Remove Whitehall asset #320
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: [push, pull_request] | |
jobs: | |
codeql-sast: | |
name: CodeQL SAST scan | |
uses: alphagov/govuk-infrastructure/.github/workflows/codeql-analysis.yml@main | |
permissions: | |
security-events: write | |
dependency-review: | |
name: Dependency Review scan | |
uses: alphagov/govuk-infrastructure/.github/workflows/dependency-review.yml@main | |
# This matrix job runs the test suite against multiple Ruby versions | |
test_matrix: | |
strategy: | |
fail-fast: false | |
matrix: | |
# Due to https://github.com/actions/runner/issues/849, we have to use quotes for '3.0' | |
ruby: ['3.0', 3.1, 3.2] | |
runs-on: ubuntu-latest | |
env: | |
GOVUK_CONTENT_SCHEMAS_PATH: vendor/publishing-api/content_schemas | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Checkout Publishing API for content schemas | |
uses: actions/checkout@v4 | |
with: | |
repository: alphagov/publishing-api | |
ref: main | |
path: vendor/publishing-api | |
- uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: ${{ matrix.ruby }} | |
bundler-cache: true | |
- run: bundle exec rake | |
# This job is needed to work around the fact that matrix jobs spawn multiple status checks – i.e. one job per variant. | |
# The branch protection rules depend on this as a composite job to ensure that all preceding test_matrix checks passed. | |
# Solution taken from: https://github.saobby.my.eu.orgmunity/t/status-check-for-a-matrix-jobs/127354/3 | |
test: | |
needs: test_matrix | |
runs-on: ubuntu-latest | |
steps: | |
- run: echo "All matrix tests have passed 🚀" | |
generate_pacts: | |
needs: test | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: ruby/setup-ruby@v1 | |
with: | |
bundler-cache: true | |
- run: bundle exec rake pact_test | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: pacts | |
path: spec/pacts/*.json | |
account_api_pact: | |
needs: generate_pacts | |
uses: alphagov/account-api/.github/workflows/pact-verify.yml@main | |
with: | |
pact_artifact: pacts | |
asset_manager_pact: | |
needs: generate_pacts | |
uses: alphagov/asset-manager/.github/workflows/pact-verify.yml@main | |
with: | |
pact_artifact: pacts | |
collections_pact: | |
needs: generate_pacts | |
uses: alphagov/collections/.github/workflows/pact-verify.yml@main | |
with: | |
pact_artifact: pacts | |
email_alert_api_pact: | |
needs: generate_pacts | |
uses: alphagov/email-alert-api/.github/workflows/pact-verify.yml@main | |
with: | |
pact_artifact: pacts | |
frontend_pact: | |
needs: generate_pacts | |
uses: alphagov/frontend/.github/workflows/pact-verify.yml@main | |
with: | |
pact_artifact: pacts | |
imminence_pact: | |
needs: generate_pacts | |
uses: alphagov/imminence/.github/workflows/pact-verify.yml@main | |
with: | |
pact_artifact: pacts | |
link_checker_api_pact: | |
needs: generate_pacts | |
uses: alphagov/link-checker-api/.github/workflows/pact-verify.yml@main | |
with: | |
pact_artifact: pacts | |
locations_api_pact: | |
needs: generate_pacts | |
uses: alphagov/locations-api/.github/workflows/pact-verify.yml@main | |
with: | |
pact_artifact: pacts | |
publishing_api_pact: | |
needs: generate_pacts | |
uses: alphagov/publishing-api/.github/workflows/pact-verify.yml@main | |
with: | |
pact_artifact: pacts | |
publish_pacts: | |
needs: | |
- account_api_pact | |
- asset_manager_pact | |
- collections_pact | |
- email_alert_api_pact | |
- frontend_pact | |
- imminence_pact | |
- link_checker_api_pact | |
- locations_api_pact | |
- publishing_api_pact | |
if: ${{ github.ref == 'refs/heads/main' }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: ruby/setup-ruby@v1 | |
with: | |
bundler-cache: true | |
- uses: actions/download-artifact@v3 | |
with: | |
name: pacts | |
path: tmp/pacts | |
- run: bundle exec rake pact:publish | |
env: | |
PACT_CONSUMER_VERSION: branch-${{ github.ref_name }} | |
PACT_BROKER_BASE_URL: https://govuk-pact-broker-6991351eca05.herokuapp.com | |
PACT_BROKER_USERNAME: ${{ secrets.GOVUK_PACT_BROKER_USERNAME }} | |
PACT_BROKER_PASSWORD: ${{ secrets.GOVUK_PACT_BROKER_PASSWORD }} | |
PACT_PATTERN: tmp/pacts/*.json | |
# We don't use the artifact outside of sharing it for jobs so delete it | |
# at the end of the flow. | |
delete_pact_artifact: | |
needs: | |
- generate_pacts | |
- publish_pacts | |
# Run whenever generate_pacts is a success but wait until publish_pacts | |
# is either ran or skipped to ensure all work with the artifact is complete | |
if: ${{ always() && needs.generate_pacts.result == 'success' }} | |
runs-on: ubuntu-latest | |
steps: | |
# As of Jan 2023, GitHub doesn't provide a delete artifact equivalent to | |
# their upload / download ones | |
- uses: geekyeggo/delete-artifact@v2 | |
with: | |
name: pacts | |
publish_gem: | |
needs: publish_pacts | |
if: ${{ github.ref == 'refs/heads/main' }} | |
permissions: | |
contents: write | |
uses: alphagov/govuk-infrastructure/.github/workflows/publish-rubygem.yml@main | |
secrets: | |
GEM_HOST_API_KEY: ${{ secrets.ALPHAGOV_RUBYGEMS_API_KEY }} |