Skip to content

Refactor ad_groups concatenation #5871

Refactor ad_groups concatenation

Refactor ad_groups concatenation #5871

name: Continuous Deployment
concurrency: ${{ github.ref }}-${{ github.workflow }}
on:
push:
paths-ignore:
- "docs/**"
- "*.md"
- "**/*.md"
branches-ignore:
- "mob/**"
workflow_dispatch:
inputs:
deployBranch:
description: "deployBranch: Provision Azure resources for development branch and deploy build."
required: true
default: "false"
type: choice
options:
- "false"
- "true"
deployVnet:
description: "deployVnet: Enable Vnet creation. False is environment already provisioned"
required: true
default: "false"
type: choice
options:
- "false"
- "true"
enableBicepDeployment:
description: "enableBicepDeployment: Execute main.bicep deployment for application component Azure resources"
required: true
default: "false"
type: choice
options:
- "false"
- "true"
jobs:
setup:
name: Setup
uses: ./.github/workflows/reusable-build-info.yml
secrets: inherit # pragma: allowlist secret
with:
environment: ${{ endsWith(github.ref,'refs/heads/main') && 'Main-Gov' || 'Develop' }}
enableBicepDeployment: ${{ inputs.enableBicepDeployment }}
deployVnet: ${{ inputs.deployVnet }}
accessibility-test:
defaults:
run:
working-directory: user-interface
runs-on: ubuntu-latest
steps:
- name: Install chrome
uses: browser-actions/setup-chrome@v1
- name: Get source code
uses: actions/checkout@v3
- name: Use Node.js
uses: actions/setup-node@v3
with:
node-version: ${{ vars.NODE_VERSION }}
cache: "npm"
cache-dependency-path: user-interface/package-lock.json
- name: Install Node dependencies
run: |
pushd ../common
npm ci
popd
npm ci && npm install -g pa11y-ci
- name: Run pa11y Test
run: ../ops/scripts/pipeline/accessibility-test.sh
unit-test-frontend:
uses: ./.github/workflows/reusable-unit-test.yml
with:
path: user-interface
node-version: ${{ vars.NODE_VERSION }}
unit-test-backend:
uses: ./.github/workflows/reusable-unit-test.yml
with:
path: backend/functions
node-version: ${{ vars.NODE_VERSION }}
unit-test-common:
uses: ./.github/workflows/reusable-unit-test.yml
with:
path: common
node-version: ${{ vars.NODE_VERSION }}
security-scan:
name: Security
uses: ./.github/workflows/sub-security-scan.yml
secrets: inherit # pragma: allowlist secret
build:
name: Build
needs: [setup]
uses: ./.github/workflows/sub-build.yml
secrets: inherit # pragma: allowlist secret
with:
nodeVersion: ${{ vars.NODE_VERSION }}
apiName: ${{ needs.setup.outputs.apiName }}
camsServerHostname: ${{ needs.setup.outputs.apiName }}.azurewebsites${{ vars.AZ_HOSTNAME_SUFFIX }}
camsServerPort: ${{ vars.CAMS_SERVER_PORT }}
camsServerProtocol: ${{ vars.CAMS_SERVER_PROTOCOL }}
camsBasePath: ${{ vars.CAMS_BASE_PATH }}
webappName: ${{ needs.setup.outputs.webappName }}
environment: ${{ needs.setup.outputs.ghaEnvironment }}
launchDarklyEnvironment: ${{ vars.CAMS_LAUNCH_DARKLY_ENV }}
deploy:
name: Cloud Resource Deployment
uses: ./.github/workflows/sub-deploy.yml
needs:
[
setup,
build,
accessibility-test,
security-scan,
unit-test-frontend,
unit-test-backend,
unit-test-common,
]
if: |
((github.ref == 'refs/heads/main')
|| (github.ref == 'refs/heads/dependency-updates-auto')
|| (inputs.deployBranch == 'true'))
with:
ghaEnvironment: ${{ needs.setup.outputs.ghaEnvironment }}
azResourceGrpAppEncrypted: ${{ needs.setup.outputs.azResourceGrpAppEncrypted }}
azResourceGrpNetworkEncrypted: ${{ needs.setup.outputs.azResourceGrpNetworkEncrypted }}
stackName: ${{ needs.setup.outputs.stackName }}
apiName: ${{ needs.setup.outputs.apiName }}
webAppName: ${{ needs.setup.outputs.webappName }}
environmentHash: ${{ needs.setup.outputs.environmentHash }}
execVnetDeploy: ${{ needs.setup.outputs.execVnetDeploy }}
slotName: ${{ needs.setup.outputs.slotName }}
deployBranch: ${{ github.ref != 'refs/heads/main' }}
deployBicep: ${{ needs.setup.outputs.deployBicep }}
cosmosClientId: ${{ needs.setup.outputs.cosmosClientId }}
secrets: inherit # pragma: allowlist secret
deploy-code-slot:
name: Slot Code Deployment
uses: ./.github/workflows/sub-deploy-code-slot.yml
needs: [setup, deploy]
with:
ghaEnvironment: ${{ needs.setup.outputs.ghaEnvironment }}
azResourceGrpAppEncrypted: ${{ needs.setup.outputs.azResourceGrpAppEncrypted }}
stackName: ${{ needs.setup.outputs.stackName }}
apiName: ${{ needs.setup.outputs.apiName }}
webAppName: ${{ needs.setup.outputs.webappName }}
environmentHash: ${{ needs.setup.outputs.environmentHash }}
slotName: ${{ needs.setup.outputs.slotName }}
e2eCosmosDbExists: ${{ needs.deploy.outputs.e2eCosmosDbExists }}
initialDeployment: ${{ needs.setup.outputs.initialDeployment }}
secrets: inherit # pragma: allowlist secret