Skip to content

tech: add sentry auth token env variable #5137

tech: add sentry auth token env variable

tech: add sentry auth token env variable #5137

Workflow file for this run

name: CI/CD Back & Front
on:
push:
paths:
- ".github/workflows/cicd-database.yml"
- ".github/workflows/cicd-app.yml"
- "infra/**"
- "backend/**"
- "frontend/**"
- "Makefile"
- ".env*"
- "docker-compose.yml"
schedule:
- cron: "38 11 */3 * *"
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
version:
name: Set application version and env profile
runs-on: ubuntu-22.04
outputs:
ENV_PROFILE: ${{ steps.env_profile.outputs.ENV_PROFILE }}
VERSION: ${{ steps.version.outputs.VERSION }}
steps:
- name: Get last release version
id: lastrelease
uses: pozetroninc/github-action-get-latest-release@master
with:
repository: mtes-mct/monitorenv
- id: step1
name: Set ENV profile as dev by default
run: echo "ENV_PROFILE=dev" >> $GITHUB_ENV
- name: Set ENV profile as PROD when it is a release
if: startsWith(github.ref, 'refs/tags/v1') || startsWith(github.ref, 'refs/heads/v1') || startsWith(github.ref, 'refs/tags/v2') || startsWith(github.ref, 'refs/heads/v2')
run: echo "ENV_PROFILE=prod" >> $GITHUB_ENV
- id: env_profile
name: Set ENV profile output
run: ENV_PROFILE=${{ env.ENV_PROFILE }} && echo "ENV_PROFILE=$ENV_PROFILE" >> $GITHUB_OUTPUT
- id: version
name: Set VERSION env
run: |
if [ "${ENV_PROFILE}" != "prod" ]; then\
if [ "${{github.ref}}" == "refs/heads/main" ]; then\
export VERSION=${{ steps.lastrelease.outputs.release }}_snapshot
else\
export REF_NAME=${{ github.ref_name }}
export VERSION=${REF_NAME//\//_}
fi
else\
export VERSION=${{ steps.lastrelease.outputs.release }}
fi
echo $VERSION
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
timeout-minutes: 30
unit_test_backend:
name: Run backend unit tests
needs: version
runs-on: ubuntu-22.04
env:
ENV_PROFILE: ${{needs.version.outputs.ENV_PROFILE}}
VERSION: ${{needs.version.outputs.VERSION}}
ACTIONS_ALLOW_UNSECURE_COMMANDS: true
steps:
- name: Show version
run: echo "VERSION:${{ env.VERSION }} ENV_PROFILE:${{ env.ENV_PROFILE }}"
- name: Setup Java JDK
uses: actions/[email protected]
with:
# https://github.com/actions/setup-java/blob/main/README.md#Supported-distributions
distribution: zulu
java-version: 17
- name: Checkout
uses: actions/checkout@v4
- name: Unit test
run: make test-back
timeout-minutes: 30
unit_test_frontend:
name: Run frontend unit tests
needs: version
runs-on: ubuntu-22.04
env:
PUPPETEER_SKIP_DOWNLOAD: "true"
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
cache: npm
cache-dependency-path: ./frontend/package-lock.json
node-version: 20
- name: Install Node.js dependencies
run: npm ci
working-directory: ./frontend
- name: Lint Frontend
run: npm run test:lint
working-directory: ./frontend
- name: Check Frontend types
run: npm run test:type
working-directory: ./frontend
- name: Unit test
run: npm run test:unit --coverage
working-directory: ./frontend
- name: Upload coverage
uses: codecov/codecov-action@v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
verbose: true
working-directory: ./frontend
timeout-minutes: 30
build:
name: Build and package
needs: version
runs-on: ubuntu-22.04
env:
ENV_PROFILE: ${{needs.version.outputs.ENV_PROFILE}}
VERSION: ${{needs.version.outputs.VERSION}}
ACTIONS_ALLOW_UNSECURE_COMMANDS: true
steps:
- name: Show version
run: echo "VERSION:${{ env.VERSION }} ENV_PROFILE:${{ env.ENV_PROFILE }}"
- name: Checkout
uses: actions/checkout@v4
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
- name: Cache Docker layers
uses: actions/cache@v4
with:
path: /tmp/.buildx-cache-app
key: ${{ runner.os }}-single-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-single-buildx
- name: Build image
uses: docker/build-push-action@v6
with:
context: .
load: true
builder: ${{ steps.buildx.outputs.name }}
file: infra/docker/app/Dockerfile
push: false
tags: monitorenv-app:${{ env.VERSION }}
cache-from: type=local,src=/tmp/.buildx-cache-app
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-app-new
build-args: |
VERSION=${{ env.VERSION }}
ENV_PROFILE=${{ env.ENV_PROFILE }}
GITHUB_SHA=${{ github.sha }}
# Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache-app
mv /tmp/.buildx-cache-app-new /tmp/.buildx-cache-app
- name: Upload image to artifacts
uses: ishworkh/[email protected]
with:
image: monitorenv-app:${{ env.VERSION }}
timeout-minutes: 30
e2e_test:
name: Run E2E tests
needs: [ version, build ]
runs-on: ubuntu-22.04
strategy:
# when one test fails, DO NOT cancel the other
# containers, because this will kill Cypress processes
# leaving the Dashboard hanging ...
# https://github.com/cypress-io/github-action/issues/48
fail-fast: false
matrix:
containers: [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12 ]
env:
ACTIONS_ALLOW_UNSECURE_COMMANDS: true
CYPRESS_PROJECT_ID: ${{ secrets.CYPRESS_PROJECT_ID }}
CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_RECORD_KEY }}
ENV_PROFILE: ${{needs.version.outputs.ENV_PROFILE}}
FRONTEND_GOOGLEMAPS_API_KEY: ${{ secrets.FRONTEND_GOOGLEMAPS_API_KEY }}
FRONTEND_SHOM_KEY: ${{ secrets.FRONTEND_SHOM_KEY }}
FRONTEND_MAPBOX_KEY: ${{ secrets.FRONTEND_MAPBOX_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
MONITORENV_VERSION: ${{ needs.version.outputs.VERSION }}
VERSION: ${{needs.version.outputs.VERSION}}
PUPPETEER_SKIP_DOWNLOAD: "true"
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Download image
uses: ishworkh/[email protected]
with:
image: monitorenv-app:${{ env.VERSION }}
- name: Run docker images
run: |
make test-init-infra-env
make test-run-infra-for-frontend
- name: Setup Node.js
uses: actions/setup-node@v4
with:
cache: npm
cache-dependency-path: ./frontend/package-lock.json
node-version: 20
- name: Setup Firefox
uses: browser-actions/setup-firefox@latest
with:
firefox-version: 119.0.1
- name: Curl stubbed geoserver check
run: until $(curl --output /dev/null --silent --fail "http://localhost:8081/geoserver/wfs?service=WFS&version=1.1.0&request=GetFeature&typename=monitorenv:regulations&outputFormat=application/json&CQL_FILTER=topic=%27Ouest%20Cotentin%20Bivalves%27%20AND%20zone=%27Praires%20Ouest%20cotentin%27"); do printf '.'; sleep 5; done;
- uses: cypress-io/github-action@v6
with:
browser: firefox
cache-key: cypress-${{ hashFiles('package-lock.json') }}
config-file: config/cypress.config.ts
env: PORT=8880
install: true
install-command: npm ci
parallel: true
record: true
wait-on: "http://localhost:8880"
working-directory: ./frontend
- name: Display Docker container logs for debugging
if: failure()
run: docker logs monitorenv_backend
timeout-minutes: 30
e2e_multi_windows_test:
name: Run E2E multi windows tests
needs: [ version, build ]
runs-on: ubuntu-22.04
if: false
env:
ACTIONS_ALLOW_UNSECURE_COMMANDS: true
ENV_PROFILE: ${{needs.version.outputs.ENV_PROFILE}}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
MONITORENV_VERSION: ${{ needs.version.outputs.VERSION }}
VERSION: ${{needs.version.outputs.VERSION}}
PUPPETEER_SKIP_DOWNLOAD: "true"
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: browser-actions/setup-chrome@v1
with:
chrome-version: 120
- name: Download image
uses: ishworkh/[email protected]
with:
image: monitorenv-app:${{ env.VERSION }}
- name: Setup Node.js
uses: actions/setup-node@v4
with:
cache: npm
cache-dependency-path: ./frontend/package-lock.json
node-version: 20
- name: Install Node.js dependencies
run: npm ci
working-directory: ./frontend
- name: Install Firefox
run: npx puppeteer browsers install firefox
- name: Run docker images
run: |
make test-init-infra-env
make test-run-infra-for-frontend
until $(curl --output /dev/null --silent --fail "http://localhost:8081/geoserver/wfs?service=WFS&version=1.1.0&request=GetFeature&typename=monitorenv:regulations&outputFormat=application/json&CQL_FILTER=topic=%27Ouest%20Cotentin%20Bivalves%27%20AND%20zone=%27Praires%20Ouest%20cotentin%27"); do printf '.'; sleep 5; done;
- name: Run multi-windows tests
run: npm run test:multi-windows:run
working-directory: ./frontend
timeout-minutes: 30
generate_and_upload_source_maps:
name: Generate and upload source maps to Sentry
needs: [ version, build, unit_test_backend, unit_test_frontend, e2e_test ]
runs-on: ubuntu-22.04
env:
VERSION: ${{ needs.version.outputs.VERSION }}
SENTRY_URL: ${{ secrets.SENTRY_URL }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 100
- name: Download image
uses: ishworkh/[email protected]
with:
image: monitorenv-app:${{ env.VERSION }}
- name: Extract frontend build files
run: |
docker create --name monitorenv-temp monitorenv-app:${{ env.VERSION }}
docker cp monitorenv-temp:/home/monitorenv/public/assets ./frontend_build
docker rm monitorenv-temp
- name: Generate and upload source maps to Sentry
uses: getsentry/action-release@v1
with:
environment: ${{ needs.version.outputs.ENV_PROFILE }}
version: ${{ env.VERSION }}
sourcemaps: ./frontend_build
ignore_missing: true
ignore_empty: true
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
SENTRY_URL: ${{ secrets.SENTRY_URL }}
timeout-minutes: 30
push_to_registry:
name: Push to registry
needs: [ version, unit_test_backend, unit_test_frontend, e2e_test, generate_and_upload_source_maps ]
# needs: [version, e2e_test, e2e_multi_windows_test, unit_test_frontend, e2e_test]
runs-on: ubuntu-22.04
if: startsWith(github.ref, 'refs/heads/dependabot') == false
env:
ACTIONS_ALLOW_UNSECURE_COMMANDS: true
ENV_PROFILE: ${{needs.version.outputs.ENV_PROFILE}}
VERSION: ${{needs.version.outputs.VERSION}}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Download image
uses: ishworkh/[email protected]
with:
image: monitorenv-app:${{ env.VERSION }}
- name: Push docker image to registry
run: |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${GITHUB_ACTOR} --password-stdin
make docker-tag-app
make docker-push-app
timeout-minutes: 30