Tech - Nettoie le flot d'erreurs d'auth sur Sentry (#3870) #8839
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD Back & Front | |
on: | |
# workflow_dispatch: | |
push: | |
paths: | |
- "**.css" | |
- "**.kt" | |
- "**.png" | |
- "**.js" | |
- "**.json" | |
- "**.snap" | |
- "**.ts" | |
- "**.tsx" | |
- "**.yml" | |
- ".github/workflows/cicd.yml" | |
- "infra/configurations/**.properties" | |
- "infra/docker/app/**" | |
- "**.sql" | |
- "backend/pom.xml" | |
- "backend/build.gradle.kts" | |
- "Makefile" | |
- "frontend" | |
schedule: | |
- cron: "38 11 */3 * *" | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
jobs: | |
version: | |
name: Set application version and env profile | |
runs-on: ubuntu-22.04 | |
outputs: | |
ENV_PROFILE: ${{ env.ENV_PROFILE }} | |
IS_RELEASE: ${{ env.IS_RELEASE }} | |
VERSION: ${{ env.VERSION }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set version and environment profile | |
uses: ./.github/actions/set-version-and-environment-profile | |
unit_test_backend: | |
name: Run backend unit tests | |
needs: version | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 30 | |
env: | |
ENV_PROFILE: ${{needs.version.outputs.ENV_PROFILE}} | |
VERSION: ${{needs.version.outputs.VERSION}} | |
ACTIONS_ALLOW_UNSECURE_COMMANDS: true | |
steps: | |
- name: Setup Java JDK | |
uses: actions/setup-java@v4 | |
with: | |
# https://github.com/actions/setup-java/blob/main/README.md#Supported-distributions | |
distribution: zulu | |
java-version: 17 | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Unit test | |
run: make test-back | |
unit_test_frontend: | |
name: Run frontend unit tests | |
needs: version | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 30 | |
env: | |
PUPPETEER_SKIP_DOWNLOAD: "true" | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Node.js | |
uses: actions/setup-node@v4 | |
with: | |
cache: npm | |
cache-dependency-path: ./frontend/package-lock.json | |
node-version: 20 | |
- name: Install Node.js dependencies | |
run: npm ci | |
working-directory: ./frontend | |
- name: Lint Frontend | |
run: npm run test:lint:partial | |
working-directory: ./frontend | |
- name: Check Frontend types | |
run: npm run test:type | |
working-directory: ./frontend | |
- name: Check Frontend circular dependencies | |
run: npm run test:deps | |
working-directory: ./frontend | |
- name: Unit test | |
run: npm run test:unit --coverage | |
working-directory: ./frontend | |
- name: Upload coverage | |
uses: codecov/codecov-action@v4 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
verbose: true | |
working-directory: ./frontend | |
build: | |
name: Build and package | |
needs: version | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 30 | |
env: | |
IS_RELEASE: ${{ needs.version.outputs.IS_RELEASE }} | |
ENV_PROFILE: ${{needs.version.outputs.ENV_PROFILE}} | |
VERSION: ${{needs.version.outputs.VERSION}} | |
ACTIONS_ALLOW_UNSECURE_COMMANDS: true | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@master | |
- name: Cache Docker layers | |
uses: actions/cache@v4 | |
with: | |
path: /tmp/.buildx-cache-app | |
key: ${{ runner.os }}-single-buildx-app-${{ github.ref_name }} | |
restore-keys: | | |
${{ runner.os }}-single-buildx-app- | |
- name: Build image | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
load: true | |
builder: ${{ steps.buildx.outputs.name }} | |
file: infra/docker/app/Dockerfile | |
push: false | |
tags: monitorfish-app:${{ env.VERSION }} | |
cache-from: type=local,src=/tmp/.buildx-cache-app | |
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-app-new | |
build-args: | | |
IS_RELEASE=${{ env.IS_RELEASE }} | |
VERSION=${{ env.VERSION }} | |
ENV_PROFILE=${{ env.ENV_PROFILE }} | |
GITHUB_SHA=${{ github.sha }} | |
# Temp fix | |
# https://github.com/docker/build-push-action/issues/252 | |
# https://github.com/moby/buildkit/issues/1896 | |
- name: Move cache | |
run: | | |
rm -rf /tmp/.buildx-cache-app | |
mv /tmp/.buildx-cache-app-new /tmp/.buildx-cache-app | |
- name: Upload image to artifacts | |
uses: ishworkh/docker-image-artifact-upload@v1 | |
with: | |
image: monitorfish-app:${{ env.VERSION }} | |
e2e_test: | |
name: Run E2E tests | |
needs: [version, build] | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 30 | |
strategy: | |
# when one test fails, DO NOT cancel the other | |
# containers, because this will kill Cypress processes | |
# leaving the Dashboard hanging ... | |
# https://github.com/cypress-io/github-action/issues/48 | |
fail-fast: false | |
matrix: | |
# Run 10 copies of the current job in parallel | |
containers: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16] | |
env: | |
ACTIONS_ALLOW_UNSECURE_COMMANDS: true | |
CYPRESS_PROJECT_ID: ${{ secrets.PROJECT_ID }} | |
CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_RECORD_KEY }} | |
ENV_PROFILE: ${{ needs.version.outputs.ENV_PROFILE }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
MONITORFISH_VERSION: ${{ needs.version.outputs.VERSION }} | |
PUPPETEER_SKIP_DOWNLOAD: "true" | |
VITE_CYPRESS_PORT: 8880 | |
VERSION: ${{ needs.version.outputs.VERSION }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Download image | |
uses: ishworkh/docker-image-artifact-download@v1 | |
with: | |
image: monitorfish-app:${{ env.VERSION }} | |
- name: Run docker images | |
run: make docker-compose-up | |
- name: Setup Node.js | |
uses: actions/setup-node@v4 | |
with: | |
cache: npm | |
cache-dependency-path: ./frontend/package-lock.json | |
node-version: 20 | |
- name: Setup Firefox | |
uses: browser-actions/setup-firefox@latest | |
with: | |
firefox-version: 119.0.1 | |
- name: Check versions | |
run: | | |
cat /etc/lsb-release | |
node -v | |
npm -v | |
docker -v | |
docker compose version | |
firefox -v | |
which firefox | |
- uses: cypress-io/github-action@v6 | |
with: | |
browser: firefox | |
config-file: config/cypress.config.ts | |
env: PORT=8880 | |
install: true | |
install-command: npm ci | |
parallel: true | |
record: true | |
wait-on: "http://0.0.0.0:8880" | |
working-directory: ./frontend | |
e2e_multi_windows_test: | |
name: Run E2E multi windows tests | |
needs: [version, build] | |
if: contains(github.ref, 'dependabot') == false | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 30 | |
env: | |
ACTIONS_ALLOW_UNSECURE_COMMANDS: true | |
ENV_PROFILE: ${{ needs.version.outputs.ENV_PROFILE }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
MONITORFISH_VERSION: ${{ needs.version.outputs.VERSION }} | |
PUPPETEER_SKIP_DOWNLOAD: "true" | |
VITE_CYPRESS_PORT: 8880 | |
VERSION: ${{ needs.version.outputs.VERSION }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Download image | |
uses: ishworkh/docker-image-artifact-download@v1 | |
with: | |
image: monitorfish-app:${{ env.VERSION }} | |
- name: Docker login | |
run: | | |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login docker.pkg.github.com -u ${GITHUB_ACTOR} --password-stdin | |
- name: Setup Node.js | |
uses: actions/setup-node@v4 | |
with: | |
cache: npm | |
cache-dependency-path: ./frontend/package-lock.json | |
node-version: 20 | |
- name: Install Node.js dependencies | |
run: npm ci | |
working-directory: ./frontend | |
- name: Run docker images | |
run: make docker-compose-puppeteer-up | |
- name: Install Firefox | |
run: npx puppeteer browsers install firefox | |
- name: Run multi-windows tests | |
run: npm run test:multi-windows:run | |
working-directory: ./frontend | |
generate_and_upload_source_maps: | |
name: Generate and upload source maps to Sentry | |
needs: [version, build, unit_test_backend, unit_test_frontend, e2e_test, e2e_multi_windows_test] | |
if: needs.version.outputs.IS_RELEASE && !contains(github.ref, 'dependabot') | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 30 | |
env: | |
VERSION: ${{ needs.version.outputs.VERSION }} | |
SENTRY_URL: ${{ secrets.SENTRY_URL }} | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
SENTRY_ORG: ${{ secrets.SENTRY_ORG }} | |
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 100 | |
- name: Download image | |
uses: ishworkh/docker-image-artifact-download@v1 | |
with: | |
image: monitorfish-app:${{ env.VERSION }} | |
- name: Extract frontend build files | |
run: | | |
docker create --name monitorfish-temp monitorfish-app:${{ env.VERSION }} | |
docker cp monitorfish-temp:/home/monitorfish/public ./frontend_build | |
docker rm monitorfish-temp | |
- name: Generate and upload source maps to Sentry | |
uses: getsentry/action-release@v1 | |
with: | |
environment: ${{ env.ENV_PROFILE }} | |
version: ${{ env.VERSION }} | |
sourcemaps: ./frontend_build | |
ignore_missing: true | |
ignore_empty: true | |
env: | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
SENTRY_ORG: ${{ secrets.SENTRY_ORG }} | |
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} | |
SENTRY_URL: ${{ secrets.SENTRY_URL }} | |
push_to_registry: | |
name: Push to registry | |
needs: | |
[ | |
version, | |
unit_test_backend, | |
unit_test_frontend, | |
e2e_test, | |
e2e_multi_windows_test, | |
generate_and_upload_source_maps, | |
] | |
runs-on: ubuntu-22.04 | |
if: needs.version.outputs.IS_RELEASE && !contains(github.ref, 'dependabot') | |
env: | |
IS_RELEASE: ${{ needs.version.outputs.IS_RELEASE }} | |
ACTIONS_ALLOW_UNSECURE_COMMANDS: true | |
ENV_PROFILE: ${{needs.version.outputs.ENV_PROFILE}} | |
VERSION: ${{needs.version.outputs.VERSION}} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Download image | |
uses: ishworkh/docker-image-artifact-download@v1 | |
with: | |
image: monitorfish-app:${{ env.VERSION }} | |
- name: Push docker image to registry | |
run: | | |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login docker.pkg.github.com -u ${GITHUB_ACTOR} --password-stdin | |
make docker-tag | |
make docker-push |