Skip to content

fix: integration timeouts (#440) #23

fix: integration timeouts (#440)

fix: integration timeouts (#440) #23

Workflow file for this run

name: Merge to Main
env:
deployment_name: pay-transparency
on:
push:
branches: [main]
paths-ignore:
- "*.md"
- "docker-compose.yml"
- "renovate.json"
- "COMPLIANCE.yaml"
- ".gitignore"
- ".vscode/**"
- ".diagrams/**"
- ".graphics/**"
- "sysdig/**"
- ".github/workflows/sysdig.yml"
workflow_dispatch:
inputs:
pr_no:
description: "PR-numbered container set to deploy"
type: number
required: true
concurrency:
group: merge-to-main
cancel-in-progress: false # queue the workflows , if multiples are triggered.
jobs:
vars:
name: Set Variables
outputs:
pr: ${{ steps.pr.outputs.pr }}
runs-on: ubuntu-22.04
timeout-minutes: 1
steps: # Get PR number for squash merges to main
- name: PR Number
id: pr
uses: bcgov-nr/[email protected]
codeql:
name: Semantic Code Analysis
runs-on: ubuntu-22.04
permissions:
actions: read
contents: read
security-events: write
steps:
- uses: actions/checkout@v4
- name: Initialize
uses: github/codeql-action/init@v3
with:
languages: javascript
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v3
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
semantic-version: # Create a semantic version based on the commit messages and tag the commit.
outputs:
semanticVersion: ${{ steps.changelog.outputs.version }}
tag: ${{ steps.changelog.outputs.tag }}
clean_changelog: ${{ steps.changelog.outputs.clean_changelog }}
runs-on: ubuntu-22.04
timeout-minutes: 1
steps:
- uses: actions/checkout@v4
- name: Conventional Changelog Update
uses: TriPSs/conventional-changelog-action@v5
id: changelog
continue-on-error: true
with:
preset: "conventionalcommits"
github-token: ${{ github.token }}
output-file: "CHANGELOG.md"
skip-version-file: "true"
skip-commit: "true"
skip-on-empty: "false"
git-push: "true"
retag-images:
needs: [vars, semantic-version]
runs-on: ubuntu-22.04
strategy:
matrix:
package:
[
backend,
database-migrations,
frontend,
doc-gen-service,
backend-external,
maintenance,
]
steps:
- name: Tag Docker Images
uses: shrink/actions-docker-registry-tag@v4
with:
registry: ghcr.io
repository: ${{ github.repository }}/${{ matrix.package }}
target: ${{ needs.vars.outputs.pr }}
tags: |
${{ needs.semantic-version.outputs.semanticVersion }}
dev
deploys:
name: Deploys (dev)
needs: [retag-images, semantic-version]
uses: ./.github/workflows/.deploy.yml
secrets: inherit
with:
target: dev
tag: ${{ needs.semantic-version.outputs.semanticVersion }}
frontend-url: https://dev.paytransparency.fin.gov.bc.ca
semver: ${{ needs.semantic-version.outputs.semanticVersion }}
values: "values-dev.yaml"
test-integration:
name: Integration
needs: [deploys]
uses: ./.github/workflows/.integration.yml
secrets: inherit
with:
backend-external-url: https://pay-transparency-dev-backend-external.apps.silver.devops.gov.bc.ca/api
test-e2e:
name: E2E (dev)
needs: [deploys]
uses: ./.github/workflows/.e2e.yml
secrets: inherit
with:
frontend-url: https://dev.paytransparency.fin.gov.bc.ca
zap:
name: ZAP Scan
needs: [deploys]
runs-on: ubuntu-22.04
steps:
- name: Penetration Test
uses: zaproxy/[email protected]
with:
target: https://dev.paytransparency.fin.gov.bc.ca
cmd_options: "-a"
fail_action: false
allow_issue_writing: false