Skip to content
Back to pull request #727

Cypress test fixes #1755

Sign in to view logs

Cypress test fixes

Cypress test fixes #1755

Workflow file for this run

.github/workflows/build-frontend.yml at 96f16ba
name: Build Frontend
on:
push:
branches:
- dev
- main
tags:
- 'r-*'
pull_request:
branches:
- dev
- main
jobs:
build:
name: Build Frontend
runs-on: ubuntu-latest
if: ((github.ref == 'refs/heads/dev') || (github.base_ref == 'main') || (github.base_ref == 'dev'))
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
# Checkout the current working code base
- name: Checkout working branch
uses: actions/checkout@v4
# Installs the correct Node version for the project
- name: Setup Node.js for use with actions
uses: actions/setup-node@v4
with:
node-version: 20
- name: Build frontend (includes Node package install)
run: |
npm ci --include=dev
npm run build:production
deploy_with_tekton:
name: Monitor Dev Deployment
environment: dev
runs-on: ubuntu-latest
if: ((github.ref == 'refs/heads/dev') && (github.event_name != 'pull_request') && (github.actor != 'dependabot[bot]'))
needs: build
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.FPCC_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.FPCC_AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.FPCC_DEFAULT_AWS_REGION }}
- name: "Setup kubectl"
run: |
aws eks update-kubeconfig --name ${{ secrets.FV_CLUSTER_NAME }} --region ${{ secrets.FPCC_DEFAULT_AWS_REGION }}
- name: "Setup RUNID"
run: |
echo "RUNID=$(kubectl -n ${{ secrets.TEKTON_NAMESPACE }} get pr --sort-by=.status.completionTime -l triggers.tekton.dev/trigger=${{ secrets.TEKTON_INTERCEPTOR_NAME }} | grep 'fv-web-webhook-' | head -n 1 | cut -d ' ' -f 1)" >> "$GITHUB_ENV";
- name: "Check RUNID Validity"
run: |
echo "The run ID associated with this deployment is ${{ env.RUNID }}";
if [${{ env.RUNID }} == ""];
then echo "No running pipeline associated with this branch, or the state of the pipeline is ambiguous.";
exit 1;
fi
- name: "Monitor RUNID"
run: |
echo "The run ID associated with this deployment is ${{ env.RUNID }}";
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}";
echo -e "\n========================================================================================================================================================================"
echo "Running repo cloning..."
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP1 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }}
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP1 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }}
echo -e "\n========================================================================================================================================================================"
echo "Running image build..."
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP2 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }}
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP2 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }}
sleep 1;
echo -e "\n========================================================================================================================================================================"
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}";
echo "Running URL adjustments for fv-web..."
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP3 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }}
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP3 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }}
sleep 1;
echo -e "\n========================================================================================================================================================================"
echo "Running Helm-upgrade..."
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP4 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }}
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP4 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }}
sleep 1;
echo -e "\n========================================================================================================================================================================"
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}";
echo "Wrapping up pipeline monitoring";
deploy_with_tekton_preprod:
name: Monitor Preprod Deployment
environment: preprod
runs-on: ubuntu-latest
if: ((github.ref == 'refs/heads/main') && (github.event_name != 'pull_request') && (github.actor != 'dependabot[bot]'))
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.FPCC_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.FPCC_AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.FPCC_DEFAULT_AWS_REGION }}
- name: "Setup kubectl"
run: |
aws eks update-kubeconfig --name ${{ secrets.FV_CLUSTER_NAME }} --region ${{ secrets.FPCC_DEFAULT_AWS_REGION }}
- name: "Setup RUNID"
run: |
echo "RUNID=$(kubectl -n ${{ secrets.TEKTON_NAMESPACE }} get pr --sort-by=.status.completionTime -l triggers.tekton.dev/trigger=${{ secrets.TEKTON_INTERCEPTOR_NAME }} | grep 'fv-web-webhook-' | head -n 1 | cut -d ' ' -f 1)" >> "$GITHUB_ENV";
- name: "Check RUNID Validity"
run: |
echo "The run ID associated with this deployment is ${{ env.RUNID }}";
if [${{ env.RUNID }} == ""];
then echo "No running pipeline associated with this branch, or the state of the pipeline is ambiguous.";
exit 1;
fi
- name: "Monitor RUNID"
run: |
echo "The run ID associated with this deployment is ${{ env.RUNID }}";
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}";
echo "===================================================================================="
echo "Running repo cloning..."
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP1 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }}
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP1 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }}
echo "===================================================================================="
echo "Running image build..."
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP2 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }}
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP2 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }}
sleep 1;
echo "===================================================================================="
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}";
echo "Running URL adjustments for fv-web..."
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP3 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }}
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP3 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }}
sleep 1;
echo "===================================================================================="
echo "Running Helm-upgrade..."
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP4 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }}
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP4 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }}
sleep 1;
echo "===================================================================================="
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}";
echo "Wrapping up pipeline monitoring";
deploy_with_tekton_prod:
name: Monitor Prod Deployment
environment: prod
runs-on: ubuntu-latest
if: ((github.ref_type == 'tag') && (startsWith(github.ref_name, 'r-')) && (github.event_name != 'pull_request') && (github.actor != 'dependabot[bot]'))
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.FPCC_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.FPCC_AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.FPCC_DEFAULT_AWS_REGION }}
- name: "Setup kubectl"
run: |
aws eks update-kubeconfig --name ${{ secrets.FV_CLUSTER_NAME }} --region ${{ secrets.FPCC_DEFAULT_AWS_REGION }}
- name: "Setup RUNID"
run: |
echo "RUNID=$(kubectl -n ${{ secrets.TEKTON_NAMESPACE }} get pr --sort-by=.status.completionTime -l triggers.tekton.dev/trigger=${{ secrets.TEKTON_INTERCEPTOR_NAME }} | grep 'fv-web-webhook-' | head -n 1 | cut -d ' ' -f 1)" >> "$GITHUB_ENV";
- name: "Check RUNID Validity"
run: |
echo "The run ID associated with this deployment is ${{ env.RUNID }}";
if [${{ env.RUNID }} == ""];
then echo "No running pipeline associated with this branch, or the state of the pipeline is ambiguous.";
exit 1;
fi
- name: "Monitor RUNID"
run: |
echo "The run ID associated with this deployment is ${{ env.RUNID }}";
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}";
echo "===================================================================================="
echo "Running repo cloning..."
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP1 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }}
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP1 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }}
echo "===================================================================================="
echo "Running image build..."
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP2 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }}
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP2 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }}
sleep 1;
echo "===================================================================================="
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}";
echo "Running URL adjustments for fv-web..."
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP3 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }}
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP3 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }}
sleep 1;
echo "===================================================================================="
echo "Running Helm-upgrade..."
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP4 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }}
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP4 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }}
sleep 1;
echo "===================================================================================="
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}";
echo "Wrapping up pipeline monitoring";
image_scan:
name: Check Image for vulnerabilities in Dev
environment: dev
runs-on: ubuntu-22.04
needs: deploy_with_tekton
if: ((github.ref == 'refs/heads/dev') && (github.event_name != 'pull_request'))
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.FPCC_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.FPCC_AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.FPCC_DEFAULT_AWS_REGION }}
- name: "Run image scan"
run: |
aws ecr start-image-scan --repository-name ${{ secrets.ECR_REPO_NAME }} --image-id imageTag=build-${{ github.head_ref }}${{ github.sha }}
aws ecr wait image-scan-complete --repository-name ${{ secrets.ECR_REPO_NAME }} --image-id imageTag=build-${{ github.head_ref }}${{ github.sha }}
echo "List of findings are below"
aws ecr describe-image-scan-findings --image-id imageTag=build-${{ github.head_ref }}${{ github.sha }} --repository-name ${{ secrets.ECR_REPO_NAME }} | jq .imageScanFindings.findings
aws ecr describe-image-scan-findings --image-id imageTag=build-${{ github.head_ref }}${{ github.sha }} --repository-name ${{ secrets.ECR_REPO_NAME }} | if [[ $(grep '\"severity\": \"CRITICAL\"') ]]; then echo "CRTICAL Vulnerabilities present in this deployment"; exit 1; fi
aws ecr describe-image-scan-findings --image-id imageTag=build-${{ github.head_ref }}${{ github.sha }} --repository-name ${{ secrets.ECR_REPO_NAME }} | if [[ $(grep '\"severity\": \"HIGH\"') ]]; then echo "HIGH Vulnerabilities present in this deployment"; exit 1; fi