Skip to content

Daily Healthcheck Deploy, Test and Destroy #43

Daily Healthcheck Deploy, Test and Destroy

Daily Healthcheck Deploy, Test and Destroy #43

name: 'Daily Healthcheck Deploy, Test and Destroy'
on:
schedule:
- cron: 30 4 * * 1-5
permissions:
pull-requests: write
id-token: write
contents: read
jobs:
set_workspace:
runs-on: ubuntu-latest
outputs:
workspace: ${{ steps.set-output.outputs.workspace }}
steps:
- name: Set Output
id: set-output
run: echo 'workspace=ndrd' >> $GITHUB_OUTPUT
terraform_process:
runs-on: ubuntu-latest
environment: development
needs: ['set_workspace']
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: main
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ASSUME_ROLE }}
role-skip-session-tagging: true
aws-region: ${{ vars.AWS_REGION }}
mask-aws-account-id: true
- name: View AWS Role
run: aws sts get-caller-identity
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.5.4
terraform_wrapper: false
- name: Terraform Init
id: init
run: terraform init -backend-config=backend.conf
working-directory: ./infrastructure
shell: bash
- name: Terraform Set Workspace
id: workspace
run: terraform workspace select -or-create ${{ needs.set_workspace.outputs.workspace }}
working-directory: ./infrastructure
shell: bash
- name: Terraform Format
run: terraform fmt -check
working-directory: ./infrastructure
- name: Terraform Plan
id: plan
run: |
terraform plan -input=false -no-color -var-file="${{vars.TF_VARS_FILE}}" -out tf.plan
working-directory: ./infrastructure
shell: bash
- name: Terraform Apply
run: terraform apply -auto-approve -input=false tf.plan
working-directory: ./infrastructure
lambda_test_job:
name: Run Lambda Unit Tests
uses: nhsconnect/national-document-repository/.github/workflows/base-lambdas-reusable-test.yml@main
with:
python_version: "3.11"
build_branch: main
react_testing_job:
name: Run UI Unit Tests
uses: nhsconnect/national-document-repository/.github/workflows/base-jest-test.yml@main
with:
build_branch: main
cypress-run-job:
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
with:
repository: nhsconnect/national-document-repository
- name: Cypress install
run: npm install --legacy-peer-deps
working-directory: ./app
- name: Configure React environment vars
env:
ENDPOINT_DOC_STORE_API: http://localhost:3000
AWS_REGION: test region
OIDC_PROVIDER_ID: not provided yet
BUILD_ENV: development
IMAGE_VERSION: 'not-required'
run: |
./react-environment-config.sh
working-directory: ./app
- name: Cypress build
uses: cypress-io/github-action@v5
with:
install: false
runTests: false
build: npm run build
working-directory: ./app
- name: Install NPM serve
run: npm install serve -g
- name: Cypress run
uses: cypress-io/github-action@v6
with:
install: false
start: serve -s build
browser: chrome
working-directory: ./app
env:
CYPRESS_BASE_URL: http://localhost:3000
CYPRESS_grepTags: 'regression'
- uses: actions/upload-artifact@v4
if: failure()
with:
name: cypress-screenshots
path: /home/runner/work/national-document-repository/national-document-repository/app/cypress/screenshots
if-no-files-found: ignore
- uses: actions/upload-artifact@v4
if: failure()
with:
name: cypress-videos
path: /home/runner/work/national-document-repository/national-document-repository/app/cypress/videos
if-no-files-found: ignore
publish_all_lambda_layers:
name: Publish all Lambda Layers
needs: ['set_workspace', 'terraform_process']
uses: nhsconnect/national-document-repository/.github/workflows/base-lambda-layer-reusable-publish-all.yml@main
with:
build_branch: main
sandbox: ${{ needs.set_workspace.outputs.workspace }}
environment: development
python_version: "3.11"
secrets:
AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }}
deploy_all_lambdas:
name: Deploy all Lambdas
uses: nhsconnect/national-document-repository/.github/workflows/base-lambdas-reusable-deploy-all.yml@main
needs: ['set_workspace', 'publish_all_lambda_layers']
with:
build_branch: main
sandbox: ${{ needs.set_workspace.outputs.workspace }}
environment: development
python_version: "3.11"
secrets:
AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }}
deploy_ui:
name: Deploy UI
uses: nhsconnect/national-document-repository/.github/workflows/base-deploy-ui.yml@main
needs: ['terraform_process', 'set_workspace']
with:
build_branch: main
sandbox: ${{ needs.set_workspace.outputs.workspace }}
environment: development
secrets:
AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }}
destroy_test_environment:
if: always()
name: Destroy the Sandbox Environment from previous job
needs: [ 'set_workspace', 'deploy_ui', 'deploy_all_lambdas' ]
uses: ./.github/workflows/terraform-destroy-environment-manual.yml
with:
build_branch: main
environment: development
sandbox_workspace: ${{ needs.set_workspace.outputs.workspace }}
terraform_vars: dev.tfvars
backend: backend.conf
secrets: inherit