Merge pull request #339 from USEPA/feature/enable-cors-on-nces-endpoint #312
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is a basic workflow to help you get started with Actions | |
name: Dev Deploy | |
# Controls when the workflow will run | |
on: | |
# Triggers the workflow on push or pull request events but only for the develop branch | |
push: | |
branches: [develop] | |
# Allows you to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
# Set default working directory for all jobs to /app | |
defaults: | |
run: | |
working-directory: ./app | |
# A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
jobs: | |
build: | |
# The type of runner that the job will run on | |
runs-on: ubuntu-latest | |
environment: dev | |
# Set environment variables | |
env: | |
APP_NAME: csb-dev | |
CLOUD_SPACE: dev | |
CF_ORG: epa-avert | |
CF_SPACE: csb-dev | |
CF_USER_DEV: ${{ secrets.CF_USER_DEV }} | |
CF_PASSWORD_DEV: ${{ secrets.CF_PASSWORD_DEV }} | |
SERVER_URL: https://app-dev.app.cloud.gov/csb | |
SERVER_BASE_PATH: /csb | |
SAML_LOGIN_URL: ${{ secrets.SAML_LOGIN_URL }} | |
SAML_LOGOUT_URL: ${{ secrets.SAML_LOGOUT_URL }} | |
SAML_ENTITY_ID: ${{ secrets.SAML_ENTITY_ID }} | |
SAML_IDP_CERT: ${{ secrets.SAML_IDP_CERT }} | |
SAML_PUBLIC_KEY: ${{ secrets.SAML_PUBLIC_KEY }} | |
# SAML_PRIVATE_KEY: ${{ secrets.SAML_PRIVATE_KEY }} | |
JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }} | |
JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }} | |
CSB_2022_FRF_OPEN: true | |
CSB_2022_PRF_OPEN: true | |
CSB_2022_CRF_OPEN: true | |
CSB_2023_FRF_OPEN: true | |
CSB_2023_PRF_OPEN: true | |
CSB_2023_CRF_OPEN: true | |
FORMIO_2022_FRF_PATH: ${{ secrets.FORMIO_2022_FRF_PATH }} | |
FORMIO_2022_PRF_PATH: ${{ secrets.FORMIO_2022_PRF_PATH }} | |
FORMIO_2022_CRF_PATH: ${{ secrets.FORMIO_2022_CRF_PATH }} | |
FORMIO_2023_FRF_PATH: ${{ secrets.FORMIO_2023_FRF_PATH }} | |
FORMIO_2023_PRF_PATH: ${{ secrets.FORMIO_2023_PRF_PATH }} | |
FORMIO_2023_CRF_PATH: ${{ secrets.FORMIO_2023_CRF_PATH }} | |
FORMIO_BASE_URL: ${{ secrets.FORMIO_BASE_URL }} | |
FORMIO_PROJECT_NAME: ${{ secrets.FORMIO_PROJECT_NAME }} | |
FORMIO_API_KEY: ${{ secrets.FORMIO_API_KEY }} | |
FORMIO_NCES_API_KEY: ${{ secrets.FORMIO_NCES_API_KEY }} | |
FORMIO_PKG_AUTH_TOKEN: ${{ secrets.FORMIO_PKG_AUTH_TOKEN }} | |
BAP_CLIENT_ID: ${{ secrets.BAP_CLIENT_ID }} | |
BAP_CLIENT_SECRET: ${{ secrets.BAP_CLIENT_SECRET }} | |
BAP_URL: ${{ secrets.BAP_URL }} | |
BAP_USER: ${{ secrets.BAP_USER }} | |
BAP_PASSWORD: ${{ secrets.BAP_PASSWORD }} | |
BAP_SAM_TABLE: ${{ secrets.BAP_SAM_TABLE }} | |
BAP_FORMS_TABLE: ${{ secrets.BAP_FORMS_TABLE }} | |
BAP_BUS_TABLE: ${{ secrets.BAP_BUS_TABLE }} | |
AWS_ACCESS_KEY_ID: ${{ secrets.S3_PUBLIC_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.S3_PUBLIC_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.S3_PUBLIC_REGION }} | |
S3_PUBLIC_BUCKET: ${{ secrets.S3_PUBLIC_BUCKET }} | |
# Steps represent a sequence of tasks that will be executed as part of the job | |
steps: | |
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
- uses: actions/checkout@v3 | |
# Set up node and npm | |
- uses: actions/setup-node@master | |
# Run front-end processes (install, lint, test, bundle) | |
- name: Cache node modules | |
uses: actions/cache@v3 | |
with: | |
path: ~/client/.npm | |
key: v1-npm-client-deps-${{ hashFiles('**/client/package-lock.json') }} | |
restore-keys: v1-npm-client-deps- | |
- name: Add Formio private package repo auth token | |
run: echo "//pkg.form.io/:_authToken=${FORMIO_PKG_AUTH_TOKEN}" > .npmrc | |
working-directory: app/client | |
- name: Install front-end dependencies | |
run: npm install | |
working-directory: app/client | |
- name: Build front-end files and move to server | |
run: | | |
PUBLIC_URL="$SERVER_URL" \ | |
REACT_APP_SERVER_BASE_PATH="$SERVER_BASE_PATH" \ | |
REACT_APP_CLOUD_SPACE="$CLOUD_SPACE" \ | |
REACT_APP_FORMIO_BASE_URL="$FORMIO_BASE_URL" \ | |
REACT_APP_FORMIO_PROJECT_NAME="$FORMIO_PROJECT_NAME" \ | |
npm run build | |
rm ../server/app/public/index.html | |
cd build | |
mv * ../../server/app/public | |
working-directory: app/client | |
# Run CloudFoundry/Cloud.gov deployment | |
- name: Set up Cloud Foundry CLI | |
run: | | |
curl -v -L -o cf-cli_amd64.deb 'https://cli.run.pivotal.io/stable?release=debian64&version=v7&source=github' | |
sudo dpkg -i cf-cli_amd64.deb | |
cf -v | |
cf api https://api.fr.cloud.gov | |
cf auth "$CF_USER_DEV" "$CF_PASSWORD_DEV" | |
cf target -o "$CF_ORG" -s "$CF_SPACE" | |
- name: Set application-level variables | |
run: | | |
cf set-env $APP_NAME "CLOUD_SPACE" "$CLOUD_SPACE" > /dev/null | |
cf set-env $APP_NAME "SERVER_URL" "$SERVER_URL" > /dev/null | |
cf set-env $APP_NAME "SERVER_BASE_PATH" "$SERVER_BASE_PATH" > /dev/null | |
cf set-env $APP_NAME "SAML_LOGIN_URL" "$SAML_LOGIN_URL" > /dev/null | |
cf set-env $APP_NAME "SAML_LOGOUT_URL" "$SAML_LOGOUT_URL" > /dev/null | |
cf set-env $APP_NAME "SAML_ENTITY_ID" "$SAML_ENTITY_ID" > /dev/null | |
cf set-env $APP_NAME "SAML_IDP_CERT" "$SAML_IDP_CERT" > /dev/null | |
cf set-env $APP_NAME "SAML_PUBLIC_KEY" "$SAML_PUBLIC_KEY" > /dev/null | |
# cf set-env $APP_NAME "SAML_PRIVATE_KEY" "$SAML_PRIVATE_KEY" > /dev/null | |
cf set-env $APP_NAME "JWT_PUBLIC_KEY" "$JWT_PUBLIC_KEY" > /dev/null | |
cf set-env $APP_NAME "JWT_PRIVATE_KEY" "$JWT_PRIVATE_KEY" > /dev/null | |
cf set-env $APP_NAME "CSB_2022_FRF_OPEN" "$CSB_2022_FRF_OPEN" > /dev/null | |
cf set-env $APP_NAME "CSB_2022_PRF_OPEN" "$CSB_2022_PRF_OPEN" > /dev/null | |
cf set-env $APP_NAME "CSB_2022_CRF_OPEN" "$CSB_2022_CRF_OPEN" > /dev/null | |
cf set-env $APP_NAME "CSB_2023_FRF_OPEN" "$CSB_2023_FRF_OPEN" > /dev/null | |
cf set-env $APP_NAME "CSB_2023_PRF_OPEN" "$CSB_2023_PRF_OPEN" > /dev/null | |
cf set-env $APP_NAME "CSB_2023_CRF_OPEN" "$CSB_2023_CRF_OPEN" > /dev/null | |
cf set-env $APP_NAME "FORMIO_2022_FRF_PATH" "$FORMIO_2022_FRF_PATH" > /dev/null | |
cf set-env $APP_NAME "FORMIO_2022_PRF_PATH" "$FORMIO_2022_PRF_PATH" > /dev/null | |
cf set-env $APP_NAME "FORMIO_2022_CRF_PATH" "$FORMIO_2022_CRF_PATH" > /dev/null | |
cf set-env $APP_NAME "FORMIO_2023_FRF_PATH" "$FORMIO_2023_FRF_PATH" > /dev/null | |
cf set-env $APP_NAME "FORMIO_2023_PRF_PATH" "$FORMIO_2023_PRF_PATH" > /dev/null | |
cf set-env $APP_NAME "FORMIO_2023_CRF_PATH" "$FORMIO_2023_CRF_PATH" > /dev/null | |
cf set-env $APP_NAME "FORMIO_BASE_URL" "$FORMIO_BASE_URL" > /dev/null | |
cf set-env $APP_NAME "FORMIO_PROJECT_NAME" "$FORMIO_PROJECT_NAME" > /dev/null | |
cf set-env $APP_NAME "FORMIO_API_KEY" "$FORMIO_API_KEY" > /dev/null | |
cf set-env $APP_NAME "FORMIO_NCES_API_KEY" "$FORMIO_NCES_API_KEY" > /dev/null | |
cf set-env $APP_NAME "BAP_CLIENT_ID" "$BAP_CLIENT_ID" > /dev/null | |
cf set-env $APP_NAME "BAP_CLIENT_SECRET" "$BAP_CLIENT_SECRET" > /dev/null | |
cf set-env $APP_NAME "BAP_URL" "$BAP_URL" > /dev/null | |
cf set-env $APP_NAME "BAP_USER" "$BAP_USER" > /dev/null | |
cf set-env $APP_NAME "BAP_PASSWORD" "$BAP_PASSWORD" > /dev/null | |
cf set-env $APP_NAME "BAP_SAM_TABLE" "$BAP_SAM_TABLE" > /dev/null | |
cf set-env $APP_NAME "BAP_FORMS_TABLE" "$BAP_FORMS_TABLE" > /dev/null | |
cf set-env $APP_NAME "BAP_BUS_TABLE" "$BAP_BUS_TABLE" > /dev/null | |
cf set-env $APP_NAME "S3_PUBLIC_BUCKET" "$S3_PUBLIC_BUCKET" > /dev/null | |
cf set-env $APP_NAME "S3_PUBLIC_REGION" "$AWS_DEFAULT_REGION" > /dev/null | |
# Sync static content to public S3 bucket | |
- name: Sync static content to S3 | |
run: aws s3 sync . s3://$S3_PUBLIC_BUCKET/content | |
working-directory: app/server/app/content | |
# Set CORS configuration for public S3 bucket | |
- name: Set S3 CORS configuration | |
run: aws s3api put-bucket-cors --bucket $S3_PUBLIC_BUCKET --cors-configuration file://s3CORS.json | |
working-directory: app/server/app/config | |
# Now that front-end is built in server/dist, only push server dir to Cloud.gov | |
- name: Deploy application to Cloud.gov | |
run: cf push $APP_NAME --strategy rolling -f ../manifest-dev.yml -p . -t 180 | |
working-directory: app/server |