From ce7ae7047268d0ae9897af2648883aa14c084449 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Tue, 30 Jan 2024 21:15:13 -0800 Subject: [PATCH 01/13] Add .vscode to .gitignore --- .gitignore | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 9e32dbf6..b2b83d07 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,7 @@ # Created by https://www.toptal.com/developers/gitignore/api/java,maven,eclipse,intellij+all,visualstudiocode # Edit at https://www.toptal.com/developers/gitignore?templates=java,maven,eclipse,intellij+all,visualstudiocode -### Eclipse ### +### IDEs ### .metadata bin/ tmp/ @@ -13,6 +13,7 @@ local.properties .settings/ .loadpath .recommenders +.vscode # External tool builders .externalToolBuilders/ @@ -225,4 +226,4 @@ buildNumber.properties # The below expression will prevent user specific configuration files from being added to the repository config/application-dev-*.yml .checkstyle -config/*.jks \ No newline at end of file +config/*.jks From 15f2d0aaa17b342a9a63c031c6c0c8a2d110637d Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Tue, 30 Jan 2024 21:23:12 -0800 Subject: [PATCH 02/13] Cleanup, includes stale init promotion --- .github/workflows/merge-main.yml | 24 ++++++++---------------- .github/workflows/pr-open.yml | 27 ++++++--------------------- 2 files changed, 14 insertions(+), 37 deletions(-) diff --git a/.github/workflows/merge-main.yml b/.github/workflows/merge-main.yml index 73788179..b6bf7a8f 100644 --- a/.github/workflows/merge-main.yml +++ b/.github/workflows/merge-main.yml @@ -26,26 +26,19 @@ jobs: contents: read security-events: write steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Initialize - uses: github/codeql-action/init@v3 + - uses: actions/checkout@v4 + - uses: github/codeql-action/init@v3 with: languages: java - - name: Set up JDK 17 and Caching maven dependencies - uses: actions/setup-java@v4 + - uses: actions/setup-java@v4 with: distribution: "temurin" java-version: "17" cache: "maven" - - name: Build for Java - run: ./mvnw clean package - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + - run: ./mvnw clean package + - uses: github/codeql-action/analyze@v3 sonarcloud: name: Static Analysis @@ -185,19 +178,18 @@ jobs: runs-on: ubuntu-22.04 strategy: matrix: - component: [api, init] tag: [prod, "${{ needs.deploy-test.outputs.tag }}"] steps: - - name: Promoting ${{ matrix.component }} + - name: Promoting API if: ${{ matrix.tag != '' }} uses: shrink/actions-docker-registry-tag@v3 with: registry: ${{ env.REGISTRY }} - repository: ${{ github.repository }}/${{ matrix.component }} + repository: ${{ github.repository }}/api target: test tags: ${{ matrix.tag }} - - name: Promoting ${{ matrix.component }} + - name: Promoting API if: ${{ matrix.tag == '' }} run: echo "Tag is empty, promotion step skipped" diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml index 34628d00..8b7997f9 100644 --- a/.github/workflows/pr-open.yml +++ b/.github/workflows/pr-open.yml @@ -53,11 +53,7 @@ jobs: git-push: "false" git-branch: refs/heads/${{ github.head_ref }} - - name: Checkout pr - uses: actions/checkout@v4 - with: - ref: ${{ github.ref }} - + - uses: actions/checkout@v4 - name: Comment PR continue-on-error: true uses: thollander/actions-comment-pull-request@v2 @@ -65,7 +61,6 @@ jobs: with: message: | # Current changelog - ${{ steps.changelog.outputs.clean_changelog }} comment_tag: "# Current changelog" GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -121,36 +116,26 @@ jobs: permissions: checks: write pull-requests: write - needs: - - build-backend + needs: [build-backend] steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Set up JDK 17 and Caching maven dependencies - uses: actions/setup-java@v4 + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 with: distribution: "temurin" java-version: "17" cache: "maven" - - name: Tests - run: ./mvnw verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false + - run: ./mvnw verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false deploy-dev: name: DEV Deployment - needs: - - build-backend - - tests-backend + needs: [build-backend, tests-backend] runs-on: ubuntu-22.04 timeout-minutes: 15 environment: name: dev - env: - DOMAIN: apps.silver.devops.gov.bc.ca steps: - uses: actions/checkout@v4 - - name: Deploys uses: bcgov-nr/action-deployer-openshift@v2.0.0 with: From acde84c8f954e5cdc2f2480558f96982bced39cb Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Tue, 30 Jan 2024 21:23:55 -0800 Subject: [PATCH 03/13] .github/workflows/unit-tests.yml -> .github/workflows/analysis.yml --- .github/workflows/{unit-tests.yml => analysis.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{unit-tests.yml => analysis.yml} (100%) diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/analysis.yml similarity index 100% rename from .github/workflows/unit-tests.yml rename to .github/workflows/analysis.yml From edcb63e8f225575e026e47a86f0a3d24d315c264 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Tue, 30 Jan 2024 23:22:37 -0800 Subject: [PATCH 04/13] Consolidate tests and codeql into analysis.yml --- .github/workflows/analysis.yml | 46 +++++++++++++++-------- .github/workflows/merge-main.yml | 63 -------------------------------- 2 files changed, 30 insertions(+), 79 deletions(-) diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml index 4cde82e0..3083fa14 100644 --- a/.github/workflows/analysis.yml +++ b/.github/workflows/analysis.yml @@ -12,16 +12,15 @@ concurrency: cancel-in-progress: true jobs: - tests-backend: - name: Backend Unit Tests - if: github.event_name != 'pull_request' || !github.event.pull_request.draft + tests: + name: Tests + if: ${{ ! github.event.pull_request.draft }} runs-on: ubuntu-22.04 steps: - uses: bcgov-nr/action-test-and-analyse-java@v1.0.0 with: commands: | mvn -B verify -Pall-tests checkstyle:checkstyle -Dcheckstyle.skip=false --file pom.xml - dir: . java-cache: maven java-distribution: temurin java-version: "17" @@ -29,6 +28,7 @@ jobs: -Dsonar.organization=bcgov-sonarcloud -Dsonar.projectKey=bcgov_forest-client-api sonar_token: ${{ secrets.SONAR_TOKEN }} + - name: Archive CycloneDX continue-on-error: true uses: actions/upload-artifact@v4 @@ -66,24 +66,38 @@ jobs: # https://github.com/marketplace/actions/aqua-security-trivy trivy: - name: Repository Report - if: github.event_name != 'pull_request' || !github.event.pull_request.draft + name: Trivy Security Scan + if: ${{ ! github.event.pull_request.draft }} runs-on: ubuntu-22.04 steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Run Trivy vulnerability scanner in repo mode - uses: aquasecurity/trivy-action@0.16.1 + - uses: actions/checkout@v4 + - uses: aquasecurity/trivy-action@0.16.1 with: - scan-type: "fs" format: "sarif" - output: "trivy-results.sarif" ignore-unfixed: true - severity: "CRITICAL,HIGH" + output: "trivy-results.sarif" + scan-type: "fs" scanners: "vuln,secret,config" + severity: "CRITICAL,HIGH" - - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 + - uses: github/codeql-action/upload-sarif@v3 with: sarif_file: "trivy-results.sarif" + + codeql: + name: Semantic Code Analysis + runs-on: ubuntu-22.04 + permissions: + actions: read + contents: read + security-events: write + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + distribution: "temurin" + java-version: "17" + cache: "maven" + - uses: github/codeql-action/init@v3 + - run: ./mvnw clean package + - uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/merge-main.yml b/.github/workflows/merge-main.yml index b6bf7a8f..207f140c 100644 --- a/.github/workflows/merge-main.yml +++ b/.github/workflows/merge-main.yml @@ -18,69 +18,6 @@ concurrency: cancel-in-progress: true jobs: - codeql: - name: Semantic Code Analysis - runs-on: ubuntu-22.04 - permissions: - actions: read - contents: read - security-events: write - steps: - - uses: actions/checkout@v4 - - uses: github/codeql-action/init@v3 - with: - languages: java - - - uses: actions/setup-java@v4 - with: - distribution: "temurin" - java-version: "17" - cache: "maven" - - - run: ./mvnw clean package - - uses: github/codeql-action/analyze@v3 - - sonarcloud: - name: Static Analysis - runs-on: ubuntu-22.04 - steps: - - uses: bcgov-nr/action-test-and-analyse-java@v1.0.0 - with: - commands: | - mvn -B verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false --file pom.xml - dir: . - java-cache: maven - java-distribution: temurin - java-version: "17" - sonar_args: > - -Dsonar.organization=bcgov-sonarcloud - -Dsonar.projectKey=bcgov_forest-client-api - sonar_token: ${{ secrets.SONAR_TOKEN }} - - trivy-repo: - name: Repository Report - needs: - - codeql - runs-on: ubuntu-22.04 - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Run Trivy vulnerability scanner in repo mode - uses: aquasecurity/trivy-action@0.16.1 - with: - scan-type: "fs" - format: "sarif" - output: "trivy-results.sarif" - ignore-unfixed: true - severity: "CRITICAL,HIGH" - scanners: "vuln,secret,config" - - - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 - with: - sarif_file: "trivy-results.sarif" - deploy-test: name: TEST Deployment needs: From 9961013a63632221bd28b6260e8190ac1322b213 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Tue, 30 Jan 2024 23:26:12 -0800 Subject: [PATCH 05/13] Adjust --- .github/workflows/analysis.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml index 3083fa14..01081d50 100644 --- a/.github/workflows/analysis.yml +++ b/.github/workflows/analysis.yml @@ -1,4 +1,4 @@ -name: Unit Tests and Analysis +name: Analysis on: pull_request: @@ -20,7 +20,8 @@ jobs: - uses: bcgov-nr/action-test-and-analyse-java@v1.0.0 with: commands: | - mvn -B verify -Pall-tests checkstyle:checkstyle -Dcheckstyle.skip=false --file pom.xml + mvn -B verify -Pall-tests checkstyle:checkstyle -Dcheckstyle.skip=false + dir: . java-cache: maven java-distribution: temurin java-version: "17" From 3e468d0688a6e63eac8b523562872b9aa69dfd02 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Tue, 30 Jan 2024 23:55:52 -0800 Subject: [PATCH 06/13] Remove duplication, simplify --- .github/workflows/analysis.yml | 2 +- .github/workflows/pr-open.yml | 44 +++++++--------------------------- 2 files changed, 9 insertions(+), 37 deletions(-) diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml index 01081d50..4040cbac 100644 --- a/.github/workflows/analysis.yml +++ b/.github/workflows/analysis.yml @@ -20,7 +20,7 @@ jobs: - uses: bcgov-nr/action-test-and-analyse-java@v1.0.0 with: commands: | - mvn -B verify -Pall-tests checkstyle:checkstyle -Dcheckstyle.skip=false + mvn -B verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false dir: . java-cache: maven java-distribution: temurin diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml index 8b7997f9..c6ec7fa4 100644 --- a/.github/workflows/pr-open.yml +++ b/.github/workflows/pr-open.yml @@ -4,8 +4,6 @@ on: pull_request: env: - REGISTRY: ghcr.io - NAME: ${{ github.event.repository.name }} DOMAIN: apps.silver.devops.gov.bc.ca concurrency: @@ -67,8 +65,6 @@ jobs: pr-greeting: name: PR Greeting - env: - PREFIX: ${{ github.event.repository.name }}-${{ github.event.number }} runs-on: ubuntu-22.04 permissions: pull-requests: write @@ -82,12 +78,12 @@ jobs: Thanks for the PR! Any successful deployments (not always required) will be available below. - [API](https://${{ env.NAME }}-${{ github.event.number }}-backend.${{ env.DOMAIN }}/) available + [API](https://${{ github.event.repository.name }}-${{ github.event.number }}-backend.${{ env.DOMAIN }}/) available Once merged, code will be promoted and handed off to following workflow run. [Main Merge Workflow](https://github.com/${{ github.repository }}/actions/workflows/merge-main.yml) - build-backend: + build: name: Backend Image Build env: COMPONENT: backend @@ -110,26 +106,9 @@ jobs: tag_fallback: test token: ${{ secrets.GITHUB_TOKEN }} - tests-backend: - name: Backend Unit Tests - runs-on: ubuntu-22.04 - permissions: - checks: write - pull-requests: write - needs: [build-backend] - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 - with: - distribution: "temurin" - java-version: "17" - cache: "maven" - - - run: ./mvnw verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false - - deploy-dev: + deploy: name: DEV Deployment - needs: [build-backend, tests-backend] + needs: [build] runs-on: ubuntu-22.04 timeout-minutes: 15 environment: @@ -156,12 +135,7 @@ jobs: postman: name: Smoke Test - env: - COMPONENT: backend - ZONE: ${{ github.event.number }} - DOMAIN: apps.silver.devops.gov.bc.ca - needs: - - deploy-dev + needs: [deploy] environment: name: dev runs-on: ubuntu-latest @@ -171,14 +145,12 @@ jobs: checks: write pull-requests: write steps: - - name: Checkout repository - uses: actions/checkout@v4 - + - uses: actions/checkout@v4 - name: API Health check uses: matt-ball/newman-action@master with: collection: postman/FCA.postman_collection.json - envVar: '[{"key":"URL_FCA","value":"https://${{ env.NAME }}-${{ github.event.number }}-backend.${{ env.DOMAIN }}"}]' + envVar: '[{"key":"URL_FCA","value":"https://${{ github.event.repository.name }}-${{ github.event.number }}-backend.${{ env.DOMAIN }}"}]' reporters: '["cli"]' folder: '["general"]' @@ -186,7 +158,7 @@ jobs: uses: matt-ball/newman-action@master with: collection: postman/FCA.postman_collection.json - envVar: '[{"key":"URL_FCA","value":"https://${{ env.NAME }}-${{ github.event.number }}-backend.${{ env.DOMAIN }}"}]' + envVar: '[{"key":"URL_FCA","value":"https://${{ github.event.repository.name }}-${{ github.event.number }}-backend.${{ env.DOMAIN }}"}]' iterationData: postman/FCA_postman_tests_dev.json reporters: '["cli", "junit"]' reporter: '{ "junit" : { "export" : "./postman/report.xml" } }' From d29878daf61f06dd56435f67688d234070a40e09 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Wed, 31 Jan 2024 00:01:35 -0800 Subject: [PATCH 07/13] Shorten workflow names --- .github/workflows/merge-main.yml | 2 +- .github/workflows/pr-open.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/merge-main.yml b/.github/workflows/merge-main.yml index 207f140c..928fac89 100644 --- a/.github/workflows/merge-main.yml +++ b/.github/workflows/merge-main.yml @@ -1,4 +1,4 @@ -name: Merge to Main +name: Merge on: push: diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml index c6ec7fa4..2bcbce1e 100644 --- a/.github/workflows/pr-open.yml +++ b/.github/workflows/pr-open.yml @@ -1,4 +1,4 @@ -name: Pull Request Open +name: PR on: pull_request: From 799360785831a0269c2ae5a6ed2db442e4b614e8 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Wed, 31 Jan 2024 00:11:36 -0800 Subject: [PATCH 08/13] Cleanup --- .github/workflows/merge-main.yml | 45 +++++++++----------------------- .github/workflows/pr-open.yml | 2 +- 2 files changed, 13 insertions(+), 34 deletions(-) diff --git a/.github/workflows/merge-main.yml b/.github/workflows/merge-main.yml index 928fac89..b93bd47d 100644 --- a/.github/workflows/merge-main.yml +++ b/.github/workflows/merge-main.yml @@ -2,15 +2,13 @@ name: Merge on: push: - branches: - - main + branches: [main] paths-ignore: - "**.md" workflow_dispatch: env: - REGISTRY: ghcr.io - NAME: ${{ github.event.repository.name }} + DOMAIN: apps.silver.devops.gov.bc.ca NS: nr-d2723f concurrency: @@ -20,9 +18,6 @@ concurrency: jobs: deploy-test: name: TEST Deployment - needs: - - trivy-repo - - sonarcloud runs-on: ubuntu-22.04 outputs: tag: ${{ steps.changelog.outputs.tag }} @@ -31,12 +26,8 @@ jobs: discussions: write environment: name: test - env: - ZONE: test - DOMAIN: apps.silver.devops.gov.bc.ca steps: - uses: actions/checkout@v4 - - name: Deploys uses: bcgov-nr/action-deployer-openshift@v2.0.0 with: @@ -53,7 +44,7 @@ jobs: -p ORACLEDB_HOST=${{ secrets.ORACLEDB_HOST }} -p ORACLEDB_SERVICENAME=${{ secrets.ORACLEDB_SERVICENAME }} -p ORACLEDB_SECRET=${{ secrets.ORACLEDB_SECRET }} - -p ZONE=${{ env.ZONE }} + -p ZONE=test - name: Publish API uses: bcgov-nr/action-gwa-publish@v0.1.0 @@ -67,7 +58,7 @@ jobs: uses: matt-ball/newman-action@master with: collection: postman/FCA.postman_collection.json - envVar: '[{"key":"URL_FCA","value":"https://${{ env.NAME }}-test-backend.${{ env.DOMAIN }}"}]' + envVar: '[{"key":"URL_FCA","value":"https://${{ github.event.repository.name }}-test-backend.${{ env.DOMAIN }}"}]' reporters: '["cli"]' folder: '["general"]' @@ -75,7 +66,7 @@ jobs: uses: matt-ball/newman-action@master with: collection: postman/FCA.postman_collection.json - envVar: '[{"key":"URL_FCA","value":"https://${{ env.NAME }}-test.api.gov.bc.ca"}]' + envVar: '[{"key":"URL_FCA","value":"https://${{ github.event.repository.name }}-test.api.gov.bc.ca"}]' reporters: '["cli"]' folder: '["general"]' @@ -101,17 +92,9 @@ jobs: name: ${{ steps.changelog.outputs.tag }} body: ${{ steps.changelog.outputs.clean_changelog }} - - name: Log in to the Container registry - uses: docker/login-action@3d58c274f17dffee475a5520cbe67f0a882c4dbb - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - image-promotions: name: Image Promotions - needs: - - deploy-test + needs: [deploy-test] runs-on: ubuntu-22.04 strategy: matrix: @@ -121,7 +104,7 @@ jobs: if: ${{ matrix.tag != '' }} uses: shrink/actions-docker-registry-tag@v3 with: - registry: ${{ env.REGISTRY }} + registry: ghcr.io repository: ${{ github.repository }}/api target: test tags: ${{ matrix.tag }} @@ -132,15 +115,10 @@ jobs: deploy-prod: name: PROD Deployment - needs: - - image-promotions + needs: [image-promotions] runs-on: ubuntu-22.04 environment: name: prod - env: - ZONE: prod - PREV: test - DOMAIN: apps.silver.devops.gov.bc.ca steps: - uses: actions/checkout@v4 @@ -160,7 +138,8 @@ jobs: -p ORACLEDB_HOST=${{ secrets.ORACLEDB_HOST }} -p ORACLEDB_SERVICENAME=${{ secrets.ORACLEDB_SERVICENAME }} -p ORACLEDB_SECRET=${{ secrets.ORACLEDB_SECRET }} - -p ZONE=${{ env.ZONE }} + -p ZONE=prod + - name: Publish API uses: bcgov-nr/action-gwa-publish@v0.1.0 with: @@ -173,7 +152,7 @@ jobs: uses: matt-ball/newman-action@master with: collection: postman/FCA.postman_collection.json - envVar: '[{"key":"URL_FCA","value":"https://${{ env.NAME }}-prod-backend.${{ env.DOMAIN }}"}]' + envVar: '[{"key":"URL_FCA","value":"https://${{ github.event.repository.name }}-prod-backend.${{ env.DOMAIN }}"}]' reporters: '["cli"]' folder: '["general"]' @@ -181,6 +160,6 @@ jobs: uses: matt-ball/newman-action@master with: collection: postman/FCA.postman_collection.json - envVar: '[{"key":"URL_FCA","value":"https://${{ env.NAME }}-prod.api.gov.bc.ca"}]' + envVar: '[{"key":"URL_FCA","value":"https://${{ github.event.repository.name }}-prod.api.gov.bc.ca"}]' reporters: '["cli"]' folder: '["general"]' diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml index 2bcbce1e..cb16dda3 100644 --- a/.github/workflows/pr-open.yml +++ b/.github/workflows/pr-open.yml @@ -107,7 +107,7 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} deploy: - name: DEV Deployment + name: Deploy needs: [build] runs-on: ubuntu-22.04 timeout-minutes: 15 From 84678564b2866e4e1750178464f422b636639bf3 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Wed, 31 Jan 2024 00:14:56 -0800 Subject: [PATCH 09/13] Keep simplifying, renaming --- .github/workflows/analysis.yml | 2 +- .github/workflows/{merge-main.yml => merge.yml} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename .github/workflows/{merge-main.yml => merge.yml} (100%) diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml index 4040cbac..988e8de6 100644 --- a/.github/workflows/analysis.yml +++ b/.github/workflows/analysis.yml @@ -86,7 +86,7 @@ jobs: sarif_file: "trivy-results.sarif" codeql: - name: Semantic Code Analysis + name: CodeQL runs-on: ubuntu-22.04 permissions: actions: read diff --git a/.github/workflows/merge-main.yml b/.github/workflows/merge.yml similarity index 100% rename from .github/workflows/merge-main.yml rename to .github/workflows/merge.yml From 5654ec2295c949db0febd5da6773d3adc66c5a55 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Wed, 31 Jan 2024 00:19:29 -0800 Subject: [PATCH 10/13] Cleanup --- .github/workflows/pr-open.yml | 19 +++---------------- 1 file changed, 3 insertions(+), 16 deletions(-) diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml index cb16dda3..f3caf260 100644 --- a/.github/workflows/pr-open.yml +++ b/.github/workflows/pr-open.yml @@ -19,7 +19,6 @@ jobs: pull-requests: write steps: - uses: actions/checkout@v4 - - name: Pull request size and stability labels uses: actions/labeler@v5 continue-on-error: true @@ -34,11 +33,7 @@ jobs: ignored_types: '["chore","pr"]' type_labels: '{"feat": "feature", "fix": "fix", "bug": "fix", "doc": "documentation", "ci": "ci", "chore": "chore", "breaking": "breaking", "BREAKING CHANGE": "breaking"}' - - name: Checkout branch - uses: actions/checkout@v4 - with: - ref: refs/heads/${{ github.head_ref }} - + - uses: actions/checkout@v4 - name: Conventional Changelog Update continue-on-error: true uses: TriPSs/conventional-changelog-action@v5 @@ -69,7 +64,7 @@ jobs: permissions: pull-requests: write steps: - - name: PR Greeting + - name: Greeting uses: bcgov-nr/action-pr-description-add@v1.1.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} @@ -84,19 +79,12 @@ jobs: [Main Merge Workflow](https://github.com/${{ github.repository }}/actions/workflows/merge-main.yml) build: - name: Backend Image Build - env: - COMPONENT: backend - ZONE: ${{ github.event.number }} - NAME: ghcr.io/${{ github.repository }}/api:${{ github.event.number }} + name: Build runs-on: ubuntu-latest permissions: contents: read packages: write steps: - - name: Checkout repository - uses: actions/checkout@v4 - - uses: bcgov-nr/action-builder-ghcr@v2.0.1 with: package: api @@ -104,7 +92,6 @@ jobs: build_file: Dockerfile tag: ${{ github.event.number }} tag_fallback: test - token: ${{ secrets.GITHUB_TOKEN }} deploy: name: Deploy From 806af889f5cc84561c84c8b993e72db715de220d Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Wed, 31 Jan 2024 00:22:19 -0800 Subject: [PATCH 11/13] Remove checkouts, cleanup --- .github/workflows/pr-open.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml index f3caf260..ad2e748e 100644 --- a/.github/workflows/pr-open.yml +++ b/.github/workflows/pr-open.yml @@ -33,7 +33,6 @@ jobs: ignored_types: '["chore","pr"]' type_labels: '{"feat": "feature", "fix": "fix", "bug": "fix", "doc": "documentation", "ci": "ci", "chore": "chore", "breaking": "breaking", "BREAKING CHANGE": "breaking"}' - - uses: actions/checkout@v4 - name: Conventional Changelog Update continue-on-error: true uses: TriPSs/conventional-changelog-action@v5 @@ -46,7 +45,6 @@ jobs: git-push: "false" git-branch: refs/heads/${{ github.head_ref }} - - uses: actions/checkout@v4 - name: Comment PR continue-on-error: true uses: thollander/actions-comment-pull-request@v2 @@ -101,7 +99,6 @@ jobs: environment: name: dev steps: - - uses: actions/checkout@v4 - name: Deploys uses: bcgov-nr/action-deployer-openshift@v2.0.0 with: @@ -123,6 +120,8 @@ jobs: postman: name: Smoke Test needs: [deploy] + env: + ENVVAR: '[{"key":"URL_FCA","value":"https://${{ github.event.repository.name }}-${{ github.event.number }}-backend.${{ env.DOMAIN }}"}]' environment: name: dev runs-on: ubuntu-latest @@ -137,7 +136,7 @@ jobs: uses: matt-ball/newman-action@master with: collection: postman/FCA.postman_collection.json - envVar: '[{"key":"URL_FCA","value":"https://${{ github.event.repository.name }}-${{ github.event.number }}-backend.${{ env.DOMAIN }}"}]' + envVar: ${{ env.ENVVAR}} reporters: '["cli"]' folder: '["general"]' @@ -145,14 +144,14 @@ jobs: uses: matt-ball/newman-action@master with: collection: postman/FCA.postman_collection.json - envVar: '[{"key":"URL_FCA","value":"https://${{ github.event.repository.name }}-${{ github.event.number }}-backend.${{ env.DOMAIN }}"}]' + envVar: ${{ env.ENVVAR }} iterationData: postman/FCA_postman_tests_dev.json reporters: '["cli", "junit"]' reporter: '{ "junit" : { "export" : "./postman/report.xml" } }' - name: Postman Smoke Test Report uses: mikepenz/action-junit-report@v4 - if: success() || failure() # always run even if the previous step fails + if: always() # always run even if the previous step fails with: report_paths: "postman/report.xml" commit: ${{ github.event.pull_request.head.sha }} From ebcfe460a0076979ecaa41ddc73e8b3b0df88e1b Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Wed, 31 Jan 2024 00:23:44 -0800 Subject: [PATCH 12/13] Undo env.ENVVAR, failing --- .github/workflows/pr-open.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml index ad2e748e..1d4f1850 100644 --- a/.github/workflows/pr-open.yml +++ b/.github/workflows/pr-open.yml @@ -120,8 +120,6 @@ jobs: postman: name: Smoke Test needs: [deploy] - env: - ENVVAR: '[{"key":"URL_FCA","value":"https://${{ github.event.repository.name }}-${{ github.event.number }}-backend.${{ env.DOMAIN }}"}]' environment: name: dev runs-on: ubuntu-latest @@ -136,7 +134,7 @@ jobs: uses: matt-ball/newman-action@master with: collection: postman/FCA.postman_collection.json - envVar: ${{ env.ENVVAR}} + envVar: '[{"key":"URL_FCA","value":"https://${{ github.event.repository.name }}-${{ github.event.number }}-backend.${{ env.DOMAIN }}"}]' reporters: '["cli"]' folder: '["general"]' @@ -144,7 +142,7 @@ jobs: uses: matt-ball/newman-action@master with: collection: postman/FCA.postman_collection.json - envVar: ${{ env.ENVVAR }} + envVar: '[{"key":"URL_FCA","value":"https://${{ github.event.repository.name }}-${{ github.event.number }}-backend.${{ env.DOMAIN }}"}]' iterationData: postman/FCA_postman_tests_dev.json reporters: '["cli", "junit"]' reporter: '{ "junit" : { "export" : "./postman/report.xml" } }' From e0038abc6086b340d377f6472de51f33ca7d10a4 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Wed, 31 Jan 2024 00:28:33 -0800 Subject: [PATCH 13/13] Job name --- .github/workflows/pr-open.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml index 1d4f1850..a615c8a6 100644 --- a/.github/workflows/pr-open.yml +++ b/.github/workflows/pr-open.yml @@ -57,7 +57,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} pr-greeting: - name: PR Greeting + name: Greeting runs-on: ubuntu-22.04 permissions: pull-requests: write