Skip to content

chore(be): Upgraded critical libs (#303) #153

chore(be): Upgraded critical libs (#303)

chore(be): Upgraded critical libs (#303) #153

Workflow file for this run

name: Main Merge
on:
push:
branches:
- main
paths-ignore:
- ".github/ISSUE_TEMPLATE/*"
- "**.md"
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}
cancel-in-progress: true
env:
REGISTRY: ghcr.io
NAME: nrog
jobs:
#TODO: check sonar for OG
tests-backend:
name: Backend Unit Tests
runs-on: ubuntu-24.04
continue-on-error: true
steps:
- name: Run tests
uses: bcgov-nr/[email protected]
with:
commands: |
npm ci
npm run test:cov
dir: backend
node_version: 16
sonar_args: >
-Dsonar.exclusions=**/coverage/**,**/examples/**,**/pages/**
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.projectKey=nr-old-growth
-Dsonar.tests=test
sonar_token: ${{ secrets.SONAR_TOKEN_BACKEND }}
codeql:
name: Semantic Code Analysis
runs-on: ubuntu-24.04
needs:
- tests-backend
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Initialize
uses: github/codeql-action/init@v3
with:
languages: javascript
- name: Build Backend
run: |
cd backend
npm ci
npm run build
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
deploy-test-database:
name: Deploy Database on Test Env
needs:
- tests-backend
env:
ZONE: test
environment: test
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Deploys
uses: bcgov-nr/[email protected]
with:
file: .github/openshift/deploy.database.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: false
parameters: -p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
deploy-test-backend:
name: Deploy Backend on Test Env
needs:
- deploy-test-database
env:
ZONE: test
environment: test
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Deploys
uses: bcgov-nr/[email protected]
with:
file: .github/openshift/deploy.backend.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
parameters:
-p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
-p CHES_CLIENT_ID=${{ secrets.CHES_CLIENT_ID }}
-p CHES_CLIENT_SECRET=${{ secrets.CHES_CLIENT_SECRET }}
-p CHES_TOKEN_URL='https://test.loginproxy.gov.bc.ca/auth/realms/comsvcauth/protocol/openid-connect/token'
-p CHES_API_URL='https://ches-test.api.gov.bc.ca/api/v1'
-p NODE_ENV='development'
-p BCEID_FORM_PASSWORD=${{ secrets.CHEFS_BCEID_FORM_PASSWORD}}
-p IDIR_FORM_PASSWORD=${{ secrets.CHEFS_IDIR_FORM_PASSWORD}}
prod-promotions:
name: Promote Images to Prod
needs:
- deploy-test-backend
runs-on: ubuntu-24.04
steps:
- uses: shrink/actions-docker-registry-tag@v4
with:
registry: ghcr.io
repository: ${{ github.repository }}/backend
target: test
tags: prod
deploy-prod-database:
name: Deploy Database on Prod Env
needs:
- prod-promotions
env:
ZONE: prod
environment: prod
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Deploys
uses: bcgov-nr/[email protected]
with:
file: .github/openshift/deploy.database.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: false
parameters: -p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
deploy-prod-backend:
name: Deploy Backend on Prod Env
needs:
- deploy-prod-database
env:
ZONE: prod
environment: prod
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Deploys
uses: bcgov-nr/[email protected]
with:
file: .github/openshift/deploy.backend.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
parameters:
-p ZONE=${{ env.ZONE }} -p NAME=${{ github.event.repository.name }}
-p CHES_CLIENT_ID=${{ secrets.CHES_CLIENT_ID }}
-p CHES_CLIENT_SECRET=${{ secrets.CHES_CLIENT_SECRET }}
-p CHES_TOKEN_URL='https://loginproxy.gov.bc.ca/auth/realms/comsvcauth/protocol/openid-connect/token'
-p CHES_API_URL='https://ches.api.gov.bc.ca/api/v1'
-p NODE_ENV='production'
-p BCEID_FORM_PASSWORD=${{ secrets.CHEFS_BCEID_FORM_PASSWORD}}
-p IDIR_FORM_PASSWORD=${{ secrets.CHEFS_IDIR_FORM_PASSWORD}}