Skip to content

chore(deps): update maven docker tag to v3.9.6 (#672) #458

chore(deps): update maven docker tag to v3.9.6 (#672)

chore(deps): update maven docker tag to v3.9.6 (#672) #458

Workflow file for this run

name: Merge to Main
on:
push:
branches:
- main
paths-ignore:
- ".github/ISSUE_TEMPLATE/*"
- "**.md"
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}
cancel-in-progress: true
jobs:
tests-java:
name: Backend Integrated Tests
if: github.event_name != 'pull_request' || !github.event.pull_request.draft
runs-on: ubuntu-22.04
steps:
- uses: bcgov-nr/[email protected]
name: Backend Coverage
with:
commands: |
mvn -B verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false --file pom.xml
dir: backend
java-cache: maven
java-distribution: temurin
java-version: "17"
sonar_args: >
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.projectKey=forest-client-backend
-Dsonar.coverage.jacoco.xmlReportPaths=target/coverage-reports/merged-test-report/jacoco.xml
-Dsonar.java.checkstyle.reportPaths=target/checkstyle-result.xml
-Dsonar.coverage.exclusions=**/configuration/**,**/exception/**,**/dto/**,**/entity/**,**/models/**,**/repository/**,**/*$*Builder*,**/BootApplication*
sonar_token: ${{ secrets.SONAR_TOKEN_BACKEND }}
triggers: ('backend/')
- uses: bcgov-nr/[email protected]
name: Legacy Coverage
with:
commands: |
mvn -B verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false --file pom.xml
dir: legacy
java-cache: maven
java-distribution: temurin
java-version: "17"
sonar_args: >
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.projectKey=forest-client-legacy
-Dsonar.coverage.jacoco.xmlReportPaths=target/coverage-reports/merged-test-report/jacoco.xml
-Dsonar.java.checkstyle.reportPaths=target/checkstyle-result.xml
-Dsonar.coverage.exclusions=**/configuration/**,**/exception/**,**/dto/**,**/entity/**,**/repository/**,**/*$*Builder*,**/LegacyApplication***/ApplicationConstants*
sonar_token: ${{ secrets.SONAR_TOKEN_LEGACY }}
triggers: ('legacy/')
- uses: bcgov-nr/[email protected]
name: Processor Coverage
with:
commands: |
mvn -B verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false --file pom.xml
dir: processor
java-cache: maven
java-distribution: temurin
java-version: "17"
sonar_args: >
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.projectKey=nr-forest-client_processor
-Dsonar.coverage.jacoco.xmlReportPaths=target/coverage-reports/merged-test-report/jacoco.xml
-Dsonar.java.checkstyle.reportPaths=target/checkstyle-result.xml
-Dsonar.coverage.exclusions=**/configuration/**,**/dto/**,**/entity/**,**/repository/**,**/*$*Builder*,**/ProcessApplication***/ApplicationConstant*
sonar_token: ${{ secrets.SONAR_TOKEN_PROCESSOR }}
triggers: ('processor/')
tests-frontend:
name: Frontend Unit Tests
runs-on: ubuntu-22.04
steps:
- uses: bcgov-nr/[email protected]
env:
VITE_BACKEND_URL: http://localhost:8080
VITE_FRONTEND_URL: http://localhost:3000
VITE_COVERAGE: true
VITE_PORT: 3000
VITE_NODE_ENV: openshift-dev
with:
node_version: 18
commands: |
npm ci
npm run coverage
dir: frontend
sonar_args: >
-Dsonar.exclusions=**/coverage/**,**/tests/**,**/stub/**,**/reports/**,**/cypress/**,,**/assets/**,,**/dto/**,**/CoreConstants.ts,**/src/CoreConstants.ts,**/main.ts,**/routes.ts,**/sims-vue.d.ts,**/styles.ts,**/components.d.ts
-Dsonar.javascript.lcov.reportPaths=coverage/lcov.info
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.projectKey=forest-client-frontend
sonar_token: ${{ secrets.SONAR_TOKEN_FRONTEND }}
triggers: ('frontend/')
codeql:
name: Semantic Code Analysis
runs-on: ubuntu-22.04
needs:
- tests-java
- tests-frontend
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Initialize
uses: github/codeql-action/init@v2
with:
languages: javascript,java
# Autobuild failed for Java, so building manually
- name: Set up JDK 17 and Caching maven dependencies
uses: actions/setup-java@v4
with:
distribution: "temurin"
java-version: "17"
cache: "maven"
- name: Build Backend
run: |
cd backend
./mvnw clean package
- name: Build Legacy
run: |
cd legacy
./mvnw clean package
- name: Build Frontend
run: |
cd frontend
npm ci
npm run build
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
test-init:
name: TEST Init
needs:
- codeql
env:
ZONE: test
DOMAIN: apps.silver.devops.gov.bc.ca
BROKER_URL: https://nr-broker.apps.silver.devops.gov.bc.ca
VAULT_ADDR: https://vault-iit.apps.silver.devops.gov.bc.ca
PREFIX: ${{ github.event.repository.name }}-test
environment: test
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- name: Deploys
uses: bcgov-nr/[email protected]
with:
file: common/openshift.init.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: true
parameters:
-p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
-p ORACLEDB_USER=${{ secrets.ORACLEDB_USERNAME }}
-p ORACLEDB_PASSWORD=${{ secrets.ORACLEDB_PASSWORD }}
-p ORACLEDB_USER_W=${{ secrets.ORACLEDB_USERNAME_W }}
-p ORACLEDB_PASSWORD_W=${{ secrets.ORACLEDB_PASSWORD_W }}
-p ORACLEDB_DATABASE=${{ secrets.ORACLEDB_DATABASE }}
-p ORACLEDB_HOST=${{ secrets.ORACLEDB_HOST }}
-p ORACLEDB_SERVICENAME=${{ secrets.ORACLEDB_SERVICENAME }}
-p ORACLEDB_SECRET=${{ secrets.ORACLEDB_SECRET }}
-p BCREGISTRY_KEY='${{ secrets.BCREGISTRY_KEY }}'
-p BCREGISTRY_ACCOUNT='${{ secrets.BCREGISTRY_ACCOUNT }}'
-p CHES_CLIENT_ID=${{ secrets.CHES_CLIENT_ID }}
-p CHES_CLIENT_SECRET=${{ secrets.CHES_CLIENT_SECRET }}
-p ADDRESS_COMPLETE_KEY=${{ secrets.ADDRESS_COMPLETE_KEY }}
-p DB_PASSWORD=${{ secrets.DB_PASSWORD }}
-p COGNITO_REGION=${{ secrets.COGNITO_REGION }}
-p COGNITO_CLIENT_ID=${{ secrets.COGNITO_CLIENT_ID }}
-p COGNITO_USER_POOL=${{ secrets.COGNITO_USER_POOL }}
-p COGNITO_DOMAIN=${{ secrets.COGNITO_DOMAIN }}
-p COGNITO_ENVIRONMENT=TEST
-p COGNITO_REDIRECT_URI=https://${{ env.PREFIX }}-frontend.${{ env.DOMAIN }}/dashboard
-p COGNITO_LOGOUT_URI=https://${{ env.PREFIX }}-frontend.${{ env.DOMAIN }}
- name: Conventional Changelog Update
uses: TriPSs/conventional-changelog-action@v4
id: changelog
continue-on-error: true
with:
github-token: ${{ github.token }}
output-file: "CHANGELOG.md"
skip-version-file: "true"
skip-commit: "true"
git-push: "true"
- name: Create Release
uses: softprops/action-gh-release@v1
if: ${{ steps.changelog.outputs.tag != '' }}
continue-on-error: true
env:
GITHUB_TOKEN: ${{ github.token }}
with:
token: ${{ github.token }}
tag_name: ${{ steps.changelog.outputs.tag }}
name: ${{ steps.changelog.outputs.tag }}
body: ${{ steps.changelog.outputs.clean_changelog }}
test-deploy:
name: TEST Deployment
needs:
- test-init
env:
ZONE: test
DOMAIN: apps.silver.devops.gov.bc.ca
environment: test
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- name: Deploy Database
uses: bcgov-nr/[email protected]
with:
file: database/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: false
penetration_test: false
parameters:
-p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
-p PROMOTE=${{ github.repository }}/database:${{ env.ZONE }}
- name: Deploy Backend
uses: bcgov-nr/[email protected]
with:
file: backend/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: true
penetration_test: false
verification_path: health
parameters:
-p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
-p PROMOTE=${{ github.repository }}/backend:${{ env.ZONE }}
-p CHES_TOKEN_URL='https://test.loginproxy.gov.bc.ca/auth/realms/comsvcauth/protocol/openid-connect/token'
-p CHES_API_URL='https://ches-test.api.gov.bc.ca/api/v1'
-p BCREGISTRY_URI='https://bcregistry-prod.apigee.net'
-p COGNITO_REGION=ca-central-1
-p COGNITO_COOKIE_DOMAIN=gov.bc.ca
-p URL_ZONE=${{ env.ZONE }}
- name: Deploy Legacy
uses: bcgov-nr/[email protected]
with:
file: legacy/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: true
penetration_test: false
verification_path: health
parameters:
-p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
-p PROMOTE=${{ github.repository }}/legacy:${{ env.ZONE }}
-p URL_ZONE=${{ env.ZONE }}
- name: Deploy Frontend
uses: bcgov-nr/[email protected]
with:
file: frontend/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: true
penetration_test: false
parameters:
-p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
-p PROMOTE=${{ github.repository }}/frontend:${{ env.ZONE }}
-p GREEN_DOMAIN=${{ secrets.GREEN_DOMAIN }}
-p VITE_NODE_ENV=openshift-${{ env.ZONE }}
-p URL_ZONE=${{ env.ZONE }}
- name: Deploy Processor
uses: bcgov-nr/[email protected]
with:
file: processor/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: true
penetration_test: false
verification_path: health
parameters:
-p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
-p PROMOTE=${{ github.repository }}/processor:${{ env.ZONE }}
-p URL_ZONE=${{ env.ZONE }}
-p BCREGISTRY_URI='https://bcregistry-prod.apigee.net'
image-promotions:
name: Promote images to PROD
needs:
- test-deploy
runs-on: ubuntu-22.04
strategy:
matrix:
component: [backend, frontend, legacy, database, common, processor]
steps:
- uses: shrink/actions-docker-registry-tag@v3
with:
registry: ghcr.io
repository: ${{ github.repository }}/${{ matrix.component }}
target: test
tags: prod
prod-init:
name: PROD Init
needs:
- image-promotions
env:
ZONE: prod
DOMAIN: apps.silver.devops.gov.bc.ca
PREFIX: ${{ github.event.repository.name }}-prod
environment: prod
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- name: Deploys
uses: bcgov-nr/[email protected]
with:
file: common/openshift.init.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: true
parameters:
-p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
-p ORACLEDB_USER=${{ secrets.ORACLEDB_USERNAME }}
-p ORACLEDB_PASSWORD=${{ secrets.ORACLEDB_PASSWORD }}
-p ORACLEDB_USER_W=${{ secrets.ORACLEDB_USERNAME_W }}
-p ORACLEDB_PASSWORD_W=${{ secrets.ORACLEDB_PASSWORD_W }}
-p ORACLEDB_DATABASE=${{ secrets.ORACLEDB_DATABASE }}
-p ORACLEDB_HOST=${{ secrets.ORACLEDB_HOST }}
-p ORACLEDB_SERVICENAME=${{ secrets.ORACLEDB_SERVICENAME }}
-p ORACLEDB_SECRET=${{ secrets.ORACLEDB_SECRET }}
-p BCREGISTRY_KEY='${{ secrets.BCREGISTRY_KEY }}'
-p BCREGISTRY_ACCOUNT='${{ secrets.BCREGISTRY_ACCOUNT }}'
-p CHES_CLIENT_ID=${{ secrets.CHES_CLIENT_ID }}
-p CHES_CLIENT_SECRET=${{ secrets.CHES_CLIENT_SECRET }}
-p ADDRESS_COMPLETE_KEY=${{ secrets.ADDRESS_COMPLETE_KEY }}
-p DB_PASSWORD=${{ secrets.DB_PASSWORD }}
-p COGNITO_REGION=${{ secrets.COGNITO_REGION }}
-p COGNITO_CLIENT_ID=${{ secrets.COGNITO_CLIENT_ID }}
-p COGNITO_USER_POOL=${{ secrets.COGNITO_USER_POOL }}
-p COGNITO_DOMAIN=${{ secrets.COGNITO_DOMAIN }}
-p COGNITO_ENVIRONMENT=PROD
-p COGNITO_REDIRECT_URI=https://${{ env.PREFIX }}-frontend.${{ env.DOMAIN }}/dashboard
-p COGNITO_LOGOUT_URI=https://${{ env.PREFIX }}-frontend.${{ env.DOMAIN }}
prod-deploy:
name: PROD Deployment
needs:
- prod-init
env:
PREV: test
ZONE: prod
DOMAIN: apps.silver.devops.gov.bc.ca
environment: prod
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- name: Deploy Database
uses: bcgov-nr/[email protected]
with:
file: database/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: false
penetration_test: false
parameters:
-p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
-p PROMOTE=${{ github.repository }}/database:${{ env.PREV }}
- name: Deploy Backend
uses: bcgov-nr/[email protected]
with:
file: backend/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: true
penetration_test: false
verification_path: health
parameters:
-p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
-p PROMOTE=${{ github.repository }}/backend:${{ env.PREV }}
-p CHES_TOKEN_URL='https://loginproxy.gov.bc.ca/auth/realms/comsvcauth/protocol/openid-connect/token'
-p CHES_API_URL='https://ches.api.gov.bc.ca/api/v1'
-p BCREGISTRY_URI='https://bcregistry-prod.apigee.net'
-p COGNITO_REGION=ca-central-1
-p COGNITO_COOKIE_DOMAIN=gov.bc.ca
-p URL_ZONE=${{ env.ZONE }}
- name: Deploy Legacy
uses: bcgov-nr/[email protected]
with:
file: legacy/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: true
penetration_test: false
verification_path: health
parameters:
-p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
-p PROMOTE=${{ github.repository }}/legacy:${{ env.PREV }}
-p URL_ZONE=${{ env.ZONE }}
- name: Deploy Frontend
uses: bcgov-nr/[email protected]
with:
file: frontend/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: true
penetration_test: false
parameters:
-p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
-p PROMOTE=${{ github.repository }}/frontend:${{ env.PREV }}
-p GREEN_DOMAIN=${{ secrets.GREEN_DOMAIN }}
-p VITE_NODE_ENV=openshift-${{ env.ZONE }}
-p URL_ZONE=${{ env.ZONE }}
- name: Deploy Processor
uses: bcgov-nr/[email protected]
with:
file: processor/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: true
penetration_test: false
verification_path: health
parameters:
-p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
-p PROMOTE=${{ github.repository }}/processor:${{ env.PREV }}
-p URL_ZONE=${{ env.ZONE }}
-p BCREGISTRY_URI='https://bcregistry-prod.apigee.net'