First draft on a released based deployment workflow

.github/workflows/template-deploy.yml → .github/actions/deploy.yml

@@ -1,21 +1,27 @@
-name: Deployment template
+name: Deployment
 
 on:
   workflow_call:
     inputs:
       environment:
         type: string
         required: true
-        description: "The environment to deploy to"
-        default: "dev"
+        description: "Target Environment. Can either be 'dev' or 'prd'"
       subscriptionId:
         type: string
         required: true
-        description: "The Azure subscription ID to deploy to"
-        default: "analogio-dev"
+        description: "The Azure subscription Id to deploy to"
 
 jobs:
+  build-all:
+    name: Build codebase
+    uses: ./.github/actions/build.yml
+    with:
+      push_image: true
+    secrets: inherit
+
   deploy:
+    needs: [build-all]
     name: Azure Deployment
     runs-on: ubuntu-22.04
     environment:
@@ -46,18 +52,18 @@ jobs:
           parameters: "environment=${{ inputs.environment }}"
           deploymentName: "azuredeploy-${{github.run_number}}"
           failOnStdErr: true
-      
+
       - name: Deploy analog core
         id: webapp-deploy
         uses: azure/webapps-deploy@v2
         with:
           app-name: ${{ vars.AZURE_WEBAPP_NAME }}
           images: "ghcr.io/analogio/coffeecard-api:${{ github.sha }}"
-  
+
       - name: Invoke Web App CD Webhook
         run: |
           curl --location --request POST '${{ vars.AZURE_APPSERVICE_WEBHOOK_URL }}' --header 'Authorization: Basic ${{ secrets.AZURE_APPSERVICE_WEBHOOK_AUTH }}'
-  
+
       - name: Smoke tests
         uses: Azure/powershell@v1
         with:

.github/workflows/build.yml

@@ -3,18 +3,27 @@ name: Build
 on:
   workflow_dispatch:
 
+  workflow_call:
+    inputs:
+      push_image:
+        description: "Push docker image to registry"
+        required: false
+        type: boolean
+
   pull_request:
     branches: [ develop, production ]
 
 jobs:
   core-build:
     name: Build codebase
-    uses: ./.github/workflows/core-build.yml
+    uses: ./.github/actions/core-build.yml
+    with:
+      push_image: ${{ inputs.push_image }}
     secrets: inherit
 
   infra-build:
     name: Build infrastructure
-    uses: ./.github/workflows/infra-build.yml
+    uses: ./.github/actions/infra-build.yml
     secrets: inherit
 
   sonarcloud:

.github/workflows/deploy-dev.yml

@@ -0,0 +1,15 @@
+name: Deploy to dev
+
+on:
+    push:
+        branches:
+            - develop
+
+jobs:
+    dev-deploy:
+        uses: ./.github/actions/deploy.yml
+        secrets: inherit
+        with:
+            environment: dev
+            subscriptionId: analogio-dev
+

.github/workflows/deploy-prd.yml

@@ -0,0 +1,14 @@
+name: Deploy to prd
+
+on:
+    release:
+        types: [ published ]
+
+jobs:
+    prd-deploy:
+        uses: ./.github/actions/deploy.yml
+        secrets: inherit
+        with:
+            environment: prd
+            subscriptionId: analogio-prd
+

.github/workflows/sonarcloud.yml

@@ -0,0 +1,55 @@
+name: Static Analysis using SonarCloud
+
+on:
+  workflow_call:
+
+  workflow_dispatch:
+
+jobs:
+  core-sonarcloud:
+    name: Configure and scan using SonarCloud
+    runs-on: windows-latest
+    steps:
+      # Sonarscanner part
+      - name: Set up JDK 11
+        uses: actions/setup-java@v1
+        with:
+          java-version: 1.17
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v1
+        with:
+          path: ~\sonar\cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+      - name: Cache SonarCloud scanner
+        id: cache-sonar-scanner
+        uses: actions/cache@v1
+        with:
+          path: .\.sonar\scanner
+          key: ${{ runner.os }}-sonar-scanner
+          restore-keys: ${{ runner.os }}-sonar-scanner
+      - name: Install SonarCloud scanner
+        if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
+        shell: powershell
+        run: |
+          New-Item -Path .\.sonar\scanner -ItemType Directory
+          dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner
+      - name: Build and analyze
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        shell: powershell
+        run: |
+          .\.sonar\scanner\dotnet-sonarscanner begin /k:"AnalogIO_analog-core" /o:"analogio" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths="coverageunit.xml,coverageintegration.xml" /d:sonar.exclusions="CoffeeCard.Library/Migrations/*"
+
+          dotnet tool install --global coverlet.console
+
+          dotnet build --no-incremental coffeecard/
+
+          coverlet ./coffeecard/CoffeeCard.Tests.Unit/bin/Debug/net6.0/CoffeeCard.Tests.Unit.dll --target "dotnet" --targetargs "test --no-build coffeecard/CoffeeCard.Tests.Unit" -f=opencover -o="coverageunit.xml"
+          coverlet ./coffeecard/CoffeeCard.Tests.Integration/bin/Debug/net6.0/CoffeeCard.Tests.Integration.dll --target "dotnet" --targetargs "test --no-build coffeecard/CoffeeCard.Tests.Integration" -f=opencover -o="coverageintegration.xml"
+
+          .\.sonar\scanner\dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"