Merge pull request #102 from GSA/snyk-upgrade-4f47c99cee31287244f20b6… #49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Deploy to cloud.gov | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| inputs: | |
| version_no: | |
| description: 'Release Version:' | |
| required: true | |
| env: | |
| POETRY_VERSION: "1.7.1" | |
| jobs: | |
| deploy-staging: | |
| name: deploy staging | |
| environment: staging | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v4 | |
| - name: Install node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| - name: Build static assets | |
| shell: bash | |
| run: | | |
| cd app/static | |
| npm install | |
| npm run build | |
| - name: Install Poetry | |
| uses: abatilo/actions-poetry@v2 | |
| with: | |
| poetry-version: ${{ env.POETRY_VERSION }} | |
| - name: Add requirement.txt | |
| run: | | |
| poetry export -f requirements.txt --output requirements.txt --without-hashes | |
| echo "Generated requirements.txt:" | |
| cat requirements.txt | |
| - name: deploy DHL | |
| uses: cloud-gov/cg-cli-tools@main | |
| with: | |
| command: cf push --vars-file vars.staging.yml --strategy rolling --no-wait | |
| cf_org: gsa-datagov | |
| cf_space: ${{vars.ENVIRONMENT_NAME}} | |
| cf_username: ${{secrets.CF_SERVICE_USER}} | |
| cf_password: ${{secrets.CF_SERVICE_AUTH}} | |
| # to-do | |
| # - name: smoke test | |
| # uses: cloud-gov/cg-cli-tools@main | |
| # with: | |
| # command: cf run-task harvesting-logic -c "/home/vcap/app/scripts/smoke-test.py" --name smoke-test | |
| # cf_org: gsa-datagov | |
| # cf_space: ${{vars.ENVIRONMENT_NAME}} | |
| # cf_username: ${{secrets.CF_SERVICE_USER}} | |
| # cf_password: ${{secrets.CF_SERVICE_AUTH}} | |
| # - name: monitor task output | |
| # uses: cloud-gov/cg-cli-tools@main | |
| # with: | |
| # command: > | |
| # scripts/monitor-cf-logs.sh harvesting-logic smoke-test | |
| # cf_org: gsa-datagov | |
| # cf_space: ${{vars.ENVIRONMENT_NAME}} | |
| # cf_username: ${{secrets.CF_SERVICE_USER}} | |
| # cf_password: ${{secrets.CF_SERVICE_AUTH}} | |
| - name: Create Issue if it fails 😢 | |
| if: ${{ failure() && github.ref == 'refs/heads/main' }} | |
| uses: JasonEtco/create-an-issue@v2 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.ADD_TO_PROJECT_PAT }} | |
| GITHUB_JOB: ${{ toJson(github)['job'] }} | |
| GITHUB_ATTEMPTS: ${{ github.run_attempt }} | |
| LAST_COMMIT: ${{ github.sha }} | |
| LAST_RUN_BY: ${{ github.actor }} | |
| RUN_ID: ${{ github.run_id }} | |
| REPO: ${{ github.repository }} | |
| with: | |
| filename: .github/deploy_failure.md | |
| update_existing: true | |
| deploy-prod: | |
| name: deploy prod | |
| needs: deploy-staging | |
| environment: prod | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v4 | |
| - name: Install node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| - name: Build static assets | |
| shell: bash | |
| run: | | |
| cd app/static | |
| npm install | |
| npm run build | |
| - name: Install Poetry | |
| uses: abatilo/actions-poetry@v2 | |
| with: | |
| poetry-version: ${{ env.POETRY_VERSION }} | |
| - name: Add requirement.txt | |
| run: | | |
| poetry export -f requirements.txt --output requirements.txt --without-hashes | |
| echo "Generated requirements.txt:" | |
| cat requirements.txt | |
| - name: deploy DHL | |
| uses: cloud-gov/cg-cli-tools@main | |
| with: | |
| command: cf push --vars-file vars.prod.yml --strategy rolling --no-wait | |
| cf_org: gsa-datagov | |
| cf_space: ${{vars.ENVIRONMENT_NAME}} | |
| cf_username: ${{secrets.CF_SERVICE_USER}} | |
| cf_password: ${{secrets.CF_SERVICE_AUTH}} | |
| # to-do | |
| # - name: smoke test | |
| # uses: cloud-gov/cg-cli-tools@main | |
| # with: | |
| # command: cf run-task harvesting-logic -c "/home/vcap/app/scripts/smoke-test.py" --name smoke-test | |
| # cf_org: gsa-datagov | |
| # cf_space: ${{vars.ENVIRONMENT_NAME}} | |
| # cf_username: ${{secrets.CF_SERVICE_USER}} | |
| # cf_password: ${{secrets.CF_SERVICE_AUTH}} | |
| # - name: monitor task output | |
| # uses: cloud-gov/cg-cli-tools@main | |
| # with: | |
| # command: > | |
| # scripts/monitor-cf-logs.sh harvesting-logic smoke-test | |
| # cf_org: gsa-datagov | |
| # cf_space: ${{vars.ENVIRONMENT_NAME}} | |
| # cf_username: ${{secrets.CF_SERVICE_USER}} | |
| # cf_password: ${{secrets.CF_SERVICE_AUTH}} | |
| - name: Create Issue if it fails 😢 | |
| if: ${{ failure() && github.ref == 'refs/heads/main' }} | |
| uses: JasonEtco/create-an-issue@v2 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.ADD_TO_PROJECT_PAT }} | |
| GITHUB_JOB: ${{ toJson(github)['job'] }} | |
| GITHUB_ATTEMPTS: ${{ github.run_attempt }} | |
| LAST_COMMIT: ${{ github.sha }} | |
| LAST_RUN_BY: ${{ github.actor }} | |
| RUN_ID: ${{ github.run_id }} | |
| REPO: ${{ github.repository }} | |
| with: | |
| filename: .github/deploy_failure.md | |
| update_existing: true |