Renovate Update Node.js to v22 #1822

Workflow file for this run

	name: Test & Build

	on:
	pull_request:
	branches:
	- main
	push:
	branches:
	- main
	workflow_dispatch:

	defaults:
	run:
	shell: bash

	jobs:
	identify:
	name: Identify version
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: "0"
	- name: Define commit SHA and branch
	id: commit_branch
	run: \|
	if [ "${{ github.head_ref }}" == "" ]; then
	echo "COMMIT=${{github.sha}}" >> $GITHUB_OUTPUT
	echo "BRANCH=main" >> $GITHUB_OUTPUT
	else
	echo "COMMIT=${{github.event.pull_request.head.sha}}" >> $GITHUB_OUTPUT
	echo "BRANCH=${{github.head_ref}}" >> $GITHUB_OUTPUT
	fi
	- name: Bump version
	id: bump_version
	uses: anothrNick/[email protected]
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	INITIAL_VERSION: 1.0.0
	DEFAULT_BRANCH: main
	DEFAULT_BUMP: minor
	PRERELEASE: true
	PRERELEASE_SUFFIX: ${{ steps.commit_branch.outputs.BRANCH }}
	RELEASE_BRANCHES: main
	WITH_V: true
	outputs:
	commit: ${{ steps.commit_branch.outputs.COMMIT }}
	branch: ${{ steps.commit_branch.outputs.BRANCH }}
	tag: ${{ steps.bump_version.outputs.tag }}

	build:
	name: Build LPA Dashboard
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Cache Images
	uses: actions/cache@v4
	with:
	path: /tmp/images
	key: ${{ runner.os }}-images-${{ github.run_id }}-${{ github.run_number }}
	- name: Build Images
	run: \|
	make build-ci
	mkdir -p /tmp/images
	docker save -o /tmp/images/app.tar 311462405659.dkr.ecr.eu-west-1.amazonaws.com/sirius/sirius-lpa-dashboard:latest
	docker save -o /tmp/images/pact-stub.tar pact-stub:latest

	test:
	name: Unit Tests
	runs-on: ubuntu-latest
	needs: [identify]
	steps:
	- uses: actions/checkout@v4
	- uses: unfor19/install-aws-cli-action@v1

	- name: Cache Go Dependencies
	uses: actions/cache@v4
	with:
	path: .gocache
	key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
	restore-keys: \|
	${{ runner.os }}-go-

	- name: Run Tests
	run: make unit-test

	- name: Publish pacts
	run: \|
	docker compose run --rm pact pact-broker publish ./pacts/sirius-lpa-dashboard-sirius.json \
	--consumer-app-version ${{ needs.identify.outputs.commit }} \
	--branch ${{ needs.identify.outputs.branch }} \
	--tag ${{ needs.identify.outputs.tag }} \
	--broker-base-url https://pact-broker.api.opg.service.justice.gov.uk \
	--broker-username admin \
	--broker-password ${{ secrets.PACT_BROKER_PASSWORD }}

	- name: Upload Code Coverage
	uses: codecov/codecov-action@v5
	env:
	CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
	with:
	files: test-results/test-coverage.txt
	fail_ci_if_error: true
	verbose: true

	- name: Persist Pacts
	uses: actions/upload-artifact@v4
	with:
	name: pacts
	path: \|
	./pacts/sirius-lpa-dashboard-sirius.json
	./pacts/ignored-ignored.json

	lint:
	name: Lint
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Run linting
	run: make lint

	acceptance-test:
	name: Acceptance Tests
	runs-on: ubuntu-latest
	needs:
	- build
	- test
	steps:
	- uses: actions/checkout@v4
	- name: Cache Images
	uses: actions/cache@v4
	with:
	path: /tmp/images
	key: ${{ runner.os }}-images-${{ github.run_id }}-${{ github.run_number }}

	- name: Download Artifacts
	uses: actions/download-artifact@v4
	with:
	name: pacts
	path: ./pacts

	- name: Restore images
	run: \|
	docker load -i /tmp/images/app.tar
	docker load -i /tmp/images/pact-stub.tar

	- name: Run pa11y
	run: make pa11y

	- name: Run Lighthouse
	run: make lighthouse

	cypress:
	name: Cypress
	runs-on: ubuntu-latest
	needs:
	- build
	- test
	steps:
	- uses: actions/checkout@v4
	- name: Cache Images
	uses: actions/cache@v4
	with:
	path: /tmp/images
	key: ${{ runner.os }}-images-${{ github.run_id }}-${{ github.run_number }}

	- name: Download Artifacts
	uses: actions/download-artifact@v4
	with:
	name: pacts
	path: ./pacts

	- name: Restore images
	run: \|
	docker load -i /tmp/images/app.tar
	docker load -i /tmp/images/pact-stub.tar

	- name: Start app
	run: make cypress

	- name: Upload Cypress screenshots
	uses: actions/upload-artifact@v4
	if: failure()
	with:
	name: cypress-screenshots
	path: cypress/screenshots

	push:
	name: "Build & Push Containers"
	runs-on: ubuntu-latest
	needs: [identify, "build", "test", "lint", "acceptance-test", "cypress"]
	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: "0"
	- name: Extract branch name
	run: \|
	if [ "${{ github.head_ref }}" == "" ]; then
	echo BRANCH_NAME=main >> $GITHUB_ENV
	else
	echo BRANCH_NAME=$(echo ${{ github.head_ref }} \| sed 's/\//-/g') >> $GITHUB_ENV
	fi
	id: extract_branch
	- uses: unfor19/install-aws-cli-action@v1

	- name: Cache Images
	uses: actions/cache@v4
	with:
	path: /tmp/images
	key: ${{ runner.os }}-images-${{ github.run_id }}-${{ github.run_number }}

	- name: Restore Image
	run: docker load -i /tmp/images/app.tar

	- name: Run Trivy
	run: make scan

	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v3
	if: always()
	with:
	sarif_file: 'test-results/trivy.sarif'

	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }}
	aws-region: eu-west-1
	role-to-assume: arn:aws:iam::311462405659:role/sirius-actions-ci
	role-duration-seconds: 3600
	role-session-name: GitHubActions

	- name: ECR Login
	id: login-ecr
	uses: aws-actions/amazon-ecr-login@v2
	with:
	registries: 311462405659

	- name: Push Container
	env:
	ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
	ECR_REPOSITORY: sirius/sirius-lpa-dashboard
	run: \|
	docker tag 311462405659.dkr.ecr.eu-west-1.amazonaws.com/sirius/sirius-lpa-dashboard:latest $ECR_REGISTRY/$ECR_REPOSITORY:${{ needs.identify.outputs.tag }}
	if [ "${{ needs.identify.outputs.branch }}" == "main" ]; then
	docker tag 311462405659.dkr.ecr.eu-west-1.amazonaws.com/sirius/sirius-lpa-dashboard:latest $ECR_REGISTRY/$ECR_REPOSITORY:main-${{ needs.identify.outputs.tag }}
	docker tag 311462405659.dkr.ecr.eu-west-1.amazonaws.com/sirius/sirius-lpa-dashboard:latest $ECR_REGISTRY/$ECR_REPOSITORY:main-${{ needs.identify.outputs.tag }}-$(date +"%Y%m%d%H%M%S")
	# We want all of the tags pushed
	docker push --all-tags $ECR_REGISTRY/$ECR_REPOSITORY
	else
	docker push $ECR_REGISTRY/$ECR_REPOSITORY:${{ needs.identify.outputs.tag }}
	fi

	push-tags:
	runs-on: ubuntu-latest
	needs: [identify, push]
	if: github.ref == 'refs/heads/main'
	steps:
	- uses: actions/checkout@v4

	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }}
	aws-region: eu-west-1
	role-to-assume: arn:aws:iam::997462338508:role/sirius-actions-ci
	role-duration-seconds: 3600
	role-session-name: GitHubActions

	- name: Install AWS CLI
	id: install-aws-cli
	uses: unfor19/install-aws-cli-action@v1

	- name: Push Tag to Parameter Store
	run: \|
	aws ssm put-parameter --name "opg-sirius-lpa-dashboard-latest-green-build" --type "String" --value "${{ needs.identify.outputs.tag }}" --overwrite --region=eu-west-1

	- name: Trigger Dev Deploy
	shell: bash
	run: curl -u ${{ secrets.JENKINS_API_USER }}:${{ secrets.JENKINS_API_TOKEN }} "https://${{ secrets.JENKINS_URL }}/job/Sirius/job/Deploy_to_Development/build?token=${{ secrets.JENKINS_API_TOKEN_NAME }}&cause=Triggered+by+opg-sirius-lpa-dashboard"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Renovate Update Node.js to v22 #1822

Workflow file

Renovate Update Node.js to v22 #1822

Jobs

Run details

Workflow file for this run