added a view to confirm a settlement request, added tests and added s… #1864

Workflow file for this run

	name: CI

	on:
	push:
	branches-ignore:
	- 'dependabot/**'
	tags:
	- 'v*'
	pull_request:
	branches-ignore:
	- 'dependabot/**'
	workflow_dispatch:

	concurrency:
	group: ci-${{ github.head_ref }}
	cancel-in-progress: true

	jobs:
	test-cgl:
	name: Coding Guidelines Check
	runs-on: ubuntu-latest
	continue-on-error: false
	env:
	PHP_CS_FIXER_FUTURE_MODE: 1
	steps:
	- uses: actions/checkout@v3
	- name: Setup PHP environment
	uses: shivammathur/setup-php@v2
	with:
	php-version: '7.4'
	tools: composer:v2
	- name: Check code formatting with PHP-CS-Fixer
	run: \|
	rm composer.json composer.lock
	composer require friendsofphp/php-cs-fixer:3.4
	vendor/bin/php-cs-fixer fix --config=.php-cs-fixer.dist --diff --dry-run -v

	lint:
	name: FE Asset Linting
	runs-on: ubuntu-latest
	continue-on-error: false
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	- name: Cache node_modules
	uses: actions/cache@v3
	with:
	path: '**/node_modules'
	key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
	- name: Install npm packages
	working-directory: ./src/Resources
	run: yarn install
	- name: Run FE linters
	working-directory: ./src/Resources
	run: yarn lint

	phpmd:
	name: PHPMD
	runs-on: ubuntu-latest
	continue-on-error: true
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Setup PHP environment
	uses: shivammathur/setup-php@v2
	with:
	coverage: none
	tools: phpmd
	- name: Run PHPMD
	run: phpmd src github ./phpmd.xml --baseline-file ./phpmd.baseline.xml --exclude /Tests/

	psalm:
	name: Static Code Analysis
	runs-on: ubuntu-latest
	continue-on-error: false
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Setup PHP environment
	uses: shivammathur/setup-php@v2
	with:
	php-version: '7.4'
	tools: composer
	- name: Run composer install
	run: composer install -n --prefer-dist
	- name: Run Psalm
	run: ./vendor/bin/psalm

	testFrontendUnitFunctional:
	name: Run frontend unit- and functional-tests
	runs-on: ubuntu-latest
	continue-on-error: false
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	- name: Cache node_modules
	uses: actions/cache@v3
	with:
	path: '**/node_modules'
	key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
	- name: Install npm packages
	working-directory: ./src/Resources
	run: yarn install
	- name: Run FE jest suite
	working-directory: ./src/Resources
	run: yarn test

	buildImages:
	name: Build Docker Images
	runs-on: ubuntu-latest
	needs: [test-cgl, psalm]
	steps:
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v2
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2
	- name: Checkout
	uses: actions/checkout@v3
	with:
	fetch-depth: 10
	- name: Prepare build
	run: \|
	mkdir -p /tmp/docker/buildx
	git log -n 10 --date=short --format=format:"%C(auto)%h %ad @%al %s" >> public/changelog.txt
	- name: Setup docker build caches
	uses: actions/cache@v3
	with:
	key: ${{ runner.os }}-buildx
	path: /tmp/docker/buildx
	- name: Login to DockerHub
	uses: docker/login-action@v2
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_PASSWORD }}
	# Production image
	- name: Get Docker meta for production image
	id: meta
	uses: docker/metadata-action@v4
	with:
	images: aoepeople/meals
	tags: \|
	type=sha
	type=ref,event=branch
	type=semver,pattern={{version}}
	type=semver,pattern={{major}}.{{minor}}
	type=edge,branch=master
	- name: Build and push production image
	id: build_latest
	uses: docker/build-push-action@v4
	with:
	context: .
	push: false
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}
	cache-from: \|
	aoepeople/meals:edge
	type=local,src=/tmp/docker/buildx
	cache-to: type=local,dest=/tmp/docker/buildx
	outputs: type=docker,dest=/tmp/docker/app.tar
	# Development image
	- name: Get Docker meta for development
	id: devmeta
	uses: docker/metadata-action@v4
	with:
	images: aoepeople/meals
	flavor: \|
	suffix=-dev
	tags: \|
	type=sha
	type=ref,event=branch
	- name: Build and push development image
	id: build_dev
	uses: docker/build-push-action@v4
	with:
	file: Dockerfile
	push: false
	tags: ${{ steps.devmeta.outputs.tags }}
	labels: ${{ steps.devmeta.outputs.labels }}
	build-args: \|
	BUILD_DEV="true"
	cache-from: \|
	aoepeople/meals:edge-dev
	type=local,src=/tmp/docker/buildx
	cache-to: type=local,dest=/tmp/docker/buildx
	outputs: type=docker,dest=/tmp/docker/dev.tar
	# Upload artifacts
	- name: Upload docker images
	uses: actions/upload-artifact@v3
	with:
	name: docker-images
	path: /tmp/docker/*.tar
	outputs:
	image: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
	images: ${{ join(steps.meta.outputs.tags, ' ') }}
	imageDev: ${{ fromJSON(steps.devmeta.outputs.json).tags[0] }}
	imagesDev: ${{ join(steps.devmeta.outputs.tags, ' ') }}

	testBackendUnitFunctional:
	name: Run backend unit- and functional-tests
	needs: [ buildImages ]
	runs-on: ubuntu-latest
	env:
	SERVICE: app # use `dev` to enable xdebug and code coverage
	IMAGE_APP: ${{ needs.buildImages.outputs.image }}
	IMAGE_DEV: ${{ needs.buildImages.outputs.imageDev }}
	COMPOSE_INTERACTIVE_NO_CLI: true
	steps:
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2
	- uses: actions/checkout@v3
	- name: Download docker images
	uses: actions/download-artifact@v3
	with:
	name: docker-images
	path: /tmp/docker
	- name: Import docker image
	run: \|
	docker load --input /tmp/docker/app.tar
	docker load --input /tmp/docker/dev.tar
	docker image ls -a \| grep aoepeople
	- name: Test with docker compose
	run: \|
	mkdir build
	docker-compose -f docker-compose-test.yaml up --abort-on-container-exit
	docker-compose -f docker-compose-test.yaml down --remove-orphans
	- name: Upload coverage report artifact
	uses: actions/upload-artifact@v3
	if: always()
	with:
	name: reports
	path: build/artifacts/qa/
	- name: Publish unit-test results
	uses: mikepenz/action-junit-report@v3
	if: always()
	with:
	report_paths: 'build/artifacts/qa/*.xml'

	publish:
	name: Publish
	if: ${{ github.ref == 'refs/heads/master' \|\| startsWith(github.ref, 'refs/tags/v') }}
	needs: [ buildImages, testBackendUnitFunctional, testFrontendUnitFunctional ]
	runs-on: ubuntu-latest
	env:
	IMAGES_APP: ${{ needs.buildImages.outputs.images }}
	IMAGES_DEV: ${{ needs.buildImages.outputs.imagesDev }}
	steps:
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2
	- name: Login to DockerHub
	uses: docker/login-action@v2
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_PASSWORD }}
	- name: Download docker images
	uses: actions/download-artifact@v3
	with:
	name: docker-images
	path: /tmp/docker
	- name: Import docker image
	run: \|
	docker load --input /tmp/docker/app.tar
	docker load --input /tmp/docker/dev.tar
	docker image ls -a \| grep aoepeople
	- name: Deploy images
	run: \|
	for tag in $IMAGES_APP; do
	if [[ $tag = sha- ]]; then
	continue;
	fi
	docker push $tag;
	done

	for tag in $IMAGES_DEV; do
	if [[ $tag = sha- ]]; then
	continue;
	fi
	docker push $tag;
	done
	- name: Image digest
	id: image_digest
	env:
	IMAGE: ${{ needs.buildImages.outputs.image }}
	run: \|
	docker pull $IMAGE
	echo "digest=$(docker inspect $IMAGE \| jq -r '.[0].RepoDigests[0]' \| cut -d'@' -f2)" >> $GITHUB_OUTPUT
	- name: Delete docker image artifact
	uses: geekyeggo/delete-artifact@v1
	with:
	name: docker-images
	outputs:
	imageDigest: ${{ steps.image_digest.outputs.digest }}

	snyk:
	name: Scan vulnerabilities
	if: ${{ github.ref == 'refs/heads/master' \|\| startsWith(github.ref, 'refs/tags/v') }}
	needs: [ publish, buildImages ]
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Run Snyk to check Docker image for vulnerabilities
	# Snyk can be used to break the build when it detects vulnerabilities.
	# In this case we want to upload the issues to GitHub Code Scanning
	continue-on-error: true
	uses: snyk/actions/docker@master
	env:
	# In order to use the Snyk Action you will need to have a Snyk API token.
	# More details in https://github.com/snyk/actions#getting-your-snyk-token
	# or you can signup for free at https://snyk.io/login
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	image: ${{ needs.buildImages.outputs.image }}
	args: --file=Dockerfile
	- name: Upload result to GitHub Code Scanning
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: snyk.sarif

	deploy:
	name: Deploy and notify
	needs: [ publish, buildImages ]
	runs-on: ubuntu-latest
	steps:
	- name: Deploy to staging environment
	env:
	IMAGE_TAG: ${{ needs.buildImages.outputs.image }}
	IMAGE_DIGEST: ${{ needs.publish.outputs.imageDigest }}
	GITLAB_K8S_IT_TRIGGER: ${{ secrets.GITLAB_K8S_IT_TRIGGER }}
	run: \|
	curl -X POST \
	-F "ref=develop" \
	-F "variables[IMAGE_TAG]=$IMAGE_TAG" \
	-F "variables[IMAGE_DIGEST]=$IMAGE_DIGEST" \
	-F "token=$GITLAB_K8S_IT_TRIGGER" \
	https://gitlab.aoe.com/api/v4/projects/2872/trigger/pipeline
	- name: Notify team
	env:
	COMMIT_MSG: ${{ github.event.head_commit.message }}
	MATTERMOST_HOOK_URL: ${{ secrets.MATTERMOST_HOOK_URL }}
	run: \|
	curl --silent -i -X POST -H 'Content-Type: application/json' \
	-d '{"text": "Triggered deployment of `meals-staging.aoe.com@'"$GITHUB_SHA"'`\n> '"$COMMIT_MSG"'"}' \
	$MATTERMOST_HOOK_URL

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

added a view to confirm a settlement request, added tests and added s… #1864

Workflow file

added a view to confirm a settlement request, added tests and added s… #1864

Jobs

Run details

Workflow file for this run