Trying something out.

.circleci/config.yml

@@ -9,41 +9,37 @@ version: 2.1
 # Note: This must also be enabled in CircleCI project settings
 # Settings > Advanced > Auto-cancel redundant builds
 
-jobs:
-  build:
+executors:
+  docker-executor:
     docker:
-       - image: cimg/ruby:3.2.8-browsers # Matches deployed Ruby version in CF
-         environment:
-            RAILS_ENV: test
-            PGHOST: 127.0.0.1
-            PGUSER: root
+      - image: cimg/ruby:3.2.8-browsers # Matches deployed Ruby version in CF
+        environment:
+          RAILS_ENV: test
+          PGHOST: 127.0.0.1
+          PGUSER: root
+          BUNDLE_PATH: vendor/bundle
 
-       - image:  cimg/redis:7.2.7
-         environment:
-            REDIS_URL: redis://redis:6379/1
+      - image: cimg/redis:7.2.7
+        environment:
+          REDIS_URL: redis://redis:6379/1
 
       # Specify service dependencies here if necessary
       # CircleCI maintains a library of pre-built images
       # documented at https://circleci.com/docs/2.0/circleci-images/
-       - image: cimg/postgres:15.8
-         environment:
-            POSTGRES_USER: root
-            POSTGRES_DB: touchpoints_test
+      - image: cimg/postgres:15.8
+        environment:
+          POSTGRES_USER: root
+          POSTGRES_DB: touchpoints_test
 
-    parallelism: 4
-    working_directory: ~/repo
+jobs:
+  build:
+    executor: docker-executor
 
     steps:
       - run:
           name: Update packages
           command: sudo apt-get update
 
-      - run:
-          name: Ensure Chrome is available
-          command: |
-            # cimg/ruby:*-browsers images already include Chrome; skip orb command to avoid "Cannot find declaration" errors
-            echo "Using cimg/ruby:3.4.7-browsers which includes Chrome"
-
       - checkout
 
       - run:
@@ -94,7 +90,7 @@ jobs:
       # Download and cache dependencies
       - restore_cache:
           keys:
-          - v1-bundle-{{ checksum "Gemfile.lock" }}
+            - v1-bundle-{{ checksum "Gemfile.lock" }}
 
       - run: bundle install
 
@@ -103,29 +99,49 @@ jobs:
             - ./vendor/bundle
           key: v1-bundle-{{ checksum "Gemfile.lock" }}
 
-      # Database setup
-      - run: bundle exec rake db:create
-      - run: bundle exec rake db:schema:load
-
       # Precompile assets (to use npm packages specified in assets.rb)
       - run:
           name: Precompile assets
           command: |
             npm i
-            rails assets:precompile
+            bundle exec rails assets:precompile
+
+      - persist_to_workspace:
+          root: .
+          paths:
+            - .
+  test:
+    executor: docker-executor
+    parallelism: 4
 
+    steps:
+      - attach_workspace:
+          at: .
+
+      # Database setup
+      - run: bundle exec rake db:create
+      - run: bundle exec rake db:schema:load        
+
       # run tests!
       - run:
           name: Run tests
           command: |
             mkdir /tmp/test-results
-            TEST_FILES="$(circleci tests glob "spec/**/*_spec.rb" | circleci tests split --split-by=timings)"
+            TEST_FILES="$(circleci tests glob "spec/**/*_spec.rb")"
+            echo "$TEST_FILES" | circleci tests run --verbose --split-by=timings \
+              --command="bundle exec rspec --format progress --format RspecJunitFormatter --out /tmp/test-results/rspec.xml"
+      # collect reports
+      - store_test_results:
+          path: /tmp/test-results
+      - store_artifacts:
+          path: coverage
+
+  deploy:
+    executor: docker-executor
+    steps:
+      - attach_workspace:
+          at: .
 
-             bundle exec rspec --format progress \
-                             --format RspecJunitFormatter \
-                             --out /tmp/test-results/rspec.xml \
-                             --format progress \
-                             $TEST_FILES
       # Install Cloud Foundry cli (cf) before deploy step. cf is used to push to Cloud.gov
       - run:
           name: Install-cf-cli
@@ -136,11 +152,6 @@ jobs:
             sudo apt-get update
             sudo apt-get install -y cf8-cli
             cf -v
-      # collect reports
-      - store_test_results:
-          path: /tmp/test-results
-      - store_artifacts:
-          path: coverage
 
       - run:
           name: Deploy Sidekiq worker servers
@@ -175,6 +186,9 @@ jobs:
             ./.circleci/deploy.sh
           no_output_timeout: 30m
 
+
+
+
   cron_tasks:
     docker:
       - image: cimg/base:2025.01
@@ -209,3 +223,9 @@ workflows:
   build-deploy:
     jobs:
       - build
+      - test:
+          requires:
+            - build
+      - deploy:
+          requires:
+            - test

.circleci/deploy-sidekiq.sh

@@ -202,3 +202,11 @@ then
 else
   echo "Not on the develop branch."
 fi
+
+# Temp for testing deployment on feature branch
+echo "Logging into cloud.gov"
+# Log into CF and push
+cf login -a $CF_API_ENDPOINT -u $CF_USERNAME -p $CF_PASSWORD -o $CF_ORG -s $CF_SPACE
+echo "Pushing to Staging..."
+cf_push_with_retry touchpoints-staging-sidekiq-worker
+echo "Push to Staging Complete."

.circleci/deploy.sh

@@ -318,3 +318,12 @@ then
 else
   echo "Not on the develop branch."
 fi
+
+# Temp for testing deployment on feature branch
+echo "Logging into cloud.gov"
+# Log into CF and push
+cf login -a $CF_API_ENDPOINT -u $CF_USERNAME -p $CF_PASSWORD -o $CF_ORG -s $CF_SPACE
+echo "Pushing web servers to Staging..."
+cf push touchpoints-staging -f touchpoints-staging.yml --strategy rolling -t 180 --no-wait
+# cf_push_with_retry touchpoints-staging touchpoints-staging.yml
+echo "Push to Staging Complete."

touchpoints-staging.yml

@@ -3,29 +3,30 @@ applications:
     memory: 2G
     disk_quota: 2G
     timeout: 180
-    command: bundle exec rake cf:on_first_instance db:schema:load db:seed && bundle exec rails s -b 0.0.0.0 -p $PORT -e $RAILS_ENV
+    command: bundle exec rake cf:on_first_instance db:migrate && bundle exec rails s -b 0.0.0.0 -p $PORT -e $RAILS_ENV
     env:
-      AWS_SES_ACCESS_KEY_ID: ((AWS_SES_ACCESS_KEY_ID))
-      AWS_SES_SECRET_ACCESS_KEY: ((AWS_SES_SECRET_ACCESS_KEY))
-      AWS_SES_REGION: ((AWS_SES_REGION))
+      # Non-secret env vars only - secrets are set via `cf set-env` and should NOT be in this manifest
+      # Empty values here would OVERWRITE existing secrets on cf push!
       DISABLE_DATABASE_ENVIRONMENT_CHECK: 1
       LOGIN_GOV_CLIENT_ID: urn:gov:gsa:openidconnect.profiles:sp:sso:gsa-tts-opp:touchpoints-staging
       LOGIN_GOV_IDP_BASE_URL: https://idp.int.identitysandbox.gov/
-      LOGIN_GOV_PRIVATE_KEY: ((LOGIN_GOV_PRIVATE_KEY))
-      LOGIN_GOV_REDIRECT_URI: https://app-staging.touchpoints.digital.gov/users/auth/login_dot_gov/callback
-      NEW_RELIC_KEY: ((NEW_RELIC_KEY))
+      LOGIN_GOV_REDIRECT_URI: https://touchpoints-staging.app.cloud.gov/users/auth/login_dot_gov/callback
       RAILS_ENV: staging
-      S3_AWS_ACCESS_KEY_ID: ((S3_AWS_ACCESS_KEY_ID))
-      S3_AWS_BUCKET_NAME: ((S3_AWS_BUCKET_NAME))
-      S3_AWS_REGION: ((S3_AWS_REGION))
-      S3_AWS_SECRET_ACCESS_KEY: ((S3_AWS_SECRET_ACCESS_KEY))
-      TOUCHPOINTS_ADMIN_EMAILS: ((TOUCHPOINTS_ADMIN_EMAILS))
-      TOUCHPOINTS_EMAIL_SENDER: ((TOUCHPOINTS_EMAIL_SENDER))
+      RAILS_SERVE_STATIC_FILES: "true"
       TOUCHPOINTS_WEB_DOMAIN: touchpoints-staging.app.cloud.gov
-      TURNSTILE_SECRET_KEY: ((TURNSTILE_SECRET_KEY))
-      TOUCHPOINTS_WEB_DOMAIN2: app-staging.touchpoints.digital.gov
-      ASSET_HOST: app-staging.touchpoints.digital.gov
       SKIP_WIDGET_RENDERER: "true"
+      # Secrets managed via cf set-env (DO NOT add empty keys here):
+      # - AWS_SES_ACCESS_KEY_ID
+      # - AWS_SES_SECRET_ACCESS_KEY
+      # - AWS_SES_REGION
+      # - LOGIN_GOV_PRIVATE_KEY
+      # - NEW_RELIC_KEY
+      # - S3_AWS_ACCESS_KEY_ID
+      # - S3_AWS_BUCKET_NAME
+      # - S3_AWS_REGION
+      # - S3_AWS_SECRET_ACCESS_KEY
+      # - TOUCHPOINTS_EMAIL_SENDER
+      # - TOUCHPOINTS_GTM_CONTAINER_ID
     buildpacks:
       - https://github.com/rileyseaburg/rust-buildpack-touchpoints.git
       - nodejs_buildpack