Skip to content

DCMAW-11654: investigating github actions #451

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
kikidawson-gds wants to merge 4 commits into
base: main
Choose a base branch
from
Draft

DCMAW-11654: investigating github actions #451

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
1d315f5
DCMAW-11654: investigating github actions
kikidawson-gds Feb 27, 2025
245f941
test without gen proxy opne api spec
kikidawson-gds Mar 3, 2025
da07494
pull test suite step out into own job
kikidawson-gds Mar 5, 2025
c91f9e1
add workflows for pr and post merge
kikidawson-gds Mar 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
54 changes: 54 additions & 0 deletions .github/workflows/backend-api-post-merge.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
name: backend-api post merge

on:
push:
branches:
- main
paths:
- "backend-api/**"
- ".github/workflows/backend-api-post-merge.yml"
Comment thread
kikidawson-gds marked this conversation as resolved.
- "!backend-api/**/*.md"
- "!backend-api/**/*.png"
Comment thread
kikidawson-gds marked this conversation as resolved.

workflow_dispatch:

permissions:
contents: read
id-token: write

jobs:
sonarqube-scan:
name: SonarQube Scan
uses:
govuk-one-login/mobile-id-check-async/.github/workflows/job_sonarqube.yml@DCMAW-11654
with:
WORKING_DIRECTORY: ${{ inputs.WORKING_DIRECTORY }}
secrets: inherit

dev-post-merge:
name: Dev Post Merge
needs: sonarqube-scan
Copy link
Copy Markdown
Contributor Author

@kikidawson-gds kikidawson-gds Mar 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DCMAW-11675: Does this need dependence on sonar?

uses:
govuk-one-login/mobile-id-check-async/.github/workflows/workflow_post-merge.yml@DCMAW-11654
with:
WORKING_DIRECTORY: backend-api
secrets:
ARTIFACT_BUCKET_NAME: ${{ secrets.TEST_RESOURCES_DEV_ARTIFACT_BUCKET }}
CONTAINER_SIGN_KMS_KEY: ${{ secrets.DEV_CONTAINER_SIGN_KMS_KEY }}
GH_ACTIONS_ROLE_ARN: ${{ secrets.BACKEND_API_DEV_GH_ACTIONS_ROLE_ARN }}
SIGNING_PROFILE_NAME: ${{ secrets.DEV_SIGNING_PROFILE_NAME }}
TEST_IMAGE_REPOSITORY_URI: ${{ secrets.BACKEND_API_DEV_TEST_IMAGE_REPOSITORY }}

build-post-merge:
name: Build Post Merge
needs: dev-post-merge
uses:
govuk-one-login/mobile-id-check-async/.github/workflows/workflow_post-merge.yml@DCMAW-11654
with:
WORKING_DIRECTORY: backend-api
secrets:
ARTIFACT_BUCKET_NAME: ${{ secrets.TEST_RESOURCES_BUILD_ARTIFACT_BUCKET }}
CONTAINER_SIGN_KMS_KEY: ${{ secrets.BUILD_CONTAINER_SIGN_KMS_KEY }}
GH_ACTIONS_ROLE_ARN: ${{ secrets.BACKEND_API_BUILD_GH_ACTIONS_ROLE_ARN }}
SIGNING_PROFILE_NAME: ${{ secrets.BUILD_SIGNING_PROFILE_NAME }}
TEST_IMAGE_REPOSITORY_URI: ${{ secrets.BACKEND_API_BUILD_TEST_IMAGE_REPOSITORY }}
81 changes: 22 additions & 59 deletions .github/workflows/backend-api-pull-request.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
name: backend-api pull request
on:
# Triggers the workflow on pull request events for all branches
pull_request:
branches:
- main
Expand All @@ -10,66 +9,30 @@ on:
- ready_for_review
- synchronize
paths:
- "backend-api/**"
- ".github/workflows/backend-api-pull-request.yml"
# Allows you to run this workflow manually from the Actions tab
- "backend-api/**"
- "!backend-api/**/*.md"
- "!backend-api/**/*.png"

workflow_dispatch:

jobs:
ci-checks:
name: Run CI checks
runs-on: ubuntu-22.04
defaults:
run:
shell: bash
working-directory: backend-api
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
submodules: true
fetch-depth: 0

- name: Setup nodeJS v20
uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
cache-dependency-path: backend-api/package-lock.json

- name: Install dependencies
run: npm install

- name: Linting
run: npm run lint

- name: Check formatting using Prettier
run: npm run format:check

# Runs unit, infra and pact tests
- name: Run tests
run: npm run test

- name: Generate proxy open api spec
run: npm run generate-proxy-open-api

- name: Validate SAM template
run: sam validate --lint

- name: Run SonarCloud Scan
uses: sonarsource/sonarqube-scan-action@0303d6b62e310685c0e34d0b9cde218036885c4d # v5.0.0
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
projectBaseDir: backend-api

- name: SonarQube Quality Gate check
uses: Sonarsource/sonarqube-quality-gate-action@8406f4f1edaffef38e9fb9c53eb292fc1d7684fa # master
# Force to fail step after specific time
timeout-minutes: 5
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
scanMetadataReportFile: backend-api/.scannerwork/report-task.txt

name: CI Checks
if: github.event.pull_request.draft == false
uses:
govuk-one-login/mobile-id-check-async/.github/workflows/job_ci-checks.yml@DCMAW-11654
with:
GENERATE_PROXY_OPEN_API_SPEC: true
WORKING_DIRECTORY: backend-api
secrets: inherit

sonarqube:
name: SonarQube
needs: ci-checks
uses:
govuk-one-login/mobile-id-check-async/.github/workflows/job_sonarqube.yml@DCMAW-11654
with:
RUN_SONARQUBE_QUALITY_GATE_CHECK: true
WORKING_DIRECTORY: backend-api
secrets: inherit
215 changes: 0 additions & 215 deletions .github/workflows/backend-api-push-to-main.yml
View file
Open in desktop

This file was deleted.

Loading