diff --git a/.github/workflows/a11y-heading-order.yml b/.github/workflows/a11y-heading-order.yml index d43029142c..f058f26992 100644 --- a/.github/workflows/a11y-heading-order.yml +++ b/.github/workflows/a11y-heading-order.yml @@ -125,7 +125,7 @@ jobs: runs-on: [self-hosted, asg] container: image: public.ecr.aws/cypress-io/cypress/browsers:node16.13.2-chrome100-ff98 - options: -u 1001:1001 -v /usr/local/share:/share --user root + options: --user 1001:1001 --volume /usr/local/share:/share strategy: fail-fast: false max-parallel: 32 diff --git a/.github/workflows/a11y.yml b/.github/workflows/a11y.yml index db1e464c7a..be9adeb0dd 100644 --- a/.github/workflows/a11y.yml +++ b/.github/workflows/a11y.yml @@ -159,7 +159,7 @@ jobs: runs-on: [self-hosted, asg] container: image: public.ecr.aws/cypress-io/cypress/browsers:node16.13.2-chrome100-ff98 - options: -u 1001:1001 -v /usr/local/share:/share --user root + options: --user 1001:1001 --volume /usr/local/share:/share strategy: fail-fast: false max-parallel: 32 diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index e90996903f..819494cd61 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -243,63 +243,6 @@ jobs: payload: ${{ steps.get-broken-link-info.outputs.SLACK_BLOCKS }} channel-id: ${{ env.BROKEN_LINKS_SLACK }} - start-runner: - runs-on: [self-hosted] - outputs: - label: ${{ steps.start-ec2-runner.outputs.label }} - ec2-instance-id: ${{ steps.start-ec2-runner.outputs.ec2-instance-id }} - timeout-minutes: 15 - - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-gov-west-1 - - - name: Get bot token from Parameter Store - uses: marvinpinto/action-inject-ssm-secrets@v1.2.1 - with: - ssm_parameter: /devops/VA_VSP_BOT_GITHUB_TOKEN - env_variable_name: VA_VSP_BOT_GITHUB_TOKEN - - - name: Get latest GHA Runner AMI ID - run: | - echo "RUNNER_AMI_ID=$(aws ec2 describe-images \ - --owners 008577686731 \ - --filters "Name=state,Values=available" "Name=name,Values=platform-gha-runner-ubuntu*" \ - --query 'sort_by(Images,&CreationDate)[-1].ImageId' \ - --output text)" >> $GITHUB_ENV - - - name: Get Subnet with the most free IPs # We will run these in the dsva-vagov-utility-2x subnet, so filter for those - run: | - echo "SUBNET_ID=$(aws ec2 describe-subnets \ - --filters "Name=tag:Name,Values=dsva-vagov-utility-subnet-2*" \ - --query 'sort_by(Subnets,&AvailableIpAddressCount)[-1].SubnetId' \ - --output text)" >> $GITHUB_ENV - - - name: Start EC2 Runner - id: start-ec2-runner - uses: department-of-veterans-affairs/ec2-github-runner@main - with: - mode: start - github-token: ${{ env.VA_VSP_BOT_GITHUB_TOKEN }} - ec2-image-id: ${{ env.RUNNER_AMI_ID }} - ec2-instance-type: ${{ env.INSTANCE_TYPE }} - subnet-id: ${{ env.SUBNET_ID }} - security-group-id: sg-0e23b56be3798e3a1 - max_attempts: 3 - aws-resource-tags: > - [ - {"Key": "Name", "Value": "dsva-vagov-content-build-gha-runner"}, - {"Key": "project", "Value": "vagov"}, - {"Key": "office", "Value": "dsva"}, - {"Key": "application", "Value": "gha-runner"}, - {"Key": "VAECID", "Value": "AWG20180517003"}, - {"Key": "environment", "Value": "utility"} - ] - unit-tests: name: Unit Tests runs-on: ubuntu-latest @@ -409,30 +352,25 @@ jobs: cypress-tests: name: Cypress E2E Tests - runs-on: ${{ needs.start-runner.outputs.label }} + runs-on: [self-hosted, asg] needs: - - start-runner - build timeout-minutes: 30 container: image: public.ecr.aws/cypress-io/cypress/browsers:node16.13.2-chrome100-ff98 - options: -u 0 + options: --user 1001:1001 volumes: - /usr/local/share:/share - - /etc/ssl/certs + - /etc/ssl/certs:/etc/ssl/certs env: - NODE_EXTRA_CA_CERTS: /etc/ssl/certs/VA-Internal-S2-RCA-combined.pem + NODE_EXTRA_CA_CERTS: /etc/ssl/certs/ca-certificates.crt CHROMEDRIVER_FILEPATH: /share/chrome_driver/chromedriver steps: - name: Checkout content-build uses: actions/checkout@v3 - # Required for Docker - - name: Move VA cert to /etc/ssl/certs - run: mv certs/VA-Internal-S2-RCA-combined.pem /etc/ssl/certs/ - - name: Download production build run: curl -L "https://s3-us-gov-west-1.amazonaws.com/vetsgov-website-builds-s3-upload/content-build/${{ github.sha }}/vagovprod.tar.bz2" -o vagovprod.tar.bz2 @@ -785,35 +723,3 @@ jobs: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - stop-runner: - name: Stop on-demand-runner - needs: - - start-runner - - cypress-tests - runs-on: ubuntu-latest - if: ${{ always() }} # Even if an error happened, let's stop the runner - env: - INSTANCE_TYPE: c5.4xlarge - timeout-minutes: 15 - - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-gov-west-1 - - - name: Get bot token from Parameter Store - uses: marvinpinto/action-inject-ssm-secrets@v1.2.1 - with: - ssm_parameter: /devops/VA_VSP_BOT_GITHUB_TOKEN - env_variable_name: VA_VSP_BOT_GITHUB_TOKEN - - - name: Stop Runner - uses: department-of-veterans-affairs/ec2-github-runner@main - with: - mode: stop - github-token: ${{ env.VA_VSP_BOT_GITHUB_TOKEN }} - label: ${{ needs.start-runner.outputs.label }} - ec2-instance-id: ${{ needs.start-runner.outputs.ec2-instance-id }}