Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/develop'
Browse files Browse the repository at this point in the history
  • Loading branch information
jacksonj04 committed May 10, 2021
2 parents 1ca8a12 + 2a76179 commit 5685d9e
Show file tree
Hide file tree
Showing 111 changed files with 2,005 additions and 685 deletions.
17 changes: 16 additions & 1 deletion .github/workflows/continuous-integration.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,22 @@ jobs:
steps:
- name: Check out code
uses: actions/checkout@v2
- id: cache-docker
uses: actions/cache@v2
with:
path: /tmp/docker-save
key:
docker-save-${{ hashFiles('Dockerfile', 'Gemfile.lock',
'package-lock.json') }}
- name: Load cached Docker image
run: docker load -i /tmp/docker-save/snapshot.tar || true
if: steps.cache-docker.outputs.cache-hit == 'true'
- name: Build
run: docker-compose -f docker-compose.ci.yml build
run: docker-compose -f docker-compose.ci.yml -p app build
- name: Test
run: docker-compose -f docker-compose.ci.yml run --rm test script/test
- name: Prepare Docker cache
run:
mkdir -p /tmp/docker-save && docker save app_test:latest -o
/tmp/docker-save/snapshot.tar && ls -lh /tmp/docker-save
if: always() && steps.cache-docker.outputs.cache-hit != 'true'
6 changes: 3 additions & 3 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@ env:
CF_PASSWORD: ${{ secrets.CF_PASSWORD }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
GITHUB_SECRETS_JSON: ${{ toJson(secrets) }}

jobs:
build:
Expand Down Expand Up @@ -48,11 +47,12 @@ jobs:
deploy:
needs: build
runs-on: ubuntu-latest
env:
TF_VAR_docker_image: ${{needs.build.outputs.tf_var_docker_image}}
GITHUB_SECRETS_JSON: ${{ toJson(secrets) }}
steps:
- name: Check out code
uses: actions/checkout@v2
- name: Set TFVAR Docker Image environment variable
run: echo "TF_VAR_docker_image=${{needs.build.outputs.tf_var_docker_image}}" >> $GITHUB_ENV
- name: Deploy terraform to staging
env:
TF_VAR_environment: "staging"
Expand Down
3 changes: 3 additions & 0 deletions Brewfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
brew "postgresql"
brew "redis"
brew "rbenv"
22 changes: 17 additions & 5 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,16 @@ The format is based on [Keep a Changelog 1.0.0].

## [Unreleased]

## [release-010] - 2021-05-27
## [release-011] - 2021-05-10

- error pages are styled
- document how to manage live environment variables
- Update all fixtures to include tasks
- Update the specs to work with the new task-enabled fixtures
- Remove `Journey#section_groups` and sever the direct Journey -> Steps association
- tasks now have their completion status indicated on the task list

## [release-010] - 2021-04-27

- add header and footer information for feedback and data requests
- force SSL in production to only accept HTTPS traffic, enable HSTS and secure tower cookies
Expand All @@ -21,18 +30,20 @@ The format is based on [Keep a Changelog 1.0.0].
- existing specification page displays useful message when no specs exist
- fix text input field width to fit full screen width
- document where to find the service in the readme
- cache CI builds to reduce build times
- log information about contentful cache busting webhooks for debugging

## [release-009] - 2021-05-21
## [release-009] - 2021-04-21

- fix multiple specification fields
- content security policy
- remove humans.txt

## [release-008] - 2021-05-19
## [release-008] - 2021-04-19

- auto deploy research and preview environments

## [release-007] - 2021-05-19
## [release-007] - 2021-04-19

- Add `noindex,nofollow` meta tag to all pages, as per Gov.UK guidance
- fix API auth by switching mechanism from Basic to Token
Expand Down Expand Up @@ -149,7 +160,8 @@ Contentful fixture
- Contentful can redirect users to preview endpoints
- users can be asked to answer a long text question

[unreleased]: https://github.com/DFE-Digital/buy-for-your-school/compare/release-010...HEAD
[unreleased]: https://github.com/DFE-Digital/buy-for-your-school/compare/release-011...HEAD
[release-011]: https://github.com/DFE-Digital/buy-for-your-school/compare/release-010...release-011
[release-010]: https://github.com/DFE-Digital/buy-for-your-school/compare/release-009...release-010
[release-009]: https://github.com/DFE-Digital/buy-for-your-school/compare/release-008...release-009
[release-008]: https://github.com/DFE-Digital/buy-for-your-school/compare/release-007...release-008
Expand Down
144 changes: 93 additions & 51 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,72 +1,101 @@
# BUILD STAGE #
FROM ruby:2.6.6 AS build
# ------------------------------------------------------------------------------
# Base
# ------------------------------------------------------------------------------
FROM ruby:2.6.6 as base
MAINTAINER dxw <rails@dxw.com>

ENV INSTALL_PATH /srv/app
ARG RAILS_ENV
ENV RAILS_ENV=${RAILS_ENV:-production}
ENV RACK_ENV=${RAILS_ENV:-production}

WORKDIR $INSTALL_PATH
RUN curl -sL https://deb.nodesource.com/setup_10.x | bash
RUN curl https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list

RUN apt-get update && apt-get install -qq -y \
build-essential \
libpq-dev \
--fix-missing --no-install-recommends
RUN curl -sL https://deb.nodesource.com/setup_10.x | bash - \
&& apt-get install -y nodejs

COPY package.json ./package.json
COPY package-lock.json ./package-lock.json
ENV APP_HOME /srv/app
ENV DEPS_HOME /deps

RUN npm install
ARG RAILS_ENV
ENV RAILS_ENV ${RAILS_ENV:-production}
ENV NODE_ENV ${RAILS_ENV:-production}

COPY Gemfile* ./
RUN gem install bundler:2.1.4 --no-document
# ------------------------------------------------------------------------------
# Dependencies
# ------------------------------------------------------------------------------
FROM base AS dependencies

ARG BUNDLE_EXTRA_GEM_GROUPS
ENV BUNDLE_GEM_GROUPS=${BUNDLE_EXTRA_GEM_GROUPS:-"production"}
RUN bundle config set no-cache "true"
RUN bundle config set with $BUNDLE_GEM_GROUPS
RUN bundle install --no-binstubs --retry=3 --jobs=4
RUN mkdir -p ${DEPS_HOME}
WORKDIR $DEPS_HOME

# Copy app code (sorted by vague frequency of change for caching)
RUN mkdir -p ${INSTALL_PATH}/log
RUN mkdir -p ${INSTALL_PATH}/tmp

COPY config.ru ${INSTALL_PATH}/config.ru
COPY Rakefile ${INSTALL_PATH}/Rakefile

COPY public ${INSTALL_PATH}/public
COPY vendor ${INSTALL_PATH}/vendor
COPY bin ${INSTALL_PATH}/bin
COPY lib ${INSTALL_PATH}/lib
COPY config ${INSTALL_PATH}/config
COPY db ${INSTALL_PATH}/db
COPY script ${INSTALL_PATH}/script
COPY spec ${INSTALL_PATH}/spec
COPY app ${INSTALL_PATH}/app
# End
RUN curl -sL https://deb.nodesource.com/setup_10.x | bash - \
&& apt-get install -y nodejs

# RELEASE STAGE #
FROM ruby:2.6.6 AS release
# Install Javascript dependencies
COPY package-lock.json $DEPS_HOME/package-lock.json
COPY package.json $DEPS_HOME/package.json
RUN npm install

ENV INSTALL_PATH /srv/app
ARG RAILS_ENV
ENV RAILS_ENV=${RAILS_ENV:-production}
ENV RACK_ENV=${RAILS_ENV:-production}
# Install Ruby dependencies
COPY Gemfile $DEPS_HOME/Gemfile
COPY Gemfile.lock $DEPS_HOME/Gemfile.lock
RUN gem update --system
RUN gem install bundler -v 2.2.16

WORKDIR $INSTALL_PATH
ENV BUNDLE_GEM_GROUPS=$RAILS_ENV
RUN bundle config set frozen "true"
RUN bundle config set no-cache "true"
RUN bundle config set with $BUNDLE_GEM_GROUPS
RUN bundle install --no-binstubs --retry=10 --jobs=4

RUN gem install bundler:2.1.4 --no-document
# ------------------------------------------------------------------------------
# Web
# ------------------------------------------------------------------------------
FROM dependencies AS web

COPY --from=build /usr/local/bundle/ /usr/local/bundle/
COPY --from=build $INSTALL_PATH $INSTALL_PATH
RUN mkdir -p ${APP_HOME}
WORKDIR ${APP_HOME}

# Copy app code (sorted by vague frequency of change for caching)
RUN mkdir -p ${APP_HOME}/log
RUN mkdir -p ${APP_HOME}/tmp

COPY config.ru ${APP_HOME}/config.ru
COPY Rakefile ${APP_HOME}/Rakefile

COPY Gemfile $APP_HOME/Gemfile
COPY Gemfile.lock $APP_HOME/Gemfile.lock

COPY public ${APP_HOME}/public
COPY vendor ${APP_HOME}/vendor
COPY bin ${APP_HOME}/bin
COPY lib ${APP_HOME}/lib
COPY config ${APP_HOME}/config
COPY db ${APP_HOME}/db
COPY script ${APP_HOME}/script
COPY app ${APP_HOME}/app
# End

# Compiling assets requires a key to exist: https://github.com/rails/rails/issues/32947
RUN if [ "$RAILS_ENV" = "production" ]; then \
RAILS_ENV=production SECRET_KEY_BASE="key" bundle exec rake assets:precompile; \
fi
# Create tmp/pids
RUN mkdir -p tmp/pids

# This must be ordered before rake assets:precompile
RUN cp -R $DEPS_HOME/node_modules $APP_HOME/node_modules
RUN cp -R $DEPS_HOME/node_modules/govuk-frontend/govuk/assets $APP_HOME/app/assets

RUN RAILS_ENV=production \
SECRET_KEY_BASE="key" \
APPLICATION_URL= \
CONTENTFUL_URL= \
CONTENTFUL_SPACE= \
CONTENTFUL_ENVIRONMENT= \
CONTENTFUL_ACCESS_TOKEN= \
CONTENTFUL_DEFAULT_CATEGORY_ENTRY_ID= \
CONTENTFUL_PREVIEW_APP= \
CONTENTFUL_ENTRY_CACHING= \
SUPPORT_EMAIL= \
REDIS_URL= \
bundle exec rake assets:precompile

COPY ./docker-entrypoint.sh /
RUN chmod +x /docker-entrypoint.sh
Expand All @@ -75,3 +104,16 @@ ENTRYPOINT ["/docker-entrypoint.sh"]
EXPOSE 3000

CMD ["bundle", "exec", "rails", "server"]

# ------------------------------------------------------------------------------
# Test
# ------------------------------------------------------------------------------
FROM web as test

RUN apt-get install -qq -y shellcheck

COPY package.json ${APP_HOME}/package.json
COPY package-lock.json ${APP_HOME}/package-lock.json

COPY .rspec ${APP_HOME}/.rspec
COPY spec ${APP_HOME}/spec
Loading

0 comments on commit 5685d9e

Please sign in to comment.