-
Notifications
You must be signed in to change notification settings - Fork 40
100 lines (97 loc) · 3.84 KB
/
cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
name: "Continuous Deployment"
on:
workflow_dispatch:
push:
branches: [main, dev]
concurrency: ci-${{ github.ref }}
env:
EQUINOXE_SSH_HOST: equinoxe.mes-aides.1jeune1solution.beta.gouv.fr
EQUINOXE_SSH_USER: debian
ECLIPSE_SSH_HOST: monitor.eclipse.mes-aides.incubateur.net
ECLIPSE_SSH_USER: debian
jobs:
unit_testing:
name: Unit testing
runs-on: ubuntu-20.04
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Cache NPM install files
uses: actions/cache@v3
id: restore-npm-install-packages
with:
path: ~/.npm
key: ${{ runner.os }}-cache-npm-${{ hashFiles('**/package-lock.json') }}
- name: Cache node modules
uses: actions/cache@v3
id: restore-dependencies
with:
path: node_modules
key: ${{ runner.os }}-cache-node-modules-${{ hashFiles('**/package-lock.json') }}
- name: Install dependencies
if: steps.restore-dependencies.outputs.cache-hit != 'true'
run: npm ci --prefer-offline --no-audit
- name: Jest
run: npm run test
deploy_equinoxe_production:
if: github.ref == 'refs/heads/main'
needs: [unit_testing]
name: Equinoxe Production deployment
runs-on: ubuntu-20.04
steps:
- name: Production deployment
shell: bash
run: |
mkdir -p ~/.ssh/
echo "${{ secrets.EQUINOXE_PRODUCTION_DEPLOY_KEY }}" > ~/.ssh/deployment.key
chmod 600 ~/.ssh/deployment.key
ssh -o StrictHostKeyChecking=no ${{ env.EQUINOXE_SSH_USER }}@${{ env.EQUINOXE_SSH_HOST }} -i ~/.ssh/deployment.key
deploy_equinoxe_preproduction:
if: github.ref == 'refs/heads/dev'
needs: [unit_testing]
name: Equinoxe Preproduction Deployment
runs-on: ubuntu-20.04
steps:
- name: Preproduction Deployment
shell: bash
run: |
mkdir -p ~/.ssh/
echo "${{ secrets.EQUINOXE_PREPRODUCTION_DEPLOY_KEY }}" > ~/.ssh/deployment.key
chmod 600 ~/.ssh/deployment.key
ssh -o StrictHostKeyChecking=no ${{ env.EQUINOXE_SSH_USER }}@${{ env.EQUINOXE_SSH_HOST }} -i ~/.ssh/deployment.key
deploy_eclipse_production:
if: github.ref == 'refs/heads/main'
needs: [unit_testing]
name: Eclipse Production deployment
runs-on: ubuntu-20.04
steps:
- name: Production deployment
shell: bash
run: |
mkdir -p ~/.ssh/
echo "${{ secrets.SOLSTICE_PRODUCTION_DEPLOY_KEY }}" > ~/.ssh/deployment.key
chmod 600 ~/.ssh/deployment.key
ssh -o StrictHostKeyChecking=no ${{ env.ECLIPSE_SSH_USER }}@${{ env.ECLIPSE_SSH_HOST }} -i ~/.ssh/deployment.key
deploy_eclipse_preproduction:
if: github.ref == 'refs/heads/dev'
needs: [unit_testing]
name: Eclipse Preproduction Deployment
runs-on: ubuntu-20.04
steps:
- name: Preproduction Deployment
shell: bash
run: |
mkdir -p ~/.ssh/
echo "${{ secrets.SOLSTICE_PREPRODUCTION_DEPLOY_KEY }}" > ~/.ssh/deployment.key
chmod 600 ~/.ssh/deployment.key
ssh -o StrictHostKeyChecking=no ${{ env.ECLIPSE_SSH_USER }}@${{ env.ECLIPSE_SSH_HOST }} -i ~/.ssh/deployment.key
ci_failed:
name: Detect failure
runs-on: ubuntu-20.04
needs: [deploy_eclipse_production, deploy_equinoxe_production]
if: always() && github.ref == 'refs/heads/main' && (needs.deploy_eclipse_production.result == 'failure' || needs.deploy_equinoxe_production.result == 'failure')
steps:
- name: Send CD failed message
shell: bash
run: |
curl -i -X POST -H 'Content-Type: application/json' -d '{"text": ":icon-danger: [équipe-tech] La mise en production a rencontré un problème sur la branche main ([lien](https://github.com/betagouv/aides-jeunes/actions/workflows/cd.yml?query=branch%3Amain+is%3Afailure))"}' ${{ secrets.MATTERMOST_ALERTING_URL }}