Bump @uppy/progress-bar from 4.2.0 to 4.2.1 #1776
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build Frontend | |
on: | |
push: | |
branches: | |
- dev | |
- main | |
tags: | |
- 'r-*' | |
pull_request: | |
branches: | |
- dev | |
- main | |
jobs: | |
build: | |
name: Build Frontend | |
runs-on: ubuntu-latest | |
if: ((github.ref == 'refs/heads/dev') || (github.base_ref == 'main') || (github.base_ref == 'dev')) | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
steps: | |
# Checkout the current working code base | |
- name: Checkout working branch | |
uses: actions/checkout@v4 | |
# Installs the correct Node version for the project | |
- name: Setup Node.js for use with actions | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- name: Build frontend (includes Node package install) | |
run: | | |
npm ci --include=dev | |
npm run build:production | |
deploy_with_tekton: | |
name: Monitor Dev Deployment | |
environment: dev | |
runs-on: ubuntu-latest | |
if: ((github.ref == 'refs/heads/dev') && (github.event_name != 'pull_request') && (github.actor != 'dependabot[bot]')) | |
needs: build | |
steps: | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.FPCC_AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.FPCC_AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.FPCC_DEFAULT_AWS_REGION }} | |
- name: "Setup kubectl" | |
run: | | |
aws eks update-kubeconfig --name ${{ secrets.FV_CLUSTER_NAME }} --region ${{ secrets.FPCC_DEFAULT_AWS_REGION }} | |
- name: "Setup RUNID" | |
run: | | |
echo "RUNID=$(kubectl -n ${{ secrets.TEKTON_NAMESPACE }} get pr --sort-by=.status.completionTime -l triggers.tekton.dev/trigger=${{ secrets.TEKTON_INTERCEPTOR_NAME }} | grep 'fv-web-webhook-' | head -n 1 | cut -d ' ' -f 1)" >> "$GITHUB_ENV"; | |
- name: "Check RUNID Validity" | |
run: | | |
echo "The run ID associated with this deployment is ${{ env.RUNID }}"; | |
if [${{ env.RUNID }} == ""]; | |
then echo "No running pipeline associated with this branch, or the state of the pipeline is ambiguous."; | |
exit 1; | |
fi | |
- name: "Monitor RUNID" | |
run: | | |
echo "The run ID associated with this deployment is ${{ env.RUNID }}"; | |
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}"; | |
echo -e "\n========================================================================================================================================================================" | |
echo "Running repo cloning..." | |
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP1 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }} | |
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP1 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }} | |
echo -e "\n========================================================================================================================================================================" | |
echo "Running image build..." | |
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP2 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }} | |
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP2 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }} | |
sleep 1; | |
echo -e "\n========================================================================================================================================================================" | |
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}"; | |
echo "Running URL adjustments for fv-web..." | |
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP3 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }} | |
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP3 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }} | |
sleep 1; | |
echo -e "\n========================================================================================================================================================================" | |
echo "Running Helm-upgrade..." | |
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP4 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }} | |
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP4 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }} | |
sleep 1; | |
echo -e "\n========================================================================================================================================================================" | |
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}"; | |
echo "Wrapping up pipeline monitoring"; | |
deploy_with_tekton_preprod: | |
name: Monitor Preprod Deployment | |
environment: preprod | |
runs-on: ubuntu-latest | |
if: ((github.ref == 'refs/heads/main') && (github.event_name != 'pull_request') && (github.actor != 'dependabot[bot]')) | |
steps: | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.FPCC_AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.FPCC_AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.FPCC_DEFAULT_AWS_REGION }} | |
- name: "Setup kubectl" | |
run: | | |
aws eks update-kubeconfig --name ${{ secrets.FV_CLUSTER_NAME }} --region ${{ secrets.FPCC_DEFAULT_AWS_REGION }} | |
- name: "Setup RUNID" | |
run: | | |
echo "RUNID=$(kubectl -n ${{ secrets.TEKTON_NAMESPACE }} get pr --sort-by=.status.completionTime -l triggers.tekton.dev/trigger=${{ secrets.TEKTON_INTERCEPTOR_NAME }} | grep 'fv-web-webhook-' | head -n 1 | cut -d ' ' -f 1)" >> "$GITHUB_ENV"; | |
- name: "Check RUNID Validity" | |
run: | | |
echo "The run ID associated with this deployment is ${{ env.RUNID }}"; | |
if [${{ env.RUNID }} == ""]; | |
then echo "No running pipeline associated with this branch, or the state of the pipeline is ambiguous."; | |
exit 1; | |
fi | |
- name: "Monitor RUNID" | |
run: | | |
echo "The run ID associated with this deployment is ${{ env.RUNID }}"; | |
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}"; | |
echo "====================================================================================" | |
echo "Running repo cloning..." | |
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP1 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }} | |
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP1 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }} | |
echo "====================================================================================" | |
echo "Running image build..." | |
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP2 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }} | |
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP2 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }} | |
sleep 1; | |
echo "====================================================================================" | |
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}"; | |
echo "Running URL adjustments for fv-web..." | |
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP3 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }} | |
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP3 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }} | |
sleep 1; | |
echo "====================================================================================" | |
echo "Running Helm-upgrade..." | |
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP4 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }} | |
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP4 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }} | |
sleep 1; | |
echo "====================================================================================" | |
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}"; | |
echo "Wrapping up pipeline monitoring"; | |
deploy_with_tekton_prod: | |
name: Monitor Prod Deployment | |
environment: prod | |
runs-on: ubuntu-latest | |
if: ((github.ref_type == 'tag') && (startsWith(github.ref_name, 'r-')) && (github.event_name != 'pull_request') && (github.actor != 'dependabot[bot]')) | |
steps: | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.FPCC_AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.FPCC_AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.FPCC_DEFAULT_AWS_REGION }} | |
- name: "Setup kubectl" | |
run: | | |
aws eks update-kubeconfig --name ${{ secrets.FV_CLUSTER_NAME }} --region ${{ secrets.FPCC_DEFAULT_AWS_REGION }} | |
- name: "Setup RUNID" | |
run: | | |
echo "RUNID=$(kubectl -n ${{ secrets.TEKTON_NAMESPACE }} get pr --sort-by=.status.completionTime -l triggers.tekton.dev/trigger=${{ secrets.TEKTON_INTERCEPTOR_NAME }} | grep 'fv-web-webhook-' | head -n 1 | cut -d ' ' -f 1)" >> "$GITHUB_ENV"; | |
- name: "Check RUNID Validity" | |
run: | | |
echo "The run ID associated with this deployment is ${{ env.RUNID }}"; | |
if [${{ env.RUNID }} == ""]; | |
then echo "No running pipeline associated with this branch, or the state of the pipeline is ambiguous."; | |
exit 1; | |
fi | |
- name: "Monitor RUNID" | |
run: | | |
echo "The run ID associated with this deployment is ${{ env.RUNID }}"; | |
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}"; | |
echo "====================================================================================" | |
echo "Running repo cloning..." | |
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP1 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }} | |
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP1 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }} | |
echo "====================================================================================" | |
echo "Running image build..." | |
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP2 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }} | |
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP2 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }} | |
sleep 1; | |
echo "====================================================================================" | |
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}"; | |
echo "Running URL adjustments for fv-web..." | |
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP3 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }} | |
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP3 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }} | |
sleep 1; | |
echo "====================================================================================" | |
echo "Running Helm-upgrade..." | |
kubectl wait --for=condition=Succeeded TaskRun ${{ env.RUNID }}-${{ vars.PIPELINE_STEP4 }} --timeout=300s -n ${{ secrets.TEKTON_NAMESPACE }} | |
kubectl logs pod/${{ env.RUNID }}-${{ vars.PIPELINE_STEP4 }}-pod -n ${{ secrets.TEKTON_NAMESPACE }} | |
sleep 1; | |
echo "====================================================================================" | |
kubectl get events -n ${{ secrets.TEKTON_NAMESPACE }} | grep "${{ env.RUNID }}"; | |
echo "Wrapping up pipeline monitoring"; | |
image_scan: | |
name: Check Image for vulnerabilities in Dev | |
environment: dev | |
runs-on: ubuntu-22.04 | |
needs: deploy_with_tekton | |
if: ((github.ref == 'refs/heads/dev') && (github.event_name != 'pull_request')) | |
steps: | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.FPCC_AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.FPCC_AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.FPCC_DEFAULT_AWS_REGION }} | |
- name: "Run image scan" | |
run: | | |
aws ecr start-image-scan --repository-name ${{ secrets.ECR_REPO_NAME }} --image-id imageTag=build-${{ github.head_ref }}${{ github.sha }} | |
aws ecr wait image-scan-complete --repository-name ${{ secrets.ECR_REPO_NAME }} --image-id imageTag=build-${{ github.head_ref }}${{ github.sha }} | |
echo "List of findings are below" | |
aws ecr describe-image-scan-findings --image-id imageTag=build-${{ github.head_ref }}${{ github.sha }} --repository-name ${{ secrets.ECR_REPO_NAME }} | jq .imageScanFindings.findings | |
aws ecr describe-image-scan-findings --image-id imageTag=build-${{ github.head_ref }}${{ github.sha }} --repository-name ${{ secrets.ECR_REPO_NAME }} | if [[ $(grep '\"severity\": \"CRITICAL\"') ]]; then echo "CRTICAL Vulnerabilities present in this deployment"; exit 1; fi | |
aws ecr describe-image-scan-findings --image-id imageTag=build-${{ github.head_ref }}${{ github.sha }} --repository-name ${{ secrets.ECR_REPO_NAME }} | if [[ $(grep '\"severity\": \"HIGH\"') ]]; then echo "HIGH Vulnerabilities present in this deployment"; exit 1; fi | |