Merge branch 'staging' into fix/sidebar-anchor

responsible-ai-collaborative · Nov 5, 2024 · 5a6d0d0 · 5a6d0d0
2 parents 3338227 + 74515a4
commit 5a6d0d0
Show file tree

Hide file tree

Showing 210 changed files with 28,681 additions and 14,173 deletions.
diff --git a/.github/workflows/db-backup.yml b/.github/workflows/db-backup.yml
@@ -0,0 +1,61 @@
+name: Public backup to the cloud
+
+on:
+  schedule:
+    - cron: "0 10 * * 1" # At 10:00 on Monday.
+  workflow_dispatch:
+    inputs:
+      environment:
+        description: The Github environment to load secrets from
+        type: string
+        required: true
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  build-and-run-backups:
+    # If the execution is triggered by a schedule, the environment is production
+    environment: ${{ inputs.environment || 'production' }}
+    name: Backup
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.10"
+
+      - name: Install dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y \
+            coreutils \
+            bash \
+            tzdata \
+            curl \
+            npm
+          wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc |  gpg --dearmor | sudo tee /usr/share/keyrings/mongodb.gpg > /dev/null
+          echo "deb [ arch=amd64 signed-by=/usr/share/keyrings/mongodb.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/6.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.list
+          sudo apt update
+          sudo apt install -y mongodb-database-tools
+
+      - name: Generate public backup
+        run: |
+          python3 -m venv venv
+          source venv/bin/activate
+          pip install boto3
+          ./bin/backup.sh
+          ./bin/prune.sh
+          ./bin/list.sh
+        working-directory: site/db-backup
+        env:
+          CLOUDFLARE_R2_ACCOUNT_ID: ${{ vars.CLOUDFLARE_R2_ACCOUNT_ID }}
+          CLOUDFLARE_R2_WRITE_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_WRITE_ACCESS_KEY_ID }}
+          CLOUDFLARE_R2_WRITE_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_WRITE_SECRET_ACCESS_KEY }}
+          CLOUDFLARE_R2_BUCKET_NAME: ${{ vars.CLOUDFLARE_R2_BUCKET_NAME }}
+          MONGODB_URI: ${{ secrets.MONGODB_CONNECTION_STRING }}
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -26,6 +26,11 @@ on:
         type: string
         required: false
         default: ""
+      site-url:
+        description: The URL of the site to deploy
+        type: string
+        default: ""
+        required: false
 
 jobs:
   netlify-deploy:
@@ -104,8 +109,8 @@ jobs:
           NODE_OPTIONS: --dns-result-order=ipv4first
           GATSBY_ROLLBAR_TOKEN: ${{ secrets.GATSBY_ROLLBAR_TOKEN }}
           SKIP_PAGE_CREATOR: ${{ vars.SKIP_PAGE_CREATOR }}
-          CLOUDFLARE_R2_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_R2_ACCOUNT_ID }}
-          CLOUDFLARE_R2_BUCKET_NAME: ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }}
+          CLOUDFLARE_R2_ACCOUNT_ID: ${{ vars.CLOUDFLARE_R2_ACCOUNT_ID }}
+          CLOUDFLARE_R2_BUCKET_NAME: ${{ vars.CLOUDFLARE_R2_BUCKET_NAME }}
           GATSBY_CLOUDFLARE_R2_PUBLIC_BUCKET_URL: ${{ vars.GATSBY_CLOUDFLARE_R2_PUBLIC_BUCKET_URL }}
           CLOUDFLARE_R2_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }}
           CLOUDFLARE_R2_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }}
@@ -119,6 +124,8 @@ jobs:
           REALM_API_PRIVATE_KEY: ${{ secrets.REALM_API_PRIVATE_KEY }}
           ROLLBAR_POST_SERVER_ITEM_ACCESS_TOKEN: ${{ secrets.GATSBY_ROLLBAR_TOKEN }}
           API_MONGODB_CONNECTION_STRING: ${{ secrets.API_MONGODB_CONNECTION_STRING }}
+          SITE_URL: ${{ inputs.site-url || vars.SITE_URL }}
+          PROCESS_NOTIFICATIONS_SECRET: ${{ secrets.PROCESS_NOTIFICATIONS_SECRET }}
 
       - name: Build size
         run: |

diff --git a/.github/workflows/preview.yml b/.github/workflows/preview.yml
@@ -47,7 +47,7 @@ jobs:
     with:
       sha: ${{ github.event.pull_request.head.sha }}
       environment: staging
-      netlify-context: deploy-preview
+      netlify-context: branch-deploy
       runner-label: ${{ vars.PREVIEW_RUNNER_LABEL }}
 
   call-test:
@@ -90,6 +90,7 @@ jobs:
     with:
       sha: ${{ github.event.pull_request.head.sha }}
       environment: staging
-      netlify-context: deploy-preview
+      netlify-context: branch-deploy
       netlify-alias: pr-${{ github.event.pull_request.number }}
       runner-label: ${{ vars.PREVIEW_RUNNER_LABEL }}
+      site-url: https://pr-${{ github.event.pull_request.number }}--staging-aiid.netlify.app
diff --git a/.github/workflows/process-notifications.yml b/.github/workflows/process-notifications.yml
@@ -0,0 +1,41 @@
+name: Process Notifications
+
+on:
+  workflow_call:
+    inputs:
+        environment:
+          description: The Github environment to load secrets from
+          type: string
+          required: true
+
+jobs:
+  execute-mutation:
+    runs-on: ubuntu-latest
+    environment: ${{ inputs.environment }}
+    steps:
+      - name: Call GraphQL API
+        env:
+          SITE_URL: ${{ vars.SITE_URL }}
+          PROCESS_NOTIFICATIONS_SECRET: ${{ secrets.PROCESS_NOTIFICATIONS_SECRET }}
+        run: |
+          RESPONSE=$(curl -s -o response.json -w "%{http_code}" -X POST "$SITE_URL/api/graphql" \
+            -H "Content-Type: application/json" \
+            -H "PROCESS_NOTIFICATIONS_SECRET: $PROCESS_NOTIFICATIONS_SECRET" \
+            -d '{"query":"mutation { processNotifications }"}')
+
+          HTTP_STATUS=$RESPONSE
+
+          if [ "$HTTP_STATUS" -ne 200 ]; then
+            echo "GraphQL mutation failed with HTTP status: $HTTP_STATUS"
+            cat response.json
+            exit 1
+          fi
+
+          if jq -e 'has("errors") or has("errorType")' response.json > /dev/null; then
+            echo "GraphQL mutation failed with the following response:"
+            jq '.' response.json
+            exit 1
+          fi
+
+          echo "GraphQL mutation succeeded!"
+          jq '.' response.json
diff --git a/.github/workflows/production.yml b/.github/workflows/production.yml
@@ -84,7 +84,7 @@ jobs:
   call-deploy:
     if: (inputs.force-deploy == true || success()) && !cancelled()
     uses: ./.github/workflows/deploy.yml
-    needs: [cache-modifier, call-test, call-test-api, call-test-playwright]
+    needs: [cache-modifier, call-test, call-test-api, call-test-playwright, call-test-playwright-full]
     secrets: inherit
     permissions:
       pull-requests: write
@@ -95,3 +95,10 @@ jobs:
       netlify-alias:
       runner-label: ${{ vars.PRODUCTION_RUNNER_LABEL }}
       cache-modifier: ${{ needs.cache-modifier.outputs.cache-modifier  }}
+
+  call-process-notifications:
+    needs: call-deploy
+    uses: ./.github/workflows/process-notifications.yml
+    secrets: inherit
+    with:
+      environment: production
diff --git a/.github/workflows/staging.yml b/.github/workflows/staging.yml
@@ -94,3 +94,10 @@ jobs:
       netlify-alias:
       runner-label: ${{ vars.STAGING_RUNNER_LABEL }}
       cache-modifier: ${{ needs.cache-modifier.outputs.cache-modifier  }}
+
+  call-process-notifications:
+    needs: call-deploy
+    uses: ./.github/workflows/process-notifications.yml
+    secrets: inherit
+    with:
+      environment: staging
diff --git a/.github/workflows/test-api.yml b/.github/workflows/test-api.yml
@@ -67,7 +67,12 @@ jobs:
           API_MONGODB_CONNECTION_STRING: "" # dinamically set by globalSetup.ts
           E2E_ADMIN_USERNAME: ""
           E2E_ADMIN_PASSWORD: ""
-          ROLLBAR_POST_SERVER_ITEM_ACCESS_TOKEN: ${{ secrets.GATSBY_ROLLBAR_TOKEN }}
+          ROLLBAR_POST_SERVER_ITEM_ACCESS_TOKEN: sarasa
+          MAILERSEND_API_KEY: something
+          NOTIFICATIONS_SENDER_NAME: Test Preview
+          NOTIFICATIONS_SENDER: [email protected]
+          PROCESS_NOTIFICATIONS_SECRET: sarasa
+          SITE_URL: http://localhost:8000
 
       - name: Upload coverage reports to Codecov
         uses: codecov/codecov-action@v4

diff --git a/.github/workflows/test-build.yml b/.github/workflows/test-build.yml
@@ -101,8 +101,8 @@ jobs:
           NODE_OPTIONS: --dns-result-order=ipv4first
           GATSBY_ROLLBAR_TOKEN: ${{ secrets.GATSBY_ROLLBAR_TOKEN }}
           SKIP_PAGE_CREATOR: ${{ vars.SKIP_PAGE_CREATOR }}
-          CLOUDFLARE_R2_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_R2_ACCOUNT_ID }}
-          CLOUDFLARE_R2_BUCKET_NAME: ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }}
+          CLOUDFLARE_R2_ACCOUNT_ID: ${{ vars.CLOUDFLARE_R2_ACCOUNT_ID }}
+          CLOUDFLARE_R2_BUCKET_NAME: ${{ vars.CLOUDFLARE_R2_BUCKET_NAME }}
           GATSBY_CLOUDFLARE_R2_PUBLIC_BUCKET_URL: ${{ vars.GATSBY_CLOUDFLARE_R2_PUBLIC_BUCKET_URL }}
           CLOUDFLARE_R2_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }}
           CLOUDFLARE_R2_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }}
@@ -124,5 +124,5 @@ jobs:
         with:
           path: |
             site/gatsby-site/public
-            site/gatsby-site/.cache/functions
+            site/gatsby-site/netlify/functions
           key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ inputs.sha }}-${{ inputs.cache-modifier }}
diff --git a/.github/workflows/test-playwright-full.yml b/.github/workflows/test-playwright-full.yml
@@ -28,8 +28,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        shardIndex: [1, 2, 3, 4, 5, 6]
-        shardTotal: [6]
+        shardIndex: [1, 2, 3, 4, 5, 6, 7, 8]
+        shardTotal: [8]
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -71,7 +71,7 @@ jobs:
           echo "MongoDB has started on port 4110."
 
       - name: Build using Netlify
-        run: netlify build --context preview --offline
+        run: npm run build
         working-directory: site/gatsby-site
         env:
           INSTRUMENT: true
@@ -95,8 +95,8 @@ jobs:
           PRISMIC_ACCESS_TOKEN: ${{ secrets.PRISMIC_ACCESS_TOKEN }}
           GATSBY_ROLLBAR_TOKEN: ${{ secrets.GATSBY_ROLLBAR_TOKEN }}
           SKIP_PAGE_CREATOR: ${{ vars.SKIP_PAGE_CREATOR }}
-          CLOUDFLARE_R2_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_R2_ACCOUNT_ID }}
-          CLOUDFLARE_R2_BUCKET_NAME: ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }}
+          CLOUDFLARE_R2_ACCOUNT_ID: ${{ vars.CLOUDFLARE_R2_ACCOUNT_ID }}
+          CLOUDFLARE_R2_BUCKET_NAME: ${{ vars.CLOUDFLARE_R2_BUCKET_NAME }}
           GATSBY_CLOUDFLARE_R2_PUBLIC_BUCKET_URL: ${{ vars.GATSBY_CLOUDFLARE_R2_PUBLIC_BUCKET_URL }}
           CLOUDFLARE_R2_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }}
           CLOUDFLARE_R2_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }}
@@ -122,17 +122,38 @@ jobs:
           E2E_ADMIN_USERNAME: ${{ secrets.E2E_ADMIN_USERNAME }}
           IS_EMPTY_ENVIRONMENT: ${{ vars.IS_EMPTY_ENVIRONMENT }}
           MONGODB_CONNECTION_STRING: mongodb://127.0.0.1:4110/
+          REALM_API_APP_ID: ${{ vars.REALM_API_APP_ID }}
+          REALM_API_GROUP_ID: ${{ vars.REALM_API_GROUP_ID }}
+          REALM_APP_ID: ${{ vars.GATSBY_REALM_APP_ID }}
+          REALM_API_PUBLIC_KEY: ${{ secrets.REALM_API_PUBLIC_KEY }}
+          REALM_API_PRIVATE_KEY: ${{ secrets.REALM_API_PRIVATE_KEY }}
+          REALM_GRAPHQL_API_KEY: ${{ secrets.REALM_GRAPHQL_API_KEY }}
+          API_MONGODB_CONNECTION_STRING: mongodb://127.0.0.1:4110/
+          ROLLBAR_POST_SERVER_ITEM_ACCESS_TOKEN: ${{ secrets.GATSBY_ROLLBAR_TOKEN }}
           GATSBY_AVAILABLE_LANGUAGES: ${{ vars.GATSBY_AVAILABLE_LANGUAGES }}
           SHARD_INDEX: ${{ matrix.shardIndex }}
           SHARD_TOTAL: ${{ matrix.shardTotal }}
           TEST_FOLDER: playwright/e2e-full/
+          MAILERSEND_API_KEY: something
+          NOTIFICATIONS_SENDER_NAME: Test Preview
+          NOTIFICATIONS_SENDER: [email protected]
+          PROCESS_NOTIFICATIONS_SECRET: sarasa
+          SITE_URL: http://localhost:8000
+
+      - name: Upload Playwright traces
+        if: failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: playwright-traces-${{ matrix.shardIndex }}
+          path: site/gatsby-site/test-results/**/*.zip
+          retention-days: 7
 
       - uses: actions/upload-artifact@v4
         if: ${{ !cancelled() }}
         with:
           name: blob-report-full-${{ matrix.shardIndex }}
           path: site/gatsby-site/blob-report/
-          retention-days: 1
+          retention-days: 7
 
   merge-reports:
     # Merge reports after playwright-tests, even if some shards have failed
@@ -151,9 +172,12 @@ jobs:
       - name: Merge into HTML Report
         run: npx playwright merge-reports --reporter html ./all-blob-reports
 
+      - name: Rename report directory
+        run: mv playwright-report playwright-report-full
+
       - name: Upload HTML report
         uses: actions/upload-artifact@v4
         with:
-          name: html-report--attempt-${{ github.run_attempt }}
+          name: playwright-report-full-attempt-${{ github.run_attempt }}
           path: playwright-report-full
           retention-days: 7
diff --git a/.github/workflows/test-playwright.yml b/.github/workflows/test-playwright.yml
@@ -63,7 +63,7 @@ jobs:
         with:
           path: |
             site/gatsby-site/public
-            site/gatsby-site/.cache/functions
+            site/gatsby-site/netlify/functions
           key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ inputs.sha }}-${{ inputs.cache-modifier }}
 
       - name: Install playwright browsers
@@ -78,9 +78,22 @@ jobs:
           E2E_ADMIN_USERNAME: ${{ secrets.E2E_ADMIN_USERNAME }}
           IS_EMPTY_ENVIRONMENT: ${{ vars.IS_EMPTY_ENVIRONMENT }}
           GATSBY_AVAILABLE_LANGUAGES: ${{ vars.GATSBY_AVAILABLE_LANGUAGES }}
+          REALM_API_APP_ID: ${{ vars.REALM_API_APP_ID }}
+          REALM_API_GROUP_ID: ${{ vars.REALM_API_GROUP_ID }}
+          REALM_APP_ID: ${{ vars.GATSBY_REALM_APP_ID }}
+          REALM_API_PUBLIC_KEY: ${{ secrets.REALM_API_PUBLIC_KEY }}
+          REALM_API_PRIVATE_KEY: ${{ secrets.REALM_API_PRIVATE_KEY }}
+          REALM_GRAPHQL_API_KEY: ${{ secrets.REALM_GRAPHQL_API_KEY }}
+          API_MONGODB_CONNECTION_STRING: ${{ secrets.API_MONGODB_CONNECTION_STRING }}
+          ROLLBAR_POST_SERVER_ITEM_ACCESS_TOKEN: ${{ secrets.GATSBY_ROLLBAR_TOKEN }}
           SHARD_INDEX: ${{ matrix.shardIndex }}
           SHARD_TOTAL: ${{ matrix.shardTotal }}
           TEST_FOLDER: playwright/e2e/
+          MAILERSEND_API_KEY: something
+          NOTIFICATIONS_SENDER_NAME: Test Preview
+          NOTIFICATIONS_SENDER: [email protected]
+          PROCESS_NOTIFICATIONS_SECRET: sarasa
+          SITE_URL: http://localhost:8000
 
       - uses: actions/upload-artifact@v4
         if: ${{ !cancelled() }}
@@ -109,6 +122,6 @@ jobs:
       - name: Upload HTML report
         uses: actions/upload-artifact@v4
         with:
-          name: html-report--attempt-${{ github.run_attempt }}
+          name: playwright-report-attempt-${{ github.run_attempt }}
           path: playwright-report
           retention-days: 7
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -73,7 +73,7 @@ jobs:
         with:
           path: |
             site/gatsby-site/public
-            site/gatsby-site/.cache/functions
+            site/gatsby-site/netlify/functions
           key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ inputs.sha }}-${{ inputs.cache-modifier }}
 
       - name: Extract branch name
@@ -91,7 +91,7 @@ jobs:
           parallel: true
           group: "Cypress e2e tests"
           tag: ${{ steps.extract_branch.outputs.branch }}
-          start: node node_modules/.bin/gatsby serve -p 8000 -H 127.0.0.1
+          start: npx -y pm2 start npm --name "web-server" -- run serve && npx pm2 logs "web-server"
           wait-on: http://127.0.0.1:8000
           wait-on-timeout: 60
         env:
@@ -118,8 +118,8 @@ jobs:
           INSTRUMENT: true
           # Since this is triggered on a pull request, we set the commit message to the pull request title
           COMMIT_INFO_MESSAGE: ${{ github.event.pull_request.title }}
-          CLOUDFLARE_R2_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_R2_ACCOUNT_ID }}
-          CLOUDFLARE_R2_BUCKET_NAME: ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }}
+          CLOUDFLARE_R2_ACCOUNT_ID: ${{ vars.CLOUDFLARE_R2_ACCOUNT_ID }}
+          CLOUDFLARE_R2_BUCKET_NAME: ${{ vars.CLOUDFLARE_R2_BUCKET_NAME }}
           GATSBY_CLOUDFLARE_R2_PUBLIC_BUCKET_URL: ${{ vars.GATSBY_CLOUDFLARE_R2_PUBLIC_BUCKET_URL }}
           CLOUDFLARE_R2_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }}
           CLOUDFLARE_R2_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }}