Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Pipeline Updates #502

Merged
merged 82 commits into from
Jul 16, 2024
Merged

feat: Pipeline Updates #502

merged 82 commits into from
Jul 16, 2024
+7,129 −1,383

Conversation

barrfalk
Copy link
Collaborator

@barrfalk barrfalk commented Jul 4, 2024
edited
Loading

Description

Update PR pipeline to latest provided by Ministry.

Fixes # (issue)

How Has This Been Tested?

  • Verify cypress tests run
  • Manually verified that webeoc components work

Further comments

Thanks for the PR!

Any successful deployments (not always required) will be available below.
Backend available
Frontend available

Once merged, code will be promoted and handed off to following workflow run.
Main Merge Workflow

Thanks for the PR!

Deployments, as required, will be available below:

Please create PRs in draft mode. Mark as ready to enable:

After merge, new images are deployed in:

Thanks for the PR!

Deployments, as required, will be available below:

Please create PRs in draft mode. Mark as ready to enable:

After merge, new images are deployed in:

@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 8, 2024
View reviewed changes
charts/app/templates/backend/templates/deployment.yaml
prometheus.io/path: '/api/metrics'
labels:
{{- include "backend.labels" . | nindent 8 }}
spec:

Check warning

Code scanning / SonarCloud

Service account tokens should not be mounted in pods

<!--SONAR_ISSUE_KEY:AZCQwbYzHXz9BpDhxL_S-->Set automountServiceAccountToken to false for this specification of kind Deployment. <p>See more on <a href="https://sonarcloud.io/project/issues?id=bcgov_nr-compliance-enforcement&issues=AZCQwbYzHXz9BpDhxL_S&open=AZCQwbYzHXz9BpDhxL_S&pullRequest=502">SonarCloud</a></p>
charts/app/templates/frontend/templates/deployment.yaml
prometheus.io/path: '/metrics'
labels:
{{- include "frontend.labels" . | nindent 8 }}
spec:

Check warning

Code scanning / SonarCloud

Service account tokens should not be mounted in pods

<!--SONAR_ISSUE_KEY:AZCQwbZiHXz9BpDhxL_U-->Set automountServiceAccountToken to false for this specification of kind Deployment. <p>See more on <a href="https://sonarcloud.io/project/issues?id=bcgov_nr-compliance-enforcement&issues=AZCQwbZiHXz9BpDhxL_U&open=AZCQwbZiHXz9BpDhxL_U&pullRequest=502">SonarCloud</a></p>
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 11, 2024
View reviewed changes
charts/app/templates/backend/templates/deployment.yaml
prometheus.io/path: '/api/metrics'
labels:
{{- include "backend.labels" . | nindent 8 }}
spec:

Check warning

Code scanning / SonarCloud

Service account tokens should not be mounted in pods

<!--SONAR_ISSUE_KEY:AZCkJ53e4p3kN3gV37uc-->Set automountServiceAccountToken to false for this specification of kind Deployment. <p>See more on <a href="https://sonarcloud.io/project/issues?id=bcgov_nr-compliance-enforcement&issues=AZCkJ53e4p3kN3gV37uc&open=AZCkJ53e4p3kN3gV37uc&pullRequest=502">SonarCloud</a></p>
charts/app/templates/frontend/templates/deployment.yaml
prometheus.io/path: '/metrics'
labels:
{{- include "frontend.labels" . | nindent 8 }}
spec:

Check warning

Code scanning / SonarCloud

Service account tokens should not be mounted in pods

<!--SONAR_ISSUE_KEY:AZCkJ54I4p3kN3gV37ue-->Set automountServiceAccountToken to false for this specification of kind Deployment. <p>See more on <a href="https://sonarcloud.io/project/issues?id=bcgov_nr-compliance-enforcement&issues=AZCkJ54I4p3kN3gV37ue&open=AZCkJ54I4p3kN3gV37ue&pullRequest=502">SonarCloud</a></p>
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 15, 2024
View reviewed changes
charts/app/templates/webeoc/templates/deployment.yaml
rollme: {{ randAlphaNum 5 | quote }}
labels:
{{- include "webeoc.labels" . | nindent 8 }}
spec:

Check warning

Code scanning / SonarCloud

Service account tokens should not be mounted in pods

<!--SONAR_ISSUE_KEY:AZC3KO3vh9Y1V2gdi0hV-->Set automountServiceAccountToken to false for this specification of kind Deployment. <p>See more on <a href="https://sonarcloud.io/project/issues?id=bcgov_nr-compliance-enforcement&issues=AZC3KO3vh9Y1V2gdi0hV&open=AZC3KO3vh9Y1V2gdi0hV&pullRequest=502">SonarCloud</a></p>
charts/app/templates/frontend/templates/deployment.yaml
prometheus.io/path: '/metrics'
labels:
{{- include "frontend.labels" . | nindent 8 }}
spec:

Check warning

Code scanning / SonarCloud

Service account tokens should not be mounted in pods

<!--SONAR_ISSUE_KEY:AZC3KO4zh9Y1V2gdi0hX-->Set automountServiceAccountToken to false for this specification of kind Deployment. <p>See more on <a href="https://sonarcloud.io/project/issues?id=bcgov_nr-compliance-enforcement&issues=AZC3KO4zh9Y1V2gdi0hX&open=AZC3KO4zh9Y1V2gdi0hX&pullRequest=502">SonarCloud</a></p>
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 15, 2024
View reviewed changes
charts/app/templates/backend/templates/deployment.yaml
prometheus.io/path: '/api/metrics'
labels:
{{- include "backend.labels" . | nindent 8 }}
spec:

Check warning

Code scanning / SonarCloud

Service account tokens should not be mounted in pods

<!--SONAR_ISSUE_KEY:AZC3LEan-iT_oVRyL8Q_-->Set automountServiceAccountToken to false for this specification of kind Deployment. <p>See more on <a href="https://sonarcloud.io/project/issues?id=bcgov_nr-compliance-enforcement&issues=AZC3LEan-iT_oVRyL8Q_&open=AZC3LEan-iT_oVRyL8Q_&pullRequest=502">SonarCloud</a></p>
afwilcox
afwilcox reviewed Jul 15, 2024
View reviewed changes
Copy link
Collaborator

@afwilcox afwilcox left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Questions below

charts/app/templates/backend/templates/deployment.yaml
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do things fail if we follow the SonarCloud advice? It looks like this can be resolved by setting automountServiceAccountToken: false in the spec.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good call, I've added that in and the pipeline appears to still work.

.github/workflows/analysis.yml Outdated Show resolved Hide resolved
build/asset-manifest.json Outdated Show resolved Hide resolved
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Jul 15, 2024

Quality Gate Failed Quality Gate failed

Failed conditions
31.9% Duplication on New Code (required ≤ 3%)
C Reliability Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

@afwilcox afwilcox enabled auto-merge July 16, 2024 18:25
@afwilcox afwilcox added this pull request to the merge queue Jul 16, 2024
Merged via the queue into main with commit 668e479 Jul 16, 2024
15 of 16 checks passed
@afwilcox afwilcox deleted the feat/CE-843---Pipeline-Updates branch July 16, 2024 18:25
afwilcox pushed a commit that referenced this pull request Jul 16, 2024
@barrfalk
feat: Merging Pipeline Updates (#502) into Release Branch (#526)
f89d91d
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@afwilcox afwilcox afwilcox approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@barrfalk @afwilcox