tech: add sentry auth token env variable #5137
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD Back & Front | |
on: | |
push: | |
paths: | |
- ".github/workflows/cicd-database.yml" | |
- ".github/workflows/cicd-app.yml" | |
- "infra/**" | |
- "backend/**" | |
- "frontend/**" | |
- "Makefile" | |
- ".env*" | |
- "docker-compose.yml" | |
schedule: | |
- cron: "38 11 */3 * *" | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
version: | |
name: Set application version and env profile | |
runs-on: ubuntu-22.04 | |
outputs: | |
ENV_PROFILE: ${{ steps.env_profile.outputs.ENV_PROFILE }} | |
VERSION: ${{ steps.version.outputs.VERSION }} | |
steps: | |
- name: Get last release version | |
id: lastrelease | |
uses: pozetroninc/github-action-get-latest-release@master | |
with: | |
repository: mtes-mct/monitorenv | |
- id: step1 | |
name: Set ENV profile as dev by default | |
run: echo "ENV_PROFILE=dev" >> $GITHUB_ENV | |
- name: Set ENV profile as PROD when it is a release | |
if: startsWith(github.ref, 'refs/tags/v1') || startsWith(github.ref, 'refs/heads/v1') || startsWith(github.ref, 'refs/tags/v2') || startsWith(github.ref, 'refs/heads/v2') | |
run: echo "ENV_PROFILE=prod" >> $GITHUB_ENV | |
- id: env_profile | |
name: Set ENV profile output | |
run: ENV_PROFILE=${{ env.ENV_PROFILE }} && echo "ENV_PROFILE=$ENV_PROFILE" >> $GITHUB_OUTPUT | |
- id: version | |
name: Set VERSION env | |
run: | | |
if [ "${ENV_PROFILE}" != "prod" ]; then\ | |
if [ "${{github.ref}}" == "refs/heads/main" ]; then\ | |
export VERSION=${{ steps.lastrelease.outputs.release }}_snapshot | |
else\ | |
export REF_NAME=${{ github.ref_name }} | |
export VERSION=${REF_NAME//\//_} | |
fi | |
else\ | |
export VERSION=${{ steps.lastrelease.outputs.release }} | |
fi | |
echo $VERSION | |
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT | |
timeout-minutes: 30 | |
unit_test_backend: | |
name: Run backend unit tests | |
needs: version | |
runs-on: ubuntu-22.04 | |
env: | |
ENV_PROFILE: ${{needs.version.outputs.ENV_PROFILE}} | |
VERSION: ${{needs.version.outputs.VERSION}} | |
ACTIONS_ALLOW_UNSECURE_COMMANDS: true | |
steps: | |
- name: Show version | |
run: echo "VERSION:${{ env.VERSION }} ENV_PROFILE:${{ env.ENV_PROFILE }}" | |
- name: Setup Java JDK | |
uses: actions/[email protected] | |
with: | |
# https://github.com/actions/setup-java/blob/main/README.md#Supported-distributions | |
distribution: zulu | |
java-version: 17 | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Unit test | |
run: make test-back | |
timeout-minutes: 30 | |
unit_test_frontend: | |
name: Run frontend unit tests | |
needs: version | |
runs-on: ubuntu-22.04 | |
env: | |
PUPPETEER_SKIP_DOWNLOAD: "true" | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Node.js | |
uses: actions/setup-node@v4 | |
with: | |
cache: npm | |
cache-dependency-path: ./frontend/package-lock.json | |
node-version: 20 | |
- name: Install Node.js dependencies | |
run: npm ci | |
working-directory: ./frontend | |
- name: Lint Frontend | |
run: npm run test:lint | |
working-directory: ./frontend | |
- name: Check Frontend types | |
run: npm run test:type | |
working-directory: ./frontend | |
- name: Unit test | |
run: npm run test:unit --coverage | |
working-directory: ./frontend | |
- name: Upload coverage | |
uses: codecov/codecov-action@v5 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
verbose: true | |
working-directory: ./frontend | |
timeout-minutes: 30 | |
build: | |
name: Build and package | |
needs: version | |
runs-on: ubuntu-22.04 | |
env: | |
ENV_PROFILE: ${{needs.version.outputs.ENV_PROFILE}} | |
VERSION: ${{needs.version.outputs.VERSION}} | |
ACTIONS_ALLOW_UNSECURE_COMMANDS: true | |
steps: | |
- name: Show version | |
run: echo "VERSION:${{ env.VERSION }} ENV_PROFILE:${{ env.ENV_PROFILE }}" | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@master | |
- name: Cache Docker layers | |
uses: actions/cache@v4 | |
with: | |
path: /tmp/.buildx-cache-app | |
key: ${{ runner.os }}-single-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-single-buildx | |
- name: Build image | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
load: true | |
builder: ${{ steps.buildx.outputs.name }} | |
file: infra/docker/app/Dockerfile | |
push: false | |
tags: monitorenv-app:${{ env.VERSION }} | |
cache-from: type=local,src=/tmp/.buildx-cache-app | |
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-app-new | |
build-args: | | |
VERSION=${{ env.VERSION }} | |
ENV_PROFILE=${{ env.ENV_PROFILE }} | |
GITHUB_SHA=${{ github.sha }} | |
# Temp fix | |
# https://github.com/docker/build-push-action/issues/252 | |
# https://github.com/moby/buildkit/issues/1896 | |
- name: Move cache | |
run: | | |
rm -rf /tmp/.buildx-cache-app | |
mv /tmp/.buildx-cache-app-new /tmp/.buildx-cache-app | |
- name: Upload image to artifacts | |
uses: ishworkh/[email protected] | |
with: | |
image: monitorenv-app:${{ env.VERSION }} | |
timeout-minutes: 30 | |
e2e_test: | |
name: Run E2E tests | |
needs: [ version, build ] | |
runs-on: ubuntu-22.04 | |
strategy: | |
# when one test fails, DO NOT cancel the other | |
# containers, because this will kill Cypress processes | |
# leaving the Dashboard hanging ... | |
# https://github.com/cypress-io/github-action/issues/48 | |
fail-fast: false | |
matrix: | |
containers: [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12 ] | |
env: | |
ACTIONS_ALLOW_UNSECURE_COMMANDS: true | |
CYPRESS_PROJECT_ID: ${{ secrets.CYPRESS_PROJECT_ID }} | |
CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_RECORD_KEY }} | |
ENV_PROFILE: ${{needs.version.outputs.ENV_PROFILE}} | |
FRONTEND_GOOGLEMAPS_API_KEY: ${{ secrets.FRONTEND_GOOGLEMAPS_API_KEY }} | |
FRONTEND_SHOM_KEY: ${{ secrets.FRONTEND_SHOM_KEY }} | |
FRONTEND_MAPBOX_KEY: ${{ secrets.FRONTEND_MAPBOX_KEY }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
MONITORENV_VERSION: ${{ needs.version.outputs.VERSION }} | |
VERSION: ${{needs.version.outputs.VERSION}} | |
PUPPETEER_SKIP_DOWNLOAD: "true" | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Download image | |
uses: ishworkh/[email protected] | |
with: | |
image: monitorenv-app:${{ env.VERSION }} | |
- name: Run docker images | |
run: | | |
make test-init-infra-env | |
make test-run-infra-for-frontend | |
- name: Setup Node.js | |
uses: actions/setup-node@v4 | |
with: | |
cache: npm | |
cache-dependency-path: ./frontend/package-lock.json | |
node-version: 20 | |
- name: Setup Firefox | |
uses: browser-actions/setup-firefox@latest | |
with: | |
firefox-version: 119.0.1 | |
- name: Curl stubbed geoserver check | |
run: until $(curl --output /dev/null --silent --fail "http://localhost:8081/geoserver/wfs?service=WFS&version=1.1.0&request=GetFeature&typename=monitorenv:regulations&outputFormat=application/json&CQL_FILTER=topic=%27Ouest%20Cotentin%20Bivalves%27%20AND%20zone=%27Praires%20Ouest%20cotentin%27"); do printf '.'; sleep 5; done; | |
- uses: cypress-io/github-action@v6 | |
with: | |
browser: firefox | |
cache-key: cypress-${{ hashFiles('package-lock.json') }} | |
config-file: config/cypress.config.ts | |
env: PORT=8880 | |
install: true | |
install-command: npm ci | |
parallel: true | |
record: true | |
wait-on: "http://localhost:8880" | |
working-directory: ./frontend | |
- name: Display Docker container logs for debugging | |
if: failure() | |
run: docker logs monitorenv_backend | |
timeout-minutes: 30 | |
e2e_multi_windows_test: | |
name: Run E2E multi windows tests | |
needs: [ version, build ] | |
runs-on: ubuntu-22.04 | |
if: false | |
env: | |
ACTIONS_ALLOW_UNSECURE_COMMANDS: true | |
ENV_PROFILE: ${{needs.version.outputs.ENV_PROFILE}} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
MONITORENV_VERSION: ${{ needs.version.outputs.VERSION }} | |
VERSION: ${{needs.version.outputs.VERSION}} | |
PUPPETEER_SKIP_DOWNLOAD: "true" | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- uses: browser-actions/setup-chrome@v1 | |
with: | |
chrome-version: 120 | |
- name: Download image | |
uses: ishworkh/[email protected] | |
with: | |
image: monitorenv-app:${{ env.VERSION }} | |
- name: Setup Node.js | |
uses: actions/setup-node@v4 | |
with: | |
cache: npm | |
cache-dependency-path: ./frontend/package-lock.json | |
node-version: 20 | |
- name: Install Node.js dependencies | |
run: npm ci | |
working-directory: ./frontend | |
- name: Install Firefox | |
run: npx puppeteer browsers install firefox | |
- name: Run docker images | |
run: | | |
make test-init-infra-env | |
make test-run-infra-for-frontend | |
until $(curl --output /dev/null --silent --fail "http://localhost:8081/geoserver/wfs?service=WFS&version=1.1.0&request=GetFeature&typename=monitorenv:regulations&outputFormat=application/json&CQL_FILTER=topic=%27Ouest%20Cotentin%20Bivalves%27%20AND%20zone=%27Praires%20Ouest%20cotentin%27"); do printf '.'; sleep 5; done; | |
- name: Run multi-windows tests | |
run: npm run test:multi-windows:run | |
working-directory: ./frontend | |
timeout-minutes: 30 | |
generate_and_upload_source_maps: | |
name: Generate and upload source maps to Sentry | |
needs: [ version, build, unit_test_backend, unit_test_frontend, e2e_test ] | |
runs-on: ubuntu-22.04 | |
env: | |
VERSION: ${{ needs.version.outputs.VERSION }} | |
SENTRY_URL: ${{ secrets.SENTRY_URL }} | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
SENTRY_ORG: ${{ secrets.SENTRY_ORG }} | |
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 100 | |
- name: Download image | |
uses: ishworkh/[email protected] | |
with: | |
image: monitorenv-app:${{ env.VERSION }} | |
- name: Extract frontend build files | |
run: | | |
docker create --name monitorenv-temp monitorenv-app:${{ env.VERSION }} | |
docker cp monitorenv-temp:/home/monitorenv/public/assets ./frontend_build | |
docker rm monitorenv-temp | |
- name: Generate and upload source maps to Sentry | |
uses: getsentry/action-release@v1 | |
with: | |
environment: ${{ needs.version.outputs.ENV_PROFILE }} | |
version: ${{ env.VERSION }} | |
sourcemaps: ./frontend_build | |
ignore_missing: true | |
ignore_empty: true | |
env: | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
SENTRY_ORG: ${{ secrets.SENTRY_ORG }} | |
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} | |
SENTRY_URL: ${{ secrets.SENTRY_URL }} | |
timeout-minutes: 30 | |
push_to_registry: | |
name: Push to registry | |
needs: [ version, unit_test_backend, unit_test_frontend, e2e_test, generate_and_upload_source_maps ] | |
# needs: [version, e2e_test, e2e_multi_windows_test, unit_test_frontend, e2e_test] | |
runs-on: ubuntu-22.04 | |
if: startsWith(github.ref, 'refs/heads/dependabot') == false | |
env: | |
ACTIONS_ALLOW_UNSECURE_COMMANDS: true | |
ENV_PROFILE: ${{needs.version.outputs.ENV_PROFILE}} | |
VERSION: ${{needs.version.outputs.VERSION}} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Download image | |
uses: ishworkh/[email protected] | |
with: | |
image: monitorenv-app:${{ env.VERSION }} | |
- name: Push docker image to registry | |
run: | | |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${GITHUB_ACTOR} --password-stdin | |
make docker-tag-app | |
make docker-push-app | |
timeout-minutes: 30 |