diff --git a/.github/workflows/blackduck-v2.yml b/.github/workflows/blackduck-v2.yml new file mode 100644 index 0000000..af79c22 --- /dev/null +++ b/.github/workflows/blackduck-v2.yml @@ -0,0 +1,46 @@ +name: Blackduck Rapid Scan v2 + +on: + push: + branches: + - v2/trunk + pull_request: + types: [opened, synchronize, reopened] + +jobs: + blackduck: + runs-on: ubuntu-latest + env: + JFROG_NPMRC: ${{ secrets.JFROG_NPMRC }} + GH_TOKEN: Fisker-Inc:${{secrets.GITHUB_TOKEN}} + + steps: + - name: Checkout Code + uses: actions/checkout@v3 + + - uses: actions/setup-node@v3 + with: + node-version: "18.x" + cache: npm + + - name: JFrog Auth + run: echo ${JFROG_NPMRC} | base64 -d > .npmrc + + - run: npm install + - run: npm run build + + - name: Run Synopsys Detect RAPID + run: | + bash <(curl -s -L https://detect.synopsys.com/detect8.sh) \ + --blackduck.url=${{ secrets.BLACKDUCK_URL }} \ + --blackduck.api.token=${{ secrets.BLACKDUCK_API_KEY }} \ + --blackduck.trust.cert=true \ + --detect.project.version.update=true \ + --detect.project.name='ota-admin-portal' \ + --detect.excluded.directories='node_modules, .next' \ + --detect.project.version.name=$GITHUB_REF_NAME \ + --detect.blackduck.scan.mode="RAPID" \ + --detect.detector.search.depth=3 \ + --detect.detector.search.continue=true \ + --detect.npm.include.dev.dependencies=false + # --detect.detector.search.continue=true - If true, the bom tool search will continue to look for nested bom tools of the same type to the maximum search depth diff --git a/.github/workflows/deploy-on-demand-v2.yml b/.github/workflows/deploy-on-demand-v2.yml new file mode 100644 index 0000000..ca42b10 --- /dev/null +++ b/.github/workflows/deploy-on-demand-v2.yml @@ -0,0 +1,123 @@ +name: OTA Admin Portal v2 Deploy - On Demand + +on: + workflow_dispatch: + inputs: + environment: + description: "Environment" + required: true + type: choice + options: + - dev + +env: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }} + SLACK_CHANNEL: "#cloud-builds" + SLACK_FOOTER: "" + SLACK_USERNAME: GitHub Actions + SLACK_ICON: "https://github.githubassets.com/images/modules/logos_page/GitHub-Mark.png" + JFROG_NPMRC: ${{ secrets.JFROG_NPMRC }} + TAG: ${{ github.sha }} + PROJECT: ota-admin-portal-v2 + REGISTRY: fiskercloud.azurecr.io + +jobs: + build: + runs-on: ubuntu-latest + outputs: + build-env: ${{ steps.set-env.outputs.ENVIRONMENT }} + steps: + - name: Slack Notification + uses: rtCamp/action-slack-notify@v2 + + - name: Checkout + uses: actions/checkout@v3 + + - name: Azure Login + uses: azure/login@v1 + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + + - name: Login to ACR + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ secrets.AZURE_CLIENT_ID }} + password: ${{ secrets.AZURE_CLIENT_SECRET }} + + - name: JFrog Auth + run: echo ${JFROG_NPMRC} | base64 -d > .npmrc + + - name: Set Env + env: + ENV: ${{ inputs.environment }} + id: set-env + run: | + case ${ENV} in + dev) + ENVIRONMENT=dev;; + stage) + ENVIRONMENT=stg;; + preprod) + ENVIRONMENT=prd;; + *) + ENVIRONMENT=dev;; + esac + echo "ENVIRONMENT=${ENVIRONMENT}" >> $GITHUB_ENV + echo "ENVIRONMENT=${ENVIRONMENT}" >> $GITHUB_OUTPUT + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Build and push + uses: docker/build-push-action@v4 + with: + context: . + build-args: ENVIRONMENT=${{ env.ENVIRONMENT }} + push: true + tags: ${{ env.REGISTRY }}/${{ env.PROJECT }}:${{ env.TAG }} + cache-from: type=gha + cache-to: type=gha,mode=max + + - name: Notify if failure + if: ${{ failure() }} + uses: rtCamp/action-slack-notify@v2 + env: + SLACK_COLOR: ${{ job.status }} + SLACK_MESSAGE: "Failed to build ${{ env.PROJECT }} ${{ inputs.environment }}! :this-is-fine:" + + deploy: + needs: build + runs-on: [self-hosted, azure] + env: + ENVIRONMENT: ${{ needs.build.outputs.build-env }} + steps: + - name: Checkout + uses: actions/checkout@v3 + + - uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: true + SLACK_MESSAGE: "Deploying ${{ env.PROJECT }} to ${{ inputs.environment }}... :partydeploy:" + + - name: Deploy + run: |- + helm upgrade \ + --kube-context $ENVIRONMENT \ + --set image.registry=$REGISTRY \ + --set image.name=$PROJECT \ + --set image.tag=$TAG \ + --wait -i -f k8s/values-$ENVIRONMENT.yaml $PROJECT k8s/ + + - name: Notify deploy failure + if: ${{ failure() }} + uses: rtCamp/action-slack-notify@v2 + env: + SLACK_COLOR: ${{ job.status }} + SLACK_MESSAGE: "Failed to deploy ${{ env.PROJECT }} on ${{ inputs.environment }}! :this-is-fine:" + + - name: Notify deploy success + uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: true + SLACK_MESSAGE: "Successfully deployed ${{ env.PROJECT }} to ${{ inputs.environment }}! :gopher_party:" diff --git a/.github/workflows/deploy-v2.yml b/.github/workflows/deploy-v2.yml new file mode 100644 index 0000000..ee01546 --- /dev/null +++ b/.github/workflows/deploy-v2.yml @@ -0,0 +1,237 @@ +name: OTA Admin Portal v2 Deploy + +on: + push: + branches: + - v2/trunk + +env: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }} + SLACK_CHANNEL: "#cloud-builds" + SLACK_FOOTER: "" + SLACK_USERNAME: GitHub Actions + SLACK_ICON: "https://github.githubassets.com/images/modules/logos_page/GitHub-Mark.png" + JFROG_NPMRC: ${{ secrets.JFROG_NPMRC }} + TAG: ${{ github.sha }} + PROJECT: ota-admin-portal-v2 + REGISTRY: fiskercloud.azurecr.io + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Slack Notification + uses: rtCamp/action-slack-notify@v2 + + - name: Checkout + uses: actions/checkout@v3 + + - name: Azure Login + uses: azure/login@v1 + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + + - name: Login to ACR + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ secrets.AZURE_CLIENT_ID }} + password: ${{ secrets.AZURE_CLIENT_SECRET }} + + - name: JFrog Auth + run: echo ${JFROG_NPMRC} | base64 -d > .npmrc + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Build and push + uses: docker/build-push-action@v4 + with: + context: . + push: true + tags: ${{ env.REGISTRY }}/${{ env.PROJECT }}:${{ env.TAG }} + cache-from: type=gha + cache-to: type=gha,mode=max + + - name: Notify if failure + if: ${{ failure() }} + uses: rtCamp/action-slack-notify@v2 + env: + SLACK_COLOR: ${{ job.status }} + SLACK_MESSAGE: "Failed to build ${{ env.PROJECT }} dev! :this-is-fine:" + + deploy-dev: + needs: [build] + runs-on: [self-hosted, azure] + environment: dev + steps: + - name: Checkout + uses: actions/checkout@v3 + + - uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: true + SLACK_MESSAGE: "Deploying ${{ env.PROJECT }} to dev... :partydeploy:" + + - name: Deploy to dev + run: |- + helm upgrade \ + --kube-context dev \ + --set image.registry=$REGISTRY \ + --set image.name=$PROJECT \ + --set image.tag=$TAG \ + --wait -i -f k8s/values-dev.yaml $PROJECT k8s/ + + - name: Notify deploy failure + if: ${{ failure() }} + uses: rtCamp/action-slack-notify@v2 + env: + SLACK_COLOR: ${{ job.status }} + SLACK_MESSAGE: "Failed to deploy ${{ env.PROJECT }} on dev! :this-is-fine:" + + - name: Notify deploy success + uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: true + SLACK_MESSAGE: "Successfully deployed ${{ env.PROJECT }} to dev! :gopher_party:" + + deploy-stg: + needs: [build, deploy-dev] + runs-on: [self-hosted, azure] + environment: stg + steps: + - name: Checkout + uses: actions/checkout@v3 + + - uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: true + SLACK_MESSAGE: "Deploying ${{ env.PROJECT }} to stg... :partydeploy:" + + - name: Deploy to stg + run: |- + helm upgrade \ + --kube-context stg \ + --set image.registry=$REGISTRY \ + --set image.name=$PROJECT \ + --set image.tag=$TAG \ + --wait -i -f k8s/values-stg.yaml $PROJECT k8s/ + + - name: Notify deploy failure + if: ${{ failure() }} + uses: rtCamp/action-slack-notify@v2 + env: + SLACK_COLOR: ${{ job.status }} + SLACK_MESSAGE: "Failed to deploy ${{ env.PROJECT }} on stg! :this-is-fine:" + + - name: Notify deploy success + uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: true + SLACK_MESSAGE: "Successfully deployed ${{ env.PROJECT }} to stg! :gopher_party:" + + deploy-preprod: + needs: [build, deploy-dev] + runs-on: [self-hosted, azure] + environment: stg + steps: + - name: Checkout + uses: actions/checkout@v3 + + - uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: true + SLACK_MESSAGE: "Deploying ${{ env.PROJECT }} to preprod... :partydeploy:" + + - name: Deploy to preprod + run: |- + helm upgrade \ + --kube-context prd \ + --set image.registry=$REGISTRY \ + --set image.name=$PROJECT \ + --set image.tag=$TAG \ + --wait -i -f k8s/values-prd.yaml $PROJECT k8s/ + + - name: Notify deploy failure + if: ${{ failure() }} + uses: rtCamp/action-slack-notify@v2 + env: + SLACK_COLOR: ${{ job.status }} + SLACK_MESSAGE: "Failed to deploy ${{ env.PROJECT }} on preprod! :this-is-fine:" + + - name: Notify deploy success + uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: true + SLACK_MESSAGE: "Successfully deployed ${{ env.PROJECT }} to preprod! :gopher_party:" + + deploy-cec-prd: + needs: [build, deploy-dev, deploy-stg, deploy-preprod] + runs-on: [self-hosted, azure] + environment: prd + steps: + - name: Checkout + uses: actions/checkout@v3 + + - uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: true + SLACK_MESSAGE: "Deploying ${{ env.PROJECT }} to cec-prd... :partydeploy:" + + - name: Deploy to cec-prd + run: |- + helm upgrade \ + --kube-context cec-prd-cluster-1 \ + --set image.registry=$REGISTRY \ + --set image.name=$PROJECT \ + --set image.tag=$TAG \ + --wait -i -f k8s/values-cec-prd.yaml $PROJECT k8s/ + + - name: Notify deploy failure + if: ${{ failure() }} + uses: rtCamp/action-slack-notify@v2 + env: + SLACK_COLOR: ${{ job.status }} + SLACK_MESSAGE: "Failed to deploy ${{ env.PROJECT }} on cec-prd! :this-is-fine:" + + - name: Notify deploy success + uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: true + SLACK_MESSAGE: "Successfully deployed ${{ env.PROJECT }} to cec-prd! :gopher_party:" + + deploy-cec-euprd: + needs: [build, deploy-dev, deploy-stg, deploy-preprod, deploy-cec-prd] + runs-on: [self-hosted, azure] + environment: prd + steps: + - name: Checkout + uses: actions/checkout@v3 + + - uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: true + SLACK_MESSAGE: "Deploying ${{ env.PROJECT }} to cec-euprd... :partydeploy:" + + - name: Deploy to cec-euprd + run: |- + helm upgrade \ + --kube-context cec-euprd-cluster-1 \ + --set image.registry=$REGISTRY \ + --set image.name=$PROJECT \ + --set image.tag=$TAG \ + --wait -i -f k8s/values-cec-euprd.yaml $PROJECT k8s/ + + - name: Notify deploy failure + if: ${{ failure() }} + uses: rtCamp/action-slack-notify@v2 + env: + SLACK_COLOR: ${{ job.status }} + SLACK_MESSAGE: "Failed to deploy ${{ env.PROJECT }} on cec-euprd! :this-is-fine:" + + - name: Notify deploy success + uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: true + SLACK_MESSAGE: "Successfully deployed ${{ env.PROJECT }} to cec-euprd! :gopher_party:" diff --git a/.github/workflows/test-v2.yml b/.github/workflows/test-v2.yml new file mode 100644 index 0000000..e2f204b --- /dev/null +++ b/.github/workflows/test-v2.yml @@ -0,0 +1,38 @@ +name: OTA Admin Portal v2 Test + +on: + push: + branches: + - v2/trunk + pull_request: + +jobs: + test: + runs-on: ubuntu-latest + env: + JFROG_NPMRC: ${{ secrets.JFROG_NPMRC }} + GH_TOKEN: Fisker-Inc:${{secrets.GITHUB_TOKEN}} + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Use Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v3 + with: + node-version: "18.x" + cache: npm + + - name: Run Tests + run: | + echo ${JFROG_NPMRC} | base64 -d > .npmrc + npm install + npm test -- --coverage --coverageDirectory='coverage' --watchAll=false --passWithNoTests #remove once tests are written + npm run build + + - name: SonarCloud Scan + uses: sonarsource/sonarcloud-github-action@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}