-
Notifications
You must be signed in to change notification settings - Fork 14
165 lines (147 loc) · 4.75 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
on: [push, pull_request, workflow_dispatch]
jobs:
codeql-sast:
name: CodeQL SAST scan
uses: alphagov/govuk-infrastructure/.github/workflows/codeql-analysis.yml@main
permissions:
security-events: write
dependency-review:
name: Dependency Review scan
uses: alphagov/govuk-infrastructure/.github/workflows/dependency-review.yml@main
# This matrix job runs the test suite against multiple Ruby versions
test_matrix:
strategy:
fail-fast: false
matrix:
ruby: [3.1, 3.2, 3.3]
runs-on: ubuntu-latest
env:
GOVUK_CONTENT_SCHEMAS_PATH: vendor/publishing-api/content_schemas
steps:
- uses: actions/checkout@v4
- name: Checkout Publishing API for content schemas
uses: actions/checkout@v4
with:
repository: alphagov/publishing-api
ref: main
path: vendor/publishing-api
- uses: ruby/setup-ruby@v1
with:
ruby-version: ${{ matrix.ruby }}
bundler-cache: true
- run: bundle exec rake
# This job is needed to work around the fact that matrix jobs spawn multiple status checks – i.e. one job per variant.
# The branch protection rules depend on this as a composite job to ensure that all preceding test_matrix checks passed.
# Solution taken from: https://github.saobby.my.eu.orgmunity/t/status-check-for-a-matrix-jobs/127354/3
test:
needs: test_matrix
runs-on: ubuntu-latest
steps:
- run: echo "All matrix tests have passed 🚀"
generate_pacts:
needs: test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- run: bundle exec rake pact_test
- uses: actions/upload-artifact@v4
with:
name: pacts
path: spec/pacts/*.json
account_api_pact:
needs: generate_pacts
uses: alphagov/account-api/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
asset_manager_pact:
needs: generate_pacts
uses: alphagov/asset-manager/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
collections_pact:
needs: generate_pacts
uses: alphagov/collections/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
email_alert_api_pact:
needs: generate_pacts
uses: alphagov/email-alert-api/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
frontend_pact:
needs: generate_pacts
uses: alphagov/frontend/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
places_manager_pact:
needs: generate_pacts
uses: alphagov/places-manager/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
link_checker_api_pact:
needs: generate_pacts
uses: alphagov/link-checker-api/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
locations_api_pact:
needs: generate_pacts
uses: alphagov/locations-api/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
publishing_api_pact:
needs: generate_pacts
uses: alphagov/publishing-api/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
signon_api_pact:
needs: generate_pacts
uses: alphagov/signon/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
support_api_pact:
needs: generate_pacts
uses: alphagov/support-api/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
publish_pacts:
if: ${{ github.actor != 'dependabot[bot]' }}
needs:
- account_api_pact
- asset_manager_pact
- collections_pact
- email_alert_api_pact
- frontend_pact
- places_manager_pact
- link_checker_api_pact
- locations_api_pact
- publishing_api_pact
- support_api_pact
- signon_api_pact
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- uses: actions/download-artifact@v4
with:
name: pacts
path: tmp/pacts
- run: bundle exec rake pact:publish
env:
PACT_CONSUMER_VERSION: branch-${{ github.ref_name }}
PACT_BROKER_BASE_URL: https://govuk-pact-broker-6991351eca05.herokuapp.com
PACT_BROKER_USERNAME: ${{ secrets.GOVUK_PACT_BROKER_USERNAME }}
PACT_BROKER_PASSWORD: ${{ secrets.GOVUK_PACT_BROKER_PASSWORD }}
PACT_PATTERN: tmp/pacts/*.json
publish_gem:
needs: publish_pacts
if: ${{ github.ref == 'refs/heads/main' }}
permissions:
contents: write
uses: alphagov/govuk-infrastructure/.github/workflows/publish-rubygem.yml@main
secrets:
GEM_HOST_API_KEY: ${{ secrets.ALPHAGOV_RUBYGEMS_API_KEY }}