Apply fixes from CodeFactor #58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # For most projects, this workflow file will not need changing; you simply need | |
| # to commit it to your repository. | |
| # | |
| # You may wish to alter this file to override the set of languages analyzed, | |
| # or to provide custom queries or build logic. | |
| # | |
| # ******** NOTE ******** | |
| # We have attempted to detect the languages in your repository. Please check | |
| # the `language` matrix defined below to confirm you have the correct set of | |
| # supported CodeQL languages. | |
| # | |
| name: "CI pipeline" | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| pull_request: | |
| # The branches below must be a subset of the branches above | |
| branches: [ "main" ] | |
| schedule: | |
| - cron: '30 5 15 * *' # run every month on the 15th | |
| env: | |
| AWS_REGION: us-east-1 | |
| ECR_REPOSITORY: public.ecr.aws/g7w7d4k3 | |
| IMAGE_NAME: iqasport/management-hub | |
| EB_PACKAGE_S3_BUCKET_NAME: elasticbeanstalk-us-east-1-558550744343 | |
| EB_APPLICATION_NAME: iqasport-managementhub | |
| EB_ENVIRONMENT_NAME: iqasport-managementhub-prod | |
| jobs: | |
| build: | |
| name: Build, Test & Analyze | |
| runs-on: 'ubuntu-latest' | |
| timeout-minutes: 120 | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 # full clone is necessary for GitVersion to work | |
| # Initializes the CodeQL tools for scanning. | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v2 | |
| with: | |
| languages: 'csharp,javascript' | |
| # BUILD | |
| - name: Setup .NET | |
| uses: actions/setup-dotnet@v3 | |
| with: | |
| dotnet-version: 7.0.x | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18.x | |
| cache: yarn | |
| cache-dependency-path: src/frontend/yarn.lock | |
| - name: Restore frontend dependencies | |
| run: yarn install --immutable | |
| working-directory: src/frontend | |
| - name: Restore backend dependencies | |
| run: dotnet restore | |
| working-directory: src/backend | |
| - name: Build frontend | |
| run: yarn build:dev | |
| working-directory: src/frontend | |
| - name: Build backend | |
| run: dotnet build --no-restore -c Debug | |
| working-directory: src/backend | |
| - name: Lint frontend | |
| run: yarn lint:ci | |
| working-directory: src/frontend | |
| continue-on-error: true # perform frontend testing, but ignore failure while it's broken | |
| - name: Test frontend | |
| run: yarn test:ci | |
| working-directory: src/frontend | |
| continue-on-error: true # perform frontend testing, but ignore failure while it's broken | |
| - name: Test backend | |
| run: dotnet test --no-build --verbosity normal --logger:"junit;LogFilePath=dotnet-test-result.xml" | |
| working-directory: src/backend | |
| # END BUILD | |
| - name: Print summary header for Lint Summary frontend | |
| run: echo "### Lint results for the frontend" >> $GITHUB_STEP_SUMMARY | |
| if: success() || failure() | |
| - name: Lint Summary frontend | |
| uses: test-summary/action@v2 | |
| with: | |
| paths: | | |
| src/frontend/**/eslint-junit.xml | |
| show: "fail, skip" | |
| if: success() || failure() | |
| - name: Print summary header for Test Summary frontend | |
| run: echo "### Test results for the frontend" >> $GITHUB_STEP_SUMMARY | |
| if: success() || failure() | |
| - name: Test Summary frontend | |
| uses: test-summary/action@v2 | |
| with: | |
| paths: | | |
| src/frontend/**/junit.xml | |
| if: success() || failure() | |
| - name: Print summary header for Test Summary backend | |
| run: echo "### Test results for the backend" >> $GITHUB_STEP_SUMMARY | |
| if: success() || failure() | |
| - name: Test Summary backend | |
| uses: test-summary/action@v2 | |
| with: | |
| paths: | | |
| src/backend/**/dotnet-test-result.xml | |
| if: success() || failure() | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v2 | |
| publish: | |
| name: Build Release & Publish | |
| runs-on: 'ubuntu-latest' | |
| needs: build | |
| if: github.ref == 'refs/heads/main' | |
| environment: production # for now we only support one environment for UX variables TODO: figure out how to tag the builds to support both at the same time | |
| permissions: | |
| contents: read | |
| id-token: write # required to create JWT for AWS authentication | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 # full clone is necessary for GitVersion to work | |
| # BUILD | |
| - name: Setup .NET | |
| uses: actions/setup-dotnet@v3 | |
| with: | |
| dotnet-version: 7.0.x | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18.x | |
| cache: yarn | |
| cache-dependency-path: src/frontend/yarn.lock | |
| - name: Restore frontend dependencies | |
| run: yarn install --immutable | |
| working-directory: src/frontend | |
| - name: Restore backend dependencies | |
| run: dotnet restore | |
| working-directory: src/backend | |
| - name: Restore dotnet tools | |
| run: dotnet tool restore | |
| working-directory: src/backend | |
| - name: Build frontend | |
| run: yarn build:prod | |
| working-directory: src/frontend | |
| env: | |
| STRIPE_PUBLISHABLE_KEY: ${{ secrets.STRIPE_PUBLIC_KEY }} | |
| - name: Build backend | |
| run: dotnet build --no-restore -c Release | |
| working-directory: src/backend | |
| - name: Create docker image | |
| run: dotnet publish --os linux --arch x64 -c Release -p:PublishProfile=DefaultContainer | |
| working-directory: src/backend/ManagementHub.Service | |
| # END BUILD | |
| # TODO: execute tests | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| role-to-assume: arn:aws:iam::558550744343:role/ManagementHubGitHubActionsRole | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| with: | |
| registry-type: public | |
| - name: Tag and publish the docker image to Amazon ECR | |
| working-directory: src/backend | |
| run: | | |
| echo "Tagging $ECR_REPOSITORY/$IMAGE_NAME with tags - latest, $(dotnet gitversion -showvariable NuGetVersion)" | |
| docker tag iqasport/management-hub:latest $ECR_REPOSITORY/$IMAGE_NAME:$(dotnet gitversion -showvariable NuGetVersion) | |
| docker tag iqasport/management-hub:latest $ECR_REPOSITORY/$IMAGE_NAME:latest | |
| echo -e "Tagged docker image \`$ECR_REPOSITORY/$IMAGE_NAME\` with tags:\n\n- \`latest\`\n- \`$(dotnet gitversion -showvariable NuGetVersion)\`\n" >> $GITHUB_STEP_SUMMARY | |
| echo "Pushing $ECR_REPOSITORY/$IMAGE_NAME with tags - latest, $(dotnet gitversion -showvariable NuGetVersion)" | |
| docker push $ECR_REPOSITORY/$IMAGE_NAME:latest | |
| docker push $ECR_REPOSITORY/$IMAGE_NAME:$(dotnet gitversion -showvariable NuGetVersion) | |
| echo -e "Pushed docker image \`$ECR_REPOSITORY/$IMAGE_NAME\` with tags:\n\n- \`latest\`\n- \`$(dotnet gitversion -showvariable NuGetVersion)\`\n" >> $GITHUB_STEP_SUMMARY | |
| - name: Upload docker-compose file to S3 | |
| working-directory: docker/prod-https | |
| run: | | |
| cp docker-compose.yml ${{ github.sha }}-docker-compose.yml | |
| aws s3 cp ${{ github.sha }}-docker-compose.yml s3://${{ env.EB_PACKAGE_S3_BUCKET_NAME }}/ | |
| - name: Create new Elastic Beanstalk Application Version | |
| working-directory: src/backend | |
| run: aws elasticbeanstalk create-application-version --application-name ${{ env.EB_APPLICATION_NAME }} --version-label "$(dotnet gitversion -showvariable NuGetVersion)-prod-${{ github.run_attempt }}" --source-bundle S3Bucket=${{ env.EB_PACKAGE_S3_BUCKET_NAME }},S3Key=${{ github.sha }}-docker-compose.yml | |
| - name: "Deploy Application Version to EB Environment" | |
| working-directory: src/backend | |
| run: aws elasticbeanstalk update-environment --environment-name ${{ env.EB_ENVIRONMENT_NAME }} --version-label "$(dotnet gitversion -showvariable NuGetVersion)-prod-${{ github.run_attempt }}" |