Merge pull request #499 from USEPA/develop #99
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is a basic workflow to help you get started with Actions | |
| name: Staging Deploy | |
| # Controls when the workflow will run | |
| on: | |
| # Triggers the workflow on push or pull request events but only for the staging branch | |
| push: | |
| branches: [staging] | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| # Set default working directory for all jobs to /app | |
| defaults: | |
| run: | |
| working-directory: ./app | |
| # A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
| jobs: | |
| build: | |
| # The type of runner that the job will run on | |
| runs-on: ubuntu-latest | |
| environment: staging | |
| # Set environment variables | |
| env: | |
| APP_NAME: csb-staging | |
| CLOUD_SPACE: staging | |
| CF_ORG: epa-avert | |
| CF_SPACE: csb-staging | |
| CF_USER_STAGING: ${{ secrets.CF_USER_STAGING }} | |
| CF_PASSWORD_STAGING: ${{ secrets.CF_PASSWORD_STAGING }} | |
| SERVER_URL: https://app-stage.app.cloud.gov/csb | |
| SERVER_BASE_PATH: /csb | |
| SAML_LOGIN_URL: ${{ secrets.SAML_LOGIN_URL }} | |
| SAML_LOGOUT_URL: ${{ secrets.SAML_LOGOUT_URL }} | |
| SAML_ENTITY_ID: ${{ secrets.SAML_ENTITY_ID }} | |
| SAML_IDP_CERT: ${{ secrets.SAML_IDP_CERT }} | |
| SAML_PUBLIC_KEY: ${{ secrets.SAML_PUBLIC_KEY }} | |
| SAML_PRIVATE_KEY: ${{ secrets.SAML_PRIVATE_KEY }} | |
| JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }} | |
| JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }} | |
| CSB_REBATE_YEAR: 2024 | |
| CSB_2022_FRF_OPEN: true | |
| CSB_2022_PRF_OPEN: true | |
| CSB_2022_CRF_OPEN: true | |
| CSB_2023_FRF_OPEN: true | |
| CSB_2023_PRF_OPEN: true | |
| CSB_2023_CRF_OPEN: true | |
| CSB_2024_FRF_OPEN: true | |
| CSB_2024_PRF_OPEN: true | |
| CSB_2024_CRF_OPEN: true | |
| FORMIO_2022_FRF_PATH: ${{ secrets.FORMIO_2022_FRF_PATH }} | |
| FORMIO_2022_PRF_PATH: ${{ secrets.FORMIO_2022_PRF_PATH }} | |
| FORMIO_2022_CRF_PATH: ${{ secrets.FORMIO_2022_CRF_PATH }} | |
| FORMIO_2023_FRF_PATH: ${{ secrets.FORMIO_2023_FRF_PATH }} | |
| FORMIO_2023_PRF_PATH: ${{ secrets.FORMIO_2023_PRF_PATH }} | |
| FORMIO_2023_CRF_PATH: ${{ secrets.FORMIO_2023_CRF_PATH }} | |
| FORMIO_2023_CHANGE_PATH: ${{ secrets.FORMIO_2023_CHANGE_PATH }} | |
| FORMIO_2024_FRF_PATH: ${{ secrets.FORMIO_2024_FRF_PATH }} | |
| FORMIO_2024_PRF_PATH: ${{ secrets.FORMIO_2024_PRF_PATH }} | |
| FORMIO_2024_CRF_PATH: ${{ secrets.FORMIO_2024_CRF_PATH }} | |
| FORMIO_2024_CHANGE_PATH: ${{ secrets.FORMIO_2024_CHANGE_PATH }} | |
| FORMIO_BASE_URL: ${{ secrets.FORMIO_BASE_URL }} | |
| FORMIO_PROJECT_NAME: ${{ secrets.FORMIO_PROJECT_NAME }} | |
| FORMIO_API_KEY: ${{ secrets.FORMIO_API_KEY }} | |
| FORMIO_PKG_AUTH_TOKEN: ${{ secrets.FORMIO_PKG_AUTH_TOKEN }} | |
| BAP_CLIENT_ID: ${{ secrets.BAP_CLIENT_ID }} | |
| BAP_CLIENT_SECRET: ${{ secrets.BAP_CLIENT_SECRET }} | |
| BAP_URL: ${{ secrets.BAP_URL }} | |
| BAP_USER: ${{ secrets.BAP_USER }} | |
| BAP_PASSWORD: ${{ secrets.BAP_PASSWORD }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.S3_PUBLIC_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.S3_PUBLIC_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: ${{ secrets.S3_PUBLIC_REGION }} | |
| S3_PUBLIC_BUCKET: ${{ secrets.S3_PUBLIC_BUCKET }} | |
| # Steps represent a sequence of tasks that will be executed as part of the job | |
| steps: | |
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
| - uses: actions/checkout@v4 | |
| # Set up node and npm | |
| - uses: actions/setup-node@master | |
| # Run front-end processes (install, lint, test, bundle) | |
| - name: Cache node modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/client/.npm | |
| key: v1-npm-client-deps-${{ hashFiles('**/client/package-lock.json') }} | |
| restore-keys: v1-npm-client-deps- | |
| - name: Add Formio private package repo auth token | |
| run: echo "//pkg.form.io/:_authToken=${FORMIO_PKG_AUTH_TOKEN}" > .npmrc | |
| working-directory: app/client | |
| - name: Install client app dependencies | |
| run: npm install | |
| working-directory: app/client | |
| - name: Build client app and move files to server app | |
| run: | | |
| VITE_SERVER_BASE_PATH="$SERVER_BASE_PATH" \ | |
| VITE_CLOUD_SPACE="$CLOUD_SPACE" \ | |
| VITE_FORMIO_BASE_URL="$FORMIO_BASE_URL" \ | |
| VITE_FORMIO_PROJECT_NAME="$FORMIO_PROJECT_NAME" \ | |
| npm run build | |
| rm ../server/app/public/index.html | |
| cd build | |
| mv * ../../server/app/public | |
| working-directory: app/client | |
| # Run CloudFoundry/Cloud.gov deployment | |
| - name: Set up Cloud Foundry CLI | |
| run: | | |
| curl -v -L -o cf-cli_amd64.deb 'https://cli.run.pivotal.io/stable?release=debian64&version=v7&source=github' | |
| sudo dpkg -i cf-cli_amd64.deb | |
| cf -v | |
| cf api https://api.fr.cloud.gov | |
| cf auth "$CF_USER_STAGING" "$CF_PASSWORD_STAGING" | |
| cf target -o "$CF_ORG" -s "$CF_SPACE" | |
| - name: Set application level variables | |
| run: | | |
| cf set-env $APP_NAME "CLOUD_SPACE" "$CLOUD_SPACE" > /dev/null | |
| cf set-env $APP_NAME "SERVER_URL" "$SERVER_URL" > /dev/null | |
| cf set-env $APP_NAME "SERVER_BASE_PATH" "$SERVER_BASE_PATH" > /dev/null | |
| cf set-env $APP_NAME "SAML_LOGIN_URL" "$SAML_LOGIN_URL" > /dev/null | |
| cf set-env $APP_NAME "SAML_LOGOUT_URL" "$SAML_LOGOUT_URL" > /dev/null | |
| cf set-env $APP_NAME "SAML_ENTITY_ID" "$SAML_ENTITY_ID" > /dev/null | |
| cf set-env $APP_NAME "SAML_IDP_CERT" "$SAML_IDP_CERT" > /dev/null | |
| cf set-env $APP_NAME "SAML_PUBLIC_KEY" "$SAML_PUBLIC_KEY" > /dev/null | |
| cf set-env $APP_NAME "SAML_PRIVATE_KEY" "$SAML_PRIVATE_KEY" > /dev/null | |
| cf set-env $APP_NAME "JWT_PUBLIC_KEY" "$JWT_PUBLIC_KEY" > /dev/null | |
| cf set-env $APP_NAME "JWT_PRIVATE_KEY" "$JWT_PRIVATE_KEY" > /dev/null | |
| cf set-env $APP_NAME "CSB_REBATE_YEAR" "$CSB_REBATE_YEAR" > /dev/null | |
| cf set-env $APP_NAME "CSB_2022_FRF_OPEN" "$CSB_2022_FRF_OPEN" > /dev/null | |
| cf set-env $APP_NAME "CSB_2022_PRF_OPEN" "$CSB_2022_PRF_OPEN" > /dev/null | |
| cf set-env $APP_NAME "CSB_2022_CRF_OPEN" "$CSB_2022_CRF_OPEN" > /dev/null | |
| cf set-env $APP_NAME "CSB_2023_FRF_OPEN" "$CSB_2023_FRF_OPEN" > /dev/null | |
| cf set-env $APP_NAME "CSB_2023_PRF_OPEN" "$CSB_2023_PRF_OPEN" > /dev/null | |
| cf set-env $APP_NAME "CSB_2023_CRF_OPEN" "$CSB_2023_CRF_OPEN" > /dev/null | |
| cf set-env $APP_NAME "CSB_2024_FRF_OPEN" "$CSB_2024_FRF_OPEN" > /dev/null | |
| cf set-env $APP_NAME "CSB_2024_PRF_OPEN" "$CSB_2024_PRF_OPEN" > /dev/null | |
| cf set-env $APP_NAME "CSB_2024_CRF_OPEN" "$CSB_2024_CRF_OPEN" > /dev/null | |
| cf set-env $APP_NAME "FORMIO_2022_FRF_PATH" "$FORMIO_2022_FRF_PATH" > /dev/null | |
| cf set-env $APP_NAME "FORMIO_2022_PRF_PATH" "$FORMIO_2022_PRF_PATH" > /dev/null | |
| cf set-env $APP_NAME "FORMIO_2022_CRF_PATH" "$FORMIO_2022_CRF_PATH" > /dev/null | |
| cf set-env $APP_NAME "FORMIO_2023_FRF_PATH" "$FORMIO_2023_FRF_PATH" > /dev/null | |
| cf set-env $APP_NAME "FORMIO_2023_PRF_PATH" "$FORMIO_2023_PRF_PATH" > /dev/null | |
| cf set-env $APP_NAME "FORMIO_2023_CRF_PATH" "$FORMIO_2023_CRF_PATH" > /dev/null | |
| cf set-env $APP_NAME "FORMIO_2023_CHANGE_PATH" "$FORMIO_2023_CHANGE_PATH" > /dev/null | |
| cf set-env $APP_NAME "FORMIO_2024_FRF_PATH" "$FORMIO_2024_FRF_PATH" > /dev/null | |
| cf set-env $APP_NAME "FORMIO_2024_PRF_PATH" "$FORMIO_2024_PRF_PATH" > /dev/null | |
| cf set-env $APP_NAME "FORMIO_2024_CRF_PATH" "$FORMIO_2024_CRF_PATH" > /dev/null | |
| cf set-env $APP_NAME "FORMIO_2024_CHANGE_PATH" "$FORMIO_2024_CHANGE_PATH" > /dev/null | |
| cf set-env $APP_NAME "FORMIO_BASE_URL" "$FORMIO_BASE_URL" > /dev/null | |
| cf set-env $APP_NAME "FORMIO_PROJECT_NAME" "$FORMIO_PROJECT_NAME" > /dev/null | |
| cf set-env $APP_NAME "FORMIO_API_KEY" "$FORMIO_API_KEY" > /dev/null | |
| cf set-env $APP_NAME "BAP_CLIENT_ID" "$BAP_CLIENT_ID" > /dev/null | |
| cf set-env $APP_NAME "BAP_CLIENT_SECRET" "$BAP_CLIENT_SECRET" > /dev/null | |
| cf set-env $APP_NAME "BAP_URL" "$BAP_URL" > /dev/null | |
| cf set-env $APP_NAME "BAP_USER" "$BAP_USER" > /dev/null | |
| cf set-env $APP_NAME "BAP_PASSWORD" "$BAP_PASSWORD" > /dev/null | |
| cf set-env $APP_NAME "S3_PUBLIC_BUCKET" "$S3_PUBLIC_BUCKET" > /dev/null | |
| cf set-env $APP_NAME "S3_PUBLIC_REGION" "$AWS_DEFAULT_REGION" > /dev/null | |
| # Sync static content to public S3 bucket | |
| - name: Sync static content to S3 | |
| run: aws s3 sync . s3://$S3_PUBLIC_BUCKET/content | |
| working-directory: app/server/app/content | |
| # Set CORS configuration for public S3 bucket | |
| - name: Set S3 CORS configuration | |
| run: aws s3api put-bucket-cors --bucket $S3_PUBLIC_BUCKET --cors-configuration file://s3CORS.json | |
| working-directory: app/server/app/config | |
| # Now that client is built and included in server app, only push server app to Cloud.gov | |
| - name: Deploy application to Cloud.gov | |
| run: cf push $APP_NAME --strategy rolling -f ../manifest-staging.yml -p . -t 180 | |
| working-directory: app/server |