Skip to content

Merge pull request #376 from USEPA/develop #58

Merge pull request #376 from USEPA/develop

Merge pull request #376 from USEPA/develop #58

Workflow file for this run

# This is a basic workflow to help you get started with Actions
name: Staging Deploy
# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the staging branch
push:
branches: [staging]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# Set default working directory for all jobs to /app
defaults:
run:
working-directory: ./app
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
environment: staging
# Set environment variables
env:
APP_NAME: csb-staging
CLOUD_SPACE: staging
CF_ORG: epa-avert
CF_SPACE: csb-staging
CF_USER_STAGING: ${{ secrets.CF_USER_STAGING }}
CF_PASSWORD_STAGING: ${{ secrets.CF_PASSWORD_STAGING }}
SERVER_URL: https://app-stage.app.cloud.gov/csb
SERVER_BASE_PATH: /csb
SAML_LOGIN_URL: ${{ secrets.SAML_LOGIN_URL }}
SAML_LOGOUT_URL: ${{ secrets.SAML_LOGOUT_URL }}
SAML_ENTITY_ID: ${{ secrets.SAML_ENTITY_ID }}
SAML_IDP_CERT: ${{ secrets.SAML_IDP_CERT }}
SAML_PUBLIC_KEY: ${{ secrets.SAML_PUBLIC_KEY }}
SAML_PRIVATE_KEY: ${{ secrets.SAML_PRIVATE_KEY }}
JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }}
JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }}
CSB_2022_FRF_OPEN: true
CSB_2022_PRF_OPEN: true
CSB_2022_CRF_OPEN: true
CSB_2023_FRF_OPEN: true
CSB_2023_PRF_OPEN: true
CSB_2023_CRF_OPEN: true
FORMIO_2022_FRF_PATH: ${{ secrets.FORMIO_2022_FRF_PATH }}
FORMIO_2022_PRF_PATH: ${{ secrets.FORMIO_2022_PRF_PATH }}
FORMIO_2022_CRF_PATH: ${{ secrets.FORMIO_2022_CRF_PATH }}
FORMIO_2023_FRF_PATH: ${{ secrets.FORMIO_2023_FRF_PATH }}
FORMIO_2023_PRF_PATH: ${{ secrets.FORMIO_2023_PRF_PATH }}
FORMIO_2023_CRF_PATH: ${{ secrets.FORMIO_2023_CRF_PATH }}
FORMIO_BASE_URL: ${{ secrets.FORMIO_BASE_URL }}
FORMIO_PROJECT_NAME: ${{ secrets.FORMIO_PROJECT_NAME }}
FORMIO_API_KEY: ${{ secrets.FORMIO_API_KEY }}
FORMIO_NCES_API_KEY: ${{ secrets.FORMIO_NCES_API_KEY }}
FORMIO_PKG_AUTH_TOKEN: ${{ secrets.FORMIO_PKG_AUTH_TOKEN }}
BAP_CLIENT_ID: ${{ secrets.BAP_CLIENT_ID }}
BAP_CLIENT_SECRET: ${{ secrets.BAP_CLIENT_SECRET }}
BAP_URL: ${{ secrets.BAP_URL }}
BAP_USER: ${{ secrets.BAP_USER }}
BAP_PASSWORD: ${{ secrets.BAP_PASSWORD }}
BAP_SAM_TABLE: ${{ secrets.BAP_SAM_TABLE }}
BAP_FORMS_TABLE: ${{ secrets.BAP_FORMS_TABLE }}
BAP_BUS_TABLE: ${{ secrets.BAP_BUS_TABLE }}
AWS_ACCESS_KEY_ID: ${{ secrets.S3_PUBLIC_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.S3_PUBLIC_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: ${{ secrets.S3_PUBLIC_REGION }}
S3_PUBLIC_BUCKET: ${{ secrets.S3_PUBLIC_BUCKET }}
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
# Set up node and npm
- uses: actions/setup-node@master
# Run front-end processes (install, lint, test, bundle)
- name: Cache node modules
uses: actions/cache@v3
with:
path: ~/client/.npm
key: v1-npm-client-deps-${{ hashFiles('**/client/package-lock.json') }}
restore-keys: v1-npm-client-deps-
- name: Add Formio private package repo auth token
run: echo "//pkg.form.io/:_authToken=${FORMIO_PKG_AUTH_TOKEN}" > .npmrc
working-directory: app/client
- name: Install front-end dependencies
run: npm install
working-directory: app/client
- name: Build front-end files and move to server
run: |
VITE_SERVER_BASE_PATH="$SERVER_BASE_PATH" \
VITE_CLOUD_SPACE="$CLOUD_SPACE" \
VITE_FORMIO_BASE_URL="$FORMIO_BASE_URL" \
VITE_FORMIO_PROJECT_NAME="$FORMIO_PROJECT_NAME" \
npm run build
rm ../server/app/public/index.html
cd build
mv * ../../server/app/public
working-directory: app/client
# Run CloudFoundry/Cloud.gov deployment
- name: Set up Cloud Foundry CLI
run: |
curl -v -L -o cf-cli_amd64.deb 'https://cli.run.pivotal.io/stable?release=debian64&version=v7&source=github'
sudo dpkg -i cf-cli_amd64.deb
cf -v
cf api https://api.fr.cloud.gov
cf auth "$CF_USER_STAGING" "$CF_PASSWORD_STAGING"
cf target -o "$CF_ORG" -s "$CF_SPACE"
- name: Set application-level variables
run: |
cf set-env $APP_NAME "CLOUD_SPACE" "$CLOUD_SPACE" > /dev/null
cf set-env $APP_NAME "SERVER_URL" "$SERVER_URL" > /dev/null
cf set-env $APP_NAME "SERVER_BASE_PATH" "$SERVER_BASE_PATH" > /dev/null
cf set-env $APP_NAME "SAML_LOGIN_URL" "$SAML_LOGIN_URL" > /dev/null
cf set-env $APP_NAME "SAML_LOGOUT_URL" "$SAML_LOGOUT_URL" > /dev/null
cf set-env $APP_NAME "SAML_ENTITY_ID" "$SAML_ENTITY_ID" > /dev/null
cf set-env $APP_NAME "SAML_IDP_CERT" "$SAML_IDP_CERT" > /dev/null
cf set-env $APP_NAME "SAML_PUBLIC_KEY" "$SAML_PUBLIC_KEY" > /dev/null
cf set-env $APP_NAME "SAML_PRIVATE_KEY" "$SAML_PRIVATE_KEY" > /dev/null
cf set-env $APP_NAME "JWT_PUBLIC_KEY" "$JWT_PUBLIC_KEY" > /dev/null
cf set-env $APP_NAME "JWT_PRIVATE_KEY" "$JWT_PRIVATE_KEY" > /dev/null
cf set-env $APP_NAME "CSB_2022_FRF_OPEN" "$CSB_2022_FRF_OPEN" > /dev/null
cf set-env $APP_NAME "CSB_2022_PRF_OPEN" "$CSB_2022_PRF_OPEN" > /dev/null
cf set-env $APP_NAME "CSB_2022_CRF_OPEN" "$CSB_2022_CRF_OPEN" > /dev/null
cf set-env $APP_NAME "CSB_2023_FRF_OPEN" "$CSB_2023_FRF_OPEN" > /dev/null
cf set-env $APP_NAME "CSB_2023_PRF_OPEN" "$CSB_2023_PRF_OPEN" > /dev/null
cf set-env $APP_NAME "CSB_2023_CRF_OPEN" "$CSB_2023_CRF_OPEN" > /dev/null
cf set-env $APP_NAME "FORMIO_2022_FRF_PATH" "$FORMIO_2022_FRF_PATH" > /dev/null
cf set-env $APP_NAME "FORMIO_2022_PRF_PATH" "$FORMIO_2022_PRF_PATH" > /dev/null
cf set-env $APP_NAME "FORMIO_2022_CRF_PATH" "$FORMIO_2022_CRF_PATH" > /dev/null
cf set-env $APP_NAME "FORMIO_2023_FRF_PATH" "$FORMIO_2023_FRF_PATH" > /dev/null
cf set-env $APP_NAME "FORMIO_2023_PRF_PATH" "$FORMIO_2023_PRF_PATH" > /dev/null
cf set-env $APP_NAME "FORMIO_2023_CRF_PATH" "$FORMIO_2023_CRF_PATH" > /dev/null
cf set-env $APP_NAME "FORMIO_BASE_URL" "$FORMIO_BASE_URL" > /dev/null
cf set-env $APP_NAME "FORMIO_PROJECT_NAME" "$FORMIO_PROJECT_NAME" > /dev/null
cf set-env $APP_NAME "FORMIO_API_KEY" "$FORMIO_API_KEY" > /dev/null
cf set-env $APP_NAME "FORMIO_NCES_API_KEY" "$FORMIO_NCES_API_KEY" > /dev/null
cf set-env $APP_NAME "BAP_CLIENT_ID" "$BAP_CLIENT_ID" > /dev/null
cf set-env $APP_NAME "BAP_CLIENT_SECRET" "$BAP_CLIENT_SECRET" > /dev/null
cf set-env $APP_NAME "BAP_URL" "$BAP_URL" > /dev/null
cf set-env $APP_NAME "BAP_USER" "$BAP_USER" > /dev/null
cf set-env $APP_NAME "BAP_PASSWORD" "$BAP_PASSWORD" > /dev/null
cf set-env $APP_NAME "BAP_SAM_TABLE" "$BAP_SAM_TABLE" > /dev/null
cf set-env $APP_NAME "BAP_FORMS_TABLE" "$BAP_FORMS_TABLE" > /dev/null
cf set-env $APP_NAME "BAP_BUS_TABLE" "$BAP_BUS_TABLE" > /dev/null
cf set-env $APP_NAME "S3_PUBLIC_BUCKET" "$S3_PUBLIC_BUCKET" > /dev/null
cf set-env $APP_NAME "S3_PUBLIC_REGION" "$AWS_DEFAULT_REGION" > /dev/null
# Sync static content to public S3 bucket
- name: Sync static content to S3
run: aws s3 sync . s3://$S3_PUBLIC_BUCKET/content
working-directory: app/server/app/content
# Set CORS configuration for public S3 bucket
- name: Set S3 CORS configuration
run: aws s3api put-bucket-cors --bucket $S3_PUBLIC_BUCKET --cors-configuration file://s3CORS.json
working-directory: app/server/app/config
# Now that front-end is built in server/dist, only push server dir to Cloud.gov
- name: Deploy application to Cloud.gov
run: cf push $APP_NAME --strategy rolling -f ../manifest-staging.yml -p . -t 180
working-directory: app/server