Skip to content

Renovate Update Node.js to v22 #1817

Renovate Update Node.js to v22

Renovate Update Node.js to v22 #1817

Workflow file for this run

name: Test & Build
on:
pull_request:
branches:
- main
push:
branches:
- main
workflow_dispatch:
defaults:
run:
shell: bash
jobs:
identify:
name: Identify version
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: "0"
- name: Define commit SHA and branch
id: commit_branch
run: |
if [ "${{ github.head_ref }}" == "" ]; then
echo "COMMIT=${{github.sha}}" >> $GITHUB_OUTPUT
echo "BRANCH=main" >> $GITHUB_OUTPUT
else
echo "COMMIT=${{github.event.pull_request.head.sha}}" >> $GITHUB_OUTPUT
echo "BRANCH=${{github.head_ref}}" >> $GITHUB_OUTPUT
fi
- name: Bump version
id: bump_version
uses: anothrNick/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
INITIAL_VERSION: 1.0.0
DEFAULT_BRANCH: main
DEFAULT_BUMP: minor
PRERELEASE: true
PRERELEASE_SUFFIX: ${{ steps.commit_branch.outputs.BRANCH }}
RELEASE_BRANCHES: main
WITH_V: true
outputs:
commit: ${{ steps.commit_branch.outputs.COMMIT }}
branch: ${{ steps.commit_branch.outputs.BRANCH }}
tag: ${{ steps.bump_version.outputs.tag }}
build:
name: Build LPA Dashboard
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Cache Images
uses: actions/cache@v4
with:
path: /tmp/images
key: ${{ runner.os }}-images-${{ github.run_id }}-${{ github.run_number }}
- name: Build Images
run: |
make build-ci
mkdir -p /tmp/images
docker save -o /tmp/images/app.tar 311462405659.dkr.ecr.eu-west-1.amazonaws.com/sirius/sirius-lpa-dashboard:latest
docker save -o /tmp/images/pact-stub.tar pact-stub:latest
test:
name: Unit Tests
runs-on: ubuntu-latest
needs: [identify]
steps:
- uses: actions/checkout@v4
- uses: unfor19/install-aws-cli-action@v1
- name: Cache Go Dependencies
uses: actions/cache@v4
with:
path: .gocache
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Run Tests
run: make unit-test
- name: Publish pacts
run: |
docker compose run --rm pact pact-broker publish ./pacts/sirius-lpa-dashboard-sirius.json \
--consumer-app-version ${{ needs.identify.outputs.commit }} \
--branch ${{ needs.identify.outputs.branch }} \
--tag ${{ needs.identify.outputs.tag }} \
--broker-base-url https://pact-broker.api.opg.service.justice.gov.uk \
--broker-username admin \
--broker-password ${{ secrets.PACT_BROKER_PASSWORD }}
- name: Upload Code Coverage
uses: codecov/codecov-action@v4
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
files: test-results/test-coverage.txt
fail_ci_if_error: true
verbose: true
- name: Persist Pacts
uses: actions/upload-artifact@v4
with:
name: pacts
path: |
./pacts/sirius-lpa-dashboard-sirius.json
./pacts/ignored-ignored.json
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run linting
run: make lint
acceptance-test:
name: Acceptance Tests
runs-on: ubuntu-latest
needs:
- build
- test
steps:
- uses: actions/checkout@v4
- name: Cache Images
uses: actions/cache@v4
with:
path: /tmp/images
key: ${{ runner.os }}-images-${{ github.run_id }}-${{ github.run_number }}
- name: Download Artifacts
uses: actions/download-artifact@v4
with:
name: pacts
path: ./pacts
- name: Restore images
run: |
docker load -i /tmp/images/app.tar
docker load -i /tmp/images/pact-stub.tar
- name: Run pa11y
run: make pa11y
- name: Run Lighthouse
run: make lighthouse
cypress:
name: Cypress
runs-on: ubuntu-latest
needs:
- build
- test
steps:
- uses: actions/checkout@v4
- name: Cache Images
uses: actions/cache@v4
with:
path: /tmp/images
key: ${{ runner.os }}-images-${{ github.run_id }}-${{ github.run_number }}
- name: Download Artifacts
uses: actions/download-artifact@v4
with:
name: pacts
path: ./pacts
- name: Restore images
run: |
docker load -i /tmp/images/app.tar
docker load -i /tmp/images/pact-stub.tar
- name: Start app
run: make cypress
- name: Upload Cypress screenshots
uses: actions/upload-artifact@v4
if: failure()
with:
name: cypress-screenshots
path: cypress/screenshots
push:
name: "Build & Push Containers"
runs-on: ubuntu-latest
needs: [identify, "build", "test", "lint", "acceptance-test", "cypress"]
steps:
- uses: actions/checkout@v4
with:
fetch-depth: "0"
- name: Extract branch name
run: |
if [ "${{ github.head_ref }}" == "" ]; then
echo BRANCH_NAME=main >> $GITHUB_ENV
else
echo BRANCH_NAME=$(echo ${{ github.head_ref }} | sed 's/\//-/g') >> $GITHUB_ENV
fi
id: extract_branch
- uses: unfor19/install-aws-cli-action@v1
- name: Cache Images
uses: actions/cache@v4
with:
path: /tmp/images
key: ${{ runner.os }}-images-${{ github.run_id }}-${{ github.run_number }}
- name: Restore Image
run: docker load -i /tmp/images/app.tar
- name: Run Trivy
run: make scan
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: 'test-results/trivy.sarif'
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }}
aws-region: eu-west-1
role-to-assume: arn:aws:iam::311462405659:role/sirius-actions-ci
role-duration-seconds: 3600
role-session-name: GitHubActions
- name: ECR Login
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
with:
registries: 311462405659
- name: Push Container
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: sirius/sirius-lpa-dashboard
run: |
docker tag 311462405659.dkr.ecr.eu-west-1.amazonaws.com/sirius/sirius-lpa-dashboard:latest $ECR_REGISTRY/$ECR_REPOSITORY:${{ needs.identify.outputs.tag }}
if [ "${{ needs.identify.outputs.branch }}" == "main" ]; then
docker tag 311462405659.dkr.ecr.eu-west-1.amazonaws.com/sirius/sirius-lpa-dashboard:latest $ECR_REGISTRY/$ECR_REPOSITORY:main-${{ needs.identify.outputs.tag }}
docker tag 311462405659.dkr.ecr.eu-west-1.amazonaws.com/sirius/sirius-lpa-dashboard:latest $ECR_REGISTRY/$ECR_REPOSITORY:main-${{ needs.identify.outputs.tag }}-$(date +"%Y%m%d%H%M%S")
# We want all of the tags pushed
docker push --all-tags $ECR_REGISTRY/$ECR_REPOSITORY
else
docker push $ECR_REGISTRY/$ECR_REPOSITORY:${{ needs.identify.outputs.tag }}
fi
push-tags:
runs-on: ubuntu-latest
needs: [identify, push]
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v4
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }}
aws-region: eu-west-1
role-to-assume: arn:aws:iam::997462338508:role/sirius-actions-ci
role-duration-seconds: 3600
role-session-name: GitHubActions
- name: Install AWS CLI
id: install-aws-cli
uses: unfor19/install-aws-cli-action@v1
- name: Push Tag to Parameter Store
run: |
aws ssm put-parameter --name "opg-sirius-lpa-dashboard-latest-green-build" --type "String" --value "${{ needs.identify.outputs.tag }}" --overwrite --region=eu-west-1
- name: Trigger Dev Deploy
shell: bash
run: curl -u ${{ secrets.JENKINS_API_USER }}:${{ secrets.JENKINS_API_TOKEN }} "https://${{ secrets.JENKINS_URL }}/job/Sirius/job/Deploy_to_Development/build?token=${{ secrets.JENKINS_API_TOKEN_NAME }}&cause=Triggered+by+opg-sirius-lpa-dashboard"