Skip to content

Add ssl statuscake alerts #2211

Add ssl statuscake alerts

Add ssl statuscake alerts #2211

Workflow file for this run

name: Pull request build
on:
pull_request:
merge_group:
permissions:
checks: write
deployments: write
packages: write
pull-requests: write
jobs:
build:
name: Build & test
runs-on: ubuntu-latest
outputs:
run_crm_integration_tests: ${{ steps.check_changed_files.outputs.run_crm_integration_tests }}
services:
postgres:
image: postgres
env:
POSTGRES_PASSWORD: trs
POSTGRES_DB: trs
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: extractions/setup-just@v1
- name: Install tools
run: just install-tools
- name: Restore
run: dotnet restore
working-directory: TeachingRecordSystem
- name: Lint
run: |
git fetch origin main --quiet --depth=1
CHANGED_FILES=$(git diff --name-only origin/main $GITHUB_SHA | { grep -oP '^TeachingRecordSystem\/\K.*\.cs(proj)?$' || true; })
if [ "$CHANGED_FILES" == "" ]; then
echo "::notice::No changes to lint"
exit 0
fi
# If project files have changed then dependencies may have been updated, which may effect lint results (e.g. namespace imports);
# lint everything.
if [ $(echo "$CHANGED_FILES" | grep -c '\.csproj$') -gt 0 ]; then
INCLUDE_ARG=""
echo "::notice::Linting entire codebase"
else
INCLUDE_ARG="--include $(echo "$CHANGED_FILES" | grep '\.cs$' | tr '\n' ' ')"
echo "::notice::Linting changed files only"
fi
dotnet format --no-restore --verify-no-changes $INCLUDE_ARG
working-directory: TeachingRecordSystem
- name: Build
run: dotnet build --configuration Release --no-restore
working-directory: TeachingRecordSystem
- name: Check changed files
id: check_changed_files
run: |
# If no CRM integration files (or their tests) have been changed in this PR then skip CRM integration tests
RUN_CRM_INTEGRATION_TESTS=true
git fetch origin main --quiet --depth=1
CHANGED_FILES=$(git diff --name-only origin/main $GITHUB_SHA)
if [[ $(echo "$CHANGED_FILES" | grep -EL "TeachingRecordSystem.Core.Dqt") ]]; then
RUN_CRM_INTEGRATION_TESTS=false
fi
echo run_crm_integration_tests=$RUN_CRM_INTEGRATION_TESTS >> $GITHUB_OUTPUT
shell: bash
- name: Core tests
uses: ./.github/workflows/actions/test
with:
test_project_path: TeachingRecordSystem/tests/TeachingRecordSystem.Core.Tests
report_name: "Core test results"
dotnet_test_args: >-
--no-build
-e ConnectionStrings__DefaultConnection="Host=localhost;Username=postgres;Password=trs;Database=trs"
timeout-minutes: 5
- name: API tests
uses: ./.github/workflows/actions/test
with:
test_project_path: TeachingRecordSystem/tests/TeachingRecordSystem.Api.Tests
report_name: "API test results"
dotnet_test_args: >-
--no-build
-e ConnectionStrings__DefaultConnection="Host=localhost;Username=postgres;Password=trs;Database=trs"
timeout-minutes: 5
- name: Support UI tests
uses: ./.github/workflows/actions/test
with:
test_project_path: TeachingRecordSystem/tests/TeachingRecordSystem.SupportUi.Tests
report_name: "Support UI test results"
dotnet_test_args: >-
--no-build
-e ConnectionStrings__DefaultConnection="Host=localhost;Username=postgres;Password=trs;Database=trs"
timeout-minutes: 5
- name: Authorize access tests
uses: ./.github/workflows/actions/test
with:
test_project_path: TeachingRecordSystem/tests/TeachingRecordSystem.AuthorizeAccess.Tests
report_name: "Authorize access test results"
dotnet_test_args: >-
--no-build
-e ConnectionStrings__DefaultConnection="Host=localhost;Username=postgres;Password=trs;Database=trs"
timeout-minutes: 5
- name: Install Playwright
run: pwsh ./tests/TeachingRecordSystem.SupportUi.EndToEndTests/bin/Release/net8.0/playwright.ps1 install
working-directory: TeachingRecordSystem
- name: Support UI end-to-end tests
uses: ./.github/workflows/actions/test
with:
test_project_path: TeachingRecordSystem/tests/TeachingRecordSystem.SupportUi.EndToEndTests
report_name: "Support UI end-to-end test results"
dotnet_test_args: >-
--no-build
-e ConnectionStrings__DefaultConnection="Host=localhost;Username=postgres;Password=trs;Database=trs"
timeout-minutes: 5
- name: Authorize access end-to-end tests
uses: ./.github/workflows/actions/test
with:
test_project_path: TeachingRecordSystem/tests/TeachingRecordSystem.AuthorizeAccess.EndToEndTests
report_name: "Authorize access end-to-end test results"
dotnet_test_args: >-
--no-build
-e ConnectionStrings__DefaultConnection="Host=localhost;Username=postgres;Password=trs;Database=trs"
timeout-minutes: 5
validate_terraform:
name: Validate Terraform
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.5.0
- name: Check formatting
run: terraform fmt -check -diff
working-directory: terraform/aks
- name: Validate
run: |
terraform init -backend=false
terraform validate -no-color
working-directory: terraform/aks
- name: Lint
uses: reviewdog/action-tflint@master
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
tflint_rulesets: azurerm
working_directory: terraform/aks
continue-on-error: true # temporary- we're getting sporadic 503 errors here in action setup
dqt_tests:
name: DQT integration tests
runs-on: ubuntu-latest
needs: [build]
if: ${{ needs.build.outputs.run_crm_integration_tests == 'true' }}
concurrency: dqt-tests
env:
MSSQL_DB: dqtreports
MSSQL_PASSWORD: SuperS3cretPassw0rd
services:
postgres:
image: postgres
env:
POSTGRES_PASSWORD: trs
POSTGRES_DB: trs
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
mssql:
image: mcr.microsoft.com/mssql/server:2022-latest
env:
ACCEPT_EULA: Y
SA_PASSWORD: ${{ env.MSSQL_PASSWORD }}
ports:
- 1433:1433
options: >-
--health-cmd "/opt/mssql-tools/bin/sqlcmd -U sa -P $SA_PASSWORD -Q 'select 1' -b -o /dev/null"
--health-interval 60s
--health-timeout 30s
--health-start-period 20s
--health-retries 3
steps:
- uses: actions/checkout@v4
- uses: extractions/setup-just@v1
- uses: Azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- uses: Azure/get-keyvault-secrets@v1
name: Get secrets
id: get_secrets
with:
keyvault: s165d01-dqtapi-dv-kv
secrets: INTEGRATION-TEST-CONFIG
- name: Install tools
run: just install-tools
- name: Create test reporting database
run: docker exec $(docker ps --latest --quiet) /opt/mssql-tools/bin/sqlcmd -U "sa" -P "$MSSQL_PASSWORD" -Q "create database $MSSQL_DB; alter database $MSSQL_DB set ALLOW_SNAPSHOT_ISOLATION on;"
- name: Get test filter
id: test_filter
run: |
# If no DataverseAdapter files (or their tests) have been changed in this PR then filter out related tests
DOTNET_TEST_FILTER=""
git fetch origin main --quiet --depth=1
CHANGED_FILES=$(git diff --name-only origin/main $GITHUB_SHA)
if [[ $(echo "$CHANGED_FILES" | grep -EL "DataverseAdapter") ]]; then
echo "::notice::Skipping DataverseAdapter tests"
DOTNET_TEST_FILTER='--filter "FullyQualifiedName!~TeachingRecordSystem.Core.Dqt.CrmIntegrationTests.DataverseAdapterTests"'
fi
echo filter_arg=$DOTNET_TEST_FILTER >> $GITHUB_OUTPUT
- name: Run tests
uses: ./.github/workflows/actions/test
with:
test_project_path: TeachingRecordSystem/tests/TeachingRecordSystem.Core.Dqt.CrmIntegrationTests
report_name: "DQT integration test results"
dotnet_test_args: >-
-e DqtReporting__ReportingDbConnectionString="Data Source=(local); Initial Catalog=${{ env.MSSQL_DB }}; User=sa; Password=${{ env.MSSQL_PASSWORD }}; TrustServerCertificate=True"
-e ConnectionStrings__DefaultConnection="Host=localhost;Username=postgres;Password=trs;Database=trs"
${{ steps.test_filter.outputs.filter_arg }}
config_json: ${{ steps.get_secrets.outputs.INTEGRATION-TEST-CONFIG }}
timeout-minutes: 45
package:
name: Package application
uses: ./.github/workflows/package.yml
secrets: inherit
deploy_dev:
name: Deploy dev environment
needs: [build, validate_terraform, package]
uses: ./.github/workflows/deploy-dev.yml
with:
docker_image: ${{ needs.package.outputs.docker_image }}
secrets: inherit