Skip to content

Commit

Permalink
Configure gh action deployments from main
Browse files Browse the repository at this point in the history
- Implement client code quality checks on pull requests and pulls onto main
- Implement deployments to client and server environments of qa,
  staging, and production
- Make deployments depend on successful code quality checks
- Modify msal environment variable check to specify which variable is
  missing

closes #1520
  • Loading branch information
TangoYankee committed Sep 17, 2024
1 parent 6d0a38b commit 0993368
Show file tree
Hide file tree
Showing 6 changed files with 274 additions and 34 deletions.
Original file line number Diff line number Diff line change
@@ -1,21 +1,22 @@
name: Build
name: 🚧 Run code quality checks

on:
push:
branches:
- master
- develop
- main
pull_request:

jobs:
test:
name: Tests
test-client:
name: 🧪 Test client code
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
with:
sparse-checkout: client
- uses: actions/setup-node@v1
with:
node-version: 12.x
node-version: 14.x
- name: install dependencies
run: yarn install --frozen-lockfile --non-interactive
working-directory: client
Expand Down
89 changes: 89 additions & 0 deletions .github/workflows/production.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
name: 🌠 Deploy api to production

on: workflow_dispatch

jobs:
deploy-server:
name: 🚀 Deploy server
environment:
name: production
url: https://zap-api.nycplanningdigital.com
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
sparse-checkout: server
- uses: akhileshns/[email protected]
name: Deploy server to Heroku
with:
heroku_email: ${{secrets.HEROKU_EMAIL}}
heroku_api_key: ${{secrets.HEROKU_API_KEY}}
heroku_app_name: ${{ vars.HEROKU_APP_NAME }}
team: ${{secrets.HEROKU_TEAM}}
appdir: server
env:
HD_ADO_PRINCIPAL: ${{secrets.ADO_PRINCIPAL}}
HD_AIRTABLE_API_KEY: ${{ secrets.AIRTABLE_API_KEY }}
HD_AUTHORITY_HOST_URL: ${{secrets.AUTHORITY_HOST_URL}}
HD_CLIENT_ID: ${{secrets.CLIENT_ID}}
HD_CLIENT_SECRET: ${{secrets.CLIENT_SECRET}}
HD_CRM_ADMIN_SERVICE_USER: ${{secrets.CRM_ADMIN_SERVICE_USER}}
HD_CRM_HOST: ${{secrets.CRM_HOST}}
HD_CRM_SIGNING_SECRET: ${{secrets.CRM_SIGNING_SECRET}}
HD_CRM_URL_PATH: ${{secrets.CRM_URL_PATH}}
HD_GITHUB_ACCESS_TOKEN: ${{secrets.FEEDBACK_GITHUB_ACCESS_TOKEN}}
HD_NEW_RELIC_LICENSE_KEY: ${{ secrets.NEW_RELIC_LICENSE_KEY }}
HD_NEW_RELIC_LOG: ${{ secrets.NEW_RELIC_LOG }}
HD_NODE_ENV: ${{ vars.NODE_ENV }}
HD_NPM_CONFIG_PRODUCTION: ${{ vars.NPM_CONFIG_PRODUCTION }}
HD_NYCID_CONSOLE_PASSWORD: ${{secrets.NYCID_CONSOLE_PASSWORD}}
HD_PAPERTRAIL_API_TOKEN: ${{ secrets.PAPERTRAIL_API_TOKEN }}
HD_RECAPTCHA_SECRET_KEY: ${{secrets.RECAPTCHA_SECRET_KEY}}
HD_RECAPTCHA_SITE_KEY: ${{secrets.RECAPTCHA_SITE_KEY}}
HD_SHAREPOINT_CLIENT_ID: ${{secrets.SHAREPOINT_CLIENT_ID}}
HD_SHAREPOINT_CLIENT_SECRET: ${{secrets.SHAREPOINT_CLIENT_SECRET}}
HD_SHAREPOINT_CRM_SITE: ${{secrets.SHAREPOINT_CRM_SITE}}
HD_SHAREPOINT_SITE_ID: ${{secrets.SHAREPOINT_SITE_ID}}
HD_SHAREPOINT_TARGET_HOST: ${{secrets.SHAREPOINT_TARGET_HOST}}
HD_SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
HD_TENANT_ID: ${{secrets.TENANT_ID}}
HD_TOKEN_PATH: ${{secrets.TOKEN_PATH}}
HD_USER_API_KEY: ${{ secrets.USER_API_KEY }}
deploy-client:
name: 🛫 Deploy client
needs: deploy-server
environment:
name: production
url: https://zap.planninglabs.nyc
runs-on: ubuntu-latest
env:
HOST: ${{ vars.ZAP_API_HOST }}
NYCID_CLIENT_ID: ${{ vars.NYCID_CLIENT_ID }}
NYC_ID_HOST: ${{ vars.NYC_ID_HOST }}
MAINTENANCE_START: ${{ vars.MAINTENANCE_START }}
MAINTENANCE_END: ${{ vars.MAINTENANCE_END }}
steps:
- uses: actions/checkout@v4
with:
sparse-checkout: client
- name: Setup node
uses: actions/setup-node@v4
with:
node-version: 14.x
- name: Install application dependencies
working-directory: client
run: yarn install --immutable --immutable-cache --check-cache
- name: Build client
working-directory: client
run: yarn run build --environment=production
- name: Install netlify
# Use npm over yarn because yarn was not respecting the exact version of a dependency
run: npm i -g [email protected]
- name: Deploy client to Netlify
run: |
netlify deploy \
--dir client/dist \
--site ${{secrets.NETLIFY_SITE_ID}} \
--auth ${{secrets.NETLIFY_AUTH_TOKEN}} \
--message "${{ github.event.head_commit.message }}"
--prod
83 changes: 83 additions & 0 deletions .github/workflows/qa.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
name: 🕵️ Deploy to quality assurance

on: workflow_dispatch

jobs:
deploy-server:
name: 🚀 Deploy server
environment:
name: qa
url: https://qa-zap-api.nycplanningdigital.com
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
sparse-checkout: server
- uses: akhileshns/[email protected]
name: Deploy server to Heroku
with:
heroku_email: ${{secrets.HEROKU_EMAIL}}
heroku_api_key: ${{secrets.HEROKU_API_KEY}}
heroku_app_name: ${{ vars.HEROKU_APP_NAME }}
team: ${{secrets.HEROKU_TEAM}}
appdir: server
env:
HD_ADO_PRINCIPAL: ${{secrets.ADO_PRINCIPAL}}
HD_AIRTABLE_API_KEY: ${{ secrets.AIRTABLE_API_KEY }}
HD_AUTHORITY_HOST_URL: ${{secrets.AUTHORITY_HOST_URL}}
HD_CLIENT_ID: ${{secrets.CLIENT_ID}}
HD_CLIENT_SECRET: ${{secrets.CLIENT_SECRET}}
HD_CRM_ADMIN_SERVICE_USER: ${{secrets.CRM_ADMIN_SERVICE_USER}}
HD_CRM_HOST: ${{secrets.CRM_HOST}}
HD_CRM_SIGNING_SECRET: ${{secrets.CRM_SIGNING_SECRET}}
HD_CRM_URL_PATH: ${{secrets.CRM_URL_PATH}}
HD_NYCID_CONSOLE_PASSWORD: ${{secrets.NYCID_CONSOLE_PASSWORD}}
HD_PAPERTRAIL_API_TOKEN: ${{ secrets.PAPERTRAIL_API_TOKEN }}
HD_RECAPTCHA_SECRET_KEY: ${{secrets.RECAPTCHA_SECRET_KEY}}
HD_RECAPTCHA_SITE_KEY: ${{secrets.RECAPTCHA_SITE_KEY}}
HD_SHAREPOINT_CLIENT_ID: ${{secrets.SHAREPOINT_CLIENT_ID}}
HD_SHAREPOINT_CLIENT_SECRET: ${{secrets.SHAREPOINT_CLIENT_SECRET}}
HD_SHAREPOINT_CRM_SITE: ${{secrets.SHAREPOINT_CRM_SITE}}
HD_SHAREPOINT_SITE_ID: ${{secrets.SHAREPOINT_SITE_ID}}
HD_SHAREPOINT_TARGET_HOST: ${{secrets.SHAREPOINT_TARGET_HOST}}
HD_SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
HD_TENANT_ID: ${{secrets.TENANT_ID}}
HD_TOKEN_PATH: ${{secrets.TOKEN_PATH}}
deploy-client:
name: 🛫 Deploy client
needs: deploy-server
environment:
name: staging
url: https://staging--labs-zap.netlify.app
runs-on: ubuntu-latest
env:
HOST: ${{ vars.ZAP_API_HOST }}
NYCID_CLIENT_ID: ${{ vars.NYCID_CLIENT_ID }}
NYC_ID_HOST: ${{ vars.NYC_ID_HOST }}
MAINTENANCE_START: ${{ vars.MAINTENANCE_START }}
MAINTENANCE_END: ${{ vars.MAINTENANCE_END }}
steps:
- uses: actions/checkout@v4
with:
sparse-checkout: client
- name: Setup node
uses: actions/setup-node@v4
with:
node-version: 14.x
- name: Install application dependencies
working-directory: client
run: yarn install --immutable --immutable-cache --check-cache
- name: Build client
working-directory: client
run: yarn run build --environment=production
- name: Install netlify
# Use npm over yarn because yarn was not respecting the exact version of a dependency
run: npm i -g [email protected]
- name: Deploy client to Netlify
run: |
netlify deploy \
--dir client/dist \
--alias ${{github.ref_name}}_${{github.sha}} \
--site ${{secrets.NETLIFY_SITE_ID}} \
--auth ${{secrets.NETLIFY_AUTH_TOKEN}} \
--message "${{ github.event.head_commit.message }}"
89 changes: 89 additions & 0 deletions .github/workflows/staging.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
name: 🎭 Deploy to staging

on:
push:
branches:
- main

jobs:
deploy-server:
name: 🚀 Deploy server
environment:
name: staging
url: https://staging-zap-api.nycplanningdigital.com
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: 'main'
sparse-checkout: server
- uses: akhileshns/[email protected]
name: Deploy server to Heroku
with:
heroku_email: ${{secrets.HEROKU_EMAIL}}
heroku_api_key: ${{secrets.HEROKU_API_KEY}}
heroku_app_name: ${{ vars.HEROKU_APP_NAME }}
team: ${{secrets.HEROKU_TEAM}}
appdir: server
env:
HD_ADO_PRINCIPAL: ${{secrets.ADO_PRINCIPAL}}
HD_AIRTABLE_API_KEY: ${{ secrets.AIRTABLE_API_KEY }}
HD_AUTHORITY_HOST_URL: ${{secrets.AUTHORITY_HOST_URL}}
HD_CLIENT_ID: ${{secrets.CLIENT_ID}}
HD_CLIENT_SECRET: ${{secrets.CLIENT_SECRET}}
HD_CRM_ADMIN_SERVICE_USER: ${{secrets.CRM_ADMIN_SERVICE_USER}}
HD_CRM_HOST: ${{secrets.CRM_HOST}}
HD_CRM_SIGNING_SECRET: ${{secrets.CRM_SIGNING_SECRET}}
HD_CRM_URL_PATH: ${{secrets.CRM_URL_PATH}}
HD_NYCID_CONSOLE_PASSWORD: ${{secrets.NYCID_CONSOLE_PASSWORD}}
HD_PAPERTRAIL_API_TOKEN: ${{ secrets.PAPERTRAIL_API_TOKEN }}
HD_RECAPTCHA_SECRET_KEY: ${{secrets.RECAPTCHA_SECRET_KEY}}
HD_RECAPTCHA_SITE_KEY: ${{secrets.RECAPTCHA_SITE_KEY}}
HD_SHAREPOINT_CLIENT_ID: ${{secrets.SHAREPOINT_CLIENT_ID}}
HD_SHAREPOINT_CLIENT_SECRET: ${{secrets.SHAREPOINT_CLIENT_SECRET}}
HD_SHAREPOINT_CRM_SITE: ${{secrets.SHAREPOINT_CRM_SITE}}
HD_SHAREPOINT_SITE_ID: ${{secrets.SHAREPOINT_SITE_ID}}
HD_SHAREPOINT_TARGET_HOST: ${{secrets.SHAREPOINT_TARGET_HOST}}
HD_SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
HD_TENANT_ID: ${{secrets.TENANT_ID}}
HD_TOKEN_PATH: ${{secrets.TOKEN_PATH}}
deploy-client:
name: 🛫 Deploy client
needs: deploy-server
environment:
name: staging
url: https://staging--labs-zap.netlify.app
runs-on: ubuntu-latest
env:
HOST: ${{ vars.ZAP_API_HOST }}
NYCID_CLIENT_ID: ${{ vars.NYCID_CLIENT_ID}}
NYC_ID_HOST: ${{ vars.NYC_ID_HOST}}
MAINTENANCE_START: ${{ vars.MAINTENANCE_START }}
MAINTENANCE_END: ${{ vars.MAINTENANCE_END }}
steps:
- uses: actions/checkout@v4
with:
ref: 'main'
sparse-checkout: client
- name: Setup node
uses: actions/setup-node@v4
with:
node-version: 14.x
- name: Install application dependencies
working-directory: client
run: yarn install --immutable --immutable-cache --check-cache
- name: Build client
working-directory: client
run: yarn run build --environment=production
- name: Install netlify
# Use npm over yarn because yarn was not respecting the exact version of a dependency
run: npm i -g [email protected]
- name: Deploy client to Netlify
run: |
netlify deploy \
--dir client/dist \
--alias staging \
--site ${{secrets.NETLIFY_SITE_ID}} \
--auth ${{secrets.NETLIFY_AUTH_TOKEN}} \
--message "${{ github.event.head_commit.message }}"
19 changes: 0 additions & 19 deletions netlify.toml

This file was deleted.

13 changes: 5 additions & 8 deletions server/src/provider/msal.provider.ts
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,11 @@ export const MsalProvider: FactoryProvider<MsalProviderType> = {
"SHAREPOINT_CLIENT_SECRET"
);
const siteId: string | undefined = config.get("SHAREPOINT_SITE_ID");
if (
tenantId === undefined ||
clientId === undefined ||
clientSecret === undefined ||
siteId === undefined
) {
throw new Error("Missing SharePoint credential");
}

if(tenantId === undefined) throw new Error("Missing tenant id");
if(clientId === undefined) throw new Error("Missing sharepoint client id");
if(clientSecret === undefined) throw new Error("Missing sharepoint client secret");
if(siteId === undefined) throw new Error("Missing sharepoint site id");

const cca = new msal.ConfidentialClientApplication({
auth: {
Expand Down

0 comments on commit 0993368

Please sign in to comment.