Skip to content

Commit 09db41c

Browse files
MacMur85MacMur85
committed
feat: initial version of the new workflows
1 parent ef46fa0 commit 09db41c

File tree

2 files changed

+501
-0
lines changed

2 files changed

+501
-0
lines changed

.github/workflows/cicd-1-pull-request-devtest.yaml

Lines changed: 160 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,160 @@
1+
name: 'CI/CD pull request'
2+
3+
on:
4+
push:
5+
tags:
6+
- 'devtest'
7+
8+
permissions:
9+
contents: read
10+
id-token: write
11+
pull-requests: write
12+
13+
jobs:
14+
metadata:
15+
name: "Set CI/CD metadata"
16+
runs-on: ubuntu-latest
17+
timeout-minutes: 1
18+
permissions:
19+
pull-requests: read
20+
outputs:
21+
build_datetime_london: ${{ steps.variables.outputs.build_datetime_london }}
22+
build_datetime: ${{ steps.variables.outputs.build_datetime }}
23+
build_timestamp: ${{ steps.variables.outputs.build_timestamp }}
24+
build_epoch: ${{ steps.variables.outputs.build_epoch }}
25+
nodejs_version: ${{ steps.variables.outputs.nodejs_version }}
26+
python_version: ${{ steps.variables.outputs.python_version }}
27+
terraform_version: ${{ steps.variables.outputs.terraform_version }}
28+
environment_tag: ${{ steps.variables.outputs.environment_tag }}
29+
version: ${{ steps.variables.outputs.version }}
30+
does_pull_request_exist: ${{ steps.pr_exists.outputs.does_pull_request_exist }}
31+
steps:
32+
- name: "Checkout code"
33+
uses: actions/checkout@v4
34+
with:
35+
submodules: 'true'
36+
- name: "Set CI/CD variables"
37+
id: variables
38+
run: |
39+
datetime=$(date -u +'%Y-%m-%dT%H:%M:%S%z')
40+
BUILD_DATETIME=$datetime make version-create-effective-file
41+
echo "build_datetime_london=$(TZ=Europe/London date --date=$datetime +'%Y-%m-%dT%H:%M:%S%z')" >> $GITHUB_OUTPUT
42+
echo "build_datetime=$datetime" >> $GITHUB_OUTPUT
43+
echo "build_timestamp=$(date --date=$datetime -u +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT
44+
echo "build_epoch=$(date --date=$datetime -u +'%s')" >> $GITHUB_OUTPUT
45+
echo "nodejs_version=$(grep "^nodejs" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT
46+
echo "python_version=$(grep "^nodejs" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT
47+
echo "terraform_version=$(grep "^terraform" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT
48+
echo "version=$(head -n 1 .version 2> /dev/null || echo unknown)" >> $GITHUB_OUTPUT
49+
echo "environment_tag=development" >> $GITHUB_OUTPUT
50+
- name: "Check if pull request exists for this branch"
51+
id: pr_exists
52+
env:
53+
GH_TOKEN: ${{ github.token }}
54+
run: |
55+
branch_name=${GITHUB_HEAD_REF:-$(echo $GITHUB_REF | sed 's#refs/heads/##')}
56+
echo "Current branch is '$branch_name'"
57+
if gh pr list --head $branch_name | grep -q .; then
58+
echo "Pull request exists"
59+
echo "does_pull_request_exist=true" >> $GITHUB_OUTPUT
60+
else
61+
echo "Pull request doesn't exist"
62+
echo "does_pull_request_exist=false" >> $GITHUB_OUTPUT
63+
fi
64+
- name: "List variables"
65+
run: |
66+
export BUILD_DATETIME_LONDON="${{ steps.variables.outputs.build_datetime_london }}"
67+
export BUILD_DATETIME="${{ steps.variables.outputs.build_datetime }}"
68+
export BUILD_TIMESTAMP="${{ steps.variables.outputs.build_timestamp }}"
69+
export BUILD_EPOCH="${{ steps.variables.outputs.build_epoch }}"
70+
export NODEJS_VERSION="${{ steps.variables.outputs.nodejs_version }}"
71+
export PYTHON_VERSION="${{ steps.variables.outputs.python_version }}"
72+
export TERRAFORM_VERSION="${{ steps.variables.outputs.terraform_version }}"
73+
export ENVIRONMENT_TAG="${{ steps.variables.outputs.environment_tag }}"
74+
export VERSION="${{ steps.variables.outputs.version }}"
75+
export DOES_PULL_REQUEST_EXIST="${{ steps.pr_exists.outputs.does_pull_request_exist }}"
76+
make list-variables
77+
commit-stage: # Recommended maximum execution time is 2 minutes
78+
name: "Commit stage"
79+
needs: [metadata]
80+
uses: ./.github/workflows/stage-1-commit.yaml
81+
with:
82+
build_datetime: "${{ needs.metadata.outputs.build_datetime }}"
83+
build_timestamp: "${{ needs.metadata.outputs.build_timestamp }}"
84+
build_epoch: "${{ needs.metadata.outputs.build_epoch }}"
85+
nodejs_version: "${{ needs.metadata.outputs.nodejs_version }}"
86+
python_version: "${{ needs.metadata.outputs.python_version }}"
87+
terraform_version: "${{ needs.metadata.outputs.terraform_version }}"
88+
version: "${{ needs.metadata.outputs.version }}"
89+
test-stage: # Recommended maximum execution time is 5 minutes
90+
name: 'Test stage'
91+
needs: [metadata]
92+
uses: ./.github/workflows/stage-2-test.yaml
93+
with:
94+
build_datetime: '${{ needs.metadata.outputs.build_datetime }}'
95+
build_timestamp: '${{ needs.metadata.outputs.build_timestamp }}'
96+
build_epoch: '${{ needs.metadata.outputs.build_epoch }}'
97+
nodejs_version: '${{ needs.metadata.outputs.nodejs_version }}'
98+
python_version: '${{ needs.metadata.outputs.python_version }}'
99+
terraform_version: '${{ needs.metadata.outputs.terraform_version }}'
100+
version: '${{ needs.metadata.outputs.version }}'
101+
secrets: inherit
102+
analysis-stage: # Recommended maximum execution time is 5 minutes
103+
name: "Analysis stage"
104+
needs: [metadata, commit-stage, test-stage]
105+
uses: ./.github/workflows/stage-2-analyse.yaml
106+
secrets:
107+
sonar_token: ${{ secrets.SONAR_TOKEN }}
108+
with:
109+
unit_test_dir: tests/UnitTests
110+
build_datetime: "${{ needs.metadata.outputs.build_datetime }}"
111+
build_timestamp: "${{ needs.metadata.outputs.build_timestamp }}"
112+
build_epoch: "${{ needs.metadata.outputs.build_epoch }}"
113+
nodejs_version: "${{ needs.metadata.outputs.nodejs_version }}"
114+
python_version: "${{ needs.metadata.outputs.python_version }}"
115+
terraform_version: "${{ needs.metadata.outputs.terraform_version }}"
116+
version: "${{ needs.metadata.outputs.version }}"
117+
build-image-stage: # Recommended maximum execution time is 3 minutes
118+
name: "Image build stage"
119+
needs: [metadata, commit-stage, test-stage, analysis-stage]
120+
uses: ./.github/workflows/stage-3-build-images-devtest.yaml
121+
secrets:
122+
client_id: ${{ secrets.AZURE_CLIENT_ID }}
123+
tenant_id: ${{ secrets.AZURE_TENANT_ID }}
124+
subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
125+
acr_name: ${{ secrets.ACR_NAME }}
126+
if: needs.metadata.outputs.does_pull_request_exist == 'true' || (github.event_name == 'pull_request' && (github.event.action == 'opened' || github.event.action == 'reopened'))
127+
with:
128+
docker_compose_file: application/CohortManager/compose.yaml
129+
excluded_containers_csv_list: azurite,azurite-setup,sql-server
130+
environment_tag: ${{ needs.metadata.outputs.environment_tag }}
131+
function_app_source_code_path: application/CohortManager/src
132+
project_name: cohort-manager
133+
build_all_images: true
134+
deploy-stage:
135+
if: contains(github.event.pull_request.labels.*.name, 'deploy')
136+
name: Deploy review app pr-${{ github.event.pull_request.number }}
137+
needs: [build-stage]
138+
permissions:
139+
id-token: write
140+
uses: ./.github/workflows/stage-4-deploy.yaml
141+
with:
142+
environments: '["review"]'
143+
commit_sha: ${{ github.event.pull_request.head.sha }}
144+
pr_number: ${{ github.event.pull_request.number }}
145+
secrets: inherit
146+
post-url:
147+
if: contains(github.event.pull_request.labels.*.name, 'deploy')
148+
name: Post URL pr-${{ github.event.pull_request.number }} to PR comments
149+
runs-on: ubuntu-latest
150+
needs: [deploy-stage]
151+
permissions:
152+
pull-requests: write
153+
steps:
154+
- name: Post URL to PR comments
155+
uses: marocchino/sticky-pull-request-comment@5060d4700a91de252c87eeddd2da026382d9298a
156+
with:
157+
message: |
158+
The review app is available at this URL:
159+
https://pr-${{ github.event.pull_request.number }}.manage-breast-screening.non-live.screening.nhs.uk
160+
You must authenticate with HTTP basic authentication. Ask the team for credentials.

0 commit comments

Comments
 (0)