From 95db3249d32281c1cc8098977f1ecc09034a0105 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Tue, 25 Apr 2023 15:25:04 -0600 Subject: [PATCH 01/35] WIP pulling apart pipeline flows to only run tests on changed folders --- .circleci/base_config.yml | 6 +++ .circleci/build-and-test/jobs.yml | 6 +++ .circleci/build-and-test/workflows.yml | 10 ++--- .github/workflows/build-all-on-pr.yml | 51 ++++++++++++++++++++++++++ .github/workflows/build-backend.yml | 39 ++++++++++++++++++++ .github/workflows/build-frontend.yml | 39 ++++++++++++++++++++ 6 files changed, 145 insertions(+), 6 deletions(-) create mode 100644 .github/workflows/build-all-on-pr.yml create mode 100644 .github/workflows/build-backend.yml create mode 100644 .github/workflows/build-frontend.yml diff --git a/.circleci/base_config.yml b/.circleci/base_config.yml index eb4b9af15..84a493736 100644 --- a/.circleci/base_config.yml +++ b/.circleci/base_config.yml @@ -21,6 +21,12 @@ executors: resource_class: large parameters: + build_and_test_backend: + type: boolean + default: false + build_and_test_frontend: + type: boolean + default: false develop_branch_deploy: type: boolean default: false diff --git a/.circleci/build-and-test/jobs.yml b/.circleci/build-and-test/jobs.yml index 8da5f672f..b7f4b6f1b 100644 --- a/.circleci/build-and-test/jobs.yml +++ b/.circleci/build-and-test/jobs.yml @@ -1,5 +1,6 @@ # jobs: test-backend: + when: << pipeline.parameters.build_and_test_backend >> executor: machine-executor steps: - checkout @@ -18,6 +19,7 @@ coverage-report: ./tdrs-backend/coverage.xml test-frontend: + when: << pipeline.parameters.build_and_test_frontend >> executor: machine-executor working_directory: ~/tdp-apps steps: @@ -42,6 +44,10 @@ path: tdrs-frontend/pa11y-screenshots/ test-e2e: + when: + or: + - << pipeline.parameters.build_and_test_backend >> + - << pipeline.parameters.build_and_test_frontend >> executor: large-machine-executor working_directory: ~/tdp-apps steps: diff --git a/.circleci/build-and-test/workflows.yml b/.circleci/build-and-test/workflows.yml index 9122ab166..a5844bc46 100644 --- a/.circleci/build-and-test/workflows.yml +++ b/.circleci/build-and-test/workflows.yml @@ -1,11 +1,9 @@ # workflows: build-and-test: - unless: - or: - - << pipeline.parameters.run_dev_deployment >> - - << pipeline.parameters.develop_branch_deploy >> - - << pipeline.parameters.run_owasp_scan >> - - << pipeline.parameters.run_nightly_owasp_scan >> + when: + or: + - << pipeline.parameters.build_and_test_backend >> + - << pipeline.parameters.build_and_test_frontend >> jobs: - secrets-check - test-frontend: diff --git a/.github/workflows/build-all-on-pr.yml b/.github/workflows/build-all-on-pr.yml new file mode 100644 index 000000000..fcdb50f44 --- /dev/null +++ b/.github/workflows/build-all-on-pr.yml @@ -0,0 +1,51 @@ +########################################################################### +# GitHub Action Workflow +# On pull request or changes to scripts/commands to any branch, +# triggers the full build and test pipeline. +# +# Step 0: make PR from your branch into develop, or make changes on your +# branch to non-documentation files in scripts or commands.sh and +# push changes to your remote branch. +# +# Step 1: Makes a request to the V2 CircleCI API to initiate the project, +# which will filter based upon build_and_test_backend and +# build_and_test_frontend to run the workflow/jobs listed here: +# build-and-test:[ +# test-backend, +# test-frontend, +# test-e2e +# ] +# +# Leverages the open source GitHub Action: +# https://github.com/promiseofcake/circleci-trigger-action +########################################################################### +name: Build and test All for PRs and when scripts/commands change +on: + push: + branches_ignore: + - develop + paths: + - 'scripts/**' + - 'commands.sh' + pull_request: + paths_ignore: + - 'docs/**' + - '**.md' + - '**.txt' + - '.gitattributes' + - '.gitignore' + - 'LICENSE' +jobs: + build_and_test_all: + runs-on: ubuntu-latest + name: Initiate deploy job in CircleCI + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"build_and_test_backend": true, "build_and_test_frontend": true}' diff --git a/.github/workflows/build-backend.yml b/.github/workflows/build-backend.yml new file mode 100644 index 000000000..c50c65350 --- /dev/null +++ b/.github/workflows/build-backend.yml @@ -0,0 +1,39 @@ +########################################################################### +# GitHub Action Workflow +# On push to any branch, triggers the front end build and test pipeline +# if the tdrs-backend has changed. +# +# Step 0: make changes on your branch to non-documentation files in +# tdrs-backend and push changes to your remote branch +# +# Step 1: Makes a request to the V2 CircleCI API to initiate the project, +# which will filter based upon build_and_test_backend +# to run the workflow/jobs listed here: +# build-and-test:[ +# test-backend, +# test-e2e +# ] +# +# Leverages the open source GitHub Action: +# https://github.com/promiseofcake/circleci-trigger-action +########################################################################### +name: Build Only Backend When tdrs-backend Files Change +branches-ignore: + - develop +on: + push: + paths: 'tdrs-backend/**' +jobs: + build_and_test_backend: + runs-on: ubuntu-latest + name: Build and Test Backend + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"build_and_test_backend": true}' diff --git a/.github/workflows/build-frontend.yml b/.github/workflows/build-frontend.yml new file mode 100644 index 000000000..7886aab37 --- /dev/null +++ b/.github/workflows/build-frontend.yml @@ -0,0 +1,39 @@ +########################################################################### +# GitHub Action Workflow +# On push to any branch, triggers the front end build and test pipeline +# if the tdrs-frontend has changed. +# +# Step 0: make changes on your branch to non-documentation files in +# tdrs-frontend and push changes to your remote branch +# +# Step 1: Makes a request to the V2 CircleCI API to initiate the project, +# which will filter based upon build_and_test_frontend +# to run the workflow/jobs listed here: +# build-and-test:[ +# test-frontend, +# test-e2e +# ] +# +# Leverages the open source GitHub Action: +# https://github.com/promiseofcake/circleci-trigger-action +########################################################################### +name: Build Only Frontend When tdrs-frontend Files Change +branches-ignore: + - develop +on: + push: + paths: 'tdrs-frontend/**' +jobs: + build_and_test_frontend: + runs-on: ubuntu-latest + name: Build and Test Frontend + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"build_and_test_frontend": true}' \ No newline at end of file From 29bcd499f89c098ceaf87af3af58951a1a71ad66 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Mon, 1 May 2023 11:03:54 -0600 Subject: [PATCH 02/35] added parameters to config.yml that were already in base_config.yml --- .circleci/config.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index ea0ddd1c4..469016f02 100755 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -13,6 +13,12 @@ orbs: # parameters from github actions parameters: + build_and_test_backend: + type: boolean + default: false + build_and_test_frontend: + type: boolean + default: false develop_branch_deploy: type: boolean default: false From ac5197b0542e99433f56f123b842d0b4f0ad8e07 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Mon, 1 May 2023 14:41:31 -0600 Subject: [PATCH 03/35] put 'when' keyword in the correct block --- .circleci/build-and-test/jobs.yml | 126 +++++++++++++++--------------- 1 file changed, 63 insertions(+), 63 deletions(-) diff --git a/.circleci/build-and-test/jobs.yml b/.circleci/build-and-test/jobs.yml index b7f4b6f1b..ce83e644e 100644 --- a/.circleci/build-and-test/jobs.yml +++ b/.circleci/build-and-test/jobs.yml @@ -1,80 +1,80 @@ # jobs: test-backend: - when: << pipeline.parameters.build_and_test_backend >> executor: machine-executor steps: - - checkout - - docker-compose-check - - docker-compose-up-backend - - run: - name: Execute Python Linting Test - command: cd tdrs-backend; docker-compose run --rm web bash -c "flake8 ." - - run: - name: Run Unit Tests And Create Code Coverage Report - command: | - cd tdrs-backend; - docker-compose run --rm web bash -c "./wait_for_services.sh && pytest --cov-report=xml" - - upload-codecov: - component: backend - coverage-report: ./tdrs-backend/coverage.xml + when: << pipeline.parameters.build_and_test_backend >> + - checkout + - docker-compose-check + - docker-compose-up-backend + - run: + name: Execute Python Linting Test + command: cd tdrs-backend; docker-compose run --rm web bash -c "flake8 ." + - run: + name: Run Unit Tests And Create Code Coverage Report + command: | + cd tdrs-backend; + docker-compose run --rm web bash -c "./wait_for_services.sh && pytest --cov-report=xml" + - upload-codecov: + component: backend + coverage-report: ./tdrs-backend/coverage.xml test-frontend: - when: << pipeline.parameters.build_and_test_frontend >> executor: machine-executor working_directory: ~/tdp-apps steps: - - checkout - - install-nodejs-machine - - disable-npm-audit - - install-nodejs-packages: - app-dir: tdrs-frontend - - run: - name: Run ESLint - command: cd tdrs-frontend; npm run lint - - run: - name: Run Pa11y Accessibility Tests - command: cd tdrs-frontend; mkdir pa11y-screenshots/; npm run test:accessibility - - run: - name: Run Jest Unit Tests - command: cd tdrs-frontend; npm run test:ci - - upload-codecov: - component: frontend - coverage-report: ./tdrs-frontend/coverage/lcov.info - - store_artifacts: - path: tdrs-frontend/pa11y-screenshots/ + when: << pipeline.parameters.build_and_test_frontend >> + - checkout + - install-nodejs-machine + - disable-npm-audit + - install-nodejs-packages: + app-dir: tdrs-frontend + - run: + name: Run ESLint + command: cd tdrs-frontend; npm run lint + - run: + name: Run Pa11y Accessibility Tests + command: cd tdrs-frontend; mkdir pa11y-screenshots/; npm run test:accessibility + - run: + name: Run Jest Unit Tests + command: cd tdrs-frontend; npm run test:ci + - upload-codecov: + component: frontend + coverage-report: ./tdrs-frontend/coverage/lcov.info + - store_artifacts: + path: tdrs-frontend/pa11y-screenshots/ test-e2e: - when: - or: - - << pipeline.parameters.build_and_test_backend >> - - << pipeline.parameters.build_and_test_frontend >> executor: large-machine-executor working_directory: ~/tdp-apps steps: - - checkout - - docker-compose-check - - docker-compose-up-backend - - docker-compose-up-frontend - - install-nodejs-machine - - disable-npm-audit - - install-nodejs-packages: - app-dir: tdrs-frontend - - run: - name: Wait for backend to become available - command: cd tdrs-backend; docker-compose run --rm zaproxy bash -c \ - "PATH=$PATH:/home/zap/.local/bin && - pip install wait-for-it && - wait-for-it --service http://web:8080 --timeout 180 -- echo \"Django is ready\"" - - run: - name: Set up cypress test users - command: cd tdrs-backend; docker-compose exec web python manage.py generate_cypress_users - - run: - name: Run Cypress e2e tests - command: cd tdrs-frontend; npm run test:e2e-ci - - store_artifacts: - path: tdrs-frontend/cypress/screenshots/ - - store_artifacts: - path: tdrs-frontend/cypress/videos/ + when: + or: + - << pipeline.parameters.build_and_test_backend >> + - << pipeline.parameters.build_and_test_frontend >> + - checkout + - docker-compose-check + - docker-compose-up-backend + - docker-compose-up-frontend + - install-nodejs-machine + - disable-npm-audit + - install-nodejs-packages: + app-dir: tdrs-frontend + - run: + name: Wait for backend to become available + command: cd tdrs-backend; docker-compose run --rm zaproxy bash -c \ + "PATH=$PATH:/home/zap/.local/bin && + pip install wait-for-it && + wait-for-it --service http://web:8080 --timeout 180 -- echo \"Django is ready\"" + - run: + name: Set up cypress test users + command: cd tdrs-backend; docker-compose exec web python manage.py generate_cypress_users + - run: + name: Run Cypress e2e tests + command: cd tdrs-frontend; npm run test:e2e-ci + - store_artifacts: + path: tdrs-frontend/cypress/screenshots/ + - store_artifacts: + path: tdrs-frontend/cypress/videos/ secrets-check: executor: docker-executor From 24177d10af3ef9ec0c9316588950d8a46cd44647 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Mon, 1 May 2023 15:34:59 -0600 Subject: [PATCH 04/35] trying to get conditional syntax right' --- .circleci/build-and-test/jobs.yml | 122 +++++++++++++++--------------- 1 file changed, 61 insertions(+), 61 deletions(-) diff --git a/.circleci/build-and-test/jobs.yml b/.circleci/build-and-test/jobs.yml index ce83e644e..23b2fde89 100644 --- a/.circleci/build-and-test/jobs.yml +++ b/.circleci/build-and-test/jobs.yml @@ -3,78 +3,78 @@ executor: machine-executor steps: when: << pipeline.parameters.build_and_test_backend >> - - checkout - - docker-compose-check - - docker-compose-up-backend - - run: - name: Execute Python Linting Test - command: cd tdrs-backend; docker-compose run --rm web bash -c "flake8 ." - - run: - name: Run Unit Tests And Create Code Coverage Report - command: | - cd tdrs-backend; - docker-compose run --rm web bash -c "./wait_for_services.sh && pytest --cov-report=xml" - - upload-codecov: - component: backend - coverage-report: ./tdrs-backend/coverage.xml + steps: + - checkout + - docker-compose-check + - docker-compose-up-backend + - run: + name: Execute Python Linting Test + command: cd tdrs-backend; docker-compose run --rm web bash -c "flake8 ." + - run: + name: Run Unit Tests And Create Code Coverage Report + command: | + cd tdrs-backend; + docker-compose run --rm web bash -c "./wait_for_services.sh && pytest --cov-report=xml" + - upload-codecov: + component: backend + coverage-report: ./tdrs-backend/coverage.xml + +# merge these 2 together test-frontend: executor: machine-executor working_directory: ~/tdp-apps steps: when: << pipeline.parameters.build_and_test_frontend >> - - checkout - - install-nodejs-machine - - disable-npm-audit - - install-nodejs-packages: - app-dir: tdrs-frontend - - run: - name: Run ESLint - command: cd tdrs-frontend; npm run lint - - run: - name: Run Pa11y Accessibility Tests - command: cd tdrs-frontend; mkdir pa11y-screenshots/; npm run test:accessibility - - run: - name: Run Jest Unit Tests - command: cd tdrs-frontend; npm run test:ci - - upload-codecov: - component: frontend - coverage-report: ./tdrs-frontend/coverage/lcov.info - - store_artifacts: - path: tdrs-frontend/pa11y-screenshots/ + steps: + - checkout + - install-nodejs-machine + - disable-npm-audit + - install-nodejs-packages: + app-dir: tdrs-frontend + - run: + name: Run ESLint + command: cd tdrs-frontend; npm run lint + - run: + name: Run Pa11y Accessibility Tests + command: cd tdrs-frontend; mkdir pa11y-screenshots/; npm run test:accessibility + - run: + name: Run Jest Unit Tests + command: cd tdrs-frontend; npm run test:ci + - upload-codecov: + component: frontend + coverage-report: ./tdrs-frontend/coverage/lcov.info + - store_artifacts: + path: tdrs-frontend/pa11y-screenshots/ test-e2e: executor: large-machine-executor working_directory: ~/tdp-apps steps: - when: - or: - - << pipeline.parameters.build_and_test_backend >> - - << pipeline.parameters.build_and_test_frontend >> - - checkout - - docker-compose-check - - docker-compose-up-backend - - docker-compose-up-frontend - - install-nodejs-machine - - disable-npm-audit - - install-nodejs-packages: - app-dir: tdrs-frontend - - run: - name: Wait for backend to become available - command: cd tdrs-backend; docker-compose run --rm zaproxy bash -c \ - "PATH=$PATH:/home/zap/.local/bin && - pip install wait-for-it && - wait-for-it --service http://web:8080 --timeout 180 -- echo \"Django is ready\"" - - run: - name: Set up cypress test users - command: cd tdrs-backend; docker-compose exec web python manage.py generate_cypress_users - - run: - name: Run Cypress e2e tests - command: cd tdrs-frontend; npm run test:e2e-ci - - store_artifacts: - path: tdrs-frontend/cypress/screenshots/ - - store_artifacts: - path: tdrs-frontend/cypress/videos/ + - checkout + - docker-compose-check + - docker-compose-up-backend + - docker-compose-up-frontend + - install-nodejs-machine + - disable-npm-audit + - install-nodejs-packages: + app-dir: tdrs-frontend + - run: + name: Wait for backend to become available + command: cd tdrs-backend; docker-compose run --rm zaproxy bash -c \ + "PATH=$PATH:/home/zap/.local/bin && + pip install wait-for-it && + wait-for-it --service http://web:8080 --timeout 180 -- echo \"Django is ready\"" + - run: + name: Set up cypress test users + command: cd tdrs-backend; docker-compose exec web python manage.py generate_cypress_users + - run: + name: Run Cypress e2e tests + command: cd tdrs-frontend; npm run test:e2e-ci + - store_artifacts: + path: tdrs-frontend/cypress/screenshots/ + - store_artifacts: + path: tdrs-frontend/cypress/videos/ secrets-check: executor: docker-executor From d5d11cb6d850ea5fa28946655b82e40e8e411a71 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Mon, 1 May 2023 15:37:55 -0600 Subject: [PATCH 05/35] trying to get conditional syntax right --- .circleci/build-and-test/jobs.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.circleci/build-and-test/jobs.yml b/.circleci/build-and-test/jobs.yml index 23b2fde89..06c313370 100644 --- a/.circleci/build-and-test/jobs.yml +++ b/.circleci/build-and-test/jobs.yml @@ -2,7 +2,8 @@ test-backend: executor: machine-executor steps: - when: << pipeline.parameters.build_and_test_backend >> + when: + condition: << pipeline.parameters.build_and_test_backend >> steps: - checkout - docker-compose-check @@ -25,7 +26,8 @@ executor: machine-executor working_directory: ~/tdp-apps steps: - when: << pipeline.parameters.build_and_test_frontend >> + when: + condition: << pipeline.parameters.build_and_test_frontend >> steps: - checkout - install-nodejs-machine From 0bd5793e195a9301ca676e36b075ff57f39920e5 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Tue, 2 May 2023 09:50:10 -0600 Subject: [PATCH 06/35] moved attempted logic out of jobs and into workflows. --- .circleci/build-and-test/jobs.yml | 78 ++++++++++++-------------- .circleci/build-and-test/workflows.yml | 32 ++++++++++- .github/workflows/build-all-on-pr.yml | 1 + 3 files changed, 66 insertions(+), 45 deletions(-) diff --git a/.circleci/build-and-test/jobs.yml b/.circleci/build-and-test/jobs.yml index 06c313370..8da5f672f 100644 --- a/.circleci/build-and-test/jobs.yml +++ b/.circleci/build-and-test/jobs.yml @@ -2,52 +2,44 @@ test-backend: executor: machine-executor steps: - when: - condition: << pipeline.parameters.build_and_test_backend >> - steps: - - checkout - - docker-compose-check - - docker-compose-up-backend - - run: - name: Execute Python Linting Test - command: cd tdrs-backend; docker-compose run --rm web bash -c "flake8 ." - - run: - name: Run Unit Tests And Create Code Coverage Report - command: | - cd tdrs-backend; - docker-compose run --rm web bash -c "./wait_for_services.sh && pytest --cov-report=xml" - - upload-codecov: - component: backend - coverage-report: ./tdrs-backend/coverage.xml - -# merge these 2 together + - checkout + - docker-compose-check + - docker-compose-up-backend + - run: + name: Execute Python Linting Test + command: cd tdrs-backend; docker-compose run --rm web bash -c "flake8 ." + - run: + name: Run Unit Tests And Create Code Coverage Report + command: | + cd tdrs-backend; + docker-compose run --rm web bash -c "./wait_for_services.sh && pytest --cov-report=xml" + - upload-codecov: + component: backend + coverage-report: ./tdrs-backend/coverage.xml test-frontend: executor: machine-executor working_directory: ~/tdp-apps steps: - when: - condition: << pipeline.parameters.build_and_test_frontend >> - steps: - - checkout - - install-nodejs-machine - - disable-npm-audit - - install-nodejs-packages: - app-dir: tdrs-frontend - - run: - name: Run ESLint - command: cd tdrs-frontend; npm run lint - - run: - name: Run Pa11y Accessibility Tests - command: cd tdrs-frontend; mkdir pa11y-screenshots/; npm run test:accessibility - - run: - name: Run Jest Unit Tests - command: cd tdrs-frontend; npm run test:ci - - upload-codecov: - component: frontend - coverage-report: ./tdrs-frontend/coverage/lcov.info - - store_artifacts: - path: tdrs-frontend/pa11y-screenshots/ + - checkout + - install-nodejs-machine + - disable-npm-audit + - install-nodejs-packages: + app-dir: tdrs-frontend + - run: + name: Run ESLint + command: cd tdrs-frontend; npm run lint + - run: + name: Run Pa11y Accessibility Tests + command: cd tdrs-frontend; mkdir pa11y-screenshots/; npm run test:accessibility + - run: + name: Run Jest Unit Tests + command: cd tdrs-frontend; npm run test:ci + - upload-codecov: + component: frontend + coverage-report: ./tdrs-frontend/coverage/lcov.info + - store_artifacts: + path: tdrs-frontend/pa11y-screenshots/ test-e2e: executor: large-machine-executor @@ -65,8 +57,8 @@ name: Wait for backend to become available command: cd tdrs-backend; docker-compose run --rm zaproxy bash -c \ "PATH=$PATH:/home/zap/.local/bin && - pip install wait-for-it && - wait-for-it --service http://web:8080 --timeout 180 -- echo \"Django is ready\"" + pip install wait-for-it && + wait-for-it --service http://web:8080 --timeout 180 -- echo \"Django is ready\"" - run: name: Set up cypress test users command: cd tdrs-backend; docker-compose exec web python manage.py generate_cypress_users diff --git a/.circleci/build-and-test/workflows.yml b/.circleci/build-and-test/workflows.yml index a5844bc46..b3d7f0d3d 100644 --- a/.circleci/build-and-test/workflows.yml +++ b/.circleci/build-and-test/workflows.yml @@ -1,17 +1,45 @@ # workflows: - build-and-test: + build-and-test-all: when: - or: + and: - << pipeline.parameters.build_and_test_backend >> - << pipeline.parameters.build_and_test_frontend >> jobs: - secrets-check + - test-backend: + requires: + - secrets-check - test-frontend: requires: - secrets-check + - test-e2e: + requires: + - secrets-check + + build-and-test-backend: + when: + and: + - << pipeline.parameters.build_and_test_backend >> + - not: << pipeline.parameters.build_and_test_frontend >> + jobs: + - secrets-check - test-backend: requires: - secrets-check - test-e2e: requires: - secrets-check + + build-and-test-frontend: + when: + and: + - << pipeline.parameters.build_and_test_frontend >> + - not: << pipeline.parameters.build_and_test_backend >> + jobs: + - secrets-check + - test-frontend: + requires: + - secrets-check + - test-e2e: + requires: + - secrets-check diff --git a/.github/workflows/build-all-on-pr.yml b/.github/workflows/build-all-on-pr.yml index fcdb50f44..48b8f7e6e 100644 --- a/.github/workflows/build-all-on-pr.yml +++ b/.github/workflows/build-all-on-pr.yml @@ -2,6 +2,7 @@ # GitHub Action Workflow # On pull request or changes to scripts/commands to any branch, # triggers the full build and test pipeline. +# CLARIFY THIS # # Step 0: make PR from your branch into develop, or make changes on your # branch to non-documentation files in scripts or commands.sh and From 098d560017133a742700bdbd3369f0398f116df4 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Tue, 2 May 2023 14:07:30 -0600 Subject: [PATCH 07/35] updated logic for when workflows should run and added utility and infrastructure to filters --- .circleci/base_config.yml | 6 +++ .circleci/config.yml | 6 +++ .circleci/infrastructure/workflows.yml | 2 +- .circleci/util/workflows.yml | 6 +-- .github/workflows/build-all-on-pr.yml | 53 +++++++++++++-------- .github/workflows/build-backend.yml | 7 ++- .github/workflows/build-frontend.yml | 3 ++ .github/workflows/deploy-infrastructure.yml | 41 ++++++++++++++++ .github/workflows/make_erd.yml | 36 ++++++++++++++ 9 files changed, 131 insertions(+), 29 deletions(-) create mode 100644 .github/workflows/deploy-infrastructure.yml create mode 100644 .github/workflows/make_erd.yml diff --git a/.circleci/base_config.yml b/.circleci/base_config.yml index 84a493736..4460f587e 100644 --- a/.circleci/base_config.yml +++ b/.circleci/base_config.yml @@ -27,6 +27,9 @@ parameters: build_and_test_frontend: type: boolean default: false + deploy_infrastructure: + type: boolean + default: false develop_branch_deploy: type: boolean default: false @@ -42,3 +45,6 @@ parameters: target_env: type: string default: '' + util_make_erd: + type: boolean + default: false diff --git a/.circleci/config.yml b/.circleci/config.yml index 469016f02..a4228686a 100755 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -19,6 +19,9 @@ parameters: build_and_test_frontend: type: boolean default: false + deploy_infrastructure: + type: boolean + default: false develop_branch_deploy: type: boolean default: false @@ -34,6 +37,9 @@ parameters: target_env: type: string default: '' + util_make_erd: + type: boolean + default: false jobs: setup: diff --git a/.circleci/infrastructure/workflows.yml b/.circleci/infrastructure/workflows.yml index 1a4899f69..d6227184b 100644 --- a/.circleci/infrastructure/workflows.yml +++ b/.circleci/infrastructure/workflows.yml @@ -1,7 +1,7 @@ #workflows: enable-versioning-for-s3-buckets: - unless: << pipeline.parameters.run_nightly_owasp_scan >> + when: << pipeline.parameters.deploy_infrastructure >> jobs: - enable-versioning: filters: diff --git a/.circleci/util/workflows.yml b/.circleci/util/workflows.yml index 804b921b3..0e62c759d 100644 --- a/.circleci/util/workflows.yml +++ b/.circleci/util/workflows.yml @@ -1,9 +1,5 @@ # workflows: erd: - unless: << pipeline.parameters.run_nightly_owasp_scan >> + when: << pipeline.parameters.util_make_erd >> jobs: - make_erd: - filters: - branches: - only: - develop diff --git a/.github/workflows/build-all-on-pr.yml b/.github/workflows/build-all-on-pr.yml index 48b8f7e6e..2c3407138 100644 --- a/.github/workflows/build-all-on-pr.yml +++ b/.github/workflows/build-all-on-pr.yml @@ -1,8 +1,13 @@ ########################################################################### # GitHub Action Workflow -# On pull request or changes to scripts/commands to any branch, -# triggers the full build and test pipeline. -# CLARIFY THIS +# On pull request or changes to scripts/commands or changes to the pipeline +# code to any branch besides develop, staging and master triggers the full +# build and test pipeline. +# +# NOTE: develop, staging(main) and master are skipped on the push because this +# would be redundant after running the full set of tests from the PR. +# See deploy-develop-on-merge.yml and make_erd for the workflow +# pipelines that run on merge to develop, staging, and master branches. # # Step 0: make PR from your branch into develop, or make changes on your # branch to non-documentation files in scripts or commands.sh and @@ -24,29 +29,35 @@ name: Build and test All for PRs and when scripts/commands change on: push: branches_ignore: - - develop + - develop + - main + - master paths: - - 'scripts/**' - - 'commands.sh' + - 'scripts/**' + - 'commands.sh' + - '.circleci/**' + - '.github/**' + paths_ignore: + - '**.md' pull_request: paths_ignore: - - 'docs/**' - - '**.md' - - '**.txt' - - '.gitattributes' - - '.gitignore' - - 'LICENSE' + - 'docs/**' + - '**.md' + - '**.txt' + - '.gitattributes' + - '.gitignore' + - 'LICENSE' jobs: build_and_test_all: runs-on: ubuntu-latest name: Initiate deploy job in CircleCI steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"build_and_test_backend": true, "build_and_test_frontend": true}' + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"build_and_test_backend": true, "build_and_test_frontend": true}' diff --git a/.github/workflows/build-backend.yml b/.github/workflows/build-backend.yml index c50c65350..164338fef 100644 --- a/.github/workflows/build-backend.yml +++ b/.github/workflows/build-backend.yml @@ -1,6 +1,6 @@ ########################################################################### # GitHub Action Workflow -# On push to any branch, triggers the front end build and test pipeline +# On push to any branch, triggers the back end build and test pipeline # if the tdrs-backend has changed. # # Step 0: make changes on your branch to non-documentation files in @@ -17,12 +17,15 @@ # Leverages the open source GitHub Action: # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### -name: Build Only Backend When tdrs-backend Files Change +name: Build Only Backend When tdrs-backend/ Files Change branches-ignore: - develop on: push: paths: 'tdrs-backend/**' + paths_ignore: + - '**.md' + - '**.txt' jobs: build_and_test_backend: runs-on: ubuntu-latest diff --git a/.github/workflows/build-frontend.yml b/.github/workflows/build-frontend.yml index 7886aab37..9304dfe62 100644 --- a/.github/workflows/build-frontend.yml +++ b/.github/workflows/build-frontend.yml @@ -23,6 +23,9 @@ branches-ignore: on: push: paths: 'tdrs-frontend/**' + paths_ignore: + - '**.md' + - '**.txt' jobs: build_and_test_frontend: runs-on: ubuntu-latest diff --git a/.github/workflows/deploy-infrastructure.yml b/.github/workflows/deploy-infrastructure.yml new file mode 100644 index 000000000..edfc2b089 --- /dev/null +++ b/.github/workflows/deploy-infrastructure.yml @@ -0,0 +1,41 @@ +########################################################################### +# GitHub Action Workflow +# On push changing terraform files or infrastructure pipelines, triggers the +# terraform deploy pipeline for the appropriate cf space. +# +# Step 0: make changes to non-documentation files in terraform/ or +# .circleci/infrastructure/ and push/merge changes. +# +# Step 1: Makes a request to the V2 CircleCI API to initiate the project, +# which will filter based upon terraform: true flag +# to run the workflow/jobs listed here: +# build-and-test:[ +# enable-versioning-for-s3-buckets +# ] +# +# Leverages the open source GitHub Action: +# https://github.com/promiseofcake/circleci-trigger-action +########################################################################### +name: Run Infrastructure Pipeline When Terraform or Infrastructure Files Change +on: + push: + paths: + - 'terraform/**' + - '.circleci/infrastructure/**' + paths_ignore: + - '**.md' + - '**.txt' + jobs: + deploy_infrastructure: + runs-on: ubuntu-latest + name: Deploy Infrastructure + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"deploy_infrastructure": true}' \ No newline at end of file diff --git a/.github/workflows/make_erd.yml b/.github/workflows/make_erd.yml new file mode 100644 index 000000000..21e1a855d --- /dev/null +++ b/.github/workflows/make_erd.yml @@ -0,0 +1,36 @@ +########################################################################### +# GitHub Action Workflow +# On push to develop or master branches, triggers the make erd util pipeline. +# +# Step 0: merge to develop or master +# +# Step 1: Makes a request to the V2 CircleCI API to initiate the project, +# which will filter based upon terraform: true flag +# to run the workflow/jobs listed here: +# build-and-test:[ +# enable-versioning-for-s3-buckets +# ] +# +# Leverages the open source GitHub Action: +# https://github.com/promiseofcake/circleci-trigger-action +########################################################################### +name: Run The Utility Make ERD Pipeline +on: + push: + branches: + - develop + - master + jobs: + make_erd: + runs-on: ubuntu-latest + name: Make ERD + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"util_make_erd": true}' \ No newline at end of file From aaa7a220831ef09b0e60d94e05bc3da4fe0277ad Mon Sep 17 00:00:00 2001 From: George Hudson Date: Tue, 2 May 2023 14:31:48 -0600 Subject: [PATCH 08/35] fixed spacing on make_erd? --- .circleci/util/workflows.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.circleci/util/workflows.yml b/.circleci/util/workflows.yml index 0e62c759d..08717586b 100644 --- a/.circleci/util/workflows.yml +++ b/.circleci/util/workflows.yml @@ -1,5 +1,6 @@ # workflows: erd: - when: << pipeline.parameters.util_make_erd >> + when: + << pipeline.parameters.util_make_erd >> jobs: - make_erd: From a77cbeae466debd874557892a963e46059c974e5 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Tue, 2 May 2023 14:33:40 -0600 Subject: [PATCH 09/35] updated make_erd job to string since not passing parameters to map anymore --- .circleci/util/workflows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/util/workflows.yml b/.circleci/util/workflows.yml index 08717586b..399035170 100644 --- a/.circleci/util/workflows.yml +++ b/.circleci/util/workflows.yml @@ -3,4 +3,4 @@ when: << pipeline.parameters.util_make_erd >> jobs: - - make_erd: + - make_erd From 8129a27e4eed95ba8c8fe2599d319fa98a2cd197 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Tue, 2 May 2023 15:00:01 -0600 Subject: [PATCH 10/35] innocuous change to backend/ to test filtering --- tdrs-backend/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/tdrs-backend/Dockerfile b/tdrs-backend/Dockerfile index b3aac7c82..66adac50c 100644 --- a/tdrs-backend/Dockerfile +++ b/tdrs-backend/Dockerfile @@ -34,3 +34,4 @@ CMD ["./gunicorn_start.sh"] # docker ps -a # to get the container id # docker commit debug/ # docker run -it --rm --entrypoint /bin/bash debug/ +# delete me From 5e4fffe193aa73f21ce9e68550d5267f0731fc94 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Tue, 2 May 2023 15:18:26 -0600 Subject: [PATCH 11/35] fixed spacing --- .github/workflows/build-all-on-pr.yml | 70 +++++++-------- .github/workflows/build-backend.yml | 44 +++++----- .github/workflows/build-frontend.yml | 44 +++++----- .github/workflows/deploy-develop-on-merge.yml | 52 +++++------ .github/workflows/deploy-infrastructure.yml | 44 +++++----- .github/workflows/deploy-on-label.yml | 88 +++++++++---------- .github/workflows/make_erd.yml | 12 +-- .github/workflows/qasp-owasp-scan.yml | 74 ++++++++-------- 8 files changed, 214 insertions(+), 214 deletions(-) diff --git a/.github/workflows/build-all-on-pr.yml b/.github/workflows/build-all-on-pr.yml index 2c3407138..d15296ea1 100644 --- a/.github/workflows/build-all-on-pr.yml +++ b/.github/workflows/build-all-on-pr.yml @@ -26,38 +26,38 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Build and test All for PRs and when scripts/commands change -on: - push: - branches_ignore: - - develop - - main - - master - paths: - - 'scripts/**' - - 'commands.sh' - - '.circleci/**' - - '.github/**' - paths_ignore: - - '**.md' - pull_request: - paths_ignore: - - 'docs/**' - - '**.md' - - '**.txt' - - '.gitattributes' - - '.gitignore' - - 'LICENSE' -jobs: - build_and_test_all: - runs-on: ubuntu-latest - name: Initiate deploy job in CircleCI - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"build_and_test_backend": true, "build_and_test_frontend": true}' + on: + push: + branches_ignore: + - develop + - main + - master + paths: + - 'scripts/**' + - 'commands.sh' + - '.circleci/**' + - '.github/**' + paths_ignore: + - '**.md' + pull_request: + paths_ignore: + - 'docs/**' + - '**.md' + - '**.txt' + - '.gitattributes' + - '.gitignore' + - 'LICENSE' + jobs: + build_and_test_all: + runs-on: ubuntu-latest + name: Initiate deploy job in CircleCI + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"build_and_test_backend": true, "build_and_test_frontend": true}' diff --git a/.github/workflows/build-backend.yml b/.github/workflows/build-backend.yml index 164338fef..dea41ce5d 100644 --- a/.github/workflows/build-backend.yml +++ b/.github/workflows/build-backend.yml @@ -18,25 +18,25 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Build Only Backend When tdrs-backend/ Files Change -branches-ignore: - - develop -on: - push: - paths: 'tdrs-backend/**' - paths_ignore: - - '**.md' - - '**.txt' -jobs: - build_and_test_backend: - runs-on: ubuntu-latest - name: Build and Test Backend - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"build_and_test_backend": true}' + branches-ignore: + - develop + on: + push: + paths: 'tdrs-backend/**' + paths_ignore: + - '**.md' + - '**.txt' + jobs: + build_and_test_backend: + runs-on: ubuntu-latest + name: Build and Test Backend + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"build_and_test_backend": true}' diff --git a/.github/workflows/build-frontend.yml b/.github/workflows/build-frontend.yml index 9304dfe62..8e3b99f5c 100644 --- a/.github/workflows/build-frontend.yml +++ b/.github/workflows/build-frontend.yml @@ -18,25 +18,25 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Build Only Frontend When tdrs-frontend Files Change -branches-ignore: - - develop -on: - push: - paths: 'tdrs-frontend/**' - paths_ignore: - - '**.md' - - '**.txt' -jobs: - build_and_test_frontend: - runs-on: ubuntu-latest - name: Build and Test Frontend - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"build_and_test_frontend": true}' \ No newline at end of file + branches-ignore: + - develop + on: + push: + paths: 'tdrs-frontend/**' + paths_ignore: + - '**.md' + - '**.txt' + jobs: + build_and_test_frontend: + runs-on: ubuntu-latest + name: Build and Test Frontend + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"build_and_test_frontend": true}' \ No newline at end of file diff --git a/.github/workflows/deploy-develop-on-merge.yml b/.github/workflows/deploy-develop-on-merge.yml index eb1f72ecc..1cd5325b1 100644 --- a/.github/workflows/deploy-develop-on-merge.yml +++ b/.github/workflows/deploy-develop-on-merge.yml @@ -20,29 +20,29 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Deploy Develop on PR Merge -on: - push: - branches: - - develop - paths_ignore: - - 'docs/**' - - '**.md' - - '**.txt' - - '.gitattributes' - - '.gitignore' - - 'LICENSE' -jobs: - merge_deployment: - if: github.ref == 'refs/heads/develop' - runs-on: ubuntu-latest - name: Initiate deploy job in CircleCI - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"develop_branch_deploy": true, "target_env": "develop"}' + on: + push: + branches: + - develop + paths_ignore: + - 'docs/**' + - '**.md' + - '**.txt' + - '.gitattributes' + - '.gitignore' + - 'LICENSE' + jobs: + merge_deployment: + if: github.ref == 'refs/heads/develop' + runs-on: ubuntu-latest + name: Initiate deploy job in CircleCI + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"develop_branch_deploy": true, "target_env": "develop"}' diff --git a/.github/workflows/deploy-infrastructure.yml b/.github/workflows/deploy-infrastructure.yml index edfc2b089..fd98d3e85 100644 --- a/.github/workflows/deploy-infrastructure.yml +++ b/.github/workflows/deploy-infrastructure.yml @@ -17,25 +17,25 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Run Infrastructure Pipeline When Terraform or Infrastructure Files Change -on: - push: - paths: - - 'terraform/**' - - '.circleci/infrastructure/**' - paths_ignore: - - '**.md' - - '**.txt' - jobs: - deploy_infrastructure: - runs-on: ubuntu-latest - name: Deploy Infrastructure - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"deploy_infrastructure": true}' \ No newline at end of file + on: + push: + paths: + - 'terraform/**' + - '.circleci/infrastructure/**' + paths_ignore: + - '**.md' + - '**.txt' + jobs: + run_infrastructure_deployment: + runs-on: ubuntu-latest + name: Deploy Infrastructure + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"deploy_infrastructure": true}' \ No newline at end of file diff --git a/.github/workflows/deploy-on-label.yml b/.github/workflows/deploy-on-label.yml index 6bbf65584..0faf51583 100644 --- a/.github/workflows/deploy-on-label.yml +++ b/.github/workflows/deploy-on-label.yml @@ -23,47 +23,47 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Deploy PR based on Label -on: - pull_request: - types: - - labeled -jobs: - pr_labeled_deployment: - if: startsWith(github.event.label.name, 'Deploy with CircleCI') - runs-on: ubuntu-latest - name: Initiate deploy job in CircleCI - steps: - - uses: actions/checkout@v2 - - name: Extract Deploy ENV - id: extract-deploy-env - run: | - IFS='-' # hyphen (-) is set as delimiter - read -ra ADDR <<< "${{ github.event.label.name }}" # str is read into an array as tokens separated by IFS - DEPLOY_ENV="${ADDR[1]}" - echo "::set-output name=DEPLOY_ENV::$DEPLOY_ENV" - IFS=' ' - - name: Get PR Status Checks - id: get-pr-checks - uses: octokit/request-action@v2.x - with: - route: GET /repos/{owner}/{repo}/commits/{ref}/status - owner: ${{ github.repository_owner }} - repo: TANF-app - ref: ${{ github.event.pull_request.head.ref }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Extract current PR state - id: get-pr-state - run: | - STATE=${{ fromJson(steps.get-pr-checks.outputs.data).state }} - echo "::set-output name=STATE::$STATE" - echo "Current PR state: $STATE" - - name: Circle CI Deployment Trigger - id: curl-circle-ci - if: steps.get-pr-state.outputs.STATE == 'success' - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.head_ref }} - payload: '{"run_dev_deployment": true, "target_env": "${{steps.extract-deploy-env.outputs.DEPLOY_ENV}}"}' + on: + pull_request: + types: + - labeled + jobs: + pr_labeled_deployment: + if: startsWith(github.event.label.name, 'Deploy with CircleCI') + runs-on: ubuntu-latest + name: Initiate deploy job in CircleCI + steps: + - uses: actions/checkout@v2 + - name: Extract Deploy ENV + id: extract-deploy-env + run: | + IFS='-' # hyphen (-) is set as delimiter + read -ra ADDR <<< "${{ github.event.label.name }}" # str is read into an array as tokens separated by IFS + DEPLOY_ENV="${ADDR[1]}" + echo "::set-output name=DEPLOY_ENV::$DEPLOY_ENV" + IFS=' ' + - name: Get PR Status Checks + id: get-pr-checks + uses: octokit/request-action@v2.x + with: + route: GET /repos/{owner}/{repo}/commits/{ref}/status + owner: ${{ github.repository_owner }} + repo: TANF-app + ref: ${{ github.event.pull_request.head.ref }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Extract current PR state + id: get-pr-state + run: | + STATE=${{ fromJson(steps.get-pr-checks.outputs.data).state }} + echo "::set-output name=STATE::$STATE" + echo "Current PR state: $STATE" + - name: Circle CI Deployment Trigger + id: curl-circle-ci + if: steps.get-pr-state.outputs.STATE == 'success' + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.head_ref }} + payload: '{"run_dev_deployment": true, "target_env": "${{steps.extract-deploy-env.outputs.DEPLOY_ENV}}"}' diff --git a/.github/workflows/make_erd.yml b/.github/workflows/make_erd.yml index 21e1a855d..cc3ab6ad9 100644 --- a/.github/workflows/make_erd.yml +++ b/.github/workflows/make_erd.yml @@ -15,12 +15,12 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Run The Utility Make ERD Pipeline -on: - push: - branches: - - develop - - master - jobs: + on: + push: + branches: + - develop + - master + jobs: make_erd: runs-on: ubuntu-latest name: Make ERD diff --git a/.github/workflows/qasp-owasp-scan.yml b/.github/workflows/qasp-owasp-scan.yml index 3a4dea99b..12306397e 100644 --- a/.github/workflows/qasp-owasp-scan.yml +++ b/.github/workflows/qasp-owasp-scan.yml @@ -1,38 +1,38 @@ name: Run OWASP scan when a PR moves into QASP Review -on: - pull_request: - types: - - labeled - - synchronize - - reopened -# Prevent running more than one job at a time per branch. -concurrency: - group: ${{ github.head_ref }} - cancel-in-progress: true -jobs: - qasp_label_check: - name: Initiate OWASP scan in Circle CI - env: - # Check the label from the pull request itself, rather than the event - - # not all event types will contain the label name. - HAS_QASP_LABEL: ${{ contains(github.event.pull_request.labels.*.name, 'QASP Review') }} - # Prevent running the action for label events that aren't QASP Review, but - # we need to allow other accepted event types without checking the label. - if: | - github.event.action == 'synchronize' || - github.event.action == 'reopened' || - github.event.action == 'labeled' && github.event.label.name == 'QASP Review' - runs-on: ubuntu-latest - steps: - - name: Trigger Circle CI OWASP scan if PR has QASP Review label - id: curl-circle-ci - if: env.HAS_QASP_LABEL == 'true' - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: ${{ github.repository }} - branch: ${{ github.head_ref }} - payload: | - { - "run_owasp_scan": ${{ env.HAS_QASP_LABEL }} - } + on: + pull_request: + types: + - labeled + - synchronize + - reopened + # Prevent running more than one job at a time per branch. + concurrency: + group: ${{ github.head_ref }} + cancel-in-progress: true + jobs: + qasp_label_check: + name: Initiate OWASP scan in Circle CI + env: + # Check the label from the pull request itself, rather than the event - + # not all event types will contain the label name. + HAS_QASP_LABEL: ${{ contains(github.event.pull_request.labels.*.name, 'QASP Review') }} + # Prevent running the action for label events that aren't QASP Review, but + # we need to allow other accepted event types without checking the label. + if: | + github.event.action == 'synchronize' || + github.event.action == 'reopened' || + github.event.action == 'labeled' && github.event.label.name == 'QASP Review' + runs-on: ubuntu-latest + steps: + - name: Trigger Circle CI OWASP scan if PR has QASP Review label + id: curl-circle-ci + if: env.HAS_QASP_LABEL == 'true' + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: ${{ github.repository }} + branch: ${{ github.head_ref }} + payload: | + { + "run_owasp_scan": ${{ env.HAS_QASP_LABEL }} + } From 8b489ff999e8a08e0501afa22bb52d02ec4890d2 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Tue, 2 May 2023 15:20:35 -0600 Subject: [PATCH 12/35] fixed spacing --- .github/workflows/build-all-on-pr.yml | 70 +++++++-------- .github/workflows/build-backend.yml | 44 +++++----- .github/workflows/build-frontend.yml | 44 +++++----- .github/workflows/deploy-develop-on-merge.yml | 52 +++++------ .github/workflows/deploy-infrastructure.yml | 44 +++++----- .github/workflows/deploy-on-label.yml | 88 +++++++++---------- .github/workflows/make_erd.yml | 38 ++++---- .github/workflows/qasp-owasp-scan.yml | 74 ++++++++-------- 8 files changed, 227 insertions(+), 227 deletions(-) diff --git a/.github/workflows/build-all-on-pr.yml b/.github/workflows/build-all-on-pr.yml index d15296ea1..2c3407138 100644 --- a/.github/workflows/build-all-on-pr.yml +++ b/.github/workflows/build-all-on-pr.yml @@ -26,38 +26,38 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Build and test All for PRs and when scripts/commands change - on: - push: - branches_ignore: - - develop - - main - - master - paths: - - 'scripts/**' - - 'commands.sh' - - '.circleci/**' - - '.github/**' - paths_ignore: - - '**.md' - pull_request: - paths_ignore: - - 'docs/**' - - '**.md' - - '**.txt' - - '.gitattributes' - - '.gitignore' - - 'LICENSE' - jobs: - build_and_test_all: - runs-on: ubuntu-latest - name: Initiate deploy job in CircleCI - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"build_and_test_backend": true, "build_and_test_frontend": true}' +on: + push: + branches_ignore: + - develop + - main + - master + paths: + - 'scripts/**' + - 'commands.sh' + - '.circleci/**' + - '.github/**' + paths_ignore: + - '**.md' + pull_request: + paths_ignore: + - 'docs/**' + - '**.md' + - '**.txt' + - '.gitattributes' + - '.gitignore' + - 'LICENSE' +jobs: + build_and_test_all: + runs-on: ubuntu-latest + name: Initiate deploy job in CircleCI + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"build_and_test_backend": true, "build_and_test_frontend": true}' diff --git a/.github/workflows/build-backend.yml b/.github/workflows/build-backend.yml index dea41ce5d..164338fef 100644 --- a/.github/workflows/build-backend.yml +++ b/.github/workflows/build-backend.yml @@ -18,25 +18,25 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Build Only Backend When tdrs-backend/ Files Change - branches-ignore: - - develop - on: - push: - paths: 'tdrs-backend/**' - paths_ignore: - - '**.md' - - '**.txt' - jobs: - build_and_test_backend: - runs-on: ubuntu-latest - name: Build and Test Backend - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"build_and_test_backend": true}' +branches-ignore: + - develop +on: + push: + paths: 'tdrs-backend/**' + paths_ignore: + - '**.md' + - '**.txt' +jobs: + build_and_test_backend: + runs-on: ubuntu-latest + name: Build and Test Backend + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"build_and_test_backend": true}' diff --git a/.github/workflows/build-frontend.yml b/.github/workflows/build-frontend.yml index 8e3b99f5c..9304dfe62 100644 --- a/.github/workflows/build-frontend.yml +++ b/.github/workflows/build-frontend.yml @@ -18,25 +18,25 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Build Only Frontend When tdrs-frontend Files Change - branches-ignore: - - develop - on: - push: - paths: 'tdrs-frontend/**' - paths_ignore: - - '**.md' - - '**.txt' - jobs: - build_and_test_frontend: - runs-on: ubuntu-latest - name: Build and Test Frontend - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"build_and_test_frontend": true}' \ No newline at end of file +branches-ignore: + - develop +on: + push: + paths: 'tdrs-frontend/**' + paths_ignore: + - '**.md' + - '**.txt' +jobs: + build_and_test_frontend: + runs-on: ubuntu-latest + name: Build and Test Frontend + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"build_and_test_frontend": true}' \ No newline at end of file diff --git a/.github/workflows/deploy-develop-on-merge.yml b/.github/workflows/deploy-develop-on-merge.yml index 1cd5325b1..eb1f72ecc 100644 --- a/.github/workflows/deploy-develop-on-merge.yml +++ b/.github/workflows/deploy-develop-on-merge.yml @@ -20,29 +20,29 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Deploy Develop on PR Merge - on: - push: - branches: - - develop - paths_ignore: - - 'docs/**' - - '**.md' - - '**.txt' - - '.gitattributes' - - '.gitignore' - - 'LICENSE' - jobs: - merge_deployment: - if: github.ref == 'refs/heads/develop' - runs-on: ubuntu-latest - name: Initiate deploy job in CircleCI - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"develop_branch_deploy": true, "target_env": "develop"}' +on: + push: + branches: + - develop + paths_ignore: + - 'docs/**' + - '**.md' + - '**.txt' + - '.gitattributes' + - '.gitignore' + - 'LICENSE' +jobs: + merge_deployment: + if: github.ref == 'refs/heads/develop' + runs-on: ubuntu-latest + name: Initiate deploy job in CircleCI + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"develop_branch_deploy": true, "target_env": "develop"}' diff --git a/.github/workflows/deploy-infrastructure.yml b/.github/workflows/deploy-infrastructure.yml index fd98d3e85..e1237e592 100644 --- a/.github/workflows/deploy-infrastructure.yml +++ b/.github/workflows/deploy-infrastructure.yml @@ -17,25 +17,25 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Run Infrastructure Pipeline When Terraform or Infrastructure Files Change - on: - push: - paths: - - 'terraform/**' - - '.circleci/infrastructure/**' - paths_ignore: - - '**.md' - - '**.txt' - jobs: - run_infrastructure_deployment: - runs-on: ubuntu-latest - name: Deploy Infrastructure - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"deploy_infrastructure": true}' \ No newline at end of file +on: + push: + paths: + - 'terraform/**' + - '.circleci/infrastructure/**' + paths_ignore: + - '**.md' + - '**.txt' +jobs: + run_infrastructure_deployment: + runs-on: ubuntu-latest + name: Deploy Infrastructure + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"deploy_infrastructure": true}' \ No newline at end of file diff --git a/.github/workflows/deploy-on-label.yml b/.github/workflows/deploy-on-label.yml index 0faf51583..6bbf65584 100644 --- a/.github/workflows/deploy-on-label.yml +++ b/.github/workflows/deploy-on-label.yml @@ -23,47 +23,47 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Deploy PR based on Label - on: - pull_request: - types: - - labeled - jobs: - pr_labeled_deployment: - if: startsWith(github.event.label.name, 'Deploy with CircleCI') - runs-on: ubuntu-latest - name: Initiate deploy job in CircleCI - steps: - - uses: actions/checkout@v2 - - name: Extract Deploy ENV - id: extract-deploy-env - run: | - IFS='-' # hyphen (-) is set as delimiter - read -ra ADDR <<< "${{ github.event.label.name }}" # str is read into an array as tokens separated by IFS - DEPLOY_ENV="${ADDR[1]}" - echo "::set-output name=DEPLOY_ENV::$DEPLOY_ENV" - IFS=' ' - - name: Get PR Status Checks - id: get-pr-checks - uses: octokit/request-action@v2.x - with: - route: GET /repos/{owner}/{repo}/commits/{ref}/status - owner: ${{ github.repository_owner }} - repo: TANF-app - ref: ${{ github.event.pull_request.head.ref }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Extract current PR state - id: get-pr-state - run: | - STATE=${{ fromJson(steps.get-pr-checks.outputs.data).state }} - echo "::set-output name=STATE::$STATE" - echo "Current PR state: $STATE" - - name: Circle CI Deployment Trigger - id: curl-circle-ci - if: steps.get-pr-state.outputs.STATE == 'success' - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.head_ref }} - payload: '{"run_dev_deployment": true, "target_env": "${{steps.extract-deploy-env.outputs.DEPLOY_ENV}}"}' +on: + pull_request: + types: + - labeled +jobs: + pr_labeled_deployment: + if: startsWith(github.event.label.name, 'Deploy with CircleCI') + runs-on: ubuntu-latest + name: Initiate deploy job in CircleCI + steps: + - uses: actions/checkout@v2 + - name: Extract Deploy ENV + id: extract-deploy-env + run: | + IFS='-' # hyphen (-) is set as delimiter + read -ra ADDR <<< "${{ github.event.label.name }}" # str is read into an array as tokens separated by IFS + DEPLOY_ENV="${ADDR[1]}" + echo "::set-output name=DEPLOY_ENV::$DEPLOY_ENV" + IFS=' ' + - name: Get PR Status Checks + id: get-pr-checks + uses: octokit/request-action@v2.x + with: + route: GET /repos/{owner}/{repo}/commits/{ref}/status + owner: ${{ github.repository_owner }} + repo: TANF-app + ref: ${{ github.event.pull_request.head.ref }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Extract current PR state + id: get-pr-state + run: | + STATE=${{ fromJson(steps.get-pr-checks.outputs.data).state }} + echo "::set-output name=STATE::$STATE" + echo "Current PR state: $STATE" + - name: Circle CI Deployment Trigger + id: curl-circle-ci + if: steps.get-pr-state.outputs.STATE == 'success' + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.head_ref }} + payload: '{"run_dev_deployment": true, "target_env": "${{steps.extract-deploy-env.outputs.DEPLOY_ENV}}"}' diff --git a/.github/workflows/make_erd.yml b/.github/workflows/make_erd.yml index cc3ab6ad9..e081b6cd4 100644 --- a/.github/workflows/make_erd.yml +++ b/.github/workflows/make_erd.yml @@ -15,22 +15,22 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Run The Utility Make ERD Pipeline - on: - push: - branches: - - develop - - master - jobs: - make_erd: - runs-on: ubuntu-latest - name: Make ERD - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"util_make_erd": true}' \ No newline at end of file +on: + push: + branches: + - develop + - master + jobs: +make_erd: + runs-on: ubuntu-latest + name: Make ERD + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"util_make_erd": true}' \ No newline at end of file diff --git a/.github/workflows/qasp-owasp-scan.yml b/.github/workflows/qasp-owasp-scan.yml index 12306397e..3a4dea99b 100644 --- a/.github/workflows/qasp-owasp-scan.yml +++ b/.github/workflows/qasp-owasp-scan.yml @@ -1,38 +1,38 @@ name: Run OWASP scan when a PR moves into QASP Review - on: - pull_request: - types: - - labeled - - synchronize - - reopened - # Prevent running more than one job at a time per branch. - concurrency: - group: ${{ github.head_ref }} - cancel-in-progress: true - jobs: - qasp_label_check: - name: Initiate OWASP scan in Circle CI - env: - # Check the label from the pull request itself, rather than the event - - # not all event types will contain the label name. - HAS_QASP_LABEL: ${{ contains(github.event.pull_request.labels.*.name, 'QASP Review') }} - # Prevent running the action for label events that aren't QASP Review, but - # we need to allow other accepted event types without checking the label. - if: | - github.event.action == 'synchronize' || - github.event.action == 'reopened' || - github.event.action == 'labeled' && github.event.label.name == 'QASP Review' - runs-on: ubuntu-latest - steps: - - name: Trigger Circle CI OWASP scan if PR has QASP Review label - id: curl-circle-ci - if: env.HAS_QASP_LABEL == 'true' - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: ${{ github.repository }} - branch: ${{ github.head_ref }} - payload: | - { - "run_owasp_scan": ${{ env.HAS_QASP_LABEL }} - } +on: + pull_request: + types: + - labeled + - synchronize + - reopened +# Prevent running more than one job at a time per branch. +concurrency: + group: ${{ github.head_ref }} + cancel-in-progress: true +jobs: + qasp_label_check: + name: Initiate OWASP scan in Circle CI + env: + # Check the label from the pull request itself, rather than the event - + # not all event types will contain the label name. + HAS_QASP_LABEL: ${{ contains(github.event.pull_request.labels.*.name, 'QASP Review') }} + # Prevent running the action for label events that aren't QASP Review, but + # we need to allow other accepted event types without checking the label. + if: | + github.event.action == 'synchronize' || + github.event.action == 'reopened' || + github.event.action == 'labeled' && github.event.label.name == 'QASP Review' + runs-on: ubuntu-latest + steps: + - name: Trigger Circle CI OWASP scan if PR has QASP Review label + id: curl-circle-ci + if: env.HAS_QASP_LABEL == 'true' + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: ${{ github.repository }} + branch: ${{ github.head_ref }} + payload: | + { + "run_owasp_scan": ${{ env.HAS_QASP_LABEL }} + } From e3c3fdbd1a0e83f8ff81dab373d52c0d1aa7e119 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Tue, 2 May 2023 16:37:06 -0600 Subject: [PATCH 13/35] fixed spacing on make_erd, ignoreing main and master for front/backend only builds --- .../{build-all-on-pr.yml => build-all.yml} | 0 .github/workflows/build-backend.yml | 4 ++- .github/workflows/build-frontend.yml | 4 ++- .github/workflows/make_erd.yml | 26 +++++++++---------- 4 files changed, 19 insertions(+), 15 deletions(-) rename .github/workflows/{build-all-on-pr.yml => build-all.yml} (100%) diff --git a/.github/workflows/build-all-on-pr.yml b/.github/workflows/build-all.yml similarity index 100% rename from .github/workflows/build-all-on-pr.yml rename to .github/workflows/build-all.yml diff --git a/.github/workflows/build-backend.yml b/.github/workflows/build-backend.yml index 164338fef..a04591cd2 100644 --- a/.github/workflows/build-backend.yml +++ b/.github/workflows/build-backend.yml @@ -19,7 +19,9 @@ ########################################################################### name: Build Only Backend When tdrs-backend/ Files Change branches-ignore: - - develop + - develop + - main + - master on: push: paths: 'tdrs-backend/**' diff --git a/.github/workflows/build-frontend.yml b/.github/workflows/build-frontend.yml index 9304dfe62..27d874a94 100644 --- a/.github/workflows/build-frontend.yml +++ b/.github/workflows/build-frontend.yml @@ -19,7 +19,9 @@ ########################################################################### name: Build Only Frontend When tdrs-frontend Files Change branches-ignore: - - develop + - develop + - main + - master on: push: paths: 'tdrs-frontend/**' diff --git a/.github/workflows/make_erd.yml b/.github/workflows/make_erd.yml index e081b6cd4..96aa04967 100644 --- a/.github/workflows/make_erd.yml +++ b/.github/workflows/make_erd.yml @@ -21,16 +21,16 @@ on: - develop - master jobs: -make_erd: - runs-on: ubuntu-latest - name: Make ERD - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"util_make_erd": true}' \ No newline at end of file + make_erd: + runs-on: ubuntu-latest + name: Make ERD + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"util_make_erd": true}' \ No newline at end of file From de3db2ecf894b5fb28033c163c03da1bd94c1278 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Tue, 2 May 2023 16:48:41 -0600 Subject: [PATCH 14/35] fixed spacing on make_erd --- .github/workflows/make_erd.yml | 38 +++++++++++++++++----------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/make_erd.yml b/.github/workflows/make_erd.yml index 96aa04967..445d69160 100644 --- a/.github/workflows/make_erd.yml +++ b/.github/workflows/make_erd.yml @@ -15,22 +15,22 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Run The Utility Make ERD Pipeline -on: - push: - branches: - - develop - - master - jobs: - make_erd: - runs-on: ubuntu-latest - name: Make ERD - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"util_make_erd": true}' \ No newline at end of file + on: + push: + branches: + - develop + - master + jobs: + make_erd: + runs-on: ubuntu-latest + name: Make ERD + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"util_make_erd": true}' \ No newline at end of file From 9827c4d703fb8dbc89726809b24e60809fac9d23 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Tue, 2 May 2023 16:51:03 -0600 Subject: [PATCH 15/35] fixed spacing on make_erd --- .github/workflows/make_erd.yml | 38 +++++++++++++++++----------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/make_erd.yml b/.github/workflows/make_erd.yml index 445d69160..9ce204f4c 100644 --- a/.github/workflows/make_erd.yml +++ b/.github/workflows/make_erd.yml @@ -15,22 +15,22 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Run The Utility Make ERD Pipeline - on: - push: - branches: - - develop - - master - jobs: - make_erd: - runs-on: ubuntu-latest - name: Make ERD - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app - branch: ${{ github.ref }} - payload: '{"util_make_erd": true}' \ No newline at end of file +on: + push: + branches: + - develop + - master +jobs: + make_erd: + runs-on: ubuntu-latest + name: Make ERD + steps: + - uses: actions/checkout@v2 + - name: Circle CI Deployment Trigger + id: curl-circle-ci + uses: promiseofcake/circleci-trigger-action@v1 + with: + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} + project-slug: raft-tech/TANF-app + branch: ${{ github.ref }} + payload: '{"util_make_erd": true}' \ No newline at end of file From 49c497a4db7323ba2a47b52cb25a87eb8d9d17e1 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 08:04:15 -0600 Subject: [PATCH 16/35] changing backend file to test filtering --- tdrs-backend/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tdrs-backend/Dockerfile b/tdrs-backend/Dockerfile index 66adac50c..3c6c84e52 100644 --- a/tdrs-backend/Dockerfile +++ b/tdrs-backend/Dockerfile @@ -34,4 +34,4 @@ CMD ["./gunicorn_start.sh"] # docker ps -a # to get the container id # docker commit debug/ # docker run -it --rm --entrypoint /bin/bash debug/ -# delete me +# delete this line From eee992868c899eaa5a548c07d0faca236d90b635 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 08:09:30 -0600 Subject: [PATCH 17/35] nest branches-ignore in push block --- .github/workflows/build-backend.yml | 8 ++++---- .github/workflows/build-frontend.yml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-backend.yml b/.github/workflows/build-backend.yml index a04591cd2..ade44f06b 100644 --- a/.github/workflows/build-backend.yml +++ b/.github/workflows/build-backend.yml @@ -18,16 +18,16 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Build Only Backend When tdrs-backend/ Files Change -branches-ignore: - - develop - - main - - master on: push: paths: 'tdrs-backend/**' paths_ignore: - '**.md' - '**.txt' + branches-ignore: + - develop + - main + - master jobs: build_and_test_backend: runs-on: ubuntu-latest diff --git a/.github/workflows/build-frontend.yml b/.github/workflows/build-frontend.yml index 27d874a94..ceab4d070 100644 --- a/.github/workflows/build-frontend.yml +++ b/.github/workflows/build-frontend.yml @@ -18,16 +18,16 @@ # https://github.com/promiseofcake/circleci-trigger-action ########################################################################### name: Build Only Frontend When tdrs-frontend Files Change -branches-ignore: - - develop - - main - - master on: push: paths: 'tdrs-frontend/**' paths_ignore: - '**.md' - '**.txt' + branches-ignore: + - develop + - main + - master jobs: build_and_test_frontend: runs-on: ubuntu-latest From d8b51f5b2e0e6d0cdf0c5a58558a3416aed42bdd Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 08:17:47 -0600 Subject: [PATCH 18/35] changing backend file to test filtering --- tdrs-backend/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tdrs-backend/Dockerfile b/tdrs-backend/Dockerfile index 3c6c84e52..3ab8760be 100644 --- a/tdrs-backend/Dockerfile +++ b/tdrs-backend/Dockerfile @@ -34,4 +34,4 @@ CMD ["./gunicorn_start.sh"] # docker ps -a # to get the container id # docker commit debug/ # docker run -it --rm --entrypoint /bin/bash debug/ -# delete this line +# delete this From 3e8e4f5c49c4f0186743d40df4191f4eb8d25969 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 09:54:09 -0600 Subject: [PATCH 19/35] trying different condition, 'not' doesn't seem to be working as expected --- .circleci/build-and-test/workflows.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.circleci/build-and-test/workflows.yml b/.circleci/build-and-test/workflows.yml index b3d7f0d3d..9796fb962 100644 --- a/.circleci/build-and-test/workflows.yml +++ b/.circleci/build-and-test/workflows.yml @@ -20,7 +20,8 @@ when: and: - << pipeline.parameters.build_and_test_backend >> - - not: << pipeline.parameters.build_and_test_frontend >> + - equal: [ false, << pipeline.parameters.build_and_test_frontend >> ] + # - not: << pipeline.parameters.build_and_test_frontend >> jobs: - secrets-check - test-backend: From bd21962f013519be66cfdfc4799e06002a7e9370 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 09:56:07 -0600 Subject: [PATCH 20/35] changing backend file to test filtering --- tdrs-backend/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tdrs-backend/Dockerfile b/tdrs-backend/Dockerfile index 3ab8760be..3c6c84e52 100644 --- a/tdrs-backend/Dockerfile +++ b/tdrs-backend/Dockerfile @@ -34,4 +34,4 @@ CMD ["./gunicorn_start.sh"] # docker ps -a # to get the container id # docker commit debug/ # docker run -it --rm --entrypoint /bin/bash debug/ -# delete this +# delete this line From 96af260bdd8e997de15cafda68be92d70ccbd2ea Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 10:02:00 -0600 Subject: [PATCH 21/35] still trying different conditionals for circleci for filtering on --- .circleci/base_config.yml | 3 +++ .circleci/build-and-test/workflows.yml | 3 +-- .circleci/config.yml | 3 +++ .github/workflows/build-backend.yml | 2 +- 4 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.circleci/base_config.yml b/.circleci/base_config.yml index 4460f587e..f91e29db7 100644 --- a/.circleci/base_config.yml +++ b/.circleci/base_config.yml @@ -21,6 +21,9 @@ executors: resource_class: large parameters: + backend_only: + type: boolean + default: false build_and_test_backend: type: boolean default: false diff --git a/.circleci/build-and-test/workflows.yml b/.circleci/build-and-test/workflows.yml index 9796fb962..b5176b004 100644 --- a/.circleci/build-and-test/workflows.yml +++ b/.circleci/build-and-test/workflows.yml @@ -20,8 +20,7 @@ when: and: - << pipeline.parameters.build_and_test_backend >> - - equal: [ false, << pipeline.parameters.build_and_test_frontend >> ] - # - not: << pipeline.parameters.build_and_test_frontend >> + - << pipeline.parameters.backend_only >> jobs: - secrets-check - test-backend: diff --git a/.circleci/config.yml b/.circleci/config.yml index a4228686a..fef789989 100755 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -13,6 +13,9 @@ orbs: # parameters from github actions parameters: + backend_only: + type: boolean + default: false build_and_test_backend: type: boolean default: false diff --git a/.github/workflows/build-backend.yml b/.github/workflows/build-backend.yml index ade44f06b..0d1058205 100644 --- a/.github/workflows/build-backend.yml +++ b/.github/workflows/build-backend.yml @@ -41,4 +41,4 @@ jobs: user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} project-slug: raft-tech/TANF-app branch: ${{ github.ref }} - payload: '{"build_and_test_backend": true}' + payload: '{"build_and_test_backend": true, "backend_only": true}' From fd0340ae609e38607d26e5b86a528e6680963983 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 10:13:06 -0600 Subject: [PATCH 22/35] still trying different conditionals for circleci for filtering on --- .circleci/base_config.yml | 3 +++ .circleci/build-and-test/workflows.yml | 2 +- .circleci/config.yml | 3 +++ 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.circleci/base_config.yml b/.circleci/base_config.yml index f91e29db7..8885882a0 100644 --- a/.circleci/base_config.yml +++ b/.circleci/base_config.yml @@ -36,6 +36,9 @@ parameters: develop_branch_deploy: type: boolean default: false + frontend_only: + type: boolean + default: false run_dev_deployment: type: boolean default: false diff --git a/.circleci/build-and-test/workflows.yml b/.circleci/build-and-test/workflows.yml index b5176b004..3e3be362a 100644 --- a/.circleci/build-and-test/workflows.yml +++ b/.circleci/build-and-test/workflows.yml @@ -34,7 +34,7 @@ when: and: - << pipeline.parameters.build_and_test_frontend >> - - not: << pipeline.parameters.build_and_test_backend >> + - << pipeline.parameters.frontend_only >> jobs: - secrets-check - test-frontend: diff --git a/.circleci/config.yml b/.circleci/config.yml index fef789989..4b82f104d 100755 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -28,6 +28,9 @@ parameters: develop_branch_deploy: type: boolean default: false + frontend_only: + type: boolean + default: false run_dev_deployment: type: boolean default: false From e4ffa3b5430be112962c9317610896cbf9d54b9c Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 10:14:29 -0600 Subject: [PATCH 23/35] changing backend file to test filtering --- tdrs-backend/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tdrs-backend/Dockerfile b/tdrs-backend/Dockerfile index 3c6c84e52..3ab8760be 100644 --- a/tdrs-backend/Dockerfile +++ b/tdrs-backend/Dockerfile @@ -34,4 +34,4 @@ CMD ["./gunicorn_start.sh"] # docker ps -a # to get the container id # docker commit debug/ # docker run -it --rm --entrypoint /bin/bash debug/ -# delete this line +# delete this From af52b47f23b404c3b8220f82ded35ac587f6fefa Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 11:17:58 -0600 Subject: [PATCH 24/35] can't use negative filtering for circleci workflows, so adding in build_and_test_all variable --- .circleci/base_config.yml | 5 +---- .circleci/build-and-test/workflows.yml | 15 +++------------ .circleci/config.yml | 5 +---- .github/workflows/build-all.yml | 3 ++- .github/workflows/build-backend.yml | 2 +- 5 files changed, 8 insertions(+), 22 deletions(-) diff --git a/.circleci/base_config.yml b/.circleci/base_config.yml index 8885882a0..f014567c6 100644 --- a/.circleci/base_config.yml +++ b/.circleci/base_config.yml @@ -21,7 +21,7 @@ executors: resource_class: large parameters: - backend_only: + build_and_test_all: type: boolean default: false build_and_test_backend: @@ -36,9 +36,6 @@ parameters: develop_branch_deploy: type: boolean default: false - frontend_only: - type: boolean - default: false run_dev_deployment: type: boolean default: false diff --git a/.circleci/build-and-test/workflows.yml b/.circleci/build-and-test/workflows.yml index 3e3be362a..e50ba49ed 100644 --- a/.circleci/build-and-test/workflows.yml +++ b/.circleci/build-and-test/workflows.yml @@ -1,9 +1,6 @@ # workflows: build-and-test-all: - when: - and: - - << pipeline.parameters.build_and_test_backend >> - - << pipeline.parameters.build_and_test_frontend >> + when: << pipeline.parameters.build_and_test_all >> jobs: - secrets-check - test-backend: @@ -17,10 +14,7 @@ - secrets-check build-and-test-backend: - when: - and: - - << pipeline.parameters.build_and_test_backend >> - - << pipeline.parameters.backend_only >> + when: << pipeline.parameters.build_and_test_backend >> jobs: - secrets-check - test-backend: @@ -31,10 +25,7 @@ - secrets-check build-and-test-frontend: - when: - and: - - << pipeline.parameters.build_and_test_frontend >> - - << pipeline.parameters.frontend_only >> + when: << pipeline.parameters.build_and_test_frontend >> jobs: - secrets-check - test-frontend: diff --git a/.circleci/config.yml b/.circleci/config.yml index 4b82f104d..91facf787 100755 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -13,7 +13,7 @@ orbs: # parameters from github actions parameters: - backend_only: + build_and_test_all: type: boolean default: false build_and_test_backend: @@ -28,9 +28,6 @@ parameters: develop_branch_deploy: type: boolean default: false - frontend_only: - type: boolean - default: false run_dev_deployment: type: boolean default: false diff --git a/.github/workflows/build-all.yml b/.github/workflows/build-all.yml index 2c3407138..3cbeff1fa 100644 --- a/.github/workflows/build-all.yml +++ b/.github/workflows/build-all.yml @@ -40,6 +40,7 @@ on: paths_ignore: - '**.md' pull_request: + types: [review_requested, ready_for_review] paths_ignore: - 'docs/**' - '**.md' @@ -60,4 +61,4 @@ jobs: user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} project-slug: raft-tech/TANF-app branch: ${{ github.ref }} - payload: '{"build_and_test_backend": true, "build_and_test_frontend": true}' + payload: '{"build_and_test_all": true}' diff --git a/.github/workflows/build-backend.yml b/.github/workflows/build-backend.yml index 0d1058205..ade44f06b 100644 --- a/.github/workflows/build-backend.yml +++ b/.github/workflows/build-backend.yml @@ -41,4 +41,4 @@ jobs: user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} project-slug: raft-tech/TANF-app branch: ${{ github.ref }} - payload: '{"build_and_test_backend": true, "backend_only": true}' + payload: '{"build_and_test_backend": true}' From cb00d49b9ad9e26e85eb23f34cb03f355c5335bb Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 11:20:10 -0600 Subject: [PATCH 25/35] changing backend file to test filtering --- tdrs-backend/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tdrs-backend/Dockerfile b/tdrs-backend/Dockerfile index 3ab8760be..3c6c84e52 100644 --- a/tdrs-backend/Dockerfile +++ b/tdrs-backend/Dockerfile @@ -34,4 +34,4 @@ CMD ["./gunicorn_start.sh"] # docker ps -a # to get the container id # docker commit debug/ # docker run -it --rm --entrypoint /bin/bash debug/ -# delete this +# delete this line From 184867b1b31ed17c88c5f9c6733c71edffbf9ac8 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 11:25:49 -0600 Subject: [PATCH 26/35] changing frontend file to test filtering --- tdrs-frontend/src/index.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tdrs-frontend/src/index.js b/tdrs-frontend/src/index.js index 3a2f2060c..beac19a41 100644 --- a/tdrs-frontend/src/index.js +++ b/tdrs-frontend/src/index.js @@ -45,3 +45,6 @@ ReactDOM.render( if (window.Cypress) { window.store = store } + + +// delete this line \ No newline at end of file From 1b0058fcc0fb10df68f454489de214ffb2ae6889 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 11:38:45 -0600 Subject: [PATCH 27/35] changing terraform file to test filtering --- terraform/dev/main.tf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/terraform/dev/main.tf b/terraform/dev/main.tf index ba01d9cf3..951e6f039 100644 --- a/terraform/dev/main.tf +++ b/terraform/dev/main.tf @@ -76,3 +76,5 @@ resource "cloudfoundry_service_instance" "datafiles" { service_plan = data.cloudfoundry_service.s3.service_plans["basic-sandbox"] recursive_delete = true } + +# DELETE THIS LINE \ No newline at end of file From bfd93dd873ffc5184685b39806e4ccc76bdff553 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 12:13:08 -0600 Subject: [PATCH 28/35] removing innocuouschanges to files to test filtering, should trigger all three pipelines individually --- tdrs-backend/Dockerfile | 1 - tdrs-frontend/src/index.js | 3 --- terraform/dev/main.tf | 2 -- 3 files changed, 6 deletions(-) diff --git a/tdrs-backend/Dockerfile b/tdrs-backend/Dockerfile index 3c6c84e52..b3aac7c82 100644 --- a/tdrs-backend/Dockerfile +++ b/tdrs-backend/Dockerfile @@ -34,4 +34,3 @@ CMD ["./gunicorn_start.sh"] # docker ps -a # to get the container id # docker commit debug/ # docker run -it --rm --entrypoint /bin/bash debug/ -# delete this line diff --git a/tdrs-frontend/src/index.js b/tdrs-frontend/src/index.js index beac19a41..3a2f2060c 100644 --- a/tdrs-frontend/src/index.js +++ b/tdrs-frontend/src/index.js @@ -45,6 +45,3 @@ ReactDOM.render( if (window.Cypress) { window.store = store } - - -// delete this line \ No newline at end of file diff --git a/terraform/dev/main.tf b/terraform/dev/main.tf index 951e6f039..ba01d9cf3 100644 --- a/terraform/dev/main.tf +++ b/terraform/dev/main.tf @@ -76,5 +76,3 @@ resource "cloudfoundry_service_instance" "datafiles" { service_plan = data.cloudfoundry_service.s3.service_plans["basic-sandbox"] recursive_delete = true } - -# DELETE THIS LINE \ No newline at end of file From d3e0dca33195ef03a7ce4ccd71ce7de309157273 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 13:01:14 -0600 Subject: [PATCH 29/35] updated documentation to include why we use Actions to trigger CircleCI builds --- .circleci/README.md | 4 ++-- .github/workflows/{make_erd.yml => make-erd.yml} | 0 docs/Technical-Documentation/github-actions.md | 5 +++++ 3 files changed, 7 insertions(+), 2 deletions(-) rename .github/workflows/{make_erd.yml => make-erd.yml} (100%) create mode 100644 docs/Technical-Documentation/github-actions.md diff --git a/.circleci/README.md b/.circleci/README.md index 725e42bf2..e73321489 100644 --- a/.circleci/README.md +++ b/.circleci/README.md @@ -14,10 +14,10 @@ This script will generate a complete config for building, testing, and deploying ### Directory structure #### build-and-test -Contains workflows, jobs, and commands for building and testing the application. +Contains workflows, jobs, and commands for building and testing the application. These are now triggered by GitHub Actions that serve as a filter so only the code that's changed is tested. See [build-all](../.github/workflows/build-all.yml), [build-backend](../.github/workflows/build-backend.yml), and [build-frontend](../.github/workflows/build-frontend.yml) #### infrastructure -Contains workflows, jobs, and commands for setting up the infrastructure on Cloud gov. +Contains workflows, jobs, and commands for setting up the infrastructure on Cloud gov. This is now triggered by GitHub Actions that serve as a filter so only runs when infrastructure code is changed. See [deploy-infrastructure](../.github/workflows/deploy-infrastructure.yml) #### deployment Contains workflows, jobs, and commands for deploying the application on Cloud gov. diff --git a/.github/workflows/make_erd.yml b/.github/workflows/make-erd.yml similarity index 100% rename from .github/workflows/make_erd.yml rename to .github/workflows/make-erd.yml diff --git a/docs/Technical-Documentation/github-actions.md b/docs/Technical-Documentation/github-actions.md new file mode 100644 index 000000000..0751a011a --- /dev/null +++ b/docs/Technical-Documentation/github-actions.md @@ -0,0 +1,5 @@ +# How We Use GitHub Actions +For now, the only use case we have for GitHub Actions is to help up trigger CircleCI builds the way we want to. This is actually the preferred method CircleCI advises for branch, path, pull-request, and labelled filtering and job triggering. See https://circleci.com/blog/trigger-circleci-pipeline-github-action/, though we use promiseofcake/circleci-trigger-action@v1 plugin vs circleci/trigger_circleci_pipeline@v1.0 + +## Path Filtering +We use Actions to filter which workflows are getting run by CircleCI by sending different flags to CircleCI through the promiseofcake CircleCI API trigger. See the individual files in [.github](../../.github/) for detailed instructions for how to use each. \ No newline at end of file From b593676e4c3d4dac946c177fc3aee45dae37509a Mon Sep 17 00:00:00 2001 From: George Hudson Date: Wed, 3 May 2023 13:08:55 -0600 Subject: [PATCH 30/35] added more documentation, with better links --- .circleci/README.md | 2 +- docs/Technical-Documentation/github-actions.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.circleci/README.md b/.circleci/README.md index e73321489..07e75bec9 100644 --- a/.circleci/README.md +++ b/.circleci/README.md @@ -20,7 +20,7 @@ Contains workflows, jobs, and commands for building and testing the application. Contains workflows, jobs, and commands for setting up the infrastructure on Cloud gov. This is now triggered by GitHub Actions that serve as a filter so only runs when infrastructure code is changed. See [deploy-infrastructure](../.github/workflows/deploy-infrastructure.yml) #### deployment -Contains workflows, jobs, and commands for deploying the application on Cloud gov. +Contains workflows, jobs, and commands for deploying the application on Cloud gov. Note: merges to develop now automatically trigger a develop deploy using [deploy-develop-on-merge](../.github/workflows/deploy-develop-on-merge.yml) and deploys to dev environments happen when a label is created on the PR using [deploy-on-label](../.github/workflows/deploy-on-label.yml) #### owasp Contains workflows, jobs, and commands for running OWASP scans on the application in during the pipeline against Cloud.gov environments. diff --git a/docs/Technical-Documentation/github-actions.md b/docs/Technical-Documentation/github-actions.md index 0751a011a..0ae1aeff5 100644 --- a/docs/Technical-Documentation/github-actions.md +++ b/docs/Technical-Documentation/github-actions.md @@ -1,5 +1,5 @@ # How We Use GitHub Actions -For now, the only use case we have for GitHub Actions is to help up trigger CircleCI builds the way we want to. This is actually the preferred method CircleCI advises for branch, path, pull-request, and labelled filtering and job triggering. See https://circleci.com/blog/trigger-circleci-pipeline-github-action/, though we use promiseofcake/circleci-trigger-action@v1 plugin vs circleci/trigger_circleci_pipeline@v1.0 +For now, the only use case we have for GitHub Actions is to help up trigger CircleCI builds the way we want to. This is actually the preferred method CircleCI advises for branch, path, pull-request, and labelled filtering and job triggering. See this [blog](https://circleci.com/blog/trigger-circleci-pipeline-github-action/) for details, though we use [promiseofcake/circleci-trigger-action@v](https://github.com/promiseofcake/circleci-trigger-action) plugin vs circleci/trigger_circleci_pipeline@v1.0 ## Path Filtering We use Actions to filter which workflows are getting run by CircleCI by sending different flags to CircleCI through the promiseofcake CircleCI API trigger. See the individual files in [.github](../../.github/) for detailed instructions for how to use each. \ No newline at end of file From 96979ffdb030186e4acc10af9f2dacf3c33c66f0 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Fri, 5 May 2023 12:52:05 -0600 Subject: [PATCH 31/35] update all actions to use github.repository instead of hard coded Raft repo in order to work with HHS side as well --- .github/workflows/build-all.yml | 4 ++-- .github/workflows/build-backend.yml | 2 +- .github/workflows/build-frontend.yml | 2 +- .github/workflows/deploy-develop-on-merge.yml | 2 +- .github/workflows/deploy-infrastructure.yml | 2 +- .github/workflows/deploy-on-label.yml | 2 +- .github/workflows/make-erd.yml | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-all.yml b/.github/workflows/build-all.yml index 3cbeff1fa..c7ab3561e 100644 --- a/.github/workflows/build-all.yml +++ b/.github/workflows/build-all.yml @@ -58,7 +58,7 @@ jobs: id: curl-circle-ci uses: promiseofcake/circleci-trigger-action@v1 with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} # make sure works with HHS + project-slug: ${{ github.repository }} branch: ${{ github.ref }} payload: '{"build_and_test_all": true}' diff --git a/.github/workflows/build-backend.yml b/.github/workflows/build-backend.yml index ade44f06b..b65a55222 100644 --- a/.github/workflows/build-backend.yml +++ b/.github/workflows/build-backend.yml @@ -39,6 +39,6 @@ jobs: uses: promiseofcake/circleci-trigger-action@v1 with: user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app + project-slug: ${{ github.repository }} branch: ${{ github.ref }} payload: '{"build_and_test_backend": true}' diff --git a/.github/workflows/build-frontend.yml b/.github/workflows/build-frontend.yml index ceab4d070..6b374db5a 100644 --- a/.github/workflows/build-frontend.yml +++ b/.github/workflows/build-frontend.yml @@ -39,6 +39,6 @@ jobs: uses: promiseofcake/circleci-trigger-action@v1 with: user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app + project-slug: ${{ github.repository }} branch: ${{ github.ref }} payload: '{"build_and_test_frontend": true}' \ No newline at end of file diff --git a/.github/workflows/deploy-develop-on-merge.yml b/.github/workflows/deploy-develop-on-merge.yml index eb1f72ecc..670a5b081 100644 --- a/.github/workflows/deploy-develop-on-merge.yml +++ b/.github/workflows/deploy-develop-on-merge.yml @@ -43,6 +43,6 @@ jobs: uses: promiseofcake/circleci-trigger-action@v1 with: user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app + project-slug: ${{ github.repository }} branch: ${{ github.ref }} payload: '{"develop_branch_deploy": true, "target_env": "develop"}' diff --git a/.github/workflows/deploy-infrastructure.yml b/.github/workflows/deploy-infrastructure.yml index e1237e592..d823f132e 100644 --- a/.github/workflows/deploy-infrastructure.yml +++ b/.github/workflows/deploy-infrastructure.yml @@ -36,6 +36,6 @@ jobs: uses: promiseofcake/circleci-trigger-action@v1 with: user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app + project-slug: ${{ github.repository }} branch: ${{ github.ref }} payload: '{"deploy_infrastructure": true}' \ No newline at end of file diff --git a/.github/workflows/deploy-on-label.yml b/.github/workflows/deploy-on-label.yml index 6bbf65584..857dd3a35 100644 --- a/.github/workflows/deploy-on-label.yml +++ b/.github/workflows/deploy-on-label.yml @@ -64,6 +64,6 @@ jobs: uses: promiseofcake/circleci-trigger-action@v1 with: user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app + project-slug: ${{ github.repository }} branch: ${{ github.head_ref }} payload: '{"run_dev_deployment": true, "target_env": "${{steps.extract-deploy-env.outputs.DEPLOY_ENV}}"}' diff --git a/.github/workflows/make-erd.yml b/.github/workflows/make-erd.yml index 9ce204f4c..8bce08194 100644 --- a/.github/workflows/make-erd.yml +++ b/.github/workflows/make-erd.yml @@ -31,6 +31,6 @@ jobs: uses: promiseofcake/circleci-trigger-action@v1 with: user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: raft-tech/TANF-app + project-slug: ${{ github.repository }} branch: ${{ github.ref }} payload: '{"util_make_erd": true}' \ No newline at end of file From 4405b0a5161ba3a70cd6e0b036077de6bdd44ecb Mon Sep 17 00:00:00 2001 From: George Hudson Date: Mon, 8 May 2023 08:52:14 -0600 Subject: [PATCH 32/35] updated circleci logic for HHS side --- .circleci/build-and-test/workflows.yml | 6 +++- .circleci/infrastructure/workflows.yml | 7 ++-- .circleci/util/workflows.yml | 4 ++- .github/workflows/build-all.yml | 3 ++ .github/workflows/deploy-infrastructure.yml | 3 ++ .github/workflows/make-erd.yml | 36 --------------------- 6 files changed, 19 insertions(+), 40 deletions(-) delete mode 100644 .github/workflows/make-erd.yml diff --git a/.circleci/build-and-test/workflows.yml b/.circleci/build-and-test/workflows.yml index e50ba49ed..a35b14b21 100644 --- a/.circleci/build-and-test/workflows.yml +++ b/.circleci/build-and-test/workflows.yml @@ -1,6 +1,10 @@ # workflows: build-and-test-all: - when: << pipeline.parameters.build_and_test_all >> + when: + or: + - << pipeline.parameters.build_and_test_all >> + - equal: [ main, << pipeline.git.branch >> ] + - equal: [ master, << pipeline.git.branch >> ] jobs: - secrets-check - test-backend: diff --git a/.circleci/infrastructure/workflows.yml b/.circleci/infrastructure/workflows.yml index d6227184b..61b9e2dc5 100644 --- a/.circleci/infrastructure/workflows.yml +++ b/.circleci/infrastructure/workflows.yml @@ -1,7 +1,10 @@ #workflows: - enable-versioning-for-s3-buckets: - when: << pipeline.parameters.deploy_infrastructure >> + when: + or: + - << pipeline.parameters.deploy_infrastructure >> + - equal: [ main, << pipeline.git.branch >> ] + - equal: [ master, << pipeline.git.branch >> ] jobs: - enable-versioning: filters: diff --git a/.circleci/util/workflows.yml b/.circleci/util/workflows.yml index 399035170..7db298578 100644 --- a/.circleci/util/workflows.yml +++ b/.circleci/util/workflows.yml @@ -1,6 +1,8 @@ # workflows: erd: when: - << pipeline.parameters.util_make_erd >> + or: + - equal: [ develop, << pipeline.git.branch >> ] + - equal: [ master, << pipeline.git.branch >> ] jobs: - make_erd diff --git a/.github/workflows/build-all.yml b/.github/workflows/build-all.yml index c7ab3561e..dcc33074b 100644 --- a/.github/workflows/build-all.yml +++ b/.github/workflows/build-all.yml @@ -40,6 +40,9 @@ on: paths_ignore: - '**.md' pull_request: + branches_ignore: #handled in circleci + - main + - master types: [review_requested, ready_for_review] paths_ignore: - 'docs/**' diff --git a/.github/workflows/deploy-infrastructure.yml b/.github/workflows/deploy-infrastructure.yml index d823f132e..af3ebb0ad 100644 --- a/.github/workflows/deploy-infrastructure.yml +++ b/.github/workflows/deploy-infrastructure.yml @@ -19,6 +19,9 @@ name: Run Infrastructure Pipeline When Terraform or Infrastructure Files Change on: push: + branches_ignore: #handled in CircleCI + - main + - master paths: - 'terraform/**' - '.circleci/infrastructure/**' diff --git a/.github/workflows/make-erd.yml b/.github/workflows/make-erd.yml deleted file mode 100644 index 8bce08194..000000000 --- a/.github/workflows/make-erd.yml +++ /dev/null @@ -1,36 +0,0 @@ -########################################################################### -# GitHub Action Workflow -# On push to develop or master branches, triggers the make erd util pipeline. -# -# Step 0: merge to develop or master -# -# Step 1: Makes a request to the V2 CircleCI API to initiate the project, -# which will filter based upon terraform: true flag -# to run the workflow/jobs listed here: -# build-and-test:[ -# enable-versioning-for-s3-buckets -# ] -# -# Leverages the open source GitHub Action: -# https://github.com/promiseofcake/circleci-trigger-action -########################################################################### -name: Run The Utility Make ERD Pipeline -on: - push: - branches: - - develop - - master -jobs: - make_erd: - runs-on: ubuntu-latest - name: Make ERD - steps: - - uses: actions/checkout@v2 - - name: Circle CI Deployment Trigger - id: curl-circle-ci - uses: promiseofcake/circleci-trigger-action@v1 - with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} - project-slug: ${{ github.repository }} - branch: ${{ github.ref }} - payload: '{"util_make_erd": true}' \ No newline at end of file From 15b5b5646fe9197a14ab1da12381f0bad8ac99d8 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Mon, 8 May 2023 08:57:08 -0600 Subject: [PATCH 33/35] throwing in branch to test circleci side branch filtration --- .circleci/build-and-test/workflows.yml | 1 + .github/workflows/build-all.yml | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.circleci/build-and-test/workflows.yml b/.circleci/build-and-test/workflows.yml index a35b14b21..2f67c9fa4 100644 --- a/.circleci/build-and-test/workflows.yml +++ b/.circleci/build-and-test/workflows.yml @@ -5,6 +5,7 @@ - << pipeline.parameters.build_and_test_all >> - equal: [ main, << pipeline.git.branch >> ] - equal: [ master, << pipeline.git.branch >> ] + - equal: [ 'devops/2457-ci-path-filtering', << pipeline.git.branch >> ] jobs: - secrets-check - test-backend: diff --git a/.github/workflows/build-all.yml b/.github/workflows/build-all.yml index dcc33074b..d266e815f 100644 --- a/.github/workflows/build-all.yml +++ b/.github/workflows/build-all.yml @@ -61,7 +61,7 @@ jobs: id: curl-circle-ci uses: promiseofcake/circleci-trigger-action@v1 with: - user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} # make sure works with HHS + user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} project-slug: ${{ github.repository }} branch: ${{ github.ref }} - payload: '{"build_and_test_all": true}' + payload: '{"build_and_test_all": false}' #CHANGE BACK TO TRUE From 225cc26ce0354690b5110577cce4c52c20e88ca8 Mon Sep 17 00:00:00 2001 From: George Hudson Date: Mon, 8 May 2023 12:05:01 -0600 Subject: [PATCH 34/35] made changes so we can test in hhs_dev_devops branch --- .circleci/build-and-test/workflows.yml | 2 +- .github/workflows/build-all.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.circleci/build-and-test/workflows.yml b/.circleci/build-and-test/workflows.yml index 2f67c9fa4..dd3d59995 100644 --- a/.circleci/build-and-test/workflows.yml +++ b/.circleci/build-and-test/workflows.yml @@ -5,7 +5,7 @@ - << pipeline.parameters.build_and_test_all >> - equal: [ main, << pipeline.git.branch >> ] - equal: [ master, << pipeline.git.branch >> ] - - equal: [ 'devops/2457-ci-path-filtering', << pipeline.git.branch >> ] + - equal: [ 'hhs_dev_devops', << pipeline.git.branch >> ] jobs: - secrets-check - test-backend: diff --git a/.github/workflows/build-all.yml b/.github/workflows/build-all.yml index d266e815f..348c6d1dc 100644 --- a/.github/workflows/build-all.yml +++ b/.github/workflows/build-all.yml @@ -64,4 +64,4 @@ jobs: user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} project-slug: ${{ github.repository }} branch: ${{ github.ref }} - payload: '{"build_and_test_all": false}' #CHANGE BACK TO TRUE + payload: '{"build_and_test_all": true}' From 6ca5a76631c7ae00d48ca6495c4df1cf44e6e40f Mon Sep 17 00:00:00 2001 From: George Hudson Date: Mon, 8 May 2023 12:07:37 -0600 Subject: [PATCH 35/35] made changes so we can test in hhs-dev-devops branch --- .circleci/build-and-test/workflows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/build-and-test/workflows.yml b/.circleci/build-and-test/workflows.yml index dd3d59995..64ecd12f0 100644 --- a/.circleci/build-and-test/workflows.yml +++ b/.circleci/build-and-test/workflows.yml @@ -5,7 +5,7 @@ - << pipeline.parameters.build_and_test_all >> - equal: [ main, << pipeline.git.branch >> ] - equal: [ master, << pipeline.git.branch >> ] - - equal: [ 'hhs_dev_devops', << pipeline.git.branch >> ] + - equal: [ 'hhs-dev-devops', << pipeline.git.branch >> ] jobs: - secrets-check - test-backend: