From 158a28d4b319ba7aef557c82d233f32c55d329a7 Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 08:50:31 +0100 Subject: [PATCH 01/23] github test workflow --- .github/workflows/test.yml | 74 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100644 .github/workflows/test.yml diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 000000000..bc50f2365 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,74 @@ +name: Test Workflow +on: + pull_request: + push: + branches: + - main + +concurrency: + group: test-${{ github.ref }} + cancel-in-progress: true + +jobs: + test: + runs-on: ubuntu-latest + permissions: + checks: write + + env: + RAILS_ENV: test + DATABASE_URL: "postgresql://postgres:postgres@127.0.0.1/peoplefinder_test" + PQ_REST_API_HOST: http://localhost:8888 + + services: + postgres: + image: postgres:12.15 + env: + POSTGRES_DB: peoplefinder_test + POSTGRES_USER: postgres + POSTGRES_PASSWORD: postgres + ports: + - 5432:5432 + options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Ruby and install gems + uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + + - name: Setup Node + uses: actions/setup-node@v4 + with: + node-version: 14.17.5 + + - name: Precompile assets + run: bin/rails assets:precompile + + - name: Setup test database + run: bin/rails db:setup + + - name: Lint Ruby files + run: bundle exec rubocop + + - name: Security audit application code + run: bundle exec brakeman -q + + - name: Run tests + run: bundle exec rspec + + - name: Code coverage + uses: joshmfrankel/simplecov-check-action@main + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + minimum_suite_coverage: 95 + minimum_file_coverage: 100 + + build-and-deploy: + if: ${{ github.ref == 'refs/heads/main' }} + needs: test + uses: ./.github/workflows/deploy.yml + secrets: inherit From 688742bc69d034ca9d12e9a7285ed22271868ec2 Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 08:55:04 +0100 Subject: [PATCH 02/23] github deploy workflow --- .github/workflows/deploy.yml | 323 +++++++++++++++++++++++++++++++++++ 1 file changed, 323 insertions(+) create mode 100644 .github/workflows/deploy.yml diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 000000000..1f23cabb9 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,323 @@ +name: Deploy Workflow + +on: + workflow_dispatch: + workflow_call: + +env: + PREFIX: "pf" + SHA: ${{ github.event.pull_request.head.sha || github.sha }} + +concurrency: + group: deploy-${{ github.ref }} + cancel-in-progress: true + +jobs: + build: + runs-on: ubuntu-latest + + permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Assume role in Cloud Platform + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.ECR_ROLE_TO_ASSUME }} + aws-region: ${{ vars.ECR_REGION }} + + - name: Login to container repository + uses: aws-actions/amazon-ecr-login@v2 + id: login-ecr + + - name: Store current date + run: echo "BUILD_DATE=$(date +%Y-%m-%dT%H:%M:%S%z)" >> $GITHUB_ENV + + - name: Store build tag + id: vars + run: | + branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}} + short_sha=$(git rev-parse --short $SHA) + build_tag=$PREFIX-$branch-$short_sha + echo "build_tag=$build_tag" >> $GITHUB_OUTPUT + + - name: Build + run: | + docker build \ + --build-arg APP_BUILD_DATE=${{ env.BUILD_DATE }} \ + --build-arg APP_BUILD_TAG=${{ steps.vars.outputs.build_tag }} \ + --build-arg APP_GIT_COMMIT=$SHA \ + -t ${{ vars.ECR_URL }}:$SHA . + + - name: Push to ECR + run: docker push ${{ vars.ECR_URL }}:$SHA + + + deploy-development: + runs-on: ubuntu-latest + needs: build + environment: development + + permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + + env: + KUBE_NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Assume role in Cloud Platform + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.ECR_ROLE_TO_ASSUME }} + aws-region: ${{ vars.ECR_REGION }} + + - name: Login to container repository + uses: aws-actions/amazon-ecr-login@v2 + id: login-ec + + - name: Store build tag + id: vars + run: | + branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}} + short_sha=$(git rev-parse --short $SHA) + build_tag=$PREFIX-$branch-$short_sha + echo "build_tag=$build_tag" >> $GITHUB_OUTPUT + + - name: Tag build and push to ECR + run: | + docker pull ${{ vars.ECR_URL }}:$SHA + docker tag ${{ vars.ECR_URL }}:$SHA ${{ vars.ECR_URL }}:development.latest + docker push ${{ vars.ECR_URL }}:development.latest + + - name: Authenticate to the cluster + env: + KUBE_CERT: ${{ secrets.KUBE_CERT }} + KUBE_TOKEN: ${{ secrets.KUBE_TOKEN }} + KUBE_CLUSTER: ${{ secrets.KUBE_CLUSTER }} + run: | + echo "${KUBE_CERT}" > ca.crt + kubectl config set-cluster ${KUBE_CLUSTER} --certificate-authority=./ca.crt --server=https://${KUBE_CLUSTER} + kubectl config set-credentials deploy-user --token=${KUBE_TOKEN} + kubectl config set-context ${KUBE_CLUSTER} --cluster=${KUBE_CLUSTER} --user=deploy-user --namespace=${KUBE_NAMESPACE} + kubectl config use-context ${KUBE_CLUSTER} + + - name: Rollout restart deployment + run: | + kubectl set image -n ${KUBE_NAMESPACE} \ + deployment/people-finder-development \ + webapp="${{ vars.ECR_URL }}:$SHA" + + - name: Send deploy notification to product Slack channel + uses: slackapi/slack-github-action@v1.25.0 + with: + payload: | + { + "attachments": [ + { + "color": "#1d990c", + "text": "${{ github.actor }} deployed *${{ steps.vars.outputs.build_tag }}* to *Development*", + "fields": [ + { + "title": "Project", + "value": "Peoplefinder", + "short": true + } + ], + "actions": [ + { + "text": "Visit Job", + "type": "button", + "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" + } + ] + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + + deploy-staging: + runs-on: ubuntu-latest + needs: build + environment: staging + + permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + + env: + KUBE_NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Assume role in Cloud Platform + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.ECR_ROLE_TO_ASSUME }} + aws-region: ${{ vars.ECR_REGION }} + + - name: Login to container repository + uses: aws-actions/amazon-ecr-login@v2 + id: login-ec + + - name: Store build tag + id: vars + run: | + branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}} + short_sha=$(git rev-parse --short $SHA) + build_tag=$PREFIX-$branch-$short_sha + echo "build_tag=$build_tag" >> $GITHUB_OUTPUT + + - name: Tag build and push to ECR + run: | + docker pull ${{ vars.ECR_URL }}:$SHA + docker tag ${{ vars.ECR_URL }}:$SHA ${{ vars.ECR_URL }}:staging.latest + docker push ${{ vars.ECR_URL }}:staging.latest + + - name: Authenticate to the cluster + env: + KUBE_CERT: ${{ secrets.KUBE_CERT }} + KUBE_TOKEN: ${{ secrets.KUBE_TOKEN }} + KUBE_CLUSTER: ${{ secrets.KUBE_CLUSTER }} + run: | + echo "${KUBE_CERT}" > ca.crt + kubectl config set-cluster ${KUBE_CLUSTER} --certificate-authority=./ca.crt --server=https://${KUBE_CLUSTER} + kubectl config set-credentials deploy-user --token=${KUBE_TOKEN} + kubectl config set-context ${KUBE_CLUSTER} --cluster=${KUBE_CLUSTER} --user=deploy-user --namespace=${KUBE_NAMESPACE} + kubectl config use-context ${KUBE_CLUSTER} + + - name: Rollout restart deployment + run: | + kubectl set image -n ${KUBE_NAMESPACE} \ + deployment/people-finder-staging \ + webapp="${{ vars.ECR_URL }}:$SHA" + + - name: Send deploy notification to product Slack channel + uses: slackapi/slack-github-action@v1.25.0 + with: + payload: | + { + "attachments": [ + { + "color": "#1d990c", + "text": "${{ github.actor }} deployed *${{ steps.vars.outputs.build_tag }}* to *Staging*", + "fields": [ + { + "title": "Project", + "value": "Peoplefinder", + "short": true + } + ], + "actions": [ + { + "text": "Visit Job", + "type": "button", + "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" + } + ] + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + + deploy-production: + runs-on: ubuntu-latest + needs: build + if: ${{ github.ref == 'refs/heads/main' }} + environment: production + + permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + + env: + KUBE_NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Assume role in Cloud Platform + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.ECR_ROLE_TO_ASSUME }} + aws-region: ${{ vars.ECR_REGION }} + + - name: Login to container repository + uses: aws-actions/amazon-ecr-login@v2 + id: login-ec + + - name: Store build tag + id: vars + run: | + branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}} + short_sha=$(git rev-parse --short $SHA) + build_tag=$PREFIX-$branch-$short_sha + echo "build_tag=$build_tag" >> $GITHUB_OUTPUT + + - name: Tag build and push to ECR + run: | + docker pull ${{ vars.ECR_URL }}:$SHA + docker tag ${{ vars.ECR_URL }}:$SHA ${{ vars.ECR_URL }}:production.latest + docker push ${{ vars.ECR_URL }}:production.latest + + - name: Authenticate to the cluster + env: + KUBE_CERT: ${{ secrets.KUBE_CERT }} + KUBE_TOKEN: ${{ secrets.KUBE_TOKEN }} + KUBE_CLUSTER: ${{ secrets.KUBE_CLUSTER }} + run: | + echo "${KUBE_CERT}" > ca.crt + kubectl config set-cluster ${KUBE_CLUSTER} --certificate-authority=./ca.crt --server=https://${KUBE_CLUSTER} + kubectl config set-credentials deploy-user --token=${KUBE_TOKEN} + kubectl config set-context ${KUBE_CLUSTER} --cluster=${KUBE_CLUSTER} --user=deploy-user --namespace=${KUBE_NAMESPACE} + kubectl config use-context ${KUBE_CLUSTER} + + - name: Rollout restart deployment + run: | + kubectl set image -n ${KUBE_NAMESPACE} \ + deployment/people-finder-production \ + webapp="${{ vars.ECR_URL }}:$SHA" + + - name: Send deploy notification to product Slack channel + uses: slackapi/slack-github-action@v1.25.0 + with: + payload: | + { + "attachments": [ + { + "color": "#1d990c", + "text": "${{ github.actor }} deployed *${{ steps.vars.outputs.build_tag }}* to *Production*", + "fields": [ + { + "title": "Project", + "value": "Peoplefinder", + "short": true + } + ], + "actions": [ + { + "text": "Visit Job", + "type": "button", + "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" + } + ] + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.PROD_SLACK_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK From 8d5c340ba379ff963d66818585c9bab4c8d48d1b Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 09:04:07 +0100 Subject: [PATCH 03/23] amend postgres image --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index bc50f2365..208346b64 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -22,7 +22,7 @@ jobs: services: postgres: - image: postgres:12.15 + image: postgres:12-alpine env: POSTGRES_DB: peoplefinder_test POSTGRES_USER: postgres From b561dfc24cdf2f5b0b9fff27457d24722e4407ff Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 09:11:51 +0100 Subject: [PATCH 04/23] Add password --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 208346b64..20b020a09 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -26,7 +26,7 @@ jobs: env: POSTGRES_DB: peoplefinder_test POSTGRES_USER: postgres - POSTGRES_PASSWORD: postgres + PG_PASSWORD: "" ports: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 From 3b01a06b0f992904eed574f08ad8ea6e3236eabf Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 09:13:52 +0100 Subject: [PATCH 05/23] postgres --- .github/workflows/test.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 20b020a09..db29539f6 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -19,6 +19,7 @@ jobs: RAILS_ENV: test DATABASE_URL: "postgresql://postgres:postgres@127.0.0.1/peoplefinder_test" PQ_REST_API_HOST: http://localhost:8888 + POSTGRES_PASSWORD: postgres services: postgres: @@ -26,7 +27,7 @@ jobs: env: POSTGRES_DB: peoplefinder_test POSTGRES_USER: postgres - PG_PASSWORD: "" + POSTGRES_PASSWORD: postgres ports: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 From 71b74693693a30e1f5f2c6cf1df7221936f64cd1 Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 09:33:11 +0100 Subject: [PATCH 06/23] set vars in step --- .github/workflows/test.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index db29539f6..7230fe645 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -19,7 +19,6 @@ jobs: RAILS_ENV: test DATABASE_URL: "postgresql://postgres:postgres@127.0.0.1/peoplefinder_test" PQ_REST_API_HOST: http://localhost:8888 - POSTGRES_PASSWORD: postgres services: postgres: @@ -50,6 +49,10 @@ jobs: run: bin/rails assets:precompile - name: Setup test database + env: + POSTGRES_DB: peoplefinder_test + POSTGRES_USER: postgres + POSTGRES_PASSWORD: postgres run: bin/rails db:setup - name: Lint Ruby files From d03b32b9a1439f2ee2db4e098ce9c4d419f30c21 Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 13:30:02 +0100 Subject: [PATCH 07/23] remove pq host var --- .github/workflows/test.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 7230fe645..5e3f096de 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -18,7 +18,6 @@ jobs: env: RAILS_ENV: test DATABASE_URL: "postgresql://postgres:postgres@127.0.0.1/peoplefinder_test" - PQ_REST_API_HOST: http://localhost:8888 services: postgres: From 090b338581ff14bc4e8c47b579bc0f17b448c3bb Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 13:30:33 +0100 Subject: [PATCH 08/23] remove password --- .github/workflows/test.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 5e3f096de..dae5d7934 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,7 +25,6 @@ jobs: env: POSTGRES_DB: peoplefinder_test POSTGRES_USER: postgres - POSTGRES_PASSWORD: postgres ports: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 From ddcc6076a030a25a26ebd7be11d7df5db951d0ff Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 13:33:51 +0100 Subject: [PATCH 09/23] blank password --- .github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index dae5d7934..91d8a71b5 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,6 +25,7 @@ jobs: env: POSTGRES_DB: peoplefinder_test POSTGRES_USER: postgres + POSTGRES_PASSWORD: "" ports: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 From f3f67117c431f1592f8d6f9d80c49e9f3b137e65 Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 13:39:16 +0100 Subject: [PATCH 10/23] add password to docker run --- .github/workflows/test.yml | 1 - Dockerfile | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 91d8a71b5..dae5d7934 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,7 +25,6 @@ jobs: env: POSTGRES_DB: peoplefinder_test POSTGRES_USER: postgres - POSTGRES_PASSWORD: "" ports: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 diff --git a/Dockerfile b/Dockerfile index 763f1ef59..0d6e5c8ee 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,7 +26,7 @@ RUN addgroup --gid 1000 --system appgroup && \ COPY . . -RUN RAILS_ENV=production GOVUK_APP_DOMAIN=not_real GOVUK_WEBSITE_ROOT=not_real SUPPORT_EMAIL=not_real bundle exec rake assets:clean assets:precompile SECRET_KEY_BASE=required_but_does_not_matter_for_assets 2> /dev/null +RUN RAILS_ENV=production GOVUK_APP_DOMAIN=not_real GOVUK_WEBSITE_ROOT=not_real SUPPORT_EMAIL=not_real POSTGRES_PASSWORD=postgres bundle exec rake assets:clean assets:precompile SECRET_KEY_BASE=required_but_does_not_matter_for_assets 2> /dev/null # RUN mkdir log tmp RUN chown -R appuser:appgroup /usr/src/app/ From 046022cbe956e0b78019eccc1c38f462225d13ec Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 13:43:40 +0100 Subject: [PATCH 11/23] revert and update database url --- .github/workflows/test.yml | 2 +- Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index dae5d7934..2cb13090f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -17,7 +17,7 @@ jobs: env: RAILS_ENV: test - DATABASE_URL: "postgresql://postgres:postgres@127.0.0.1/peoplefinder_test" + DATABASE_URL: "postgres://localhost/peoplefinder_test" services: postgres: diff --git a/Dockerfile b/Dockerfile index 0d6e5c8ee..763f1ef59 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,7 +26,7 @@ RUN addgroup --gid 1000 --system appgroup && \ COPY . . -RUN RAILS_ENV=production GOVUK_APP_DOMAIN=not_real GOVUK_WEBSITE_ROOT=not_real SUPPORT_EMAIL=not_real POSTGRES_PASSWORD=postgres bundle exec rake assets:clean assets:precompile SECRET_KEY_BASE=required_but_does_not_matter_for_assets 2> /dev/null +RUN RAILS_ENV=production GOVUK_APP_DOMAIN=not_real GOVUK_WEBSITE_ROOT=not_real SUPPORT_EMAIL=not_real bundle exec rake assets:clean assets:precompile SECRET_KEY_BASE=required_but_does_not_matter_for_assets 2> /dev/null # RUN mkdir log tmp RUN chown -R appuser:appgroup /usr/src/app/ From 3b2ac5b0172f47521710336e7e12631cbe7a3fd7 Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 13:48:21 +0100 Subject: [PATCH 12/23] re add postgres password --- .github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2cb13090f..6cf3bfc5f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,6 +25,7 @@ jobs: env: POSTGRES_DB: peoplefinder_test POSTGRES_USER: postgres + POSTGRES_PASSWORD: postgres ports: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 From ae20d61442da9b82f8baa26ce94c6933975d4d27 Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 13:50:58 +0100 Subject: [PATCH 13/23] remove POSTGRES_PASSWORD --- .github/workflows/test.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 6cf3bfc5f..2cb13090f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,7 +25,6 @@ jobs: env: POSTGRES_DB: peoplefinder_test POSTGRES_USER: postgres - POSTGRES_PASSWORD: postgres ports: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 From 4bd24263bb4ad8a1c0892dc04edad8a71e565ea8 Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 13:52:34 +0100 Subject: [PATCH 14/23] update url --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2cb13090f..4cef03510 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -17,7 +17,7 @@ jobs: env: RAILS_ENV: test - DATABASE_URL: "postgres://localhost/peoplefinder_test" + DATABASE_URL: "postgresql://postgres@127.0.0.1/peoplefinder_test" services: postgres: From a4356834fd4bf2a9392409ec124a8ffdb2ae592e Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 13:55:31 +0100 Subject: [PATCH 15/23] add POSTGRES_PASSWORD --- .github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 4cef03510..ba2be30fa 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,6 +25,7 @@ jobs: env: POSTGRES_DB: peoplefinder_test POSTGRES_USER: postgres + POSTGRES_PASSWORD: "" ports: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 From 916f2149f2405390c9d4fe6442e934bc6a1001a8 Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 14:22:57 +0100 Subject: [PATCH 16/23] confgure DB --- .github/workflows/test.yml | 2 +- config/database.yml | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index ba2be30fa..254d1f5c6 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,7 +25,7 @@ jobs: env: POSTGRES_DB: peoplefinder_test POSTGRES_USER: postgres - POSTGRES_PASSWORD: "" + POSTGRES_PASSWORD: postgres ports: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 diff --git a/config/database.yml b/config/database.yml index f7ee293b1..4d43632f0 100644 --- a/config/database.yml +++ b/config/database.yml @@ -57,7 +57,8 @@ development: # Do not set this db to the same as development or production. test: <<: *default - url: <%= ENV.fetch('DB_TEST_URL', 'postgres://localhost/peoplefinder_test') %> + database: peoplefinder_test + url: <%= ENV["DATABASE_URL"] %> # As with config/secrets.yml, you never want to store sensitive information, # like your database password, in your source code. If your source code is From 1963c25600c00acea519c4bd8aa584b5c26a6fce Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 14:29:06 +0100 Subject: [PATCH 17/23] Remove env from step --- .github/workflows/test.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 254d1f5c6..937a0a65f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -48,10 +48,6 @@ jobs: run: bin/rails assets:precompile - name: Setup test database - env: - POSTGRES_DB: peoplefinder_test - POSTGRES_USER: postgres - POSTGRES_PASSWORD: postgres run: bin/rails db:setup - name: Lint Ruby files From 158769f62493fdc68c4253a924de01deadd8ca44 Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 14:33:32 +0100 Subject: [PATCH 18/23] add password --- config/database.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/config/database.yml b/config/database.yml index 4d43632f0..33e89246a 100644 --- a/config/database.yml +++ b/config/database.yml @@ -20,6 +20,7 @@ default: &default adapter: postgresql encoding: unicode pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 50 } %> + password: postgres development: <<: *default From dd9fc2c323285d0d079f70338fa9a6ae15dfc96c Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 14:50:36 +0100 Subject: [PATCH 19/23] remove vars --- config/database.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/config/database.yml b/config/database.yml index 33e89246a..da44c911a 100644 --- a/config/database.yml +++ b/config/database.yml @@ -20,7 +20,6 @@ default: &default adapter: postgresql encoding: unicode pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 50 } %> - password: postgres development: <<: *default @@ -58,7 +57,6 @@ development: # Do not set this db to the same as development or production. test: <<: *default - database: peoplefinder_test url: <%= ENV["DATABASE_URL"] %> # As with config/secrets.yml, you never want to store sensitive information, From 8188a6cd442daa1dc262d77225018b3cfd105c8f Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 14:52:27 +0100 Subject: [PATCH 20/23] update DATABASE_URL to original --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 937a0a65f..790eab47d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -17,7 +17,7 @@ jobs: env: RAILS_ENV: test - DATABASE_URL: "postgresql://postgres@127.0.0.1/peoplefinder_test" + DATABASE_URL: "postgresql://postgres:postgres@127.0.0.1/peoplefinder_test" services: postgres: From 445ff21ffd74b533bf65633ce44d05da3a03d491 Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 14:58:37 +0100 Subject: [PATCH 21/23] opensearch --- .github/workflows/test.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 790eab47d..fe24c0f3b 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -30,6 +30,9 @@ jobs: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 + opensearch: + image: bitnami/opensearch:latest + steps: - name: Checkout code uses: actions/checkout@v4 From 0595e78aade76395811ae624f735d7725971a1dc Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 15:05:23 +0100 Subject: [PATCH 22/23] add ports --- .github/workflows/test.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index fe24c0f3b..8575f23f1 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -32,6 +32,8 @@ jobs: opensearch: image: bitnami/opensearch:latest + ports: + - 9200:9200 steps: - name: Checkout code From ec5b386f7cec395cc52cbe338aa589e0ec7a0a4f Mon Sep 17 00:00:00 2001 From: "lucas.shaw" Date: Thu, 13 Jun 2024 15:45:59 +0100 Subject: [PATCH 23/23] use deployments --- .github/workflows/deploy.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 1f23cabb9..6ff3e69d0 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -112,7 +112,7 @@ jobs: - name: Rollout restart deployment run: | kubectl set image -n ${KUBE_NAMESPACE} \ - deployment/people-finder-development \ + deployment/peoplefinder \ webapp="${{ vars.ECR_URL }}:$SHA" - name: Send deploy notification to product Slack channel @@ -200,7 +200,7 @@ jobs: - name: Rollout restart deployment run: | kubectl set image -n ${KUBE_NAMESPACE} \ - deployment/people-finder-staging \ + deployment/peoplefinder \ webapp="${{ vars.ECR_URL }}:$SHA" - name: Send deploy notification to product Slack channel @@ -289,7 +289,7 @@ jobs: - name: Rollout restart deployment run: | kubectl set image -n ${KUBE_NAMESPACE} \ - deployment/people-finder-production \ + deployment/peoplefinder \ webapp="${{ vars.ECR_URL }}:$SHA" - name: Send deploy notification to product Slack channel