Merge pull request #11 from bcgov/feat/test-prod-deploy

feat: PR based testing and deploy to test
bcgov · Dec 13, 2024 · 486dd68 · 486dd68
2 parents df2fab0 + e9836b3
commit 486dd68
Show file tree

Hide file tree

Showing 16 changed files with 298 additions and 192 deletions.
diff --git a/.github/workflows/.deploy-env.yml b/.github/workflows/.deploy-env.yml
@@ -0,0 +1,112 @@
+name: .Deploy to Aws
+on:
+  workflow_call:
+    inputs:
+      ### Required
+      environment_name:
+        description: 'The name of the environment to deploy to'
+        required: true
+        default: 'dev'
+        type: string
+      command:
+        description: 'The terragrunt command to run'
+        required: true
+        default: 'apply'
+        type: string
+      working_directory:
+        description: 'The working directory to run the command in'
+        required: true
+        default: 'database'
+        type: string
+      tag:
+        description: 'The tag of the containers to deploy'
+        default: 'latest'
+        type: string
+        required: false
+      app_env:
+        required: false
+        type: string
+        description: 'The APP env separates between AWS ENV and Actual APP, since AWS dev is where PR, and TEST is deployed'
+      AWS_DEPLOY_ROLE_ARN:
+        description: 'The ARN of the role to assume to deploy to AWS'
+        required: true
+        type: string
+      AWS_LICENSE_PLATE:
+        description: 'The license plate of the car to deploy to AWS, it is without the `-env`'
+        type: string
+        required: true
+    outputs:
+      API_GW_URL: 
+        value: ${{ jobs.deploy-api.outputs.API_GW_URL }}
+      S3_BUCKET_ARN:
+        value: ${{ jobs.deploy-cloudfront.outputs.S3_BUCKET_ARN }}
+      CF_DOMAIN:
+        value: ${{ jobs.deploy-cloudfront.outputs.CF_DOMAIN }}
+      CF_DISTRIBUTION_ID:
+        value: ${{ jobs.deploy-cloudfront.outputs.CF_DISTRIBUTION_ID }}
+env:
+    AWS_REGION: ca-central-1
+jobs:
+
+  # https://github.com/bcgov/quickstart-openshift-helpers
+  deploy-db:
+    name: Deploys Database
+    uses: ./.github/workflows/.deployer.yml
+    with:
+      environment_name: ${{ inputs.environment_name}}
+      command: apply
+      working_directory: database
+      app_env: ${{ inputs.environment_name}} # Database 
+      AWS_DEPLOY_ROLE_ARN: ${{ inputs.AWS_DEPLOY_ROLE_ARN }}
+      AWS_LICENSE_PLATE: ${{ inputs.AWS_LICENSE_PLATE }}
+  deploy-api:
+    name: Deploys API
+    needs: [deploy-db]
+    uses: ./.github/workflows/.deployer.yml
+    with:
+      environment_name: ${{ inputs.environment_name}}
+      command: apply
+      working_directory: api
+      tag: ${{ inputs.tag }}
+      app_env: ${{ inputs.app_env}}
+      AWS_DEPLOY_ROLE_ARN: ${{ inputs.AWS_DEPLOY_ROLE_ARN }}
+      AWS_LICENSE_PLATE: ${{ inputs.AWS_LICENSE_PLATE }}
+  deploy-cloudfront:
+    name: Deploys Cloudfront
+    uses: ./.github/workflows/.deployer.yml
+    with:
+      environment_name: ${{ inputs.environment_name}} 
+      command: apply
+      working_directory: frontend
+      app_env: ${{ inputs.app_env}}
+      AWS_DEPLOY_ROLE_ARN: ${{ inputs.AWS_DEPLOY_ROLE_ARN }}
+      AWS_LICENSE_PLATE: ${{ inputs.AWS_LICENSE_PLATE }}
+  build-ui:
+    name: Builds UI
+    needs: [deploy-api, deploy-cloudfront]
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: setup node
+        uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+          cache: 'npm'
+          cache-dependency-path: frontend/package-lock.json
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+            role-to-assume: ${{ inputs.AWS_DEPLOY_ROLE_ARN }}
+            aws-region: ${{ env.AWS_REGION }}
+      - name: Build And Update UI (CF)
+        working-directory: frontend
+        env:
+          VITE_API_BASE_URL: ${{ needs.deploy-api.outputs.API_GW_URL }}/api
+          S3_BUCKET_ARN: ${{ needs.deploy-cloudfront.outputs.S3_BUCKET_ARN }}
+          CF_DISTRIBUTION_ID: ${{ needs.deploy-cloudfront.outputs.CF_DISTRIBUTION_ID }}
+        run: |
+          npm run deploy
+          aws s3 sync --delete ./dist s3://$(echo "$S3_BUCKET_ARN" | cut -d: -f6)
+          aws cloudfront create-invalidation --distribution-id $CF_DISTRIBUTION_ID --paths "/*"
diff --git a/.github/workflows/.deployer.yml b/.github/workflows/.deployer.yml
@@ -28,6 +28,14 @@ on:
         required: false
         type: string
         description: 'The APP env separates between AWS ENV and Actual APP, since AWS dev is where PR, and TEST is deployed'
+      AWS_DEPLOY_ROLE_ARN:
+        description: 'The ARN of the role to assume to deploy to AWS'
+        required: true
+        type: string
+      AWS_LICENSE_PLATE:
+        description: 'The license plate of the car to deploy to AWS, it is without the `-env`'
+        type: string
+        required: true
     outputs:
       API_GW_URL: 
         value: ${{ jobs.infra.outputs.API_GW_URL }}
@@ -62,7 +70,7 @@ jobs:
     - name: Configure AWS Credentials
       uses: aws-actions/configure-aws-credentials@v4
       with:
-          role-to-assume: ${{ secrets.AWS_DEPLOY_ROLE_ARN }}
+          role-to-assume: ${{ inputs.AWS_DEPLOY_ROLE_ARN }}
           role-session-name: ${{ inputs.environment_name }}-deployment
           aws-region: ${{ env.AWS_REGION }}
     - uses: hashicorp/setup-terraform@v3
@@ -76,7 +84,7 @@ jobs:
       working-directory: terraform/${{ inputs.working_directory }}/${{ inputs.environment_name }}
       env:
           target_env: ${{ inputs.environment_name }}
-          aws_license_plate: ${{ secrets.AWS_LICENSE_PLATE }}
+          aws_license_plate: ${{ inputs.AWS_LICENSE_PLATE }}
           flyway_image: ghcr.io/${{github.repository}}/migrations:${{inputs.tag}}
           api_image: ghcr.io/${{github.repository}}/backend:${{inputs.tag}}
           app_env: ${{inputs.app_env}}
@@ -89,7 +97,7 @@ jobs:
       id: tg-outputs
       env:
           target_env: ${{ inputs.environment_name }}
-          aws_license_plate: ${{ secrets.AWS_LICENSE_PLATE }}
+          aws_license_plate: ${{ inputs.AWS_LICENSE_PLATE }}
           flyway_image: ghcr.io/${{github.repository}}/migrations:${{inputs.tag}}
           api_image: ghcr.io/${{github.repository}}/backend:${{inputs.tag}}
           app_env: ${{inputs.app_env}}
@@ -105,7 +113,7 @@ jobs:
       id: tg-outputs-frontend
       env:
           target_env: ${{ inputs.environment_name }}
-          aws_license_plate: ${{ secrets.AWS_LICENSE_PLATE }}
+          aws_license_plate: ${{ inputs.AWS_LICENSE_PLATE }}
           flyway_image: ghcr.io/${{github.repository}}/migrations:${{inputs.tag}}
           api_image: ghcr.io/${{github.repository}}/backend:${{inputs.tag}}
           app_env: ${{inputs.app_env}}

diff --git a/.github/workflows/.destroy.yml b/.github/workflows/.destroy.yml
@@ -13,6 +13,14 @@ on:
         required: false
         type: string
         description: 'The APP env separates between AWS ENV and Actual APP, since AWS dev is where PR, and TEST is deployed'
+      AWS_DEPLOY_ROLE_ARN: 
+        description: 'The ARN of the role to assume to deploy to AWS'
+        required: true
+        type: string
+      AWS_LICENSE_PLATE: 
+        description: 'The license plate of the car to deploy to AWS, it is without the `-env`'
+        type: string
+        required: true
 jobs:
   cleanup-aws-database:
     name: Cleanup AWS Database
@@ -21,8 +29,8 @@ jobs:
       environment_name: ${{ inputs.environment_name}}
       command: destroy
       working_directory: database
-
-    secrets: inherit
+      AWS_DEPLOY_ROLE_ARN: ${{ inputs.AWS_DEPLOY_ROLE_ARN }}
+      AWS_LICENSE_PLATE: ${{ inputs.AWS_LICENSE_PLATE }}
   cleanup-aws-api:
       name: Cleanup AWS API
       uses: ./.github/workflows/.deployer.yml
@@ -31,7 +39,8 @@ jobs:
         command: destroy
         working_directory: api
         app_env: ${{ inputs.app_env}}
-      secrets: inherit
+        AWS_DEPLOY_ROLE_ARN: ${{ inputs.AWS_DEPLOY_ROLE_ARN }}
+        AWS_LICENSE_PLATE: ${{ inputs.AWS_LICENSE_PLATE }}
   cleanup-aws-cf:
       name: Cleanup AWS CF
       uses: ./.github/workflows/.deployer.yml
@@ -40,4 +49,5 @@ jobs:
         command: destroy
         working_directory: frontend
         app_env: ${{ inputs.app_env}}
-      secrets: inherit
+        AWS_DEPLOY_ROLE_ARN: ${{ inputs.AWS_DEPLOY_ROLE_ARN }}
+        AWS_LICENSE_PLATE: ${{ inputs.AWS_LICENSE_PLATE }}
diff --git a/.github/workflows/.tests.yml b/.github/workflows/.tests.yml
@@ -0,0 +1,31 @@
+name: .Tests
+
+on:
+ workflow_call: 
+
+jobs:
+  e2e:
+    name: E2E Tests
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Run Docker compose
+        run: docker compose up -d --wait
+      - uses: actions/setup-node@v4
+        name: Setup Node
+        with:
+          node-version: 22
+          cache: 'npm'
+          cache-dependency-path: frontend/package-lock.json
+      - name: Install dependencies
+        run: |
+          npm ci
+          npx playwright install --with-deps
+
+      - name: Run Tests
+        env:
+          E2E_BASE_URL: http://localhost:3000
+          CI: 'true'
+        run: |
+          npx playwright test --project="chromium" --reporter=blob
diff --git a/.github/workflows/merge.yml b/.github/workflows/merge.yml
@@ -28,65 +28,32 @@ jobs:
         if: ${{ github.event_name != 'workflow_dispatch' }} 
         id: pr
         uses: bcgov-nr/action-get-pr@v0.0.1
-  # https://github.com/bcgov/quickstart-openshift-helpers
-  deploy-db:
+  deploy-dev:
+    name: Deploy Dev
     needs: [vars]
-    name: Deploys Database
-    uses: ./.github/workflows/.deployer.yml
-    with:
-      environment_name: dev
-      command: apply
-      working_directory: database
-      app_env: dev
-    secrets: inherit
-  deploy-api:
-    name: Deploys API
-    needs: [vars,deploy-db]
-    uses: ./.github/workflows/.deployer.yml
-    with:
-      environment_name: dev
-      command: apply
-      working_directory: api
-      tag: ${{ needs.vars.outputs.pr }}
-      app_env: dev
-    secrets: inherit
-  deploy-cloudfront:
-    name: Deploys Cloudfront
-    needs: [vars]
-    uses: ./.github/workflows/.deployer.yml
-    with:
-      environment_name: dev
-      command: apply
-      working_directory: frontend
-      app_env: dev
-    secrets: inherit
-  build-ui:
-    name: Builds UI
-    needs: [deploy-api, deploy-cloudfront]
+    environment: dev
     runs-on: ubuntu-24.04
     steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: setup node
-        uses: actions/setup-node@v4
+      - name: Deploy Dev
+        uses: ./.github/workflows/.deploy-env.yml
         with:
-          node-version: '22'
-          cache: 'npm'
-          cache-dependency-path: frontend/package-lock.json
-      - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v4
+          environment_name: dev
+          app_env: dev
+          tag: ${{ needs.vars.outputs.pr }}
+          AWS_DEPLOY_ROLE_ARN: ${{ secrets.AWS_DEPLOY_ROLE_ARN }}
+          AWS_LICENSE_PLATE: ${{ secrets.AWS_LICENSE_PLATE }}
+  deploy-test:
+    name: Deploy Test
+    needs: [vars]
+    environment: dev # this is the Github secrets environment name
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Deploy Dev
+        uses: ./.github/workflows/.deploy-env.yml
         with:
-            role-to-assume: ${{ secrets.AWS_DEPLOY_ROLE_ARN }}
-            aws-region: ${{ env.AWS_REGION }}
-      - name: Build And Update UI (CF)
-        working-directory: frontend
-        env:
-          VITE_API_BASE_URL: ${{ needs.deploy-api.outputs.API_GW_URL }}/api
-          S3_BUCKET_ARN: ${{ needs.deploy-cloudfront.outputs.S3_BUCKET_ARN }}
-          CF_DISTRIBUTION_ID: ${{ needs.deploy-cloudfront.outputs.CF_DISTRIBUTION_ID }}
-        run: |
-          npm run deploy
-          aws s3 sync --delete ./dist s3://$(echo "$S3_BUCKET_ARN" | cut -d: -f6)
-          aws cloudfront create-invalidation --distribution-id $CF_DISTRIBUTION_ID --paths "/*"
-
+          environment_name: dev # this is the AWS environment name 
+          app_env: test # as multuple environments are deployed to the same AWS environment we separate them by app_env as tags.
+          tag: ${{ needs.vars.outputs.pr }}
+          AWS_DEPLOY_ROLE_ARN: ${{ secrets.AWS_DEPLOY_ROLE_ARN }}
+          AWS_LICENSE_PLATE: ${{ secrets.AWS_LICENSE_PLATE }}
+
diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml
@@ -37,4 +37,9 @@ jobs:
           repository: ${{ github.repository }}/${{ matrix.package }}
           target: ${{ github.event.number }}
           tags: ${{ github.event.number }}-${{ github.run_number }}
+  tests-e2e:
+    name: Tests
+    needs: builds
+    uses: ./.github/workflows/.tests.yml
+
 
diff --git a/backend/package-lock.json b/backend/package-lock.json
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -58,18 +58,19 @@ services:
     environment:
       <<: *postgres-vars
       NODE_ENV: development
+      PORT: 3001
     image: node:22
-    ports: ["3001:3000"]
+    ports: ["3001:3001"]
     healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:3000/api"]
+      test: ["CMD", "curl", "-f", "http://localhost:3001/api"]
     working_dir: "/app"
     volumes: ["./backend:/app", "/app/node_modules"]
 
   frontend:
     container_name: frontend
     entrypoint: sh -c "npm ci && npm run dev"
     environment:
-      BACKEND_URL: http://backend:3000
+      BACKEND_URL: http://backend:3001
       PORT: 3000
       NODE_ENV: development
     image: node:22
@@ -81,20 +82,3 @@ services:
     depends_on:
       backend:
         condition: service_healthy
-
-  caddy:
-    container_name: caddy
-    profiles: ["caddy"]
-    build: ./frontend
-    environment:
-      NODE_ENV: development
-      PORT: 3000
-      BACKEND_URL: http://backend:3000
-      LOG_LEVEL: info
-    ports: ["3005:3000"]
-    volumes: ["./frontend/Caddyfile:/etc/caddy/Caddyfile"]
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:3000"]
-    depends_on:
-      backend:
-        condition: service_healthy