feat(app): initial application live release

sws2apps · Sep 25, 2022 · 1029c73 · 1029c73
1 parent 0b129e0
commit 1029c73
Show file tree

Hide file tree

Showing 155 changed files with 66,992 additions and 206 deletions.
diff --git a/.env b/.env
@@ -0,0 +1,2 @@
+GENERATE_SOURCEMAP=false
+REACT_APP_VERSION=$npm_package_version
diff --git a/.firebaserc b/.firebaserc
@@ -0,0 +1,9 @@
+{
+  "projects": {
+    "development": "dev-lmm-oa-sws",
+    "staging": "staging-lmm-oa-sws",
+    "production": "lmm-oa-sws",
+    "default": "lmm-oa-sws"
+  },
+  "targets": {}
+}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,19 @@
+name: E2E Tests
+
+on: [pull_request]
+
+permissions: read-all
+
+jobs:
+  cypress-run:
+    name: End-to-end tests
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository for cypress tests
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+
+      - name: Cypress run
+        uses: cypress-io/github-action@30008f1458a5a2c97054bfe118fe33d75976c482
+        with:
+          build: npm run build
+          start: npm run preview
diff --git a/.github/workflows/code-ql.yml b/.github/workflows/code-ql.yml
@@ -2,9 +2,9 @@ name: CodeQL
 
 on:
   push:
-    branches: [alpha]
+    branches: [main]
   pull_request:
-    branches: [alpha]
+    branches: [main]
   schedule:
     - cron: '0 12 * * 4'
 
@@ -21,13 +21,13 @@ jobs:
 
     steps:
       - name: Checkout repository for code analysis
-        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@75f07e7ab2ee63cba88752d8c696324e4df67466
+        uses: github/codeql-action/init@86f3159a697a097a813ad9bfa0002412d97690a4
         with:
           languages: javascript
           queries: security-extended
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@75f07e7ab2ee63cba88752d8c696324e4df67466
+        uses: github/codeql-action/analyze@86f3159a697a097a813ad9bfa0002412d97690a4
diff --git a/.github/workflows/cypress.yml b/.github/workflows/cypress.yml
@@ -0,0 +1,24 @@
+name: Cypress QA
+
+on: [push]
+
+permissions: read-all
+
+jobs:
+  cypress-run:
+    name: Cypress run
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository for cypress tests
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+
+      - name: Cypress Run E2E Tests and record
+        uses: cypress-io/github-action@30008f1458a5a2c97054bfe118fe33d75976c482
+        with:
+          build: npm run build
+          start: npm run preview
+          browser: chrome
+          record: true
+        env:
+          CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_LMM_OA_RECORD_KEY }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -0,0 +1,17 @@
+name: Dependency Review
+
+on: [pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout for dependency review
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+
+      - name: Running Dependency Review
+        uses: actions/dependency-review-action@284319451007d5ba938e4afb047f602d7f2cd6c6
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -7,28 +7,28 @@ permissions: read-all
 
 jobs:
   dev_deploy:
-    name: Build and Deploy to Development
-    if: ${{ github.repository == 'sws2apps/lmm-oa-sws' && github.ref == 'refs/heads/alpha' }}
+    name: Build and Deploy to Production
+    if: ${{ github.repository == 'sws2apps/lmm-oa-sws' && github.ref == 'refs/heads/main' }}
     environment:
-      name: Development
-      url: https://dev-lmm-oa-sws.web.app
+      name: Prod.env
+      url: https://lmm-oa-sws.web.app
     runs-on: ubuntu-latest
 
-    strategy:
-      matrix:
-        node-version: [16.x]
+    permissions:
+      contents: 'read'
+      id-token: 'write'
 
     steps:
       - name: Checkout for release preparation
-        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
         with:
-          ref: alpha
+          ref: main
           persist-credentials: false
 
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+      - name: Use Node.js current version
+        uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93
         with:
-          node-version: ${{ matrix.node-version }}
+          node-version: current
 
       - name: Install package dependencies
         run: npm ci
@@ -40,13 +40,14 @@ jobs:
 
       - name: Check if new version has been generated
         id: check_build
-        uses: andstor/file-existence-action@87d74d4732ddb824259d80c8a508c0124bf1c673
+        uses: andstor/file-existence-action@f02338908d150e00a4b8bebc2dad18bd9e5229b0
         with:
           files: 'build'
 
       - name: Deploy to Firebase
         if: ${{ steps.check_build.outputs.files_exists == 'true' }}
-        uses: doonstore/firebase-deploy@3c07a0714007ef3bec30f35ed62f43b13cf48ad5
-        env:
-          FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}
-          FIREBASE_PROJECT: ${{ secrets.FIREBASE_PROJECT }}
+        uses: sws2apps/firebase-deployment@8bd00ef2c7fb6feb0c092f38287f00a652e0ee34
+        with:
+          workloadIdentityProvider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }}
+          serviceAccount: ${{ secrets.SERVICE_ACCOUNT }}
+          project: lmm-oa-sws
diff --git a/.github/workflows/njsscan.yml b/.github/workflows/njsscan.yml
@@ -2,9 +2,9 @@ name: NodeJSScan
 
 on:
   push:
-    branches: [alpha]
+    branches: [main]
   pull_request:
-    branches: [alpha]
+    branches: [main]
   schedule:
     - cron: '0 12 * * 4'
 
@@ -21,15 +21,15 @@ jobs:
 
     steps:
       - name: Checkout the code
-        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
 
       - name: nodejsscan scan
         id: njsscan
-        uses: ajinabraham/njsscan-action@7237412fdd36af517e2745077cedbf9d6900d711
+        uses: ajinabraham/njsscan-action@d58d8b2f26322cd35a9efb8003baac517f226d81
         with:
           args: '. --sarif --output results.sarif || true'
 
       - name: Upload njsscan report
-        uses: github/codeql-action/upload-sarif@75f07e7ab2ee63cba88752d8c696324e4df67466
+        uses: github/codeql-action/upload-sarif@86f3159a697a097a813ad9bfa0002412d97690a4
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/prod-to-dev.yml b/.github/workflows/prod-to-dev.yml
diff --git a/.github/workflows/redeploy.yml b/.github/workflows/redeploy.yml
@@ -7,28 +7,28 @@ permissions: read-all
 
 jobs:
   redeploy_dev:
-    name: Rebuild and Deploy to Development
-    if: ${{ github.repository == 'sws2apps/lmm-oa-sws' && github.ref == 'refs/heads/alpha' }}
+    name: Rebuild and Deploy to Production
+    if: ${{ github.repository == 'sws2apps/lmm-oa-sws' && github.ref == 'refs/heads/main' }}
     environment:
-      name: Development
-      url: https://dev-lmm-oa-sws.web.app
+      name: Prod.env
+      url: https://lmm-oa-sws.web.app
     runs-on: ubuntu-latest
 
-    strategy:
-      matrix:
-        node-version: [16.x]
+    permissions:
+      contents: 'read'
+      id-token: 'write'
 
     steps:
       - name: Checkout for release preparation
-        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
         with:
-          ref: alpha
+          ref: main
           persist-credentials: false
 
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+      - name: Use Node.js current version
+        uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93
         with:
-          node-version: ${{ matrix.node-version }}
+          node-version: current
 
       - name: Install package dependencies
         run: npm ci
@@ -38,13 +38,14 @@ jobs:
 
       - name: Check if new version has been generated
         id: check_build
-        uses: andstor/file-existence-action@87d74d4732ddb824259d80c8a508c0124bf1c673
+        uses: andstor/file-existence-action@f02338908d150e00a4b8bebc2dad18bd9e5229b0
         with:
           files: 'build'
 
       - name: Deploy to Firebase
         if: ${{ steps.check_build.outputs.files_exists == 'true' }}
-        uses: doonstore/firebase-deploy@3c07a0714007ef3bec30f35ed62f43b13cf48ad5
-        env:
-          FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}
-          FIREBASE_PROJECT: ${{ secrets.FIREBASE_PROJECT }}
+        uses: sws2apps/firebase-deployment@8bd00ef2c7fb6feb0c092f38287f00a652e0ee34
+        with:
+          workloadIdentityProvider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }}
+          serviceAccount: ${{ secrets.SERVICE_ACCOUNT }}
+          project: lmm-oa-sws
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -14,25 +14,28 @@ jobs:
     name: Scorecards Analysis
     runs-on: ubuntu-latest
     permissions:
+      # Needed to upload the results to code-scanning dashboard.
       security-events: write
+      # Used to receive a badge. (Upcoming feature)
+      id-token: write
       actions: read
       contents: read
 
     steps:
       - name: 'Checkout code'
-        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
         with:
           persist-credentials: false
 
       - name: 'Run analysis'
-        uses: ossf/scorecard-action@c1aec4ac820532bab364f02a81873c555a0ba3a1
+        uses: ossf/scorecard-action@865b4092859256271290c77adbd10a43f4779972
         with:
           results_file: results.sarif
           results_format: sarif
           repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
           publish_results: true
 
       - name: 'Upload to code-scanning'
-        uses: github/codeql-action/upload-sarif@75f07e7ab2ee63cba88752d8c696324e4df67466
+        uses: github/codeql-action/upload-sarif@86f3159a697a097a813ad9bfa0002412d97690a4
         with:
           sarif_file: results.sarif
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		GENERATE_SOURCEMAP=false
		REACT_APP_VERSION=$npm_package_version