Fix cms rate q&a questions table UI (#2872) #2111
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Promote | |
| on: | |
| push: | |
| branches: | |
| - 'main' | |
| jobs: | |
| unit-tests: | |
| name: test - unit tests | |
| runs-on: ubuntu-20.04 | |
| outputs: | |
| app-version: ${{ steps.branch-name.outputs.app-version}} | |
| changed-services: "[ | |
| 'app-api', | |
| 'app-web', | |
| 'postgres', | |
| 'storybook', | |
| 'ui-auth', | |
| 'ui', | |
| 'uploads', | |
| 'run-migrations', | |
| 'prisma-layer', | |
| 'infra-api', | |
| 'github-oidc' | |
| ]" | |
| services: | |
| postgres: | |
| image: postgres:13.3 | |
| env: | |
| VITE_APP_AUTH_MODE: IDM | |
| POSTGRES_PASSWORD: shhhsecret #pragma: allowlist secret | |
| # Set health checks to wait until postgres has started | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 5432:5432 | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v4 | |
| - name: set app version | |
| id: app-version | |
| shell: bash | |
| run: echo "::set-output name=app-version::$(scripts/app_version.sh)" | |
| - name: Setup env | |
| uses: ./.github/actions/setup_env | |
| - name: Generate GraphQL | |
| run: pnpm -r gqlgen | |
| - name: Generate Protos | |
| working-directory: services/app-proto | |
| run: pnpm generate | |
| - name: Generate Prisma | |
| env: | |
| NODE_OPTIONS: --max_old_space_size=6000 | |
| VITE_APP_AUTH_MODE: AWS_COGNITO | |
| DATABASE_URL: postgresql://postgres:shhhsecret@localhost:5432/postgres?schema=public&connection_limit=5 #pragma: allowlist secret | |
| working-directory: services/app-api | |
| run: | | |
| pnpm generate | |
| npx prisma migrate reset --force | |
| - name: API Unit Tests | |
| env: | |
| VITE_APP_AUTH_MODE: IDM | |
| VITE_APP_OTEL_COLLECTOR_URL: ${{vars.VITE_APP_OTEL_COLLECTOR_URL}} | |
| DATABASE_URL: postgresql://postgres:shhhsecret@localhost:5432/postgres?schema=public&connection_limit=5 #pragma: allowlist secret | |
| NODE_OPTIONS: --max_old_space_size=6000 | |
| working-directory: services/app-api | |
| run: pnpm test:coverage | |
| - name: Web Unit Tests | |
| env: | |
| VITE_APP_AUTH_MODE: IDM | |
| VITE_APP_OTEL_COLLECTOR_URL: ${{vars.VITE_APP_OTEL_COLLECTOR_URL}} | |
| DATABASE_URL: postgresql://postgres:shhhsecret@localhost:5432/postgres?schema=public&connection_limit=5 #pragma: allowlist secret | |
| NODE_OPTIONS: --max_old_space_size=6000 | |
| working-directory: services/app-web | |
| run: pnpm test:coverage | |
| - name: publish code coverage | |
| uses: paambaati/codeclimate-action@v9.0.0 | |
| continue-on-error: true | |
| env: | |
| CC_TEST_REPORTER_ID: f7474ffe9522492f5380eb86189480f352c841718c1fe6a63f169353c7cee243 | |
| with: | |
| debug: true | |
| coverageLocations: | | |
| ${{github.workspace}}/services/app-api/coverage/lcov.info:lcov | |
| ${{github.workspace}}/services/app-web/coverage/lcov.info:lcov | |
| - name: lock this branch to prevent concurrent builds | |
| run: ./.github/github-lock.sh | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| build-prisma-client-lambda-layer: | |
| name: build - postgres prisma layer | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v4 | |
| - name: Setup env | |
| uses: ./.github/actions/setup_env | |
| - name: Generate protos | |
| working-directory: services/app-proto | |
| run: pnpm generate | |
| # Generate Prisma Client and binary that can run in a lambda environment | |
| - name: Prepare prisma client | |
| working-directory: services/app-api | |
| run: PRISMA_CLI_BINARY_TARGETS=rhel-openssl-3.0.x pnpm prisma generate | |
| - name: Prepare "@prisma/client" lambda layer | |
| working-directory: services/app-api | |
| run: ./scripts/prepare-prisma-layer.sh | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: lambda-layers-prisma-client-migration | |
| path: ./services/app-api/lambda-layers-prisma-client-migration | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: lambda-layers-prisma-client-engine | |
| path: ./services/app-api/lambda-layers-prisma-client-engine | |
| build-clamav-layer: | |
| name: build - clamav layer | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v4 | |
| - name: Setup env | |
| uses: ./.github/actions/setup_env | |
| - name: Prepare ClamAV layer | |
| working-directory: services/uploads/src/avLayer | |
| run: ./dockerbuild.sh | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: lambda-layers-clamav | |
| path: ./services/uploads/src/avLayer/build/lambda_layer.zip | |
| promote-infra-dev: | |
| needs: [build-prisma-client-lambda-layer, build-clamav-layer, unit-tests] | |
| uses: Enterprise-CMCS/managed-care-review/.github/workflows/deploy-infra-to-env.yml@main | |
| with: | |
| environment: dev | |
| stage_name: main | |
| changed_services: ${{ needs.unit-tests.outputs.changed-services}} | |
| aws_default_region: ${{ vars.AWS_DEFAULT_REGION }} | |
| secrets: | |
| aws_account_id: ${{ secrets.DEV_AWS_ACCOUNT_ID }} | |
| nr_license_key: ${{ secrets.NR_LICENSE_KEY }} | |
| slack_webhook_url: ${{ secrets.SLACK_WEBHOOK }} | |
| promote-app-dev: | |
| needs: [promote-infra-dev, build-prisma-client-lambda-layer, unit-tests] | |
| uses: Enterprise-CMCS/managed-care-review/.github/workflows/deploy-app-to-env.yml@main | |
| with: | |
| environment: dev | |
| stage_name: main | |
| app_version: ${{ needs.unit-tests.outputs.app-version }} | |
| changed_services: ${{ needs.unit-tests.outputs.changed-services}} | |
| aws_default_region: ${{ vars.AWS_DEFAULT_REGION }} | |
| vite_app_auth_mode: IDM | |
| secrets: | |
| aws_account_id: ${{ secrets.DEV_AWS_ACCOUNT_ID }} | |
| nr_license_key: ${{ secrets.NR_LICENSE_KEY }} | |
| promote-infra-val: | |
| needs: [promote-app-dev, unit-tests] | |
| uses: Enterprise-CMCS/managed-care-review/.github/workflows/deploy-infra-to-env.yml@main | |
| with: | |
| environment: val | |
| stage_name: val | |
| changed_services: ${{ needs.unit-tests.outputs.changed-services}} | |
| aws_default_region: ${{ vars.AWS_DEFAULT_REGION }} | |
| secrets: | |
| aws_account_id: ${{ secrets.VAL_AWS_ACCOUNT_ID }} | |
| nr_license_key: ${{ secrets.NR_LICENSE_KEY }} | |
| slack_webhook_url: ${{ secrets.SLACK_WEBHOOK }} | |
| promote-app-val: | |
| needs: [promote-app-dev, promote-infra-val, unit-tests] | |
| uses: Enterprise-CMCS/managed-care-review/.github/workflows/deploy-app-to-env.yml@main | |
| with: | |
| environment: val | |
| stage_name: val | |
| app_version: ${{ needs.unit-tests.outputs.app-version }} | |
| changed_services: ${{ needs.unit-tests.outputs.changed-services}} | |
| aws_default_region: ${{ vars.AWS_DEFAULT_REGION }} | |
| vite_app_auth_mode: IDM | |
| secrets: | |
| aws_account_id: ${{ secrets.VAL_AWS_ACCOUNT_ID }} | |
| nr_license_key: ${{ secrets.NR_LICENSE_KEY }} | |
| promote-infra-prod: | |
| needs: [promote-app-val, unit-tests] | |
| uses: Enterprise-CMCS/managed-care-review/.github/workflows/deploy-infra-to-env.yml@main | |
| with: | |
| environment: prod | |
| stage_name: prod | |
| changed_services: ${{ needs.unit-tests.outputs.changed-services}} | |
| aws_default_region: ${{ vars.AWS_DEFAULT_REGION }} | |
| secrets: | |
| aws_account_id: ${{ secrets.PROD_AWS_ACCOUNT_ID }} | |
| nr_license_key: ${{ secrets.NR_LICENSE_KEY }} | |
| slack_webhook_url: ${{ secrets.SLACK_WEBHOOK }} | |
| promote-app-prod: | |
| needs: [promote-app-val, promote-infra-prod, unit-tests] | |
| uses: Enterprise-CMCS/managed-care-review/.github/workflows/deploy-app-to-env.yml@main | |
| with: | |
| environment: prod | |
| stage_name: prod | |
| app_version: ${{ needs.unit-tests.outputs.app-version }} | |
| changed_services: ${{ needs.unit-tests.outputs.changed-services}} | |
| aws_default_region: ${{ vars.AWS_DEFAULT_REGION }} | |
| vite_app_auth_mode: IDM | |
| secrets: | |
| aws_account_id: ${{ secrets.PROD_AWS_ACCOUNT_ID }} | |
| nr_license_key: ${{ secrets.NR_LICENSE_KEY }} | |
| cypress-prod: | |
| name: prod - cypress | |
| needs: [promote-app-prod] | |
| runs-on: ubuntu-20.04 | |
| container: | |
| image: cypress/browsers:node-20.14.0-chrome-126.0.6478.114-1-ff-127.0.1-edge-126.0.2592.61-1 | |
| options: --user 1001 | |
| strategy: | |
| fail-fast: false | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Generate unique ID for Cypress | |
| id: uuid | |
| run: echo "::set-output name=value::sha-$GITHUB_SHA-time-$(date +"%s")" | |
| - name: Setup env | |
| uses: ./.github/actions/setup_env | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: app-web-gen deploy prod | |
| path: ./services/app-web/src/gen | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: cypress-gen deploy prod | |
| path: ./services/cypress/gen | |
| - name: Cypress chrome fix | |
| run: | | |
| export DISPLAY=:1 | |
| Xvfb :1 -screen 0 1024x768x16 2>/dev/null & | |
| - name: Cypress on Prod -- Chrome | |
| id: cypress | |
| uses: cypress-io/github-action@v6 | |
| with: | |
| config: baseUrl=https://mc-review.onemac.cms.gov | |
| spec: services/cypress/integration/promoteWorkflow/promote.spec.ts | |
| record: true | |
| parallel: false | |
| browser: chrome | |
| group: 'Chrome - prod' | |
| ci-build-id: ${{ steps.uuid.outputs.value }} | |
| # Point to the cypress config file from root | |
| config-file: services/cypress/cypress.config.ts | |
| env: | |
| VITE_APP_AUTH_MODE: IDM | |
| CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_RECORD_KEY }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # Overwrites folder directories in cypress config because in CI we run from root | |
| CYPRESS_SUPPORT_FILE: services/cypress/support/index.ts | |
| CYPRESS_FIXTURES_FOLDER: services/cypress/fixtures | |
| CYPRESS_SPEC_PATTERN: services/cypress/integration/**/*.spec.ts | |
| CYPRESS_SCREEN_SHOTS_FOLDER: services/cypress/screenshots | |
| CYPRESS_VIDEOS_FOLDER: services/cypress/videos | |
| - name: Upload cypress video | |
| uses: actions/upload-artifact@v4 | |
| if: failure() && steps.cypress.outcome == 'failure' | |
| with: | |
| name: cypress-videos | |
| path: services/cypress/videos | |
| slack: | |
| name: Slack notification on failure | |
| runs-on: ubuntu-20.04 | |
| needs: [cypress-prod, promote-app-val] | |
| if: always() | |
| steps: | |
| # this action sets env.WORKFLOW_CONCLUSION so we can call a | |
| # failure notification if any part of the workflow fails | |
| - uses: technote-space/workflow-conclusion-action@v3 | |
| - name: Alert Slack On Failure | |
| uses: rtCamp/action-slack-notify@v2 | |
| if: (env.WORKFLOW_CONCLUSION == 'failure' || needs.cypress-prod.result == 'skipped' || needs.promote-app-val.result == 'skipped') | |
| env: | |
| SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
| SLACK_USERNAME: Deploy Alerts | |
| SLACK_ICON_EMOJI: ':bell:' | |
| SLACK_COLOR: failure | |
| SLACK_FOOTER: '' | |
| MSG_MINIMAL: actions url,commit |