fix formatting error and add endforce_flow workflow

setheliot · Sep 11, 2024 · 5b7bdad · 5b7bdad
1 parent b417b0e
commit 5b7bdad
Show file tree

Hide file tree

Showing 3 changed files with 61 additions and 8 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -19,10 +19,25 @@ jobs:
     - name: Checkout code
       uses: actions/checkout@v3
 
-    # This is where tests can be added for each commit
-    - name: Run tests
-      run: | 
-        echo "Test placeholder"
+      ########################
+      # Run unit tests 
+      ########################
+
+    # Init python, install dependencies, and test our app.
+    - name: Initialize Python 3.7
+      uses: actions/setup-python@v1
+      with:
+        python-version: ${{matrix.python-version}}
+
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install -r requirements.txt    
+
+    - name: Test app
+      run: |
+        pytest src/
+
 
     # Different environments (stage, prod, etc) would also have some tests
     # specific to that environment. Those should go in another workflow

diff --git a/.github/workflows/enforce-flow.yml b/.github/workflows/enforce-flow.yml
@@ -0,0 +1,38 @@
+# This GitHub action enforces that only merges from previous env will be accepted to next env
+# for example: only merges from stage will be accepted into main (prod)
+
+name: Enforce Flow
+
+on:
+  push:
+    branches:
+      - main
+      - stage
+  pull_request:
+    branches:
+      - main
+      - stage
+
+jobs:
+  enforce_flow:
+    name: Enforce Flow
+    runs-on: ubuntu-latest
+    steps:
+      # This is where we would add a check for merging into stage if we add an environment before stage
+      - name: No need to check if merging into stage
+        if: github.base_ref == 'stage'
+        run: exit 0
+
+      # If merging into main, ensure it is from stage
+      - name: Fail if PR is not from stage
+        if: github.base_ref == 'main' && github.head_ref != 'stage'
+        run: |
+          echo "Error: Pull request to main must come from the stage branch."
+          echo "This pull request is from ${{ github.head_ref }}"
+          exit 1
+
+      - name: Verify if tests passed on stage branch
+        run: |
+          echo "Checking if Tests passed on stage..."
+        if: ${{ github.event.pull_request.head.ref == 'stage' }}
+        continue-on-error: false
diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
@@ -32,7 +32,7 @@ jobs:
     steps:
       # Checkout the code.
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       ########################
       # Run unit tests 
@@ -112,7 +112,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       # Generate version label for the image
       - name: Set Short SHA
@@ -157,6 +157,6 @@ jobs:
 
       - name: Terraform Apply
         run: | 
-          terraform apply -auto-approve -input=false 
-          -var="app_image=ghcr.io/setheliot/xyz-demo-app:${{env.SHA_SHORT}}" 
+          terraform apply -auto-approve -input=false \
+          -var="app_image=ghcr.io/setheliot/xyz-demo-app:${{env.SHA_SHORT}}" \
           -var-file=environment/${{ github.ref_name }}.tfvars