Skip to content

build(deps): bump aquasecurity/trivy-action from 0.25.0 to 0.26.0 (#252) #198

build(deps): bump aquasecurity/trivy-action from 0.25.0 to 0.26.0 (#252)

build(deps): bump aquasecurity/trivy-action from 0.25.0 to 0.26.0 (#252) #198

Workflow file for this run

name: Merge
on:
push:
branches: [ main ]
paths-ignore:
- '*.md'
- '.github/**'
- '.graphics/**'
- '!.github/workflows/**'
workflow_dispatch:
inputs:
pr_no:
description: "PR-numbered container set to deploy"
type: number
required: true
concurrency:
group: ${{ github.workflow }}
cancel-in-progress: true
jobs:
vars:
name: Set Variables
outputs:
pr: ${{ steps.pr.outputs.pr }}
runs-on: ubuntu-24.04
timeout-minutes: 1
steps: # Get PR number for squash merges to main
- name: PR Number
id: pr
uses: bcgov-nr/[email protected]
deploy-test:
name: Deploy (test)
needs: [vars]
uses: ./.github/workflows/.deploy.yml
secrets: inherit
with:
environment: test
tag: ${{ needs.vars.outputs.pr }}
release: test
integration-tests:
needs: [deploy-test]
name: Integration Tests for APIs
defaults:
run:
working-directory: integration-tests
runs-on: ubuntu-24.04
strategy:
matrix:
name: [quarkus, fiber, fastapi]
include:
- name: quarkus
baseUrl: https://quickstart-openshift-backends-test-backendjava.apps.silver.devops.gov.bc.ca
- name: fiber
baseUrl: https://quickstart-openshift-backends-test-backendgo.apps.silver.devops.gov.bc.ca
- name: fastapi
baseUrl: https://quickstart-openshift-backends-test-backendpy.apps.silver.devops.gov.bc.ca
steps:
- uses: actions/checkout@v4
name: Checkout
- name: Cache node modules
id: cache-npm
uses: actions/cache@v4
env:
cache-name: cache-node-modules
with:
# npm cache files are stored in `~/.npm` on Linux/macOS
path: ~/.npm
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-${{ env.cache-name }}-
${{ runner.os }}-build-
${{ runner.os }}-
- if: ${{ steps.cache-npm.outputs.cache-hit != 'true' }}
name: List the state of node modules
continue-on-error: true
run: npm list
- name: Install dependencies
run: npm ci
- name: Run integration tests
run: BASE_URL=${{ matrix.baseUrl }} API_NAME=${{ matrix.name }} node src/main.js
deploy-prod:
name: Deploy (prod)
needs: [deploy-test, vars]
uses: ./.github/workflows/.deploy.yml
secrets: inherit
with:
autoscaling: true
environment: prod
tag: ${{ needs.vars.outputs.pr }}
release: prod
params:
--set backendGo.deploymentStrategy=RollingUpdate
--set backendPy.deploymentStrategy=RollingUpdate
--set backendJava.deploymentStrategy=RollingUpdate
promote:
name: Promote Images
needs: [deploy-prod, vars]
runs-on: ubuntu-24.04
permissions:
packages: write
strategy:
matrix:
package: [backend-go, backend-py, backend-java, migrations-go, migrations-py]
timeout-minutes: 1
steps:
- uses: shrink/actions-docker-registry-tag@v4
with:
registry: ghcr.io
repository: ${{ github.repository }}/${{ matrix.package }}
target: ${{ needs.vars.outputs.pr }}
tags: prod
ghcr-cleanup:
name: GHCR Cleanup
runs-on: ubuntu-latest
strategy:
matrix:
name: [backend-go, backend-py, backend-java, migrations-go, migrations-py]
steps:
- name: Keep last 50
uses: actions/delete-package-versions@v5
with:
package-name: "${{ github.event.repository.name }}/${{ matrix.name }}"
package-type: "container"
min-versions-to-keep: 50
ignore-versions: "^(prod|test)$"