chore(deps): update dependency vite to v4.4.12 [security] #472
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Pull Request | |
on: | |
pull_request: | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
pr-greeting: | |
name: PR Greeting | |
env: | |
DOMAIN: apps.silver.devops.gov.bc.ca | |
PREFIX: ${{ github.event.repository.name }}-${{ github.event.number }} | |
runs-on: ubuntu-22.04 | |
permissions: | |
pull-requests: write | |
steps: | |
- name: PR Greeting | |
uses: bcgov-nr/[email protected] | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
add_markdown: | | |
--- | |
Thanks for the PR! | |
Any successful deployments (not always required) will be available below. | |
[API](https://${{ env.PREFIX }}-api.${{ env.DOMAIN }}/) available | |
[Frontend](https://${{ env.PREFIX }}.${{ env.DOMAIN }}/) available | |
Once merged, code will be promoted and handed off to following workflow run. | |
[Main Merge Workflow](https://github.com/${{ github.repository }}/actions/workflows/merge-main.yml) | |
builds: | |
name: Builds | |
runs-on: ubuntu-22.04 | |
permissions: | |
packages: write | |
strategy: | |
matrix: | |
package: [api, frontend, database] | |
include: | |
- package: frontend | |
triggers: ('frontend/') | |
- package: api | |
triggers: ('api/') | |
- package: database | |
triggers: ('database/') | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: bcgov-nr/[email protected] | |
with: | |
package: ${{ matrix.package }} | |
tag: ${{ github.sha }} | |
tag_fallback: test | |
token: ${{ secrets.GITHUB_TOKEN }} | |
triggers: ${{ matrix.triggers }} | |
- uses: shrink/actions-docker-registry-tag@v3 | |
with: | |
registry: ghcr.io | |
repository: ${{ github.repository }}/${{ matrix.package }} | |
target: ${{ github.sha }} | |
tags: ${{ github.event.number }} | |
deploys: | |
name: Deploys | |
needs: [builds] | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
name: Checkout | |
- name: Deploy to OpenShift | |
shell: bash | |
run: | | |
# Allow pipefail, since we could be catching oc create errors | |
set +o pipefail | |
# Login to OpenShift (NOTE: project command is a safeguard) | |
oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }} | |
oc project ${{ vars.oc_namespace }} | |
# Deploy Helm Chart | |
cd charts/pubcode | |
helm dependency update | |
helm upgrade --install --wait --atomic pubcode-${{ github.event.number }} \ | |
--set-string global.repository=${{ github.repository }} \ | |
--set-string api.containers[0].tag="${{ github.sha }}" \ | |
--set-string api.containers[0].resources.limits.cpu="250m" \ | |
--set-string api.containers[0].resources.limits.memory="250Mi" \ | |
--set-string api.containers[0].resources.requests.cpu="100m" \ | |
--set-string api.containers[0].resources.requests.memory="150Mi" \ | |
--set api.autoscaling.minReplicas=1 \ | |
--set api.autoscaling.maxReplicas=1 \ | |
--set frontend.autoscaling.minReplicas=1 \ | |
--set frontend.autoscaling.maxReplicas=1 \ | |
--set-string frontend.containers[0].tag="${{ github.sha }}" \ | |
--set-string frontend.containers[0].resources.limits.cpu="200m" \ | |
--set-string frontend.containers[0].resources.limits.memory="150Mi" \ | |
--set-string frontend.containers[0].resources.requests.cpu="100m" \ | |
--set-string frontend.containers[0].resources.requests.memory="50Mi" \ | |
--set-string database.containers[0].resources.limits.cpu="500m" \ | |
--set-string database.containers[0].resources.limits.memory="450Mi" \ | |
--set-string database.containers[0].resources.requests.cpu="100m" \ | |
--set-string database.containers[0].resources.requests.memory="150Mi" \ | |
--set-string database.initContainers[0].resources.limits.cpu="500m" \ | |
--set-string database.initContainers[0].resources.limits.memory="450Mi" \ | |
--set-string database.initContainers[0].resources.requests.cpu="100m" \ | |
--set-string database.initContainers[0].resources.requests.memory="150Mi" \ | |
--set-string database.pvc.size="350Mi" \ | |
--set-string global.secrets.emailRecipients="${{ secrets.EMAIL_RECIPIENTS }}" \ | |
--set-string global.secrets.chesTokenURL="${{ secrets.CHES_TOKEN_URL }}" \ | |
--set-string global.secrets.chesClientID="${{ secrets.CHES_CLIENT_ID }}" \ | |
--set-string global.secrets.chesClientSecret="${{ secrets.CHES_CLIENT_SECRET }}" \ | |
--set-string global.secrets.chesAPIURL="${{ secrets.CHES_API_URL }}" \ | |
--set-string global.secrets.databaseAdminPassword="${{ secrets.DB_PWD }}" \ | |
--set-string global.env.VITE_SCHEMA_BRANCH=${{ github.event.pull_request.head.ref }} \ | |
--set-string namespace="${{ vars.oc_namespace }}" -f values.yaml --timeout 5m . | |
cypress-e2e: | |
name: Cypress end to end test | |
needs: | |
- deploys | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
browser: [ chrome, edge ] | |
steps: | |
- uses: actions/checkout@v4 | |
name: Checkout | |
- uses: cypress-io/github-action@v5 | |
name: Cypress run | |
with: | |
config: pageLoadTimeout=10000,baseUrl=https://pubcode-${{ github.event.number }}.apps.silver.devops.gov.bc.ca/ | |
working-directory: ./frontend | |
browser: ${{ matrix.browser }} | |
- uses: actions/upload-artifact@v3 | |
if: failure() | |
with: | |
name: cypress-screenshots | |
path: ./frontend/cypress/screenshots | |
if-no-files-found: ignore # 'warn' or 'error' are also available, defaults to `warn` |