Bump selenium-webdriver from 4.2.0 to 4.14.0 (#200) #153
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI and CD | |
| on: | |
| pull_request: | |
| push: | |
| branches: | |
| - main | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| env: | |
| RACK_ENV: test | |
| services: | |
| postgres: | |
| image: postgres:10.8-alpine | |
| env: | |
| POSTGRES_DB: mediators_ci_test | |
| POSTGRES_USER: postgres | |
| POSTGRES_PASSWORD: "" | |
| ports: | |
| - 5432:5432 | |
| options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Setup Ruby and install gems | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| bundler-cache: true | |
| - name: Setup test database | |
| run: | | |
| cp config/database.ci.yml config/database.yml | |
| bundle exec rake db:create | |
| bundle exec rake db:schema:load | |
| - name: Brakeman | |
| uses: reviewdog/action-brakeman@v2 | |
| with: | |
| brakeman_version: gemfile | |
| # --force required as no /app dir as expected | |
| # https://github.com/presidentbeef/brakeman/issues/67#issuecomment-4947358 | |
| brakeman_flags: --force | |
| - name: Run linters and tests | |
| run: bundle exec rake | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: test | |
| if: github.ref == 'refs/heads/main' | |
| permissions: | |
| id-token: write # This is required for requesting the JWT | |
| contents: read # This is required for actions/checkout | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Assume role in Cloud Platform | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| role-to-assume: ${{ secrets.ECR_ROLE_TO_ASSUME }} | |
| aws-region: ${{ vars.ECR_REGION }} | |
| - name: Login to container repository | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| id: login-ecr | |
| - name: Store current date | |
| run: echo "BUILD_DATE=$(date +%Y-%m-%dT%H:%M:%S%z)" >> $GITHUB_ENV | |
| - name: Store build tag | |
| run: | | |
| prefix="family" | |
| branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}} | |
| short_version=$(git rev-parse --short ${{ github.sha }}) | |
| build_tag=$prefix-$branch-$short_version | |
| echo "BUILD_TAG=$build_tag" >> $GITHUB_ENV | |
| - name: Build | |
| run: | | |
| docker build \ | |
| --build-arg BUILD_DATE=${{ env.BUILD_DATE }} \ | |
| --build-arg BUILD_TAG=${{ env.BUILD_TAG }} \ | |
| --build-arg GIT_COMMIT=${{ github.sha }} \ | |
| -t ${{ vars.ECR_URL }}:${{ github.sha }} . | |
| - name: Push to ECR | |
| run: | | |
| docker tag ${{ vars.ECR_URL }}:${{ github.sha }} ${{ vars.ECR_URL }}:staging.latest | |
| docker tag ${{ vars.ECR_URL }}:${{ github.sha }} ${{ vars.ECR_URL }}:production.latest | |
| docker push ${{ vars.ECR_URL }}:${{ github.sha }} | |
| docker push ${{ vars.ECR_URL }}:staging.latest | |
| docker push ${{ vars.ECR_URL }}:production.latest | |
| deploy-staging: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| env: | |
| KUBE_NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} | |
| steps: | |
| - name: Authenticate to the cluster | |
| env: | |
| KUBE_CERT: ${{ secrets.KUBE_CERT }} | |
| KUBE_TOKEN: ${{ secrets.KUBE_TOKEN }} | |
| KUBE_CLUSTER: ${{ secrets.KUBE_CLUSTER }} | |
| run: | | |
| echo "${KUBE_CERT}" > ca.crt | |
| kubectl config set-cluster ${KUBE_CLUSTER} --certificate-authority=./ca.crt --server=https://${KUBE_CLUSTER} | |
| kubectl config set-credentials deploy-user --token=${KUBE_TOKEN} | |
| kubectl config set-context ${KUBE_CLUSTER} --cluster=${KUBE_CLUSTER} --user=deploy-user --namespace=${KUBE_NAMESPACE} | |
| kubectl config use-context ${KUBE_CLUSTER} | |
| - name: Rollout restart deployment | |
| run: | | |
| kubectl set image -n ${KUBE_NAMESPACE} \ | |
| deployment/family-mediators-api-deployment-staging \ | |
| webapp="${{ vars.ECR_URL }}:${{ github.sha }}" | |
| deploy-production: | |
| runs-on: ubuntu-latest | |
| needs: deploy-staging | |
| environment: production | |
| env: | |
| KUBE_NAMESPACE: ${{ secrets.KUBE_PROD_NAMESPACE }} | |
| steps: | |
| - name: Authenticate to the cluster | |
| env: | |
| KUBE_CERT: ${{ secrets.KUBE_PROD_CERT }} | |
| KUBE_TOKEN: ${{ secrets.KUBE_PROD_TOKEN }} | |
| KUBE_CLUSTER: ${{ secrets.KUBE_PROD_CLUSTER }} | |
| run: | | |
| echo "${KUBE_CERT}" > ca.crt | |
| kubectl config set-cluster ${KUBE_CLUSTER} --certificate-authority=./ca.crt --server=https://${KUBE_CLUSTER} | |
| kubectl config set-credentials deploy-user --token=${KUBE_TOKEN} | |
| kubectl config set-context ${KUBE_CLUSTER} --cluster=${KUBE_CLUSTER} --user=deploy-user --namespace=${KUBE_NAMESPACE} | |
| kubectl config use-context ${KUBE_CLUSTER} | |
| - name: Rollout restart deployment | |
| run: | | |
| kubectl set image -n ${KUBE_NAMESPACE} \ | |
| deployment/family-mediators-api-deployment-production \ | |
| webapp="${{ vars.ECR_URL }}:${{ github.sha }}" |