Skip to content

Update backend tasks to check for cognito user expiration #3415

Update backend tasks to check for cognito user expiration

Update backend tasks to check for cognito user expiration #3415

Workflow file for this run

name: Backend Pipeline
on:
push:
branches:
- master
- production
paths:
- 'backend/**'
- '.github/workflows/backend.yml'
pull_request:
branches:
- master
- production
paths:
- 'backend/**'
- '.github/workflows/backend.yml'
defaults:
run:
working-directory: ./backend
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '18'
- name: Restore npm cache
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Install dependencies
run: npm ci
- name: Lint
run: npm run lint
test:
runs-on: ubuntu-latest
timeout-minutes: 20
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '18'
- name: Restore npm cache
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Install dependencies
run: npm ci
- name: Run site locally
run: |
cp dev.env.example .env
docker-compose up -d db backend es
npm install -g wait-port
wait-port -t 3000 5432 9200 9300
working-directory: ./
- name: Sync database
run: npm run syncdb
working-directory: ./backend
- name: Test
run: npm run test -- --collectCoverage --silent
- name: Package
run: npx sls package
env:
SLS_DEBUG: '*'
test_worker:
runs-on: ubuntu-latest
timeout-minutes: 20
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '18'
- name: Restore npm cache
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Install dependencies
run: npm ci
- name: Build
run: npx webpack --config webpack.worker.config.js
- name: Run db locally
run: |
cp dev.env.example .env
docker-compose up -d db
npm install -g wait-port
wait-port -t 3000 5432
working-directory: ./
- name: Test
run: node dist/worker.bundle.js
env:
CROSSFEED_COMMAND_OPTIONS: '{"scanName": "test"}'
DB_USERNAME: crossfeed
DB_PASSWORD: password
test_python:
runs-on: ubuntu-latest
timeout-minutes: 20
steps:
- uses: actions/checkout@v3
- name: Set up Python 3.10
uses: actions/setup-python@v5.0.0
with:
python-version: '3.10'
- uses: actions/cache@v3
with:
path: ~/.cache/pip
key: pip-${{ hashFiles('**/requirements.txt') }}
restore-keys: |
pip-
- run: pip install -r worker/requirements.txt
- run: pytest
build_worker:
runs-on: ubuntu-latest
timeout-minutes: 90
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '18'
- name: Restore npm cache
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Install dependencies
run: npm ci
- name: Build worker container
run: npm run build-worker
working-directory: ./backend
deploy_staging:
needs: [build_worker, lint, test, test_worker, test_python]
runs-on: ubuntu-latest
environment: staging
concurrency: 1
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '18'
- name: Restore npm cache
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Install dependencies
run: npm ci
- name: Ensure domain exists
run: npx sls create_domain --stage=staging
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
SLS_DEBUG: '*'
- name: Deploy backend
run: npx sls deploy --stage=staging
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
SLS_DEBUG: '*'
- name: Deploy worker
run: npm run deploy-worker-staging
working-directory: backend
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- name: Run syncdb
run: aws lambda invoke --function-name crossfeed-staging-syncdb --region us-east-1 /dev/stdout
working-directory: backend
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
deploy_prod:
needs: [build_worker, lint, test, test_python]
runs-on: ubuntu-latest
environment: production
concurrency: 1
if: github.event_name == 'push' && github.ref == 'refs/heads/production'
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '18'
- name: Restore npm cache
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Install dependencies
run: npm ci
- name: Ensure domain exists
run: npx sls create_domain --stage=prod
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
SLS_DEBUG: '*'
- name: Deploy backend
run: npx sls deploy --stage=prod
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
SLS_DEBUG: '*'
- name: Deploy worker
run: npm run deploy-worker-prod
working-directory: backend
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- name: Run syncdb
run: aws lambda invoke --function-name crossfeed-prod-syncdb --region us-east-1 /dev/stdout
working-directory: backend
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}