Update PR Environment - #704 (NRL-973 Add headers to Performance Tests and Fail Workflow if Tests Fail) #490
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy PR Environment | |
run-name: "${{ github.event.action == 'synchronize' && 'Update' || 'Create' }} PR Environment - #${{ github.event.pull_request.number }} (${{ github.event.pull_request.title }})" | |
on: | |
pull_request: | |
types: [opened, reopened, synchronize] | |
concurrency: | |
group: environment-${{ github.event.pull_request.number }} | |
cancel-in-progress: false | |
permissions: | |
id-token: write | |
contents: read | |
actions: write | |
issues: write | |
pull-requests: write | |
jobs: | |
set-environment-id: | |
name: Set Environment ID | |
runs-on: [self-hosted, ci] | |
steps: | |
- name: Set a ID based on the branch name | |
id: set_environment_id | |
run: | | |
JIRA_TICKET=$( | |
echo '${{ github.event.pull_request.head.ref }}' | \ | |
grep -Po --color=none '[A-z]{3,4}-[0-9]{3,5}' | \ | |
sed 's/-//g' | \ | |
tr '[:upper:]' '[:lower:]' || \ | |
true | |
) | |
BRANCH_HASH=$(echo '${{ github.event.pull_request.head.ref }}${{ github.event.pull_request.id }}' | sha256sum | head -c 6) | |
if [ -z "$JIRA_TICKET" ]; then | |
echo "environment_id=${BRANCH_HASH}" > $GITHUB_OUTPUT | |
else | |
echo "environment_id=${JIRA_TICKET}-${BRANCH_HASH}" > $GITHUB_OUTPUT | |
fi | |
outputs: | |
environment_id: ${{ steps.set_environment_id.outputs.environment_id }} | |
build: | |
name: Build Application | |
runs-on: [self-hosted, ci] | |
steps: | |
- name: Git Clone - ${{ github.event.pull_request.head.ref }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.ref }} | |
- name: Setup asdf cache | |
uses: actions/cache@v4 | |
with: | |
path: ~/.asdf | |
key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} | |
restore-keys: | | |
${{ runner.os }}-asdf- | |
- name: Install asdf | |
uses: asdf-vm/actions/[email protected] | |
- name: Install zip | |
run: sudo apt-get install zip | |
- name: Setup Python environment | |
run: | | |
poetry install --no-root | |
source $(poetry env info --path)/bin/activate | |
- name: Run Linting | |
run: make lint | |
- name: Run Unit Tests | |
run: make test | |
- name: Build Project | |
run: make build | |
- name: Configure Management Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: eu-west-2 | |
role-to-assume: ${{ secrets.MGMT_ROLE_ARN }} | |
role-session-name: github-actions-ci-${{ needs.set-environment-id.outputs.environment_id }} | |
- name: Add S3 Permissions to Lambda | |
run: | | |
make get-s3-perms ENV=dev | |
- name: Save Build Artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: build-artifacts | |
path: | | |
dist/*.zip | |
!dist/nrlf_permissions.zip | |
- name: Save NRLF Permissions cache | |
uses: actions/cache/save@v4 | |
with: | |
key: ${{ github.run_id }}-nrlf-permissions | |
path: dist/nrlf_permissions.zip | |
- name: Add Failure Pull Request Comment | |
uses: actions/github-script@v7 | |
if: ${{ failure() }} | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: `💥 Something went wrong while building the pull request environment.\n[Check Output Logs](${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId})` | |
}) | |
deploy: | |
name: Deploy PR Environment | |
runs-on: [self-hosted, ci] | |
environment: pull-request | |
needs: [set-environment-id, build] | |
steps: | |
- name: Git Clone - ${{ github.event.pull_request.head.ref }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.ref }} | |
- name: Setup asdf cache | |
uses: actions/cache@v4 | |
with: | |
path: ~/.asdf | |
key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} | |
restore-keys: | | |
${{ runner.os }}-asdf- | |
- name: Install asdf | |
uses: asdf-vm/actions/[email protected] | |
- name: Configure Management Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: eu-west-2 | |
role-to-assume: ${{ secrets.MGMT_ROLE_ARN }} | |
role-session-name: github-actions-ci-${{ needs.set-environment-id.outputs.environment_id }} | |
- name: Download Artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: build-artifacts | |
path: dist | |
- name: Restore NRLF permissions cache | |
uses: actions/cache/restore@v4 | |
with: | |
key: ${{ github.run_id }}-nrlf-permissions | |
path: dist/nrlf_permissions.zip | |
fail-on-cache-miss: true | |
- name: Retrieve Server Certificates | |
run: make truststore-pull-server ENV=dev | |
- name: Install zip | |
run: sudo apt-get install zip | |
- name: Setup Python environment | |
run: | | |
poetry install --no-root | |
source $(poetry env info --path)/bin/activate | |
- name: Terraform Init | |
run: | | |
terraform -chdir=terraform/infrastructure init | |
terraform -chdir=terraform/infrastructure workspace new ${{ needs.set-environment-id.outputs.environment_id }} || \ | |
terraform -chdir=terraform/infrastructure workspace select ${{ needs.set-environment-id.outputs.environment_id }} | |
- name: Terraform Plan | |
run: | | |
terraform -chdir=terraform/infrastructure plan \ | |
--var-file=etc/dev.tfvars \ | |
--var assume_role_arn=${{ secrets.DEPLOY_ROLE_ARN }} \ | |
--var use_shared_resources=$(poetry run python scripts/are_resources_shared_for_stack.py ${{ needs.set-environment-id.outputs.environment_id }}) \ | |
-out tfplan | |
- name: Terraform Apply | |
id: terraform-apply | |
run: terraform -chdir=terraform/infrastructure apply tfplan | |
- name: Add Success Pull Request Comment | |
uses: actions/github-script@v7 | |
if: ${{ success() }} | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: "🚀 PR environment successfully deployed.\nCommit Hash: `${{ github.event.pull_request.head.sha }}`\nURL: https://${{ needs.set-environment-id.outputs.environment_id }}.api.record-locator.dev.national.nhs.uk/" | |
}) | |
- name: Add Failure Pull Request Comment | |
uses: actions/github-script@v7 | |
if: ${{ failure() }} | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: `💥 Something went wrong while deploying the pull request environment.\n[Check Output Logs](${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId})` | |
}) | |
integration-test: | |
name: Run Integration Tests | |
needs: [set-environment-id, deploy] | |
environment: pull-request | |
runs-on: [self-hosted, ci] | |
steps: | |
- name: Git Clone - ${{ github.event.pull_request.head.ref }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.ref }} | |
- name: Setup asdf cache | |
uses: actions/cache@v4 | |
with: | |
path: ~/.asdf | |
key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} | |
restore-keys: | | |
${{ runner.os }}-asdf- | |
- name: Install asdf and tools | |
uses: asdf-vm/actions/[email protected] | |
- name: Python Dependency Install | |
run: poetry install --no-root | |
- name: Configure Management Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: eu-west-2 | |
role-to-assume: ${{ secrets.MGMT_ROLE_ARN }} | |
role-session-name: github-actions-ci-${{ needs.set-environment-id.outputs.environment_id }} | |
- name: Retrieve Client Certificates | |
run: make truststore-pull-client ENV=dev | |
- name: Configure Dev Account Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: eu-west-2 | |
role-chaining: true | |
role-to-assume: ${{ secrets.DEPLOY_ROLE_ARN }} | |
role-session-name: github-actions-ci-${{ needs.set-environment-id.outputs.environment_id }} | |
- name: Run Integration Tests | |
run: make test-features-integration TF_WORKSPACE_NAME=${{ needs.set-environment-id.outputs.environment_id }} | |
performance-test: | |
name: Run Performance Tests | |
needs: [set-environment-id, integration-test] | |
environment: pull-request | |
runs-on: [self-hosted, ci] | |
steps: | |
- name: Git Clone - ${{ github.event.pull_request.head.ref }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.ref }} | |
- name: Setup asdf cache | |
uses: actions/cache@v4 | |
with: | |
path: ~/.asdf | |
key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} | |
restore-keys: | | |
${{ runner.os }}-asdf- | |
- name: Install asdf and tools | |
uses: asdf-vm/actions/[email protected] | |
- name: Setup Python environment | |
run: | | |
poetry install --no-root | |
source $(poetry env info --path)/bin/activate | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: eu-west-2 | |
role-to-assume: ${{ secrets.MGMT_ROLE_ARN }} | |
role-session-name: github-actions-ci-${{ needs.set-environment-id.outputs.environment_id }} | |
- name: Pull Client Certificates | |
run: make truststore-pull-client ENV=dev | |
- name: Configure Dev Account Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: eu-west-2 | |
role-chaining: true | |
role-to-assume: ${{ secrets.DEPLOY_ROLE_ARN }} | |
role-session-name: github-actions-ci-${{ needs.set-environment-id.outputs.environment_id }} | |
- name: Setup Environment Test Data | |
run: make test-performance-prepare TF_WORKSPACE_NAME=${{ needs.set-environment-id.outputs.environment_id }} | |
- name: Run Performance Test - Baseline | |
run: make test-performance-baseline HOST=${{ needs.set-environment-id.outputs.environment_id }}.api.record-locator.dev.national.nhs.uk ENV_TYPE=dev | |
- name: Run Performance Test - Stress | |
run: make test-performance-stress HOST=${{ needs.set-environment-id.outputs.environment_id }}.api.record-locator.dev.national.nhs.uk ENV_TYPE=dev | |
- name: Process Performance Test Outputs | |
run: make test-performance-output | |
- name: Store Performance Test Outputs | |
uses: actions/upload-artifact@v4 | |
with: | |
name: performance-test-outputs | |
path: dist/*.png | |
- name: Cleanup Environment Test Data | |
run: make test-performance-cleanup TF_WORKSPACE_NAME=${{ needs.set-environment-id.outputs.environment_id }} |