.github/workflows/dev.yml

# This is a basic workflow to help you get started with Actions

name: Dev Deploy

# Controls when the workflow will run
on:
  # Triggers the workflow on push or pull request events but only for the develop branch
  push:
    branches: [develop]

  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:

# Set default working directory for all jobs to /app
defaults:
  run:
    working-directory: ./app

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
  build:
    # The type of runner that the job will run on
    runs-on: ubuntu-latest
    environment: dev

    # Set environment variables
    env:
      APP_NAME: csb-dev
      CLOUD_SPACE: dev
      CF_ORG: epa-avert
      CF_SPACE: csb-dev
      CF_USER_DEV: ${{ secrets.CF_USER_DEV }}
      CF_PASSWORD_DEV: ${{ secrets.CF_PASSWORD_DEV }}
      SERVER_URL: https://app-dev.app.cloud.gov/csb
      SERVER_BASE_PATH: /csb
      SAML_LOGIN_URL: ${{ secrets.SAML_LOGIN_URL }}
      SAML_LOGOUT_URL: ${{ secrets.SAML_LOGOUT_URL }}
      SAML_ENTITY_ID: ${{ secrets.SAML_ENTITY_ID }}
      SAML_IDP_CERT: ${{ secrets.SAML_IDP_CERT }}
      SAML_PUBLIC_KEY: ${{ secrets.SAML_PUBLIC_KEY }}
      # SAML_PRIVATE_KEY: ${{ secrets.SAML_PRIVATE_KEY }}
      JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }}
      JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }}
      CSB_REBATE_YEAR: 2024
      CSB_2022_FRF_OPEN: true
      CSB_2022_PRF_OPEN: true
      CSB_2022_CRF_OPEN: true
      CSB_2023_FRF_OPEN: true
      CSB_2023_PRF_OPEN: true
      CSB_2023_CRF_OPEN: true
      CSB_2024_FRF_OPEN: true
      CSB_2024_PRF_OPEN: true
      CSB_2024_CRF_OPEN: true
      FORMIO_2022_FRF_PATH: ${{ secrets.FORMIO_2022_FRF_PATH }}
      FORMIO_2022_PRF_PATH: ${{ secrets.FORMIO_2022_PRF_PATH }}
      FORMIO_2022_CRF_PATH: ${{ secrets.FORMIO_2022_CRF_PATH }}
      FORMIO_2023_FRF_PATH: ${{ secrets.FORMIO_2023_FRF_PATH }}
      FORMIO_2023_PRF_PATH: ${{ secrets.FORMIO_2023_PRF_PATH }}
      FORMIO_2023_CRF_PATH: ${{ secrets.FORMIO_2023_CRF_PATH }}
      FORMIO_2023_CHANGE_PATH: ${{ secrets.FORMIO_2023_CHANGE_PATH }}
      FORMIO_2024_FRF_PATH: ${{ secrets.FORMIO_2024_FRF_PATH }}
      FORMIO_2024_PRF_PATH: ${{ secrets.FORMIO_2024_PRF_PATH }}
      FORMIO_2024_CRF_PATH: ${{ secrets.FORMIO_2024_CRF_PATH }}
      FORMIO_2024_CHANGE_PATH: ${{ secrets.FORMIO_2024_CHANGE_PATH }}
      FORMIO_BASE_URL: ${{ secrets.FORMIO_BASE_URL }}
      FORMIO_PROJECT_NAME: ${{ secrets.FORMIO_PROJECT_NAME }}
      FORMIO_API_KEY: ${{ secrets.FORMIO_API_KEY }}
      FORMIO_PKG_AUTH_TOKEN: ${{ secrets.FORMIO_PKG_AUTH_TOKEN }}
      BAP_CLIENT_ID: ${{ secrets.BAP_CLIENT_ID }}
      BAP_CLIENT_SECRET: ${{ secrets.BAP_CLIENT_SECRET }}
      BAP_URL: ${{ secrets.BAP_URL }}
      BAP_USER: ${{ secrets.BAP_USER }}
      BAP_PASSWORD: ${{ secrets.BAP_PASSWORD }}
      AWS_ACCESS_KEY_ID: ${{ secrets.S3_PUBLIC_ACCESS_KEY_ID }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.S3_PUBLIC_SECRET_ACCESS_KEY }}
      AWS_DEFAULT_REGION: ${{ secrets.S3_PUBLIC_REGION }}
      S3_PUBLIC_BUCKET: ${{ secrets.S3_PUBLIC_BUCKET }}

    # Steps represent a sequence of tasks that will be executed as part of the job
    steps:
      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
      - uses: actions/checkout@v4

      # Set up node and npm
      - uses: actions/setup-node@master

      # Run front-end processes (install, lint, test, bundle)
      - name: Cache node modules
        uses: actions/cache@v4
        with:
          path: ~/client/.npm
          key: v1-npm-client-deps-${{ hashFiles('**/client/package-lock.json') }}
          restore-keys: v1-npm-client-deps-

      - name: Add Formio private package repo auth token
        run: echo "//pkg.form.io/:_authToken=${FORMIO_PKG_AUTH_TOKEN}" > .npmrc
        working-directory: app/client

      - name: Install client app dependencies
        run: npm install
        working-directory: app/client

      - name: Build client app and move files to server app
        run: |
          VITE_SERVER_BASE_PATH="$SERVER_BASE_PATH" \
            VITE_CLOUD_SPACE="$CLOUD_SPACE" \
            VITE_FORMIO_BASE_URL="$FORMIO_BASE_URL" \
            VITE_FORMIO_PROJECT_NAME="$FORMIO_PROJECT_NAME" \
            npm run build
          rm ../server/app/public/index.html
          cd build
          mv * ../../server/app/public
        working-directory: app/client

      # Run CloudFoundry/Cloud.gov deployment
      - name: Set up Cloud Foundry CLI
        run: |
          curl -v -L -o cf-cli_amd64.deb 'https://cli.run.pivotal.io/stable?release=debian64&version=v7&source=github'
          sudo dpkg -i cf-cli_amd64.deb
          cf -v
          cf api https://api.fr.cloud.gov
          cf auth "$CF_USER_DEV" "$CF_PASSWORD_DEV"
          cf target -o "$CF_ORG" -s "$CF_SPACE"

      - name: Set application level variables
        run: |
          cf set-env $APP_NAME "CLOUD_SPACE" "$CLOUD_SPACE" > /dev/null
          cf set-env $APP_NAME "SERVER_URL" "$SERVER_URL" > /dev/null
          cf set-env $APP_NAME "SERVER_BASE_PATH" "$SERVER_BASE_PATH" > /dev/null
          cf set-env $APP_NAME "SAML_LOGIN_URL" "$SAML_LOGIN_URL" > /dev/null
          cf set-env $APP_NAME "SAML_LOGOUT_URL" "$SAML_LOGOUT_URL" > /dev/null
          cf set-env $APP_NAME "SAML_ENTITY_ID" "$SAML_ENTITY_ID" > /dev/null
          cf set-env $APP_NAME "SAML_IDP_CERT" "$SAML_IDP_CERT" > /dev/null
          cf set-env $APP_NAME "SAML_PUBLIC_KEY" "$SAML_PUBLIC_KEY" > /dev/null
          # cf set-env $APP_NAME "SAML_PRIVATE_KEY" "$SAML_PRIVATE_KEY" > /dev/null
          cf set-env $APP_NAME "JWT_PUBLIC_KEY" "$JWT_PUBLIC_KEY" > /dev/null
          cf set-env $APP_NAME "JWT_PRIVATE_KEY" "$JWT_PRIVATE_KEY" > /dev/null
          cf set-env $APP_NAME "CSB_REBATE_YEAR" "$CSB_REBATE_YEAR" > /dev/null
          cf set-env $APP_NAME "CSB_2022_FRF_OPEN" "$CSB_2022_FRF_OPEN" > /dev/null
          cf set-env $APP_NAME "CSB_2022_PRF_OPEN" "$CSB_2022_PRF_OPEN" > /dev/null
          cf set-env $APP_NAME "CSB_2022_CRF_OPEN" "$CSB_2022_CRF_OPEN" > /dev/null
          cf set-env $APP_NAME "CSB_2023_FRF_OPEN" "$CSB_2023_FRF_OPEN" > /dev/null
          cf set-env $APP_NAME "CSB_2023_PRF_OPEN" "$CSB_2023_PRF_OPEN" > /dev/null
          cf set-env $APP_NAME "CSB_2023_CRF_OPEN" "$CSB_2023_CRF_OPEN" > /dev/null
          cf set-env $APP_NAME "CSB_2024_FRF_OPEN" "$CSB_2024_FRF_OPEN" > /dev/null
          cf set-env $APP_NAME "CSB_2024_PRF_OPEN" "$CSB_2024_PRF_OPEN" > /dev/null
          cf set-env $APP_NAME "CSB_2024_CRF_OPEN" "$CSB_2024_CRF_OPEN" > /dev/null
          cf set-env $APP_NAME "FORMIO_2022_FRF_PATH" "$FORMIO_2022_FRF_PATH" > /dev/null
          cf set-env $APP_NAME "FORMIO_2022_PRF_PATH" "$FORMIO_2022_PRF_PATH" > /dev/null
          cf set-env $APP_NAME "FORMIO_2022_CRF_PATH" "$FORMIO_2022_CRF_PATH" > /dev/null
          cf set-env $APP_NAME "FORMIO_2023_FRF_PATH" "$FORMIO_2023_FRF_PATH" > /dev/null
          cf set-env $APP_NAME "FORMIO_2023_PRF_PATH" "$FORMIO_2023_PRF_PATH" > /dev/null
          cf set-env $APP_NAME "FORMIO_2023_CRF_PATH" "$FORMIO_2023_CRF_PATH" > /dev/null
          cf set-env $APP_NAME "FORMIO_2023_CHANGE_PATH" "$FORMIO_2023_CHANGE_PATH" > /dev/null
          cf set-env $APP_NAME "FORMIO_2024_FRF_PATH" "$FORMIO_2024_FRF_PATH" > /dev/null
          cf set-env $APP_NAME "FORMIO_2024_PRF_PATH" "$FORMIO_2024_PRF_PATH" > /dev/null
          cf set-env $APP_NAME "FORMIO_2024_CRF_PATH" "$FORMIO_2024_CRF_PATH" > /dev/null
          cf set-env $APP_NAME "FORMIO_2024_CHANGE_PATH" "$FORMIO_2024_CHANGE_PATH" > /dev/null
          cf set-env $APP_NAME "FORMIO_BASE_URL" "$FORMIO_BASE_URL" > /dev/null
          cf set-env $APP_NAME "FORMIO_PROJECT_NAME" "$FORMIO_PROJECT_NAME" > /dev/null
          cf set-env $APP_NAME "FORMIO_API_KEY" "$FORMIO_API_KEY" > /dev/null
          cf set-env $APP_NAME "BAP_CLIENT_ID" "$BAP_CLIENT_ID" > /dev/null
          cf set-env $APP_NAME "BAP_CLIENT_SECRET" "$BAP_CLIENT_SECRET" > /dev/null
          cf set-env $APP_NAME "BAP_URL" "$BAP_URL" > /dev/null
          cf set-env $APP_NAME "BAP_USER" "$BAP_USER" > /dev/null
          cf set-env $APP_NAME "BAP_PASSWORD" "$BAP_PASSWORD" > /dev/null
          cf set-env $APP_NAME "S3_PUBLIC_BUCKET" "$S3_PUBLIC_BUCKET" > /dev/null
          cf set-env $APP_NAME "S3_PUBLIC_REGION" "$AWS_DEFAULT_REGION" > /dev/null

      # Sync static content to public S3 bucket
      - name: Sync static content to S3
        run: aws s3 sync . s3://$S3_PUBLIC_BUCKET/content
        working-directory: app/server/app/content

      # Set CORS configuration for public S3 bucket
      - name: Set S3 CORS configuration
        run: aws s3api put-bucket-cors --bucket $S3_PUBLIC_BUCKET --cors-configuration file://s3CORS.json
        working-directory: app/server/app/config

      # Now that client is built and included in server app, only push server app to Cloud.gov
      - name: Deploy application to Cloud.gov
        run: cf push $APP_NAME --strategy rolling -f ../manifest-dev.yml -p . -t 180
        working-directory: app/server