-
Notifications
You must be signed in to change notification settings - Fork 14
169 lines (152 loc) · 5.09 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
on: [push, pull_request]
jobs:
codeql-sast:
name: CodeQL SAST scan
uses: alphagov/govuk-infrastructure/.github/workflows/codeql-analysis.yml@main
permissions:
security-events: write
dependency-review:
name: Dependency Review scan
uses: alphagov/govuk-infrastructure/.github/workflows/dependency-review.yml@main
# This matrix job runs the test suite against multiple Ruby versions
test_matrix:
strategy:
fail-fast: false
matrix:
# Due to https://github.com/actions/runner/issues/849, we have to use quotes for '3.0'
ruby: ['3.0', 3.1, 3.2]
runs-on: ubuntu-latest
env:
GOVUK_CONTENT_SCHEMAS_PATH: vendor/publishing-api/content_schemas
steps:
- uses: actions/checkout@v4
- name: Checkout Publishing API for content schemas
uses: actions/checkout@v4
with:
repository: alphagov/publishing-api
ref: main
path: vendor/publishing-api
- uses: ruby/setup-ruby@v1
with:
ruby-version: ${{ matrix.ruby }}
bundler-cache: true
- run: bundle exec rake
# This job is needed to work around the fact that matrix jobs spawn multiple status checks – i.e. one job per variant.
# The branch protection rules depend on this as a composite job to ensure that all preceding test_matrix checks passed.
# Solution taken from: https://github.saobby.my.eu.orgmunity/t/status-check-for-a-matrix-jobs/127354/3
test:
needs: test_matrix
runs-on: ubuntu-latest
steps:
- run: echo "All matrix tests have passed 🚀"
generate_pacts:
needs: test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- run: bundle exec rake pact_test
- uses: actions/upload-artifact@v3
with:
name: pacts
path: spec/pacts/*.json
account_api_pact:
needs: generate_pacts
uses: alphagov/account-api/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
asset_manager_pact:
needs: generate_pacts
uses: alphagov/asset-manager/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
collections_pact:
needs: generate_pacts
uses: alphagov/collections/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
email_alert_api_pact:
needs: generate_pacts
uses: alphagov/email-alert-api/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
frontend_pact:
needs: generate_pacts
uses: alphagov/frontend/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
imminence_pact:
needs: generate_pacts
uses: alphagov/imminence/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
link_checker_api_pact:
needs: generate_pacts
uses: alphagov/link-checker-api/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
locations_api_pact:
needs: generate_pacts
uses: alphagov/locations-api/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
publishing_api_pact:
needs: generate_pacts
uses: alphagov/publishing-api/.github/workflows/pact-verify.yml@main
with:
pact_artifact: pacts
publish_pacts:
needs:
- account_api_pact
- asset_manager_pact
- collections_pact
- email_alert_api_pact
- frontend_pact
- imminence_pact
- link_checker_api_pact
- locations_api_pact
- publishing_api_pact
if: ${{ github.ref == 'refs/heads/main' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- uses: actions/download-artifact@v3
with:
name: pacts
path: tmp/pacts
- run: bundle exec rake pact:publish
env:
PACT_CONSUMER_VERSION: branch-${{ github.ref_name }}
PACT_BROKER_BASE_URL: https://govuk-pact-broker-6991351eca05.herokuapp.com
PACT_BROKER_USERNAME: ${{ secrets.GOVUK_PACT_BROKER_USERNAME }}
PACT_BROKER_PASSWORD: ${{ secrets.GOVUK_PACT_BROKER_PASSWORD }}
PACT_PATTERN: tmp/pacts/*.json
# We don't use the artifact outside of sharing it for jobs so delete it
# at the end of the flow.
delete_pact_artifact:
needs:
- generate_pacts
- publish_pacts
# Run whenever generate_pacts is a success but wait until publish_pacts
# is either ran or skipped to ensure all work with the artifact is complete
if: ${{ always() && needs.generate_pacts.result == 'success' }}
runs-on: ubuntu-latest
steps:
# As of Jan 2023, GitHub doesn't provide a delete artifact equivalent to
# their upload / download ones
- uses: geekyeggo/delete-artifact@v2
with:
name: pacts
publish_gem:
needs: publish_pacts
if: ${{ github.ref == 'refs/heads/main' }}
permissions:
contents: write
uses: alphagov/govuk-infrastructure/.github/workflows/publish-rubygem.yml@main
secrets:
GEM_HOST_API_KEY: ${{ secrets.ALPHAGOV_RUBYGEMS_API_KEY }}