-
Notifications
You must be signed in to change notification settings - Fork 10
172 lines (168 loc) · 6.23 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
name: Deploy
on:
workflow_dispatch:
push:
branches:
- main
permissions:
id-token: write
contents: read
actions: read
concurrency: ${{ github.workflow }}-${{ github.ref }}
jobs:
deploy:
strategy:
max-parallel: 1
matrix:
environment: ["dev", "val", "prod"]
environment:
name: ${{ matrix.environment }}
url: ${{ steps.deploy-regulations-site-server.outputs.url }}
runs-on: ubuntu-22.04
services:
postgres:
image: postgres
env:
POSTGRES_HOST: localhost
POSTGRES_DB: eregs
POSTGRES_USER: eregs
POSTGRES_PASSWORD: sgere
ports:
- 5432:5432
# needed because the postgres container does not provide a healthcheck
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
steps:
- uses: actions/checkout@v3
with:
submodules: true
# should build first and save the artifact
- uses: actions/setup-node@v3
with:
node-version: 18.14
- uses: actions/setup-python@v4
with:
python-version: "3.12"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r ./solution/static-assets/requirements.txt
- name: build static assets
env:
STATIC_ROOT: ../static-assets/regulations
# This isn't at all accurate, but it doesn't matter; Django just needs it to run collectstatic
STATIC_URL: http://localhost:8888/
VITE_ENV: ${{ matrix.environment }}
run: |
pushd solution
cd backend
python manage.py collectstatic --noinput
cd ..
popd
- uses: actions/setup-python@v4
with:
python-version: "3.12"
- name: Configure AWS credentials for GitHub Actions
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.AWS_OIDC_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: deploy static assets
run: |
pushd solution/static-assets
npm install serverless@">=3.38.0 <4" -g
npm install
serverless deploy --stage ${{ matrix.environment }}
popd
- name: deploy text extractor lambda
run: |
pushd solution/text-extractor
npm install serverless@">=3.38.0 <4" -g
serverless deploy --stage ${{ matrix.environment }}
popd
- name: deploy regulations site server
id: deploy-regulations-site-server
env:
RUN_ID: ${{ github.run_id }}
run: |
pushd solution/backend
npm install serverless@">=3.38.0 <4" -g
npm install
serverless deploy --config ./serverless-maintenance.yml --stage ${{ matrix.environment }} | tee output.log
serverless deploy --config ./serverless-redirect.yml --stage ${{ matrix.environment }} | tee output.log
serverless deploy --stage ${{ matrix.environment }} | tee output.log
serverless invoke --function reg_core_migrate --stage ${{ matrix.environment }}
serverless invoke --function create_su --stage ${{ matrix.environment }}
url=$(cat output.log | grep -m1 'ANY -' | cut -c 9-)
url=${url%/}
echo "url=$(echo $url)" >> $GITHUB_OUTPUT
popd
# vite needs the .env file in order to know the URL of the api.
- name: Make envfile
uses: SpicyPizza/create-envfile@v1.3
with:
envkey_VITE_API_URL: ${{ steps.deploy-regulations-site-server.outputs.url }}
envkey_VITE_ENV: ${{matrix.environment}}
directory: solution/ui/regulations/eregs-vite
file_name: .env
- name: build-vue-assets
id: build-vue-assets
env:
VITE_ENV: ${{ matrix.environment }}
run: |
pushd solution
make regulations
popd
pushd solution/static-assets
serverless deploy --stage ${{ matrix.environment }}
popd
- uses: actions/setup-go@v2
with:
go-version: "^1.16" # The Go version to download (if necessary) and use.
- name: deploy and run eCFR parser
id: deploy-run-ecfr-parser
run: |
pushd solution/parser
npm install serverless@">=3.38.0 <4" -g
npm install
serverless deploy --stage ${{ matrix.environment }} --config ./serverless-ecfr.yml
AWS_CLIENT_TIMEOUT=360000 serverless invoke --function ecfr_parser --stage ${{ matrix.environment }} --config ./serverless-ecfr.yml
popd
- name: deploy and run FR parser
id: deploy-run-fr-parser
run: |
pushd solution/parser
npm install serverless@">=3.38.0 <4" -g
npm install
serverless deploy --stage ${{ matrix.environment }} --config ./serverless-fr.yml
AWS_CLIENT_TIMEOUT=360000 serverless invoke --function fr_parser --stage ${{ matrix.environment }} --config ./serverless-fr.yml
popd
- name: run pytest
env:
STATIC_URL: http://localhost:8888/
DB_HOST: localhost
DB_NAME: eregs
DB_USER: eregs
DB_PASSWORD: sgere
DB_PORT: 5432
HTTP_AUTH_USER: ${{ secrets.HTTP_AUTH_USER }}
HTTP_AUTH_PASSWORD: ${{ secrets.HTTP_AUTH_PASSWORD }}
working-directory: ./solution/backend
run: |
pytest -vv
# Get test user credentials from AWS Parameter Store
- name: Get test user credentials
uses: dkershner6/aws-ssm-getparameters-action@v1
with:
parameterPairs: "/eregulations/http/user = CYPRESS_TEST_USERNAME,
/eregulations/http/password = CYPRESS_TEST_PASSWORD,
/eregulations/http/reader_user = CYPRESS_READER_USERNAME,
/eregulations/http/reader_password = CYPRESS_READER_PASSWORD"
withDecryption: "true" # defaults to true
- name: end-to-end tests
uses: cypress-io/github-action@v5
with:
working-directory: solution/ui/e2e
config: baseUrl=${{ steps.deploy-regulations-site-server.outputs.url }}
env:
CYPRESS_DEPLOYING: true
CYPRESS_TEST_ENV: ${{ matrix.environment }}