='${{ secrets.CYPRESS_TEST_SECRET }}, academisationApiUrl=${{secrets.CYPRESS_ACADEMISATION_API_URL}}, academisationApiKey=${{ secrets.CYPRESS_ACADEMISATION_API_KEY}}'
env:
db: ${{ secrets.DB_CONNECTION_STRING }}
- name: Run cypress (dev)
if: needs.set-env.outputs.environment == 'dev'
run: npm run cy:run -- --env url='${{ secrets.AZURE_ENDPOINT }}',cypressTestSecret='${{ secrets.CYPRESS_TEST_SECRET }}, academisationApiUrl=${{secrets.CYPRESS_ACADEMISATION_API_URL}}, academisationApiKey=${{ secrets.CYPRESS_ACADEMISATION_API_KEY}}'
env:
db: ${{ secrets.DB_CONNECTION_STRING }}
- name: Upload screenshots
if: ${{ failure() }}
uses: actions/upload-artifact@v4
with:
name: screenshots-${{ needs.set-env.outputs.environment }}
path: Dfe.PrepareConversions/Dfe.PrepareConversions.CypressTests/cypress/screenshots
- name: Generate report
if: always()
run: |
mkdir mochareports
npm run generate:html:report
- name: Upload report
if: always()
uses: actions/upload-artifact@v4
with:
name: reports-${{ needs.set-env.outputs.environment }}
path: Dfe.PrepareConversions/Dfe.PrepareConversions.CypressTests/mochareports
- name: Report results
if: always()
run: npm run cy:notify -- --custom-text="Environment ${{ needs.set-env.outputs.environment }}, See more information https://github.com/DFE-Digital/prepare-academy-conversions/actions/runs/${{github.run_id}}"
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}