From cf92c2d558803d370f29f2615135f0e3d67db3a9 Mon Sep 17 00:00:00 2001 From: Tero Virtanen Date: Thu, 31 Aug 2023 10:44:06 +0300 Subject: [PATCH] build: remove review workflows DEVOPS-563 --- .../workflows/bf-applicant-frontend-tests.yml | 8 +- .../workflows/bf-handler-frontend-tests.yml | 8 +- .github/workflows/bf-py-coding-style.yml | 4 +- .github/workflows/bf-pytest.yml | 4 +- .github/workflows/bf-review.yml | 296 ---------------- .../workflows/bf-shared-frontend-tests.yml | 7 +- .github/workflows/bf-stop_review.yml | 47 --- .github/workflows/codeql-analysis.yml | 4 +- .github/workflows/ks-empl-frontend-tests.yml | 8 +- .../workflows/ks-handler-frontend-tests.yml | 8 +- .github/workflows/ks-py-coding-style.yml | 6 +- .github/workflows/ks-pytest.yml | 5 +- .github/workflows/ks-review.yml | 319 ------------------ .../workflows/ks-shared-frontend-tests.yml | 7 +- .github/workflows/ks-stop_review.yml | 47 --- .github/workflows/ks-youth-frontend-tests.yml | 8 +- .github/workflows/shared-frontend-tests.yml | 6 +- .github/workflows/te-admn-frontend-tests.yml | 7 +- .github/workflows/te-py-coding-style.yml | 7 +- .github/workflows/te-pytest.yml | 6 +- .github/workflows/te-review.yml | 306 ----------------- .../workflows/te-shared-frontend-tests.yml | 7 +- .github/workflows/te-stop_review.yml | 47 --- .github/workflows/te-yout-frontend-tests.yml | 7 +- .github/workflows/yarn-audit-scheduled.yml | 2 +- 25 files changed, 26 insertions(+), 1155 deletions(-) delete mode 100644 .github/workflows/bf-review.yml delete mode 100644 .github/workflows/bf-stop_review.yml delete mode 100644 .github/workflows/ks-review.yml delete mode 100644 .github/workflows/ks-stop_review.yml delete mode 100644 .github/workflows/te-review.yml delete mode 100644 .github/workflows/te-stop_review.yml diff --git a/.github/workflows/bf-applicant-frontend-tests.yml b/.github/workflows/bf-applicant-frontend-tests.yml index c4d28edb66..11b51b3854 100644 --- a/.github/workflows/bf-applicant-frontend-tests.yml +++ b/.github/workflows/bf-applicant-frontend-tests.yml @@ -3,15 +3,9 @@ name: (BF-Applicant) Lint, Unit and Component tests on: pull_request: paths: - - "frontend/shared/**" - - "frontend/benefit/shared/**" - - "frontend/benefit/applicant/**" - - "frontend/*" - ".github/workflows/bf-applicant-frontend-tests.yml" - - "!**/browser-tests/**" - - "!**/README.md" push: - branches: [develop, main] + branches: [main] workflow_dispatch: defaults: run: diff --git a/.github/workflows/bf-handler-frontend-tests.yml b/.github/workflows/bf-handler-frontend-tests.yml index c8e1103c96..86804b989f 100644 --- a/.github/workflows/bf-handler-frontend-tests.yml +++ b/.github/workflows/bf-handler-frontend-tests.yml @@ -3,15 +3,9 @@ name: (BF-Handler) Lint, Unit and Component tests on: pull_request: paths: - - "frontend/shared/**" - - "frontend/benefit/shared/**" - - "frontend/benefit/handler/**" - - "frontend/*" - ".github/workflows/bf-handler-frontend-tests.yml" - - "!**/browser-tests/**" - - "!**/README.md" push: - branches: [develop, main] + branches: [main] workflow_dispatch: defaults: run: diff --git a/.github/workflows/bf-py-coding-style.yml b/.github/workflows/bf-py-coding-style.yml index eefa31703c..19aa555e7d 100644 --- a/.github/workflows/bf-py-coding-style.yml +++ b/.github/workflows/bf-py-coding-style.yml @@ -2,11 +2,11 @@ name: (BF) Python coding style on: push: - branches: [develop, main] + branches: [main] pull_request: paths: - - 'backend/benefit/**' - '.github/workflows/bf-py-coding-style.yml' + workflow_dispatch: env: DEBUG: 1 diff --git a/.github/workflows/bf-pytest.yml b/.github/workflows/bf-pytest.yml index 5b80a5febf..31f3862fd9 100644 --- a/.github/workflows/bf-pytest.yml +++ b/.github/workflows/bf-pytest.yml @@ -2,11 +2,11 @@ name: (BF) Python tests on: push: - branches: [develop, main] + branches: [main] pull_request: paths: - - 'backend/benefit/**' - '.github/workflows/bf-pytest.yml' + workflow_dispatch: env: DEBUG: 1 diff --git a/.github/workflows/bf-review.yml b/.github/workflows/bf-review.yml deleted file mode 100644 index bcb6647e5e..0000000000 --- a/.github/workflows/bf-review.yml +++ /dev/null @@ -1,296 +0,0 @@ -name: (BF) Build & Review & Acceptance tests -on: - pull_request: - paths: - - "backend/benefit/**" - - "frontend/benefit/**" - - "frontend/shared/**" - - "frontend/*" - - ".github/workflows/bf-review.yml" - - '!frontend/**/__tests__' - - '!**/README.md' - workflow_dispatch: - inputs: - build_required: - description: "Build images (true/false)" - required: true - default: "false" - pr_number: - description: "Pull request number (if redeploy without build) or own number for environment" - required: true - -env: - CONTAINER_REGISTRY: ghcr.io - CONTAINER_REGISTRY_USER: ${{ secrets.GHCR_CONTAINER_REGISTRY_USER }} - CONTAINER_REGISTRY_PASSWORD: ${{ secrets.GHCR_TOKEN }} - CONTAINER_REGISTRY_REPO: ghcr.io/city-of-helsinki/${{ github.event.repository.name }} - REPO_NAME: ${{ github.event.repository.name }} - KUBECONFIG_RAW: ${{ secrets.KUBECONFIG_RAW }} - BUILD_ARTIFACT_FOLDER: "build_artifacts" - SERVICE_ARTIFACT_FOLDER: "service_artifacts" - BASE_DOMAIN: ${{ secrets.BASE_DOMAIN_STAGING }} - DATABASE_USER: user - DATABASE_PASSWORD: testing-password - K8S_REQUEST_CPU: 5m - K8S_REQUEST_RAM: 256Mi - K8S_LIMIT_CPU: 500m - K8S_LIMIT_RAM: 428Mi - K8S_PROBE_FAILURE_THRESHOLD: 30 - K8S_PROBE_PERIOD: 20 - HELM_BUFFER_TIME: 300 - APPLICANT_URL: https://helsinkibenefit-bf-appl-${{ github.event.pull_request.number }}.${{ secrets.BASE_DOMAIN_STAGING }} - HANDLER_URL: https://helsinkibenefit-bf-hndl-${{ github.event.pull_request.number }}.${{ secrets.BASE_DOMAIN_STAGING }} - NEXT_PUBLIC_BACKEND_URL: https://helsinkibenefit-bf-bknd-${{ github.event.pull_request.number }}.${{ secrets.BASE_DOMAIN_STAGING }} - NEXT_PUBLIC_MOCK_FLAG: 1 - CORS_ALLOW_ALL_ORIGINS: 1 -jobs: - build: - # No building for dependabot PRs - # See https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions#handling-pull_request-events - if: ${{ github.actor != 'dependabot[bot]' }} - strategy: - fail-fast: false - matrix: - service: ["bf-bknd", "bf-appl", "bf-hdlr"] - include: - - service: bf-bknd - context: ./backend - dockerfile: ./backend/docker/benefit.Dockerfile - port: 8000 - - service: bf-appl - context: ./frontend - dockerfile: ./frontend/Dockerfile - project: benefit - folder: applicant - port: 3000 - - service: bf-hdlr - context: ./frontend - dockerfile: ./frontend/Dockerfile - project: benefit - folder: handler - port: 3100 - concurrency: - group: ${{ github.event.pull_request.number }}-${{ matrix.service }} - cancel-in-progress: false - runs-on: ubuntu-latest - name: Build - steps: - - uses: actions/checkout@v3 - - - name: Build ${{ matrix.service }} - if: github.event_name == 'pull_request' || github.event.inputs.build_required == 'true' - # uses: andersinno/kolga-build-action@v2 temporary disabled due to build problem - # https://helsinkisolutionoffice.atlassian.net/browse/DEVOPS-424 - uses: docker://ghcr.io/andersinno/kolga:2c6028bb7f478301d53928b0a72d5e87f58c0ac8-production - with: - entrypoint: /app/devops - args: create_images - env: - # Don't need to lint / typecheck for e2e, they're done in another workflow - DOCKER_BUILD_ARG_NEXTJS_IGNORE_ESLINT: true - # TODO we need separate typecheck to bf-*-frontend-test.yml workflow - DOCKER_BUILD_ARG_NEXTJS_IGNORE_TYPECHECK: false - DOCKER_BUILD_ARG_NEXT_DISABLE_SOURCEMAPS: true - DOCKER_BUILD_ARG_NEXT_TELEMETRY_DISABLED: true - DOCKER_BUILD_ARG_NEXTJS_SENTRY_UPLOAD_DRY_RUN: true - DOCKER_BUILD_ARG_NEXT_PUBLIC_BACKEND_URL: ${{ env.NEXT_PUBLIC_BACKEND_URL }} - DOCKER_BUILD_ARG_NEXT_PUBLIC_MOCK_FLAG: ${{ env.NEXT_PUBLIC_MOCK_FLAG }} - DOCKER_BUILD_ARG_NEXTJS_DISABLE_SENTRY: true - DOCKER_BUILD_ARG_NEXT_PUBLIC_SENTRY_DSN: ${{ secrets.NEXT_PUBLIC_SENTRY_DSN }} - DOCKER_BUILD_ARG_NEXT_PUBLIC_SENTRY_ENVIRONMENT: ${{ secrets.NEXT_PUBLIC_SENTRY_ENVIRONMENT }} - DOCKER_BUILD_ARG_NEXT_PUBLIC_SENTRY_TRACE_SAMPLE_RATE: 1.0 - DOCKER_BUILD_ARG_PROJECT: ${{ matrix.project }} - DOCKER_BUILD_ARG_FOLDER: ${{ matrix.folder }} - DOCKER_BUILD_ARG_PORT: ${{ matrix.port }} - DOCKER_BUILD_SOURCE: ${{ matrix.dockerfile }} - DOCKER_BUILD_CONTEXT: ${{ matrix.context }} - DOCKER_IMAGE_NAME: ${{ matrix.service }} - SERVICE_PORT: ${{ matrix.port }} - BUILDKIT_CACHE_DISABLE: true - review: - strategy: - fail-fast: false - matrix: - service: ["bf-bknd", "bf-appl", "bf-hdlr"] - include: - - service: bf-bknd - context: ./backend - dockerfile: ./backend/docker/benefit.Dockerfile - database: true - port: 8000 - - service: bf-appl - context: ./frontend - dockerfile: ./frontend/Dockerfile - database: false - project: benefit - folder: applicant - port: 3000 - - service: bf-hdlr - context: ./frontend - dockerfile: ./frontend/Dockerfile - database: false - project: benefit - folder: handler - port: 3100 - concurrency: - group: ${{ github.event.pull_request.number }}-${{ matrix.service }} - cancel-in-progress: false - runs-on: ubuntu-latest - needs: build - name: Review - steps: - - uses: actions/checkout@v3 - - uses: andersinno/kolga-setup-action@v2 - with: - pr_number: ${{ github.event.inputs.pr_number }} - - - name: Backend variables - if: matrix.database - env: - SECRET_KEY: ${{ secrets.K8S_SECRET_SECRET_KEY_REVIEW }} - K8S_SECRET_ENCRYPTION_KEY: ${{ secrets.K8S_SECRET_ENCRYPTION_KEY_REVIEW }} - K8S_SECRET_SOCIAL_SECURITY_NUMBER_HASH_KEY: ${{ secrets.K8S_SECRET_SOCIAL_SECURITY_NUMBER_HASH_KEY_REVIEW }} - K8S_SECRET_PREVIOUS_BENEFITS_SOCIAL_SECURITY_NUMBER_HASH_KEY: ${{ secrets.K8S_SECRET_SOCIAL_SECURITY_NUMBER_HASH_KEY_REVIEW }} - run: | - echo "K8S_SECRET_LOGOUT_REDIRECT_URL=${{ env.APPLICANT_URL }}/login?logout=true" >> $GITHUB_ENV - echo "K8S_SECRET_ALLOWED_HOSTS=*" >> $GITHUB_ENV - echo "K8S_SECRET_CREATE_SUPERUSER=${{ secrets.K8S_SECRET_CREATE_SUPERUSER_REVIEW }}" >> $GITHUB_ENV - echo "K8S_SECRET_ADMIN_USER_PASSWORD=${{ secrets.K8S_SECRET_ADMIN_USER_PASSWORD_REVIEW }}" >> $GITHUB_ENV - echo "K8S_SECRET_SECRET_KEY=$SECRET_KEY" >> $GITHUB_ENV - echo "K8S_SECRET_CSRF_COOKIE_DOMAIN=.test.kuva.hel.ninja" >> $GITHUB_ENV - echo "K8S_SECRET_CORS_ALLOWED_ORIGINS=${{ env.APPLICANT_URL }},${{ env.HANDLER_URL }}" >> $GITHUB_ENV - echo "K8S_SECRET_CSRF_TRUSTED_ORIGINS=.test.kuva.hel.ninja" >> $GITHUB_ENV - echo "K8S_SECRET_LOGIN_REDIRECT_URL=${{ env.APPLICANT_URL }}" >> $GITHUB_ENV - echo "K8S_SECRET_LOGIN_REDIRECT_URL_FAILURE=${{ env.APPLICANT_URL }}/login?error=true" >> $GITHUB_ENV - echo "K8S_SECRET_APPLICANT_URL=${{ env.APPLICANT_URL }}" >> $GITHUB_ENV - echo "K8S_SECRET_HANDLER_URL=${{ env.HANDLER_URL }}" >> $GITHUB_ENV - echo "K8S_SECRET_NEXT_PUBLIC_MOCK_FLAG=${{ env.NEXT_PUBLIC_MOCK_FLAG }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_DB=${{ github.event.repository.name }}-${{ matrix.service }}-${{ github.event.pull_request.number }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_HOST=${{ secrets.K8S_SECRET_DATABASE_HOST_REVIEW }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_PORT=${{ secrets.K8S_SECRET_DATABASE_PORT_REVIEW }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_USERNAME=${{ secrets.K8S_SECRET_DATABASE_USERNAME_REVIEW }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_PASSWORD=${{ secrets.K8S_SECRET_DATABASE_PASSWORD_REVIEW }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_URL=postgresql://${{ secrets.K8S_SECRET_DATABASE_USERNAME_REVIEW }}:${{ secrets.K8S_SECRET_DATABASE_PASSWORD_REVIEW }}@${{ secrets.K8S_SECRET_DATABASE_HOST_REVIEW}}:${{ secrets.K8S_SECRET_DATABASE_PORT_REVIEW }}/${{ github.event.repository.name }}-${{ matrix.service }}-${{ github.event.pull_request.number }}" >> $GITHUB_ENV - - - name: Review-Services - if: matrix.database - uses: City-of-Helsinki/review-services-action@main - with: - database: ${{ github.event.repository.name }}-${{ matrix.service }}-${{ github.event.pull_request.number }} - namespace: ${{ env.K8S_NAMESPACE }} - action: create - db_user: ${{ secrets.K8S_SECRET_DATABASE_ADMIN_USERNAME_REVIEW }} - db_password: ${{ secrets.K8S_SECRET_DATABASE_ADMIN_PASSWORD_REVIEW}} - db_host: ${{ secrets.K8S_SECRET_DATABASE_HOST_REVIEW }} - db_port: ${{ secrets.K8S_SECRET_DATABASE_PORT_REVIEW }} - kubeconfig: ${{ secrets.KUBECONFIG_RAW }} - - - name: Service with ingress - run: | - echo "ENVIRONMENT_URL=https://helsinkibenefit-${{ matrix.service }}-${{ github.event.pull_request.number }}.${{ env.BASE_DOMAIN }}" >> $GITHUB_ENV - - name: Deploy - uses: andersinno/kolga-deploy-action@v2 - env: - DOCKER_BUILD_SOURCE: ${{ matrix.dockerfile }} - DOCKER_BUILD_CONTEXT: ./${{ matrix.context }} - DOCKER_IMAGE_NAME: ${{ matrix.service }} - PROJECT_NAME: ${{ github.event.repository.name }}-${{ matrix.service }} - K8S_SECRET_VERSION: ${{ github.sha }} - VAULT_JWT_PRIVATE_KEY: ${{ secrets.VAULT_ACCESS_PRIVATE_KEY_REVIEW }} - VAULT_ADDR: ${{ secrets.VAULT_ADDR }} - VAULT_KV_VERSION: "2" - VAULT_JWT_AUTH_PATH: ${{ github.event.repository.name }}-${{ matrix.service }}-review - VAULT_KV_SECRET_MOUNT_POINT: review - SERVICE_PORT: ${{ matrix.port }} - K8S_SECRET_ALLOWED_HOSTS: "*" - APP_MIGRATE_COMMAND: ${{ matrix.database == 'true' && '/app/.prod/on_deploy.sh' || ''}} - CORS_ALLOWED_ORIGINS: ${{ env.ENVIRONMENT_URL }} - CSRF_TRUSTED_ORIGINS: ${{ env.ENVIRONMENT_URL }} - LOGOUT_REDIRECT_URL: ${{ env.APPLICANT_URL }}/login?logout=true - - name: Create PR comment for helsinkibenefit-V${{ matrix.service }} - uses: marocchino/sticky-pull-request-comment@v2 - with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - header: deployment-helsinkibenefit-${{ matrix.service }} - message: | - **Helsinkibenefit-${{ matrix.service }} is deployed to: ${{ env.ENVIRONMENT_URL }}** :rocket::rocket::rocket: - acceptance-tests: - name: BF Acceptance tests - runs-on: ubuntu-latest - needs: Review - defaults: - run: - working-directory: ./frontend - strategy: - fail-fast: false - matrix: - service: ["bf-appl"] - include: - - service: bf-appl - dir: benefit/applicant - steps: - - uses: actions/checkout@v3 - - name: Setup kubectl - run: | - echo "${{ env.KUBECONFIG_RAW }}" > $(pwd)/kubeconfig - echo "KUBECONFIG=$(pwd)/kubeconfig" >> $GITHUB_ENV - shell: bash - - name: Setup Node.js environment - uses: actions/setup-node@v3 - with: - node-version: "18" - - name: Get yarn cache directory path - id: yarn-cache-dir-path - run: echo "::set-output name=dir::$(yarn config get cacheFolder)" - - uses: actions/cache@v3 - id: yarn-cache - with: - path: ${{ steps.yarn-cache-dir-path.outputs.dir }} - key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} - restore-keys: | - ${{ runner.os }}-yarn- - - name: Install dependencies - run: yarn --prefer-offline --frozen-lockfile --check-files --production=false - - name: Service with ingress - run: | - echo "ENVIRONMENT_URL=https://helsinkibenefit-${{ matrix.service }}-${{ github.event.pull_request.number }}.${{ env.BASE_DOMAIN }}" >> $GITHUB_ENV - - name: Run Acceptance Tests for ${{ matrix.service }} - id: testcafe - run: yarn --cwd ${{matrix.dir}} browser-test:ci -q attemptLimit=3,successThreshold=1 - env: - GITHUB_WORKFLOW_NAME: ${{ github.workflow }} - GITHUB_WORKFLOW_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} - FRONTEND_URL: ${{ env.ENVIRONMENT_URL }} - APPLICANT_URL: ${{ env.ENVIRONMENT_URL }} - NEXT_PUBLIC_BACKEND_URL: ${{ env.NEXT_PUBLIC_BACKEND_URL }} - NEXT_PUBLIC_MOCK_FLAG: ${{ env.NEXT_PUBLIC_MOCK_FLAG }} - - - name: Upload Acceptance Test results for ${{ matrix.service }} - run: | - zip -r report.zip ${{matrix.dir}}/report > no_output 2>&1 - curl -s -H "Content-Type: application/zip" -H "Authorization: Bearer ${{ secrets.NETLIFY_AUTH_TOKEN }}" --data-binary "@report.zip" https://api.netlify.com/api/v1/sites > response.json - echo "REPORT_URL=$(cat response.json|python -c "import sys, json; print('https://' + json.load(sys.stdin)['subdomain'] + '.netlify.com')")" >> $GITHUB_ENV - if: always() && steps.testcafe.outcome == 'failure' - - name: Create/update PR comment for Acceptance Test results - uses: marocchino/sticky-pull-request-comment@v2 - with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - header: testcafe-results-${{ matrix.service }} - message: | - ## TestCafe result is __${{ steps.testcafe.outcome }}__ for ${{ env.ENVIRONMENT_URL }}! ${{steps.testcafe.outcome == 'success' && ':laughing::tada::tada::tada:' || ':crying_cat_face::anger::boom::boom:' }} - if: always() && (steps.testcafe.outcome == 'success' || steps.testcafe.outcome == 'failure') - - name: Create/update PR comment for Acceptance Test results - uses: marocchino/sticky-pull-request-comment@v2 - with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - header: testcafe-results-${{ matrix.service }} - append: true - message: | - **Check the report on: [${{ env.REPORT_URL }}](${{ env.REPORT_URL }})** - if: always() && steps.testcafe.outcome == 'failure' - - name: Upload screenshots and videos of failed tests to artifact - uses: actions/upload-artifact@v3 - with: - name: report - path: ./frontend/${{matrix.dir}}/report - if: always() && steps.testcafe.outcome == 'failure' diff --git a/.github/workflows/bf-shared-frontend-tests.yml b/.github/workflows/bf-shared-frontend-tests.yml index 6cfa4d0f96..4a9381ad1f 100644 --- a/.github/workflows/bf-shared-frontend-tests.yml +++ b/.github/workflows/bf-shared-frontend-tests.yml @@ -2,15 +2,10 @@ name: Benefit-shared Lint, Unit and Component tests on: push: - branches: [develop, main] + branches: [main] pull_request: paths: - - "frontend/shared/**" - - "frontend/benefit/shared/**" - - "frontend/*" - ".github/workflows/bf-shared-frontend-tests.yml" - - "!**/browser-tests/**" - - "!**/README.md" workflow_dispatch: defaults: run: diff --git a/.github/workflows/bf-stop_review.yml b/.github/workflows/bf-stop_review.yml deleted file mode 100644 index fe987f5480..0000000000 --- a/.github/workflows/bf-stop_review.yml +++ /dev/null @@ -1,47 +0,0 @@ -name: (BF) Stop Review -on: - pull_request: - types: [closed] - paths: - - 'backend/benefit/**' - - 'frontend/benefit/**' - - 'frontend/shared/**' - - 'frontend/*' - - '.github/workflows/bf-stop_review.yml' - workflow_dispatch: - inputs: - head_ref: - description: "Branch where review environment was created from (as in GitHub). Has to be given as the branch is probably removed and no longer available in the branch list. Can be empty if environment deployed manually" - pr_number: - description: "Own or pull request number of the environment creator" - -env: - KUBECONFIG_RAW: ${{ secrets.KUBECONFIG_RAW }} - -jobs: - stop_review: - if: ${{ github.actor != 'dependabot[bot]' }} - runs-on: ubuntu-latest - name: Stop Review - steps: - - uses: andersinno/kolga-setup-action@v2 - with: - head_ref: ${{ github.event.inputs.head_ref }} - pr_number: ${{ github.event.inputs.pr_number }} - - - name: Remove Review-Services - uses: City-of-Helsinki/review-services-action@main - with: - database: ${{ github.event.repository.name }}-bf-bknd-${{ github.event.pull_request.number }} - namespace: ${{ env.K8S_NAMESPACE }} - action: remove - db_user: ${{ secrets.K8S_SECRET_DATABASE_ADMIN_USERNAME_REVIEW }} - db_password: ${{ secrets.K8S_SECRET_DATABASE_ADMIN_PASSWORD_REVIEW }} - db_host: ${{ secrets.K8S_SECRET_DATABASE_HOST_REVIEW }} - db_port: ${{ secrets.K8S_SECRET_DATABASE_PORT_REVIEW }} - kubeconfig: ${{ secrets.KUBECONFIG_RAW }} - - - name: Stop Review - uses: andersinno/kolga-review-cleanup-action@v2 - with: - namespace: ${{ env.K8S_NAMESPACE }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 1edc704418..9733272280 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -13,10 +13,10 @@ name: "CodeQL" on: push: - branches: [develop, main] + branches: [main] pull_request: # The branches below must be a subset of the branches above - branches: [develop, main] + branches: [main] schedule: - cron: '0 0 * * 0' diff --git a/.github/workflows/ks-empl-frontend-tests.yml b/.github/workflows/ks-empl-frontend-tests.yml index b78e7c0b62..32d4258304 100644 --- a/.github/workflows/ks-empl-frontend-tests.yml +++ b/.github/workflows/ks-empl-frontend-tests.yml @@ -2,16 +2,10 @@ name: (KS Employer) Frontend Lint, Unit and Component tests on: push: - branches: [develop, main] + branches: [main] pull_request: paths: - - "frontend/shared/**" - - "frontend/kesaseteli/shared/**" - - "frontend/kesaseteli/employer/**" - - "frontend/*" - ".github/workflows/ks-empl-frontend-tests.yml" - - "!**/browser-tests/**" - - "!**/README.md" workflow_dispatch: defaults: run: diff --git a/.github/workflows/ks-handler-frontend-tests.yml b/.github/workflows/ks-handler-frontend-tests.yml index 7d62af35e6..8992bab408 100644 --- a/.github/workflows/ks-handler-frontend-tests.yml +++ b/.github/workflows/ks-handler-frontend-tests.yml @@ -2,16 +2,10 @@ name: (KS Handler) Frontend Lint, Unit and Component tests on: push: - branches: [develop, main] + branches: [main] pull_request: paths: - - "frontend/shared/**" - - "frontend/kesaseteli/shared/**" - - "frontend/kesaseteli/handler/**" - - "frontend/*" - ".github/workflows/ks-handler-frontend-tests.yml" - - "!**/browser-tests/**" - - "!**/README.md" workflow_dispatch: defaults: run: diff --git a/.github/workflows/ks-py-coding-style.yml b/.github/workflows/ks-py-coding-style.yml index 1e5effdac3..26c8557003 100644 --- a/.github/workflows/ks-py-coding-style.yml +++ b/.github/workflows/ks-py-coding-style.yml @@ -2,13 +2,11 @@ name: (KS) Python coding style on: push: - branches: [develop, main] + branches: [main] pull_request: paths: - - 'backend/kesaseteli/**' - '.github/workflows/ks-py-coding-style.yml' - - '.github/workflows/ks-pytest.yml' - - 'backend/shared/**' + workflow_dispatch: env: DEBUG: 1 diff --git a/.github/workflows/ks-pytest.yml b/.github/workflows/ks-pytest.yml index df47e5ea81..87695c3c53 100644 --- a/.github/workflows/ks-pytest.yml +++ b/.github/workflows/ks-pytest.yml @@ -2,12 +2,11 @@ name: (KS) Python tests on: push: - branches: [develop, main] + branches: [main] pull_request: paths: - - 'backend/kesaseteli/**' - '.github/workflows/ks-pytest.yml' - - 'backend/shared/**' + workflow_dispatch: env: DEBUG: 1 diff --git a/.github/workflows/ks-review.yml b/.github/workflows/ks-review.yml deleted file mode 100644 index a4588457b2..0000000000 --- a/.github/workflows/ks-review.yml +++ /dev/null @@ -1,319 +0,0 @@ -name: (KESÄSETELI) Build & Review & Acceptance tests -on: - pull_request: - paths: - - 'backend/kesaseteli/**' - - 'frontend/kesaseteli/**' - - 'frontend/shared/**' - - 'frontend/*' - - '.github/workflows/ks-review.yml' - - '!frontend/**/__tests__' - - '!**/README.md' - workflow_dispatch: - inputs: - build_required: - description: "Build images (true/false)" - required: true - default: "false" - pr_number: - description: "Pull request number (if redeploy without build) or own number for environment" - required: true - -env: - CONTAINER_REGISTRY: ghcr.io - CONTAINER_REGISTRY_USER: ${{ secrets.GHCR_CONTAINER_REGISTRY_USER }} - CONTAINER_REGISTRY_PASSWORD: ${{ secrets.GHCR_TOKEN }} - CONTAINER_REGISTRY_REPO: ghcr.io/city-of-helsinki/${{ github.event.repository.name }} - REPO_NAME: ${{ github.event.repository.name }} - KUBECONFIG_RAW: ${{ secrets.KUBECONFIG_RAW }} - BUILD_ARTIFACT_FOLDER: 'build_artifacts' - SERVICE_ARTIFACT_FOLDER: 'service_artifacts' - BASE_DOMAIN: ${{ secrets.BASE_DOMAIN_STAGING }} - K8S_REQUEST_CPU: 5m - K8S_REQUEST_RAM: 256Mi - K8S_LIMIT_CPU: 500m - K8S_LIMIT_RAM: 428Mi - K8S_PROBE_FAILURE_THRESHOLD: 30 - K8S_PROBE_PERIOD: 20 - HELM_BUFFER_TIME: 300 - EMPLOYER_URL: https://ks-empl-${{ github.event.pull_request.number }}.${{ secrets.BASE_DOMAIN_STAGING }} - YOUTH_URL: https://ks-youth-${{ github.event.pull_request.number }}.${{ secrets.BASE_DOMAIN_STAGING }} - HANDLER_URL: https://ks-hdlr-${{ github.event.pull_request.number }}.${{ secrets.BASE_DOMAIN_STAGING }} - NEXT_PUBLIC_BACKEND_URL: https://ks-bknd-${{ github.event.pull_request.number }}.${{ secrets.BASE_DOMAIN_STAGING }} - NEXT_PUBLIC_MOCK_FLAG: 1 - NEXT_PUBLIC_ACTIVATION_LINK_EXPIRATION_SECONDS: 60 - CORS_ALLOW_ALL_ORIGINS: 1 - NEXT_PUBLIC_DISABLE_VTJ: 0 -jobs: - build: - if: ${{ github.actor != 'dependabot[bot]' }} - strategy: - fail-fast: false - matrix: - service: [ 'ks-bknd', 'ks-empl', 'ks-youth', 'ks-hdlr' ] - include: - - service: ks-bknd - context: ./backend - dockerfile: ./backend/docker/kesaseteli.Dockerfile - port: 8000 - - service: ks-empl - context: ./frontend - dockerfile: ./frontend/Dockerfile - project: kesaseteli - folder: employer - port: 3000 - - service: ks-youth - context: ./frontend - dockerfile: ./frontend/Dockerfile - project: kesaseteli - folder: youth - port: 3100 - - service: ks-hdlr - context: ./frontend - dockerfile: ./frontend/Dockerfile - project: kesaseteli - folder: handler - port: 3200 - concurrency: - group: ${{ github.event.pull_request.number }}-${{ matrix.service }} - cancel-in-progress: false - runs-on: ubuntu-latest - name: Build - steps: - - uses: actions/checkout@v3 - - - name: Build ${{ matrix.service }} - if: github.event_name == 'pull_request' || github.event.inputs.build_required == 'true' - # uses: andersinno/kolga-build-action@v2 temporary disabled due to build problem - # https://helsinkisolutionoffice.atlassian.net/browse/DEVOPS-424 - uses: docker://ghcr.io/andersinno/kolga:2c6028bb7f478301d53928b0a72d5e87f58c0ac8-production - with: - entrypoint: /app/devops - args: create_images - env: - # Don't need to lint / typecheck for e2e, they're done in another workflow - DOCKER_BUILD_ARG_NEXTJS_IGNORE_ESLINT: true - # TODO we need separate typecheck to ks-*-frontend-test.yml workflow - DOCKER_BUILD_ARG_NEXTJS_IGNORE_TYPECHECK: false - DOCKER_BUILD_ARG_NEXT_DISABLE_SOURCEMAPS: true - DOCKER_BUILD_ARG_NEXT_TELEMETRY_DISABLED: true - DOCKER_BUILD_ARG_NEXTJS_SENTRY_UPLOAD_DRY_RUN: true - DOCKER_BUILD_ARG_NEXT_PUBLIC_BACKEND_URL: ${{ env.NEXT_PUBLIC_BACKEND_URL }} - DOCKER_BUILD_ARG_NEXTJS_DISABLE_SENTRY: true - DOCKER_BUILD_ARG_NEXT_PUBLIC_SENTRY_DSN: ${{ secrets.NEXT_PUBLIC_SENTRY_DSN }} - DOCKER_BUILD_ARG_NEXT_PUBLIC_SENTRY_ENVIRONMENT: ${{ secrets.NEXT_PUBLIC_SENTRY_ENVIRONMENT }} - DOCKER_BUILD_ARG_NEXT_PUBLIC_SENTRY_TRACE_SAMPLE_RATE: 1.0 - DOCKER_BUILD_ARG_NEXT_PUBLIC_MOCK_FLAG: ${{ env.NEXT_PUBLIC_MOCK_FLAG }} - DOCKER_BUILD_ARG_NEXT_PUBLIC_ENABLE_SUOMIFI: ${{ env.DOCKER_BUILD_ARG_NEXT_PUBLIC_ENABLE_SUOMIFI }} - DOCKER_BUILD_ARG_NEXT_PUBLIC_ACTIVATION_LINK_EXPIRATION_SECONDS: ${{ env.NEXT_PUBLIC_ACTIVATION_LINK_EXPIRATION_SECONDS }} - DOCKER_BUILD_ARG_NEXT_PUBLIC_DISABLE_VTJ: ${{ env.NEXT_PUBLIC_DISABLE_VTJ }} - DOCKER_BUILD_ARG_PROJECT: ${{ matrix.project }} - DOCKER_BUILD_ARG_FOLDER: ${{ matrix.folder }} - DOCKER_BUILD_ARG_PORT: ${{ matrix.port }} - DOCKER_BUILD_SOURCE: ${{ matrix.dockerfile }} - DOCKER_BUILD_CONTEXT: ${{ matrix.context }} - DOCKER_IMAGE_NAME: ${{ matrix.service }} - SERVICE_PORT: ${{ matrix.port }} - BUILDKIT_CACHE_DISABLE: true - review: - strategy: - fail-fast: false - matrix: - service: [ 'ks-bknd', 'ks-empl', 'ks-youth', 'ks-hdlr' ] - include: - - service: ks-bknd - context: ./backend - dockerfile: ./backend/docker/kesaseteli.Dockerfile - database: true - port: 8000 - - service: ks-empl - context: ./frontend - dockerfile: ./frontend/Dockerfile - database: false - project: kesaseteli - folder: employer - port: 3000 - - service: ks-youth - context: ./frontend - dockerfile: ./frontend/Dockerfile - database: false - project: kesaseteli - folder: youth - port: 3100 - - service: ks-hdlr - context: ./frontend - dockerfile: ./frontend/Dockerfile - database: false - project: kesaseteli - folder: handler - port: 3200 - concurrency: - group: ${{ github.event.pull_request.number }}-${{ matrix.service }} - cancel-in-progress: false - runs-on: ubuntu-latest - needs: build - name: Review - steps: - - uses: actions/checkout@v3 - - uses: andersinno/kolga-setup-action@v2 - with: - pr_number: ${{ github.event.inputs.pr_number }} - - - name: Backend variables - if: matrix.database - env: - SECRET_KEY: ${{ secrets.K8S_SECRET_SECRET_KEY_REVIEW }} - K8S_SECRET_ENCRYPTION_KEY: ${{ secrets.K8S_SECRET_ENCRYPTION_KEY_REVIEW }} - K8S_SECRET_SOCIAL_SECURITY_NUMBER_HASH_KEY: ${{ secrets.K8S_SECRET_SOCIAL_SECURITY_NUMBER_HASH_KEY_REVIEW }} - run: | - echo "K8S_SECRET_ALLOWED_HOSTS=*" >> $GITHUB_ENV - echo "K8S_SECRET_SECRET_KEY=$SECRET_KEY" >> $GITHUB_ENV - echo "K8S_SECRET_CSRF_COOKIE_DOMAIN=.test.kuva.hel.ninja" >> $GITHUB_ENV - echo "K8S_SECRET_CORS_ALLOWED_ORIGINS=${{ env.EMPLOYER_URL }},${{ env.YOUTH_URL }},${{ env.HANDLER_URL }}" >> $GITHUB_ENV - echo "K8S_SECRET_CSRF_TRUSTED_ORIGINS=.test.kuva.hel.ninja" >> $GITHUB_ENV - echo "K8S_SECRET_LOGIN_REDIRECT_URL=${{ env.EMPLOYER_URL }}" >> $GITHUB_ENV - echo "K8S_SECRET_LOGIN_REDIRECT_URL_FAILURE=${{ env.EMPLOYER_URL }}/login?error=true" >> $GITHUB_ENV - echo "K8S_SECRET_LOGOUT_REDIRECT_URL=${{ env.EMPLOYER_URL }}/login?logout=true" >> $GITHUB_ENV - echo "K8S_SECRET_YOUTH_URL=${{ env.YOUTH_URL }}" >> $GITHUB_ENV - echo "K8S_SECRET_HANDLER_URL=${{ env.HANDLER_URL }}" >> $GITHUB_ENV - echo "K8S_SECRET_NEXT_PUBLIC_DISABLE_VTJ=${{ env.NEXT_PUBLIC_DISABLE_VTJ }}" >> $GITHUB_ENV - echo "K8S_SECRET_NEXT_PUBLIC_MOCK_FLAG=${{ env.NEXT_PUBLIC_MOCK_FLAG }}" >> $GITHUB_ENV - echo "K8S_SECRET_NEXT_PUBLIC_ENABLE_SUOMIFI=${{ env.NEXT_PUBLIC_ENABLE_SUOMIFI }}" >> $GITHUB_ENV - echo "K8S_SECRET_NEXT_PUBLIC_ACTIVATION_LINK_EXPIRATION_SECONDS=${{ env.NEXT_PUBLIC_ACTIVATION_LINK_EXPIRATION_SECONDS }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_DB=${{ github.event.repository.name }}-${{ matrix.service }}-${{ github.event.pull_request.number }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_HOST=${{ secrets.K8S_SECRET_DATABASE_HOST_REVIEW }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_PORT=${{ secrets.K8S_SECRET_DATABASE_PORT_REVIEW }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_USERNAME=${{ secrets.K8S_SECRET_DATABASE_USERNAME_REVIEW }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_PASSWORD=${{ secrets.K8S_SECRET_DATABASE_PASSWORD_REVIEW }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_URL=postgresql://${{ secrets.K8S_SECRET_DATABASE_USERNAME_REVIEW }}:${{ secrets.K8S_SECRET_DATABASE_PASSWORD_REVIEW }}@${{ secrets.K8S_SECRET_DATABASE_HOST_REVIEW}}:${{ secrets.K8S_SECRET_DATABASE_PORT_REVIEW }}/${{ github.event.repository.name }}-${{ matrix.service }}-${{ github.event.pull_request.number }}" >> $GITHUB_ENV - - - name: Review-Services - if: matrix.database - uses: City-of-Helsinki/review-services-action@main - with: - database: ${{ github.event.repository.name }}-${{ matrix.service }}-${{ github.event.pull_request.number }} - namespace: ${{ env.K8S_NAMESPACE }} - action: create - db_user: ${{ secrets.K8S_SECRET_DATABASE_ADMIN_USERNAME_REVIEW }} - db_password: ${{ secrets.K8S_SECRET_DATABASE_ADMIN_PASSWORD_REVIEW}} - db_host: ${{ secrets.K8S_SECRET_DATABASE_HOST_REVIEW }} - db_port: ${{ secrets.K8S_SECRET_DATABASE_PORT_REVIEW }} - kubeconfig: ${{ secrets.KUBECONFIG_RAW }} - - - name: Service with ingress - run: | - echo "ENVIRONMENT_URL=https://${{ matrix.service }}-${{ github.event.pull_request.number }}.${{ env.BASE_DOMAIN }}" >> $GITHUB_ENV - - - name: Deploy - uses: andersinno/kolga-deploy-action@v2 - env: - DOCKER_BUILD_SOURCE: ${{ matrix.dockerfile }} - DOCKER_BUILD_CONTEXT: ./${{ matrix.context }} - DOCKER_IMAGE_NAME: ${{ matrix.service }} - PROJECT_NAME: ${{ github.event.repository.name }}-${{ matrix.service }} - K8S_SECRET_VERSION: ${{ github.sha }} - VAULT_JWT_PRIVATE_KEY: ${{ secrets.VAULT_ACCESS_PRIVATE_KEY_REVIEW }} - VAULT_ADDR: ${{ secrets.VAULT_ADDR }} - VAULT_KV_VERSION: "2" - VAULT_JWT_AUTH_PATH: ${{ github.event.repository.name }}-${{ matrix.service }}-review - VAULT_KV_SECRET_MOUNT_POINT: review - SERVICE_PORT: ${{ matrix.port }} - K8S_SECRET_ALLOWED_HOSTS: "*" - APP_MIGRATE_COMMAND: ${{ matrix.database == true && '/app/.prod/on_deploy.sh' || ''}} - LOGOUT_REDIRECT_URL: ${{ env.EMPLOYER_URL }}/login?logout=true - - name: Create PR comment for ${{ matrix.service }} - uses: marocchino/sticky-pull-request-comment@v2 - with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - header: deployment-kesaseteli-${{ matrix.service }} - message: | - **${{ matrix.service }} is deployed to: ${{ env.ENVIRONMENT_URL }}** :rocket::rocket::rocket: - acceptance-tests: - name: KS Acceptance tests - runs-on: ubuntu-latest - needs: Review - defaults: - run: - working-directory: ./frontend - strategy: - fail-fast: false - matrix: - service: [ 'ks-empl', 'ks-youth', 'ks-handler' ] - include: - - service: ks-empl - dir: kesaseteli/employer - - service: ks-youth - dir: kesaseteli/youth - - service: ks-handler - dir: kesaseteli/handler - steps: - - uses: actions/checkout@v3 - - name: Setup kubectl - run: | - echo "${{ env.KUBECONFIG_RAW }}" > $(pwd)/kubeconfig - echo "KUBECONFIG=$(pwd)/kubeconfig" >> $GITHUB_ENV - shell: bash - - name: Setup Node.js environment - uses: actions/setup-node@v3 - with: - node-version: "18" - - name: Get yarn cache directory path - id: yarn-cache-dir-path - run: echo "::set-output name=dir::$(yarn config get cacheFolder)" - - uses: actions/cache@v3 - id: yarn-cache - with: - path: ${{ steps.yarn-cache-dir-path.outputs.dir }} - key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} - restore-keys: | - ${{ runner.os }}-yarn- - - name: Install dependencies - run: yarn --prefer-offline --frozen-lockfile --check-files --production=false - - name: Service with ingress - run: | - echo "ENVIRONMENT_URL=https://${{ matrix.service }}-${{ github.event.pull_request.number }}.${{ env.BASE_DOMAIN }}" >> $GITHUB_ENV - - name: Run Acceptance Tests for ${{ matrix.service }} - id: testcafe - run: yarn --cwd ${{matrix.dir}} browser-test:ci -q attemptLimit=3,successThreshold=1 - env: - GITHUB_WORKFLOW_NAME: ${{ github.workflow }} - GITHUB_WORKFLOW_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} - FRONTEND_URL: ${{ env.ENVIRONMENT_URL }} - EMPLOYER_URL: ${{ env.EMPLOYER_URL }} - YOUTH_URL: ${{ env.YOUTH_URL }} - HANDLER_URL: ${{ env.HANDLER_URL }} - NEXT_PUBLIC_BACKEND_URL: ${{ env.NEXT_PUBLIC_BACKEND_URL }} - NEXT_PUBLIC_MOCK_FLAG: ${{ env.NEXT_PUBLIC_MOCK_FLAG }} - NEXT_PUBLIC_ENABLE_SUOMIFI: ${{ env.NEXT_PUBLIC_ENABLE_SUOMIFI }} - NEXT_PUBLIC_DISABLE_VTJ: ${{ env.NEXT_PUBLIC_DISABLE_VTJ }} - NEXT_PUBLIC_ACTIVATION_LINK_EXPIRATION_SECONDS: ${{ env.NEXT_PUBLIC_ACTIVATION_LINK_EXPIRATION_SECONDS }} - - - name: Upload Acceptance Test results for ${{ matrix.service }} - run: | - zip -r report.zip ${{matrix.dir}}/report > no_output 2>&1 - curl -s -H "Content-Type: application/zip" -H "Authorization: Bearer ${{ secrets.NETLIFY_AUTH_TOKEN }}" --data-binary "@report.zip" https://api.netlify.com/api/v1/sites > response.json - echo "REPORT_URL=$(cat response.json|python -c "import sys, json; print('https://' + json.load(sys.stdin)['subdomain'] + '.netlify.com')")" >> $GITHUB_ENV - if: always() && steps.testcafe.outcome == 'failure' - - name: Create/update PR comment for Acceptance Test results - uses: marocchino/sticky-pull-request-comment@v2 - with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - header: testcafe-results-${{ matrix.service }} - message: | - ## TestCafe result is __${{ steps.testcafe.outcome }}__ for ${{ env.ENVIRONMENT_URL }}! ${{steps.testcafe.outcome == 'success' && ':laughing::tada::tada::tada:' || ':crying_cat_face::anger::boom::boom:' }} - if: always() && (steps.testcafe.outcome == 'success' || steps.testcafe.outcome == 'failure') - - name: Create/update PR comment for Acceptance Test results - uses: marocchino/sticky-pull-request-comment@v2 - with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - header: testcafe-results-${{ matrix.service }} - append: true - message: | - **Check the report on: [${{ env.REPORT_URL }}](${{ env.REPORT_URL }})** - if: always() && steps.testcafe.outcome == 'failure' - - name: Upload screenshots and videos of failed tests to artifact - uses: actions/upload-artifact@v3 - with: - name: report - path: ./frontend/${{matrix.dir}}/report - if: always() && steps.testcafe.outcome == 'failure' diff --git a/.github/workflows/ks-shared-frontend-tests.yml b/.github/workflows/ks-shared-frontend-tests.yml index 39341ccd38..74b56233b3 100644 --- a/.github/workflows/ks-shared-frontend-tests.yml +++ b/.github/workflows/ks-shared-frontend-tests.yml @@ -2,15 +2,10 @@ name: Kesaseteli-shared Lint, Unit and Component tests on: push: - branches: [ develop, main ] + branches: [ main ] pull_request: paths: - - 'frontend/shared/**' - - 'frontend/kesaseteli/shared/**' - - 'frontend/*' - '.github/workflows/ks-shared-frontend-tests.yml' - - "!**/browser-tests/**" - - "!**/README.md" workflow_dispatch: defaults: run: diff --git a/.github/workflows/ks-stop_review.yml b/.github/workflows/ks-stop_review.yml deleted file mode 100644 index cd44c6df2f..0000000000 --- a/.github/workflows/ks-stop_review.yml +++ /dev/null @@ -1,47 +0,0 @@ -name: (KS) Stop Review -on: - pull_request: - types: [closed] - paths: - - 'backend/kesaseteli/**' - - 'frontend/kesaseteli/**' - - 'frontend/shared/**' - - 'frontend/*' - - '.github/workflows/ks-stop_review.yml' - workflow_dispatch: - inputs: - head_ref: - description: "Branch where review environment was created from (as in GitHub). Has to be given as the branch is probably removed and no longer available in the branch list. Can be empty if environment deployed manually" - pr_number: - description: "Own or pull request number of the environment creator" - -env: - KUBECONFIG_RAW: ${{ secrets.KUBECONFIG_RAW }} - -jobs: - stop_review: - if: ${{ github.actor != 'dependabot[bot]' }} - runs-on: ubuntu-latest - name: Stop Review - steps: - - uses: andersinno/kolga-setup-action@v2 - with: - head_ref: ${{ github.event.inputs.head_ref }} - pr_number: ${{ github.event.inputs.pr_number }} - - - name: Remove Review-Services - uses: City-of-Helsinki/review-services-action@main - with: - database: ${{ github.event.repository.name }}-ks-bknd-${{ github.event.pull_request.number }} - namespace: ${{ env.K8S_NAMESPACE }} - action: remove - db_user: ${{ secrets.K8S_SECRET_DATABASE_ADMIN_USERNAME_REVIEW }} - db_password: ${{ secrets.K8S_SECRET_DATABASE_ADMIN_PASSWORD_REVIEW }} - db_host: ${{ secrets.K8S_SECRET_DATABASE_HOST_REVIEW }} - db_port: ${{ secrets.K8S_SECRET_DATABASE_PORT_REVIEW }} - kubeconfig: ${{ secrets.KUBECONFIG_RAW }} - - - name: Stop Review - uses: andersinno/kolga-review-cleanup-action@v2 - with: - namespace: ${{ env.K8S_NAMESPACE }} diff --git a/.github/workflows/ks-youth-frontend-tests.yml b/.github/workflows/ks-youth-frontend-tests.yml index 0a547361f3..ab28eef742 100644 --- a/.github/workflows/ks-youth-frontend-tests.yml +++ b/.github/workflows/ks-youth-frontend-tests.yml @@ -2,16 +2,10 @@ name: (KS Youth) Frontend Lint, Unit and Component tests on: push: - branches: [develop, main] + branches: [main] pull_request: paths: - - "frontend/shared/**" - - "frontend/kesaseteli/shared/**" - - "frontend/kesaseteli/youth/**" - - "frontend/*" - ".github/workflows/ks-youth-frontend-tests.yml" - - "!**/browser-tests/**" - - "!**/README.md" workflow_dispatch: defaults: run: diff --git a/.github/workflows/shared-frontend-tests.yml b/.github/workflows/shared-frontend-tests.yml index 45317f81bc..3c54b5dba2 100644 --- a/.github/workflows/shared-frontend-tests.yml +++ b/.github/workflows/shared-frontend-tests.yml @@ -2,14 +2,10 @@ name: Shared Lint, Unit and Component tests on: push: - branches: [ develop, main ] + branches: [ main ] pull_request: paths: - - 'frontend/*' - - 'frontend/shared/**' - '.github/workflows/shared-tests.yml' - - "!**/browser-tests/**" - - "!**/README.md" workflow_dispatch: defaults: run: diff --git a/.github/workflows/te-admn-frontend-tests.yml b/.github/workflows/te-admn-frontend-tests.yml index bfe5300875..8530dad7fe 100644 --- a/.github/workflows/te-admn-frontend-tests.yml +++ b/.github/workflows/te-admn-frontend-tests.yml @@ -2,15 +2,10 @@ name: (TET) Admin Frontend Lint, Unit and Component tests on: push: - branches: [develop, main] + branches: [main] pull_request: paths: - - "frontend/shared/**" - - "frontend/tet/admin/**" - - "frontend/*" - ".github/workflows/te-admn-frontend-tests.yml" - - "!**/browser-tests/**" - - "!**/README.md" workflow_dispatch: defaults: run: diff --git a/.github/workflows/te-py-coding-style.yml b/.github/workflows/te-py-coding-style.yml index cdd84f922e..d6a07e1297 100644 --- a/.github/workflows/te-py-coding-style.yml +++ b/.github/workflows/te-py-coding-style.yml @@ -2,14 +2,11 @@ name: (TET) Python coding style on: push: - branches: [develop, main] + branches: [main] pull_request: paths: - - 'backend/tet/**' - - '.github/workflows/te-pytest.yml' - '.github/workflows/te-py-coding-style.yml' - - 'backend/shared/**' - + workflow_dispatch: env: DEBUG: 1 diff --git a/.github/workflows/te-pytest.yml b/.github/workflows/te-pytest.yml index da9031fe95..4aed62b5e6 100644 --- a/.github/workflows/te-pytest.yml +++ b/.github/workflows/te-pytest.yml @@ -2,13 +2,11 @@ name: (TET) Python tests on: push: - branches: [develop, main] + branches: [main] pull_request: paths: - - 'backend/tet/**' - '.github/workflows/te-pytest.yml' - - 'backend/shared/**' - + workflow_dispatch: env: DEBUG: 1 diff --git a/.github/workflows/te-review.yml b/.github/workflows/te-review.yml deleted file mode 100644 index da23cec1e2..0000000000 --- a/.github/workflows/te-review.yml +++ /dev/null @@ -1,306 +0,0 @@ -name: (TET) Build & Review & Acceptance tests -on: - pull_request: - paths: - - 'backend/tet/**' - - 'frontend/tet/**' - - 'frontend/shared/**' - - 'frontend/*' - - '.github/workflows/te-review.yml' - - '!frontend/**/__tests__' - - '!**/README.md' - workflow_dispatch: - inputs: - build_required: - description: "Build images (true/false)" - required: true - default: "false" - pr_number: - description: "Pull request number (if redeploy without build) or own number for environment" - required: true - -env: - CONTAINER_REGISTRY: ghcr.io - CONTAINER_REGISTRY_USER: ${{ secrets.GHCR_CONTAINER_REGISTRY_USER }} - CONTAINER_REGISTRY_PASSWORD: ${{ secrets.GHCR_TOKEN }} - CONTAINER_REGISTRY_REPO: ghcr.io/city-of-helsinki/${{ github.event.repository.name }} - REPO_NAME: ${{ github.event.repository.name }} - KUBECONFIG_RAW: ${{ secrets.KUBECONFIG_RAW }} - BUILD_ARTIFACT_FOLDER: 'build_artifacts' - SERVICE_ARTIFACT_FOLDER: 'service_artifacts' - BASE_DOMAIN: ${{ secrets.BASE_DOMAIN_STAGING }} - DATABASE_USER: user - DATABASE_PASSWORD: testing-password - K8S_REQUEST_CPU: 5m - K8S_REQUEST_RAM: 256Mi - K8S_LIMIT_CPU: 500m - K8S_LIMIT_RAM: 428Mi - K8S_PROBE_FAILURE_THRESHOLD: 30 - K8S_PROBE_PERIOD: 20 - HELM_BUFFER_TIME: 300 - YOUTH_URL: https://te-yout-${{ github.event.pull_request.number }}.${{ secrets.BASE_DOMAIN_STAGING }} - ADMIN_URL: https://te-admn-${{ github.event.pull_request.number }}.${{ secrets.BASE_DOMAIN_STAGING }} - NEXT_PUBLIC_BACKEND_URL: https://te-bknd-${{ github.event.pull_request.number }}.${{ secrets.BASE_DOMAIN_STAGING }} - NEXT_PUBLIC_MOCK_FLAG: 1 - CORS_ALLOW_ALL_ORIGINS: 1 - NEXT_SHARP_PATH: /app/node_modules/sharp - -jobs: - build: - if: ${{ github.actor != 'dependabot[bot]' }} - strategy: - fail-fast: false - matrix: - service: [ 'te-bknd', 'te-admn', 'te-yout' ] - include: - - service: te-bknd - context: ./backend - dockerfile: ./backend/docker/tet.Dockerfile - port: 8000 - - service: te-yout - context: ./frontend - dockerfile: ./frontend/Dockerfile - project: tet - folder: youth - port: 3000 - - service: te-admn - context: ./frontend - dockerfile: ./frontend/Dockerfile - project: tet - folder: admin - port: 3000 - concurrency: - group: ${{ github.event.pull_request.number }}-${{ matrix.service }} - cancel-in-progress: false - runs-on: ubuntu-latest - name: Build - steps: - - uses: actions/checkout@v3 - - - name: Build ${{ matrix.service }} - if: github.event_name == 'pull_request' || github.event.inputs.build_required == 'true' - # uses: andersinno/kolga-build-action@v2 temporary disabled due to build problem - # https://helsinkisolutionoffice.atlassian.net/browse/DEVOPS-424 - uses: docker://ghcr.io/andersinno/kolga:2c6028bb7f478301d53928b0a72d5e87f58c0ac8-production - with: - entrypoint: /app/devops - args: create_images - env: - # Don't need to lint / typecheck for e2e, they're done in another workflow - DOCKER_BUILD_ARG_NEXTJS_IGNORE_ESLINT: true - # TODO we need separate typecheck to te-*-frontend-test.yml workflow - DOCKER_BUILD_ARG_NEXTJS_IGNORE_TYPECHECK: false - DOCKER_BUILD_ARG_NEXT_DISABLE_SOURCEMAPS: true - DOCKER_BUILD_ARG_NEXT_TELEMETRY_DISABLED: true - DOCKER_BUILD_ARG_NEXTJS_SENTRY_UPLOAD_DRY_RUN: true - DOCKER_BUILD_ARG_NEXTJS_DISABLE_SENTRY: true - DOCKER_BUILD_ARG_NEXT_PUBLIC_BACKEND_URL: ${{ env.NEXT_PUBLIC_BACKEND_URL }} - DOCKER_BUILD_ARG_NEXT_PUBLIC_SENTRY_DSN: ${{ secrets.NEXT_PUBLIC_SENTRY_DSN }} - DOCKER_BUILD_ARG_NEXT_PUBLIC_SENTRY_ENVIRONMENT: ${{ secrets.NEXT_PUBLIC_SENTRY_ENVIRONMENT }} - DOCKER_BUILD_ARG_NEXT_PUBLIC_SENTRY_TRACE_SAMPLE_RATE: 1.0 - DOCKER_BUILD_ARG_NEXT_PUBLIC_MOCK_FLAG: ${{ env.NEXT_PUBLIC_MOCK_FLAG }} - DOCKER_BUILD_ARG_NEXT_SHARP_PATH: ${{ env.NEXT_SHARP_PATH }} - DOCKER_BUILD_ARG_PROJECT: ${{ matrix.project }} - DOCKER_BUILD_ARG_FOLDER: ${{ matrix.folder }} - DOCKER_BUILD_ARG_PORT: ${{ matrix.port }} - DOCKER_BUILD_SOURCE: ${{ matrix.dockerfile }} - DOCKER_BUILD_CONTEXT: ${{ matrix.context }} - DOCKER_IMAGE_NAME: ${{ matrix.service }} - SERVICE_PORT: ${{ matrix.port }} - BUILDKIT_CACHE_DISABLE: true - review: - strategy: - fail-fast: false - matrix: - service: [ 'te-bknd', 'te-admn', 'te-yout' ] - include: - - service: te-bknd - context: ./backend - dockerfile: ./backend/docker/tet.Dockerfile - database: true - port: 8000 - - service: te-yout - context: ./frontend - dockerfile: ./frontend/Dockerfile - database: false - project: tet - folder: youth - port: 3000 - - service: te-admn - context: ./frontend - dockerfile: ./frontend/Dockerfile - database: false - project: tet - folder: admin - port: 3000 - concurrency: - group: ${{ github.event.pull_request.number }}-${{ matrix.service }} - cancel-in-progress: false - runs-on: ubuntu-latest - needs: build - name: Review - steps: - - uses: actions/checkout@v3 - - uses: andersinno/kolga-setup-action@v2 - with: - pr_number: ${{ github.event.inputs.pr_number }} - - - name: Backend variables - if: matrix.database - env: - SECRET_KEY: ${{ secrets.K8S_SECRET_SECRET_KEY_REVIEW }} - K8S_SECRET_ENCRYPTION_KEY: ${{ secrets.K8S_SECRET_ENCRYPTION_KEY_REVIEW }} - K8S_SECRET_SOCIAL_SECURITY_NUMBER_HASH_KEY: ${{ secrets.K8S_SECRET_SOCIAL_SECURITY_NUMBER_HASH_KEY_REVIEW }} - run: | - echo "K8S_SECRET_ALLOWED_HOSTS=*" >> $GITHUB_ENV - echo "K8S_SECRET_SECRET_KEY=$SECRET_KEY" >> $GITHUB_ENV - echo "K8S_SECRET_CSRF_COOKIE_DOMAIN=.test.kuva.hel.ninja" >> $GITHUB_ENV - echo "K8S_SECRET_CORS_ALLOWED_ORIGINS=${{ env.YOUTH_URL }},${{ env.ADMIN_URL }}" >> $GITHUB_ENV - echo "K8S_SECRET_CSRF_TRUSTED_ORIGINS=.test.kuva.hel.ninja" >> $GITHUB_ENV - echo "K8S_SECRET_NEXT_PUBLIC_MOCK_FLAG=${{ env.NEXT_PUBLIC_MOCK_FLAG }}" >> $GITHUB_ENV - echo "K8S_SECRET_LOGIN_REDIRECT_URL=${{ env.ADMIN_URL }}" >> $GITHUB_ENV - echo "K8S_SECRET_LOGIN_REDIRECT_URL_FAILURE=${{ env.ADMIN_URL }}/login?error=true" >> $GITHUB_ENV - echo "K8S_SECRET_AD_LOGIN_REDIRECT_URL=${{ env.ADMIN_URL }}" >> $GITHUB_ENV - echo "K8S_SECRET_AD_LOGIN_REDIRECT_URL_FAILURE=${{ env.ADMIN_URL }}/login?error=true" >> $GITHUB_ENV - echo "K8S_SECRET_LOGOUT_REDIRECT_URL=${{ env.ADMIN_URL }}/login?logout=true" >> $GITHUB_ENV - echo "K8S_SECRET_EAUTH_REDIRECT_URL=${{ env.ADMIN_URL }}" >> $GITHUB_ENV - echo "K8S_SECRET_EAUTH_REDIRECT_URL_FAILURE=${{ env.ADMIN_URL }}/login?error=true" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_DB=${{ github.event.repository.name }}-${{ matrix.service }}-${{ github.event.pull_request.number }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_HOST=${{ secrets.K8S_SECRET_DATABASE_HOST_REVIEW }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_PORT=${{ secrets.K8S_SECRET_DATABASE_PORT_REVIEW }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_USERNAME=${{ secrets.K8S_SECRET_DATABASE_USERNAME_REVIEW }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_PASSWORD=${{ secrets.K8S_SECRET_DATABASE_PASSWORD_REVIEW }}" >> $GITHUB_ENV - echo "K8S_SECRET_DATABASE_URL=postgresql://${{ secrets.K8S_SECRET_DATABASE_USERNAME_REVIEW }}:${{ secrets.K8S_SECRET_DATABASE_PASSWORD_REVIEW }}@${{ secrets.K8S_SECRET_DATABASE_HOST_REVIEW}}:${{ secrets.K8S_SECRET_DATABASE_PORT_REVIEW }}/${{ github.event.repository.name }}-${{ matrix.service }}-${{ github.event.pull_request.number }}" >> $GITHUB_ENV - - - name: Review-Services - if: matrix.database - uses: City-of-Helsinki/review-services-action@main - with: - database: ${{ github.event.repository.name }}-${{ matrix.service }}-${{ github.event.pull_request.number }} - namespace: ${{ env.K8S_NAMESPACE }} - action: create - db_user: ${{ secrets.K8S_SECRET_DATABASE_ADMIN_USERNAME_REVIEW }} - db_password: ${{ secrets.K8S_SECRET_DATABASE_ADMIN_PASSWORD_REVIEW}} - db_host: ${{ secrets.K8S_SECRET_DATABASE_HOST_REVIEW }} - db_port: ${{ secrets.K8S_SECRET_DATABASE_PORT_REVIEW }} - kubeconfig: ${{ secrets.KUBECONFIG_RAW }} - - - name: Service with ingress - run: | - echo "ENVIRONMENT_URL=https://${{ matrix.service }}-${{ github.event.pull_request.number }}.${{ env.BASE_DOMAIN }}" >> $GITHUB_ENV - - - name: Deploy - uses: andersinno/kolga-deploy-action@v2 - env: - DOCKER_BUILD_SOURCE: ${{ matrix.dockerfile }} - DOCKER_BUILD_CONTEXT: ./${{ matrix.context }} - DOCKER_IMAGE_NAME: ${{ matrix.service }} - PROJECT_NAME: ${{ github.event.repository.name }}-${{ matrix.service }} - K8S_SECRET_VERSION: ${{ github.sha }} - VAULT_JWT_PRIVATE_KEY: ${{ secrets.VAULT_ACCESS_PRIVATE_KEY_REVIEW }} - VAULT_ADDR: ${{ secrets.VAULT_ADDR }} - VAULT_KV_VERSION: "2" - VAULT_JWT_AUTH_PATH: ${{ github.event.repository.name }}-${{ matrix.service }}-review - VAULT_KV_SECRET_MOUNT_POINT: review - SERVICE_PORT: ${{ matrix.port }} - K8S_SECRET_ALLOWED_HOSTS: "*" - APP_MIGRATE_COMMAND: ${{ matrix.database == true && '/app/.prod/on_deploy.sh' || ''}} - CORS_ALLOWED_ORIGINS: ${{ env.YOUTH_URL }},${{ env.ADMIN_URL }} - CSRF_TRUSTED_ORIGINS: ${{ env.YOUTH_URL }},${{ env.ADMIN_URL }} - AD_LOGIN_REDIRECT_URL: ${{ env.ADMIN_URL }} - AD_LOGIN_REDIRECT_URL_FAILURE: ${{ env.ADMIN_URL }}/login?error=true - EAUTH_REDIRECT_URL: ${{ env.ADMIN_URL }} - EAUTH_REDIRECT_URL_FAILURE: ${{ env.ADMIN_URL }}/login?error=true - LOGOUT_REDIRECT_URL: ${{ env.ADMIN_URL }}/login?logout=true - NEXT_SHARP_PATH: ${ env.NEXT_SHARP_PATH } - - - name: Create PR comment for ${{ matrix.service }} - uses: marocchino/sticky-pull-request-comment@v2 - with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - header: deployment-te-${{ matrix.service }} - message: | - **${{ matrix.service }} is deployed to: ${{ env.ENVIRONMENT_URL }}** :rocket::rocket::rocket: - acceptance-tests: - name: TET Acceptance tests - runs-on: ubuntu-latest - needs: Review - defaults: - run: - working-directory: ./frontend - strategy: - fail-fast: false - matrix: - service: [ 'te-admn', 'te-yout' ] - include: - - service: te-admn - dir: tet/admin - - service: te-yout - dir: tet/youth - steps: - - uses: actions/checkout@v3 - - name: Setup kubectl - run: | - echo "${{ env.KUBECONFIG_RAW }}" > $(pwd)/kubeconfig - echo "KUBECONFIG=$(pwd)/kubeconfig" >> $GITHUB_ENV - shell: bash - - name: Setup Node.js environment - uses: actions/setup-node@v3 - with: - node-version: "18" - - name: Get yarn cache directory path - id: yarn-cache-dir-path - run: echo "::set-output name=dir::$(yarn config get cacheFolder)" - - uses: actions/cache@v3 - id: yarn-cache - with: - path: ${{ steps.yarn-cache-dir-path.outputs.dir }} - key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} - restore-keys: | - ${{ runner.os }}-yarn- - - name: Install dependencies - run: yarn --prefer-offline --frozen-lockfile --check-files --production=false - - name: Service with ingress - run: | - echo "ENVIRONMENT_URL=https://${{ matrix.service }}-${{ github.event.pull_request.number }}.${{ env.BASE_DOMAIN }}" >> $GITHUB_ENV - - name: Run Acceptance Tests for ${{ matrix.service }} - id: testcafe - run: yarn --cwd ${{matrix.dir}} browser-test:ci -q attemptLimit=3,successThreshold=1 - env: - GITHUB_WORKFLOW_NAME: ${{ github.workflow }} - GITHUB_WORKFLOW_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} - FRONTEND_URL: ${{ env.ENVIRONMENT_URL }} - YOUTH_URL: ${{ env.YOUTH_URL }} - ADMIN_URL: ${{ env.ADMIN_URL }} - NEXT_PUBLIC_BACKEND_URL: ${{ env.NEXT_PUBLIC_BACKEND_URL }} - NEXT_PUBLIC_MOCK_FLAG: ${{ env.NEXT_PUBLIC_MOCK_FLAG }} - - - name: Upload Acceptance Test results for ${{ matrix.service }} - run: | - zip -r report.zip ${{matrix.dir}}/report > no_output 2>&1 - curl -s -H "Content-Type: application/zip" -H "Authorization: Bearer ${{ secrets.NETLIFY_AUTH_TOKEN }}" --data-binary "@report.zip" https://api.netlify.com/api/v1/sites > response.json - echo "REPORT_URL=$(cat response.json|python -c "import sys, json; print('https://' + json.load(sys.stdin)['subdomain'] + '.netlify.com')")" >> $GITHUB_ENV - if: always() && steps.testcafe.outcome == 'failure' - - name: Create/update PR comment for Acceptance Test results - uses: marocchino/sticky-pull-request-comment@v2 - with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - header: testcafe-results-${{ matrix.service }} - message: | - ## TestCafe result is __${{ steps.testcafe.outcome }}__ for ${{ env.ENVIRONMENT_URL }}! ${{steps.testcafe.outcome == 'success' && ':laughing::tada::tada::tada:' || ':crying_cat_face::anger::boom::boom:' }} - if: always() && (steps.testcafe.outcome == 'success' || steps.testcafe.outcome == 'failure') - - name: Create/update PR comment for Acceptance Test results - uses: marocchino/sticky-pull-request-comment@v2 - with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - header: testcafe-results-${{ matrix.service }} - append: true - message: | - **Check the report on: [${{ env.REPORT_URL }}](${{ env.REPORT_URL }})** - if: always() && steps.testcafe.outcome == 'failure' - - name: Upload screenshots and videos of failed tests to artifact - uses: actions/upload-artifact@v3 - with: - name: report - path: ./frontend/${{matrix.dir}}/report - if: always() && steps.testcafe.outcome == 'failure' diff --git a/.github/workflows/te-shared-frontend-tests.yml b/.github/workflows/te-shared-frontend-tests.yml index 6700d9c690..31899cb181 100644 --- a/.github/workflows/te-shared-frontend-tests.yml +++ b/.github/workflows/te-shared-frontend-tests.yml @@ -2,15 +2,10 @@ name: (TET) Shared Frontend Lint, Unit and Component tests on: push: - branches: [ develop, main ] + branches: [ main ] pull_request: paths: - - 'frontend/shared/**' - - 'frontend/tet/shared/**' - - 'frontend/*' - '.github/workflows/te-shared-frontend-tests.yml' - - "!**/browser-tests/**" - - "!**/README.md" workflow_dispatch: defaults: run: diff --git a/.github/workflows/te-stop_review.yml b/.github/workflows/te-stop_review.yml deleted file mode 100644 index a6923699bd..0000000000 --- a/.github/workflows/te-stop_review.yml +++ /dev/null @@ -1,47 +0,0 @@ -name: (TET) Stop Review -on: - pull_request: - types: [closed] - paths: - - 'backend/tet/**' - - 'frontend/tet/**' - - 'frontend/shared/**' - - 'frontend/*' - - '.github/workflows/te-stop_review.yml' - workflow_dispatch: - inputs: - head_ref: - description: "Branch where review environment was created from (as in GitHub). Has to be given as the branch is probably removed and no longer available in the branch list. Can be empty if environment deployed manually" - pr_number: - description: "Own or pull request number of the environment creator" - -env: - KUBECONFIG_RAW: ${{ secrets.KUBECONFIG_RAW }} - -jobs: - stop_review: - if: ${{ github.actor != 'dependabot[bot]' }} - runs-on: ubuntu-latest - name: Stop Review - steps: - - uses: andersinno/kolga-setup-action@v2 - with: - head_ref: ${{ github.event.inputs.head_ref }} - pr_number: ${{ github.event.inputs.pr_number }} - - - name: Remove Review-Services - uses: City-of-Helsinki/review-services-action@main - with: - database: ${{ github.event.repository.name }}-te-bknd-${{ github.event.pull_request.number }} - namespace: ${{ env.K8S_NAMESPACE }} - action: remove - db_user: ${{ secrets.K8S_SECRET_DATABASE_ADMIN_USERNAME_REVIEW }} - db_password: ${{ secrets.K8S_SECRET_DATABASE_ADMIN_PASSWORD_REVIEW }} - db_host: ${{ secrets.K8S_SECRET_DATABASE_HOST_REVIEW }} - db_port: ${{ secrets.K8S_SECRET_DATABASE_PORT_REVIEW }} - kubeconfig: ${{ secrets.KUBECONFIG_RAW }} - - - name: Stop Review - uses: andersinno/kolga-review-cleanup-action@v2 - with: - namespace: ${{ env.K8S_NAMESPACE }} diff --git a/.github/workflows/te-yout-frontend-tests.yml b/.github/workflows/te-yout-frontend-tests.yml index 58e1433a10..ed02d9f56b 100644 --- a/.github/workflows/te-yout-frontend-tests.yml +++ b/.github/workflows/te-yout-frontend-tests.yml @@ -2,15 +2,10 @@ name: (TET) Youth Frontend Lint, Unit and Component tests on: push: - branches: [develop, main] + branches: [main] pull_request: paths: - - "frontend/shared/**" - - "frontend/*" - - "frontend/tet/**" - ".github/workflows/te-yout-frontend-tests.yml" - - "!**/browser-tests/**" - - "!**/README.md" workflow_dispatch: defaults: run: diff --git a/.github/workflows/yarn-audit-scheduled.yml b/.github/workflows/yarn-audit-scheduled.yml index ad180fb4b5..f6b95991c6 100644 --- a/.github/workflows/yarn-audit-scheduled.yml +++ b/.github/workflows/yarn-audit-scheduled.yml @@ -4,7 +4,7 @@ on: # Once a day at 5 o-clock - cron: "0 5 * * *" push: - branches: [develop, main] + branches: [main] pull_request: paths: - '.github/workflows/yarn-audit-scheduled.yml'