Renovate Update GitHub Actions to v4 #284
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "[Workflow] Path to live" | |
| concurrency: | |
| group: ${{ github.ref }}-${{ github.workflow }} | |
| defaults: | |
| run: | |
| shell: bash | |
| on: | |
| push: | |
| branches: | |
| - main # match main | |
| permissions: | |
| contents: write | |
| security-events: write | |
| pull-requests: read | |
| actions: none | |
| checks: none | |
| deployments: none | |
| issues: none | |
| packages: none | |
| repository-projects: none | |
| statuses: none | |
| jobs: | |
| workflow_variables: | |
| runs-on: ubuntu-latest | |
| name: output workflow variables | |
| outputs: | |
| build_identifier: "main" | |
| version_tag: ${{ steps.semver_tag.outputs.created_tag }} | |
| steps: | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v3 | |
| - name: generate semver tag and release | |
| id: semver_tag | |
| uses: ministryofjustice/opg-github-actions/.github/actions/[email protected] | |
| with: | |
| prerelease: false | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| build_web_resources: | |
| name: build web resources | |
| uses: ./.github/workflows/_web-resources.yml | |
| secrets: inherit | |
| docker_build_scan_push: | |
| name: build, scan and push | |
| uses: ./.github/workflows/_build-and-push.yml | |
| needs: | |
| - workflow_variables | |
| - build_web_resources | |
| with: | |
| tag: ${{ needs.workflow_variables.outputs.build_identifier }}-${{ needs.workflow_variables.outputs.version_tag }} | |
| branch_name: ${{ needs.workflow_variables.outputs.build_identifier }} | |
| push_to_ecr: true | |
| secrets: inherit | |
| api_unit_tests_1: | |
| name: api unit tests 1 | |
| uses: ./.github/workflows/_unit-tests-api.yml | |
| with: | |
| selection: selection-1 | |
| branch_name: ${{ needs.workflow_variables.outputs.build_identifier }} | |
| needs: | |
| - workflow_variables | |
| api_unit_tests_2: | |
| name: api unit tests 2 | |
| uses: ./.github/workflows/_unit-tests-api.yml | |
| with: | |
| selection: selection-2 | |
| branch_name: ${{ needs.workflow_variables.outputs.build_identifier }} | |
| needs: | |
| - workflow_variables | |
| api_unit_tests_3: | |
| name: api unit tests 3 | |
| uses: ./.github/workflows/_unit-tests-api.yml | |
| with: | |
| selection: selection-3 | |
| branch_name: ${{ needs.workflow_variables.outputs.build_identifier }} | |
| needs: | |
| - workflow_variables | |
| client_unit_tests: | |
| name: client unit tests | |
| uses: ./.github/workflows/_unit-tests-client.yml | |
| needs: | |
| - workflow_variables | |
| - build_web_resources | |
| codecov: | |
| name: upload to codecov | |
| uses: ./.github/workflows/_codecov.yml | |
| needs: | |
| - client_unit_tests | |
| - api_unit_tests_1 | |
| - api_unit_tests_2 | |
| - api_unit_tests_3 | |
| secrets: inherit | |
| synchronisation_unit_tests: | |
| name: client unit tests | |
| uses: ./.github/workflows/_unit-tests-synchronise-lambda.yml | |
| needs: | |
| - workflow_variables | |
| - docker_build_scan_push | |
| terraform_apply_account_development: | |
| name: development account apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - workflow_variables | |
| with: | |
| workspace: development | |
| terraform_path: account | |
| apply: true | |
| container_version: ${{ needs.workflow_variables.outputs.build_identifier }}-${{ needs.workflow_variables.outputs.version_tag }} | |
| path_to_live: true | |
| secrets: inherit | |
| terraform_apply_development: | |
| name: development environment apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - terraform_apply_account_development | |
| - docker_build_scan_push | |
| - workflow_variables | |
| - synchronisation_unit_tests | |
| - client_unit_tests | |
| - api_unit_tests_1 | |
| - api_unit_tests_2 | |
| - api_unit_tests_3 | |
| with: | |
| workspace: development | |
| terraform_path: environment | |
| apply: true | |
| container_version: ${{ needs.workflow_variables.outputs.build_identifier }}-${{ needs.workflow_variables.outputs.version_tag }} | |
| path_to_live: true | |
| secrets: inherit | |
| terraform_apply_account_preproduction: | |
| name: preproduction account apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - workflow_variables | |
| - terraform_apply_development | |
| with: | |
| workspace: preproduction | |
| terraform_path: account | |
| apply: true | |
| container_version: ${{ needs.workflow_variables.outputs.build_identifier }}-${{ needs.workflow_variables.outputs.version_tag }} | |
| path_to_live: true | |
| secrets: inherit | |
| terraform_apply_integration: | |
| name: integration environment apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - terraform_apply_account_preproduction | |
| - workflow_variables | |
| with: | |
| workspace: integration | |
| terraform_path: environment | |
| apply: true | |
| container_version: ${{ needs.workflow_variables.outputs.build_identifier }}-${{ needs.workflow_variables.outputs.version_tag }} | |
| path_to_live: true | |
| secrets: inherit | |
| scale_services_up: | |
| name: scale up integration services | |
| uses: ./.github/workflows/_scale-services.yml | |
| needs: | |
| - workflow_variables | |
| - terraform_apply_integration | |
| with: | |
| replicas: 6 | |
| acu: 16 | |
| account: 454262938596 | |
| workspace: integration | |
| secrets: inherit | |
| reset_database: | |
| name: reset integration database | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - scale_services_up | |
| with: | |
| workspace: integration | |
| task_name: "integration_test_v2" | |
| timeout: "500" | |
| override: "sh,./tests/Behat/reset-db.sh" | |
| secrets: inherit | |
| integration_tests_1: | |
| name: integration tests frontend 1 | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - reset_database | |
| with: | |
| workspace: integration | |
| task_name: "integration_test_v2" | |
| timeout: "1200" | |
| override: "sh,./tests/Behat/run-tests-parallel.sh,--tags,@v2_reporting_1,--profile,v2-tests-browserkit" | |
| secrets: inherit | |
| integration_tests_2: | |
| name: integration tests frontend 2 | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - reset_database | |
| with: | |
| workspace: integration | |
| task_name: "integration_test_v2" | |
| timeout: "1200" | |
| override: "sh,./tests/Behat/run-tests-parallel.sh,--tags,@v2_reporting_2,--profile,v2-tests-browserkit" | |
| secrets: inherit | |
| integration_tests_admin: | |
| name: integration tests admin | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - reset_database | |
| with: | |
| workspace: integration | |
| task_name: "integration_test_v2" | |
| timeout: "1200" | |
| override: "sh,./tests/Behat/run-tests-parallel.sh,--tags,@v2_admin,--profile,v2-tests-browserkit" | |
| secrets: inherit | |
| integration_tests_sequential_1: | |
| name: integration tests sequential 1 | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - reset_database | |
| with: | |
| workspace: integration | |
| task_name: "integration_test_v2" | |
| timeout: "1200" | |
| override: "sh,./tests/Behat/run-tests.sh,--tags,@v2_sequential_1,--profile,v2-tests-browserkit" | |
| secrets: inherit | |
| integration_tests_sequential_2: | |
| name: integration tests sequential 2 | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - reset_database | |
| with: | |
| workspace: integration | |
| task_name: "integration_test_v2" | |
| timeout: "1200" | |
| override: "sh,./tests/Behat/run-tests.sh,--tags,@v2_sequential_2,--profile,v2-tests-browserkit" | |
| secrets: inherit | |
| integration_tests_sequential_3: | |
| name: integration tests sequential 3 | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - reset_database | |
| with: | |
| workspace: integration | |
| task_name: "integration_test_v2" | |
| timeout: "1200" | |
| override: "sh,./tests/Behat/run-tests.sh,--tags,@v2_sequential_3,--profile,v2-tests-browserkit" | |
| secrets: inherit | |
| scale_services_down: | |
| if: always() | |
| name: scale down integration services | |
| uses: ./.github/workflows/_scale-services.yml | |
| needs: | |
| - workflow_variables | |
| - integration_tests_sequential_1 | |
| - integration_tests_sequential_2 | |
| - integration_tests_sequential_3 | |
| - integration_tests_admin | |
| - integration_tests_1 | |
| - integration_tests_2 | |
| with: | |
| replicas: 1 | |
| acu: 4 | |
| account: 454262938596 | |
| workspace: integration | |
| secrets: inherit | |
| terraform_apply_preproduction: | |
| name: preproduction environment apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - terraform_apply_account_preproduction | |
| - workflow_variables | |
| - integration_tests_sequential_1 | |
| - integration_tests_sequential_2 | |
| - integration_tests_sequential_3 | |
| - integration_tests_admin | |
| - integration_tests_1 | |
| - integration_tests_2 | |
| with: | |
| workspace: preproduction | |
| terraform_path: environment | |
| apply: true | |
| container_version: ${{ needs.workflow_variables.outputs.build_identifier }}-${{ needs.workflow_variables.outputs.version_tag }} | |
| path_to_live: true | |
| secrets: inherit | |
| terraform_apply_training: | |
| name: training environment apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - terraform_apply_preproduction | |
| - workflow_variables | |
| with: | |
| workspace: training | |
| terraform_path: environment | |
| apply: true | |
| container_version: ${{ needs.workflow_variables.outputs.build_identifier }}-${{ needs.workflow_variables.outputs.version_tag }} | |
| path_to_live: true | |
| secrets: inherit | |
| terraform_apply_account_production: | |
| name: production account apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - workflow_variables | |
| - terraform_apply_preproduction | |
| with: | |
| workspace: production | |
| terraform_path: account | |
| apply: true | |
| container_version: ${{ needs.workflow_variables.outputs.build_identifier }}-${{ needs.workflow_variables.outputs.version_tag }} | |
| path_to_live: true | |
| secrets: inherit | |
| terraform_apply_production: | |
| name: production environment apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - terraform_apply_account_production | |
| - workflow_variables | |
| with: | |
| workspace: production02 | |
| terraform_path: environment | |
| apply: true | |
| container_version: ${{ needs.workflow_variables.outputs.build_identifier }}-${{ needs.workflow_variables.outputs.version_tag }} | |
| path_to_live: true | |
| secrets: inherit | |
| backup_production: | |
| name: backup production | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - terraform_apply_production | |
| with: | |
| workspace: production02 | |
| task_name: "backup" | |
| timeout: "700" | |
| secrets: inherit | |
| restore_to_preproduction: | |
| name: restore to preproduction | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - backup_production | |
| with: | |
| workspace: preproduction | |
| task_name: "restore_from_production" | |
| timeout: "700" | |
| secrets: inherit | |
| end_of_workflow: | |
| name: end of workflow | |
| runs-on: ubuntu-latest | |
| needs: | |
| - restore_to_preproduction | |
| - codecov | |
| - workflow_variables | |
| steps: | |
| - name: workflow ended successfully | |
| run: | | |
| echo "${{ needs.workflow_variables.outputs.build_identifier }} PR environment tested, built and deployed" | |
| echo "Tag Used: ${{ needs.workflow_variables.outputs.build_identifier }}-${{ needs.workflow_variables.outputs.version_tag }}" | |
| echo "URL: https://${{ needs.workflow_variables.outputs.build_identifier }}.complete-deputy-report.service.gov.uk" | |
| slack_notify_success: | |
| name: notify of result | |
| uses: ./.github/workflows/_slack-notification.yml | |
| needs: | |
| - workflow_variables | |
| - end_of_workflow | |
| with: | |
| success: true | |
| branch: ${{ needs.workflow_variables.outputs.build_identifier }} | |
| account: 515688267891 | |
| secrets: inherit | |
| slack_notify_failure: | |
| name: notify of result | |
| uses: ./.github/workflows/_slack-notification.yml | |
| if: ${{ failure() }} | |
| needs: | |
| - workflow_variables | |
| - end_of_workflow | |
| with: | |
| success: false | |
| branch: ${{ needs.workflow_variables.outputs.build_identifier }} | |
| account: 515688267891 | |
| secrets: inherit |