ER 816 Update production workflow (#665)

* Remove specs for content assets - no longer used TODO: Remove all code related to assets after migration * Add production deploy workflow - sql from production for content - update stage deploy workflow
DFE-Digital · Nov 9, 2023 · 6f48426 · 6f48426
1 parent 2a550ff
commit 6f48426
Show file tree

Hide file tree

Showing 15 changed files with 5,124 additions and 292 deletions.
diff --git a/.github/workflows/azure-deploy-prod.yml b/.github/workflows/azure-deploy-prod.yml
@@ -0,0 +1,69 @@
+name: 'HfEYP App Deploy [Azure - PROD]'
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'Create release version ("vx.x.x")'
+        type: string
+        required: true
+      ref:
+        description: 'Release candidate to deploy ("rcx.x.x")'
+        type: string
+        required: true
+  push:
+    tags:
+      - v*
+
+# Permissions for OIDC authentication
+permissions:
+  id-token: write
+  contents: write
+  packages: write
+
+env:
+  ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+  ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+  ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+  DOCKER_IMAGE: ghcr.io/dfe-digital/help-for-early-years-providers
+  RELEASE_VERSION: ${{ inputs.version || github.sha }}
+
+jobs:
+  build-and-deploy:
+    runs-on: ubuntu-latest
+    environment: production
+
+    steps:
+      - name: Check tag format
+        run: |
+          echo ${{ inputs.ref }} | grep -E '^rc[0-9]+\.[0-9]+\.[0-9]+$'
+
+      # Login to the container registry
+      - name: Login to Github Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: retag docker image
+        run: |
+          docker pull ${{ env.DOCKER_IMAGE }}:${{ inputs.ref }}
+          docker tag ${{ env.DOCKER_IMAGE }}:${{ inputs.ref }} ${{ env.DOCKER_IMAGE }}:${{ github.event.inputs.version }}
+          docker push ${{ env.DOCKER_IMAGE }}:${{ inputs.version }}
+
+      # Login to Azure using OIDC
+      - name: Login to Azure CLI
+        uses: azure/login@v1
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+      # Deploy Web Application
+      - name: Deploy to Azure App Services
+        uses: azure/webapps-deploy@v2
+        with:
+          app-name: ${{ vars.WEBAPP_NAME }}
+          images: ${{ env.DOCKER_IMAGE }}:${{ inputs.version }}
+          slot-name: ${{ vars.WEBAPP_DEPLOY_SLOT }}
diff --git a/.github/workflows/azure-deploy-stage.yml b/.github/workflows/azure-deploy-stage.yml
@@ -49,12 +49,6 @@ jobs:
           git push --force origin refs/tags/${{ inputs.candidate }}
           echo "HEAD=$(git rev-parse ${{ inputs.candidate }})" >> $GITHUB_ENV
 
-      # Create and boot Docker image builder
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-        with:
-          version: v0.9.1
-
       # Login to Github Container Registry 
       - name: Login to Github Container Registry
         uses: docker/login-action@v3

diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
@@ -7,7 +7,7 @@ def index
       @users = User.all
     rescue Pundit::NotAuthorizedError
       flash[:alert] = "You do not have permission to view users"
-      redirect_to request.referer || root_path
+      redirect_to request.referer || admin_content_pages_path
     end
 
     def new

diff --git a/app/views/layouts/cms.html.erb b/app/views/layouts/cms.html.erb
@@ -48,7 +48,6 @@
               <%= nav_link_to(title: "Blocks", path: admin_content_blocks_path) if current_user.admin? %>
               <%= nav_link_to(title: "Pages", path: admin_content_pages_path) %>
               <%= nav_link_to(title: "Articles", path: admin_articles_path) %>
-              <%= nav_link_to(title: "Assets", path: admin_content_assets_path) %>
               <li class="govuk-header__navigation-item">
                 <%= link_to "See the site", "/", class: "govuk-header__link", target: :_blank %>
               </li>

diff --git a/config/routes.rb b/config/routes.rb
@@ -36,8 +36,6 @@
       end
     end
     resources :content_blocks, path: "blocks", only: %i[index new edit create update]
-    resources :content_assets, path: "assets"
-    #  This is not a resource route
     post "preview_markdown", to: "content_pages#preview"
   end
 

diff --git a/db/seeds/content_blocks_20231107.sql b/db/seeds/content_blocks_20231107.sql
diff --git a/db/seeds/content_pages_20231107.sql b/db/seeds/content_pages_20231107.sql
diff --git a/spec/features/admin_content_assets_spec.rb b/spec/features/admin_content_assets_spec.rb
diff --git a/spec/features/content_assets_spec.rb b/spec/features/content_assets_spec.rb
diff --git a/spec/requests/admin/content_assets_spec.rb b/spec/requests/admin/content_assets_spec.rb
diff --git a/spec/requests/admin/user_request_spec.rb b/spec/requests/admin/user_request_spec.rb
@@ -16,7 +16,7 @@
       it "redirects to root" do
         sign_in create(:editor)
         get admin_users_path
-        expect(response).to redirect_to(root_path)
+        expect(response).to redirect_to(admin_content_pages_path)
       end
     end
 

diff --git a/spec/views/admin/content_assets/edit.html.erb_spec.rb b/spec/views/admin/content_assets/edit.html.erb_spec.rb
diff --git a/spec/views/admin/content_assets/index.html.erb_spec.rb b/spec/views/admin/content_assets/index.html.erb_spec.rb
diff --git a/spec/views/admin/content_assets/new.html.erb_spec.rb b/spec/views/admin/content_assets/new.html.erb_spec.rb