MCR-3988 Update the Dates in Documents Table to use Contract data (#2… #1753
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Promote | |
on: | |
push: | |
branches: | |
- 'main' | |
jobs: | |
unit-tests: | |
name: test - unit tests | |
runs-on: ubuntu-20.04 | |
outputs: | |
app-version: ${{ steps.branch-name.outputs.app-version}} | |
changed-services: "[ | |
'app-api', | |
'app-web', | |
'postgres', | |
'storybook', | |
'ui-auth', | |
'ui', | |
'uploads', | |
'run-migrations', | |
'prisma-layer', | |
'infra-api', | |
'github-oidc' | |
]" | |
services: | |
postgres: | |
image: postgres:13.3 | |
env: | |
REACT_APP_AUTH_MODE: IDM | |
POSTGRES_PASSWORD: shhhsecret #pragma: allowlist secret | |
# Set health checks to wait until postgres has started | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
ports: | |
- 5432:5432 | |
steps: | |
- name: Check out repository | |
uses: actions/checkout@v4 | |
- name: lock this branch to prevent concurrent builds | |
run: ./.github/github-lock.sh | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: set app version | |
id: app-version | |
shell: bash | |
run: echo "::set-output name=app-version::$(scripts/app_version.sh)" | |
- name: Setup env | |
uses: ./.github/actions/setup_env | |
- name: Unit Tests | |
env: | |
REACT_APP_AUTH_MODE: IDM | |
DATABASE_URL: postgresql://postgres:shhhsecret@localhost:5432/postgres?schema=public&connection_limit=5 #pragma: allowlist secret | |
NODE_OPTIONS: --max_old_space_size=6000 | |
run: ./dev test --unit | |
- name: publish code coverage | |
uses: paambaati/[email protected] | |
continue-on-error: true | |
env: | |
CC_TEST_REPORTER_ID: f7474ffe9522492f5380eb86189480f352c841718c1fe6a63f169353c7cee243 | |
with: | |
debug: true | |
coverageLocations: | | |
${{github.workspace}}/services/app-api/coverage/lcov.info:lcov | |
${{github.workspace}}/services/app-web/coverage/lcov.info:lcov | |
build-prisma-client-lambda-layer: | |
name: build - postgres prisma layer | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Check out repository | |
uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
- name: Get yarn cache directory path | |
shell: bash | |
id: yarn-cache-dir-path | |
run: echo "::set-output name=dir::$(yarn cache dir)" | |
- name: Install packages | |
working-directory: services/app-api | |
run: PRISMA_CLI_BINARY_TARGETS=rhel-openssl-1.0.x yarn install --prefer-offline --frozen-lockfile --cache-folder ${{ steps.yarn-cache-dir-path.outputs.dir }} | |
- name: Generate protos | |
run: npx lerna run generate --scope=app-proto | |
# Generate Prisma Client and binary that can run in a lambda environment | |
- name: Prepare prisma client | |
working-directory: services/app-api | |
run: PRISMA_CLI_BINARY_TARGETS=rhel-openssl-1.0.x yarn prisma generate | |
- name: Prepare "@prisma/client" lambda layer | |
working-directory: services/app-api | |
run: ./scripts/prepare-prisma-layer.sh | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: lambda-layers-prisma-client-migration | |
path: ./services/app-api/lambda-layers-prisma-client-migration | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: lambda-layers-prisma-client-engine | |
path: ./services/app-api/lambda-layers-prisma-client-engine | |
build-clamav-layer: | |
name: build - clamav layer | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Check out repository | |
uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: yarn | |
- name: Prepare ClamAV layer | |
working-directory: services/uploads/src/avLayer | |
run: ./dockerbuild.sh | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: lambda-layers-clamav | |
path: ./services/uploads/src/avLayer/build/lambda_layer.zip | |
promote-infra-dev: | |
needs: [build-prisma-client-lambda-layer, build-clamav-layer, unit-tests] | |
uses: Enterprise-CMCS/managed-care-review/.github/workflows/deploy-infra-to-env.yml@main | |
with: | |
environment: dev | |
stage_name: main | |
changed_services: ${{ needs.unit-tests.outputs.changed-services}} | |
aws_default_region: ${{ vars.AWS_DEFAULT_REGION }} | |
secrets: | |
aws_account_id: ${{ secrets.DEV_AWS_ACCOUNT_ID }} | |
nr_license_key: ${{ secrets.NR_LICENSE_KEY }} | |
slack_webhook_url: ${{ secrets.SLACK_WEBHOOK }} | |
promote-app-dev: | |
needs: [promote-infra-dev, build-prisma-client-lambda-layer, unit-tests] | |
uses: Enterprise-CMCS/managed-care-review/.github/workflows/deploy-app-to-env.yml@main | |
with: | |
environment: dev | |
stage_name: main | |
app_version: ${{ needs.unit-tests.outputs.app-version }} | |
changed_services: ${{ needs.unit-tests.outputs.changed-services}} | |
aws_default_region: ${{ vars.AWS_DEFAULT_REGION }} | |
secrets: | |
aws_account_id: ${{ secrets.DEV_AWS_ACCOUNT_ID }} | |
react_app_auth_mode: IDM | |
nr_license_key: ${{ secrets.NR_LICENSE_KEY }} | |
promote-infra-val: | |
needs: [promote-app-dev, unit-tests] | |
uses: Enterprise-CMCS/managed-care-review/.github/workflows/deploy-infra-to-env.yml@main | |
with: | |
environment: val | |
stage_name: val | |
changed_services: ${{ needs.unit-tests.outputs.changed-services}} | |
aws_default_region: ${{ vars.AWS_DEFAULT_REGION }} | |
secrets: | |
aws_account_id: ${{ secrets.VAL_AWS_ACCOUNT_ID }} | |
nr_license_key: ${{ secrets.NR_LICENSE_KEY }} | |
slack_webhook_url: ${{ secrets.SLACK_WEBHOOK }} | |
promote-app-val: | |
needs: [promote-app-dev, promote-infra-val, unit-tests] | |
uses: Enterprise-CMCS/managed-care-review/.github/workflows/deploy-app-to-env.yml@main | |
with: | |
environment: val | |
stage_name: val | |
app_version: ${{ needs.unit-tests.outputs.app-version }} | |
changed_services: ${{ needs.unit-tests.outputs.changed-services}} | |
aws_default_region: ${{ vars.AWS_DEFAULT_REGION }} | |
secrets: | |
aws_account_id: ${{ secrets.VAL_AWS_ACCOUNT_ID }} | |
react_app_auth_mode: IDM | |
nr_license_key: ${{ secrets.NR_LICENSE_KEY }} | |
promote-infra-prod: | |
needs: [promote-app-val, unit-tests] | |
uses: Enterprise-CMCS/managed-care-review/.github/workflows/deploy-infra-to-env.yml@main | |
with: | |
environment: prod | |
stage_name: prod | |
changed_services: ${{ needs.unit-tests.outputs.changed-services}} | |
aws_default_region: ${{ vars.AWS_DEFAULT_REGION }} | |
secrets: | |
aws_account_id: ${{ secrets.PROD_AWS_ACCOUNT_ID }} | |
nr_license_key: ${{ secrets.NR_LICENSE_KEY }} | |
slack_webhook_url: ${{ secrets.SLACK_WEBHOOK }} | |
promote-app-prod: | |
needs: [promote-app-val, promote-infra-prod, unit-tests] | |
uses: Enterprise-CMCS/managed-care-review/.github/workflows/deploy-app-to-env.yml@main | |
with: | |
environment: prod | |
stage_name: prod | |
app_version: ${{ needs.unit-tests.outputs.app-version }} | |
changed_services: ${{ needs.unit-tests.outputs.changed-services}} | |
aws_default_region: ${{ vars.AWS_DEFAULT_REGION }} | |
secrets: | |
aws_account_id: ${{ secrets.PROD_AWS_ACCOUNT_ID }} | |
react_app_auth_mode: IDM | |
nr_license_key: ${{ secrets.NR_LICENSE_KEY }} | |
cypress-prod: | |
name: prod - cypress | |
needs: [promote-app-prod] | |
runs-on: ubuntu-20.04 | |
container: | |
image: cypress/browsers:node16.17.0-chrome106 | |
options: --user 1001 | |
strategy: | |
fail-fast: false | |
steps: | |
- uses: actions/checkout@v4 | |
- name: check ip | |
id: check-ip | |
shell: bash | |
run: curl ifconfig.me/ip | |
- name: Generate unique ID for Cypress | |
id: uuid | |
run: echo "::set-output name=value::sha-$GITHUB_SHA-time-$(date +"%s")" | |
- name: Setup env | |
uses: ./.github/actions/setup_env | |
- uses: actions/download-artifact@v4 | |
with: | |
name: app-web-gen deploy prod | |
path: ./services/app-web/src/gen | |
- uses: actions/download-artifact@v4 | |
with: | |
name: cypress-gen deploy prod | |
path: ./services/cypress/gen | |
- name: Cypress chrome fix | |
run: | | |
export DISPLAY=:1 | |
Xvfb :1 -screen 0 1024x768x16 2>/dev/null & | |
- name: Cypress on Prod -- Chrome | |
id: cypress | |
uses: cypress-io/github-action@v6 | |
with: | |
install: false | |
config: baseUrl=https://mc-review.onemac.cms.gov | |
spec: services/cypress/integration/promoteWorkflow/promote.spec.ts | |
record: true | |
parallel: false | |
browser: chrome | |
group: 'Chrome - prod' | |
ci-build-id: ${{ steps.uuid.outputs.value }} | |
# Point to the cypress config file from root | |
config-file: services/cypress/cypress.config.ts | |
env: | |
REACT_APP_AUTH_MODE: IDM | |
CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_RECORD_KEY }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# Overwrites folder directories in cypress config because in CI we run from root | |
CYPRESS_SUPPORT_FILE: services/cypress/support/index.ts | |
CYPRESS_FIXTURES_FOLDER: services/cypress/fixtures | |
CYPRESS_SPEC_PATTERN: services/cypress/integration/**/*.spec.ts | |
CYPRESS_SCREEN_SHOTS_FOLDER: services/cypress/screenshots | |
CYPRESS_VIDEOS_FOLDER: services/cypress/videos | |
- name: Upload cypress video | |
uses: actions/upload-artifact@v4 | |
if: failure() && steps.cypress.outcome == 'failure' | |
with: | |
name: cypress-videos | |
path: services/cypress/videos | |
slack: | |
name: Slack notification on failure | |
runs-on: ubuntu-20.04 | |
needs: [cypress-prod, promote-app-val] | |
if: always() | |
steps: | |
# this action sets env.WORKFLOW_CONCLUSION so we can call a | |
# failure notification if any part of the workflow fails | |
- uses: technote-space/workflow-conclusion-action@v3 | |
- name: Alert Slack On Failure | |
uses: rtCamp/action-slack-notify@v2 | |
if: (env.WORKFLOW_CONCLUSION == 'failure' || needs.cypress-prod.result == 'skipped' || needs.promote-app-val.result == 'skipped') | |
env: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
SLACK_USERNAME: Deploy Alerts | |
SLACK_ICON_EMOJI: ':bell:' | |
SLACK_COLOR: failure | |
SLACK_FOOTER: '' | |
MSG_MINIMAL: actions url,commit |