maj mutuelle région ara. (#4794) #2099
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Continuous Deployment" | |
on: | |
workflow_dispatch: | |
push: | |
branches: [main, dev] | |
concurrency: ci-${{ github.ref }} | |
env: | |
EQUINOXE_SSH_HOST: equinoxe.mes-aides.1jeune1solution.beta.gouv.fr | |
EQUINOXE_SSH_USER: debian | |
ECLIPSE_SSH_HOST: monitor.eclipse.mes-aides.incubateur.net | |
ECLIPSE_SSH_USER: debian | |
jobs: | |
unit_testing: | |
name: Unit testing | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Cache NPM install files | |
uses: actions/cache@v4 | |
id: restore-npm-install-packages | |
with: | |
path: ~/.npm | |
key: ${{ runner.os }}-cache-npm-${{ hashFiles('**/package-lock.json') }} | |
- name: Cache node modules | |
uses: actions/cache@v4 | |
id: restore-dependencies | |
with: | |
path: node_modules | |
key: ${{ runner.os }}-cache-node-modules-${{ hashFiles('**/package-lock.json') }} | |
- name: Install dependencies | |
if: steps.restore-dependencies.outputs.cache-hit != 'true' | |
run: npm ci --prefer-offline --no-audit | |
- name: Jest | |
run: npm run test | |
deploy_equinoxe_production: | |
if: github.ref == 'refs/heads/main' | |
needs: [unit_testing] | |
name: Equinoxe Production deployment | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Production deployment | |
shell: bash | |
run: | | |
mkdir -p ~/.ssh/ | |
echo "${{ secrets.EQUINOXE_PRODUCTION_DEPLOY_KEY }}" > ~/.ssh/deployment.key | |
chmod 600 ~/.ssh/deployment.key | |
ssh -o StrictHostKeyChecking=no ${{ env.EQUINOXE_SSH_USER }}@${{ env.EQUINOXE_SSH_HOST }} -i ~/.ssh/deployment.key | |
deploy_equinoxe_preproduction: | |
if: github.ref == 'refs/heads/dev' | |
needs: [unit_testing] | |
name: Equinoxe Preproduction Deployment | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Preproduction Deployment | |
shell: bash | |
run: | | |
mkdir -p ~/.ssh/ | |
echo "${{ secrets.EQUINOXE_PREPRODUCTION_DEPLOY_KEY }}" > ~/.ssh/deployment.key | |
chmod 600 ~/.ssh/deployment.key | |
ssh -o StrictHostKeyChecking=no ${{ env.EQUINOXE_SSH_USER }}@${{ env.EQUINOXE_SSH_HOST }} -i ~/.ssh/deployment.key | |
deploy_eclipse_production: | |
if: github.ref == 'refs/heads/main' | |
needs: [unit_testing] | |
name: Eclipse Production deployment | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Production deployment | |
shell: bash | |
run: | | |
mkdir -p ~/.ssh/ | |
echo "${{ secrets.SOLSTICE_PRODUCTION_DEPLOY_KEY }}" > ~/.ssh/deployment.key | |
chmod 600 ~/.ssh/deployment.key | |
ssh -o StrictHostKeyChecking=no ${{ env.ECLIPSE_SSH_USER }}@${{ env.ECLIPSE_SSH_HOST }} -i ~/.ssh/deployment.key | |
deploy_eclipse_preproduction: | |
if: github.ref == 'refs/heads/dev' | |
needs: [unit_testing] | |
name: Eclipse Preproduction Deployment | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Preproduction Deployment | |
shell: bash | |
run: | | |
mkdir -p ~/.ssh/ | |
echo "${{ secrets.SOLSTICE_PREPRODUCTION_DEPLOY_KEY }}" > ~/.ssh/deployment.key | |
chmod 600 ~/.ssh/deployment.key | |
ssh -o StrictHostKeyChecking=no ${{ env.ECLIPSE_SSH_USER }}@${{ env.ECLIPSE_SSH_HOST }} -i ~/.ssh/deployment.key | |
ci_failed: | |
name: Detect failure | |
runs-on: ubuntu-20.04 | |
needs: [deploy_eclipse_production, deploy_equinoxe_production] | |
if: always() && github.ref == 'refs/heads/main' && (needs.deploy_eclipse_production.result == 'failure' || needs.deploy_equinoxe_production.result == 'failure') | |
steps: | |
- name: Send CD failed message | |
shell: bash | |
run: | | |
curl -i -X POST -H 'Content-Type: application/json' -d '{"text": ":icon-danger: [équipe-tech] La mise en production a rencontré un problème sur la branche main ([lien](https://github.com/betagouv/aides-jeunes/actions/workflows/cd.yml?query=branch%3Amain+is%3Afailure))"}' ${{ secrets.MATTERMOST_ALERTING_URL }} |