Skip to content

prod release #63

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
saravankumarpa wants to merge 863 commits into
base: prod-release
Choose a base branch
from
Open

prod release #63

saravankumarpa wants to merge 863 commits into from

Conversation

@saravankumarpa
Copy link
Contributor

@saravankumarpa saravankumarpa commented May 14, 2020

No description provided.

@sumathi-thirumani sumathi-thirumani temporarily deployed to test May 17, 2022 22:06 Inactive
@sumathi-thirumani sumathi-thirumani temporarily deployed to test May 17, 2022 23:08 Inactive
@acoard-aot acoard-aot temporarily deployed to test May 17, 2022 23:38 Inactive
@divyav-aot divyav-aot temporarily deployed to test May 26, 2022 18:28 Inactive
@abin-aot abin-aot temporarily deployed to test June 8, 2022 17:01 Inactive
@abin-aot abin-aot temporarily deployed to test June 8, 2022 17:12 Inactive
@abin-aot abin-aot temporarily deployed to test June 13, 2022 19:29 Inactive
@abin-aot abin-aot temporarily deployed to test June 13, 2022 19:29 Inactive
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jun 13, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 1 Code Smell

No Coverage information No Coverage information
2.9% 2.9% Duplication

@abin-aot abin-aot temporarily deployed to test October 17, 2022 22:51 Inactive
@abin-aot abin-aot temporarily deployed to test October 17, 2022 22:51 Inactive
@abin-aot abin-aot temporarily deployed to test October 21, 2022 16:03 Inactive
@abin-aot abin-aot temporarily deployed to test October 26, 2022 19:10 Inactive
@sonarqubecloud
Copy link

sonarqubecloud bot commented Oct 26, 2022

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
5.8% 5.8% Duplication

@abin-aot abin-aot temporarily deployed to test December 13, 2022 18:14 — with GitHub Actions Inactive
@abin-aot abin-aot temporarily deployed to test December 13, 2022 18:50 — with GitHub Actions Inactive
@abin-aot abin-aot temporarily deployed to test December 13, 2022 20:25 — with GitHub Actions Inactive
@abin-aot abin-aot temporarily deployed to test January 4, 2023 21:46 — with GitHub Actions Inactive
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 4, 2023

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
5.8% 5.8% Duplication

@abin-aot abin-aot temporarily deployed to test February 15, 2023 22:22 — with GitHub Actions Inactive
@abin-aot abin-aot temporarily deployed to test February 15, 2023 22:22 — with GitHub Actions Inactive
@abin-aot abin-aot temporarily deployed to test February 16, 2023 21:59 — with GitHub Actions Inactive
@abin-aot abin-aot temporarily deployed to test February 17, 2023 07:05 — with GitHub Actions Inactive
@abin-aot abin-aot temporarily deployed to test February 17, 2023 17:31 — with GitHub Actions Inactive
@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 17, 2023

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
5.8% 5.8% Duplication

@abin-aot abin-aot temporarily deployed to test April 14, 2023 21:30 — with GitHub Actions Inactive
@sonarqubecloud
Copy link

sonarqubecloud bot commented May 8, 2025

Quality Gate Failed Quality Gate failed

Failed conditions
4.5% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud

Aman-Hundal and others added 5 commits May 8, 2025 11:24
@Aman-Hundal
merged master into dev
2774e37
@Aman-Hundal
Merge pull request #462 from bcgov/dev-AH-FOIMOD-devmastermerge
0bc4dba 
DEV<>Master Merge
@aparna-aot
FOIMOD-4142 - FOI Request Form Updates - New Ministry Name Update
ef0790a 
FOI Request Form Updates - New Ministry Name Update :  Ministry of Jobs, Economic Development and Innovation to Ministry of Jobs and Economic Growth
@aparna-aot
Merge pull request #463 from bcgov/master-AS-FOIMOD-4142
26bf089 
FOIMOD-4142 - FOI Request Form Updates - New Ministry Name Update
@aparna-aot
Merge pull request #464 from bcgov/dev
2e7e048 
FOIMOD-4142 - FOI Request Form Updates - New Ministry Name Update
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jul 18, 2025

Quality Gate Failed Quality Gate failed

Failed conditions
4.5% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud

github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 18, 2025
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 18, 2025
View reviewed changes
.github/workflows/api-cd.dev.yml
Comment on lines +29 to +77
runs-on: ubuntu-24.04

if: github.event_name == 'push' && github.repository == 'bcgov/foi-requests'
environment:
name: "dev"

steps:
- name: Install oc
uses: redhat-actions/oc-installer@v1
with:
oc_version: '4.6'

- uses: actions/checkout@v2

- name: Install oc
uses: redhat-actions/oc-installer@v1
with:
oc_version: '4.6'

- name: Login Openshift
shell: bash
run: |
oc login --server=${{secrets.OPENSHIFT4_LOGIN_REGISTRY}} --token=${{secrets.OPENSHIFT4_SA_TOKEN}}

- name: Tools project
shell: bash
run: |
oc project ${{ secrets.OPENSHIFT4_FRONTEND_REPOSITORY }}-tools

- name: Build from text branch
shell: bash
run: |
oc patch bc/api-master-build -p '{"spec":{"source":{"git":{"ref":"dev"}}}}'

- name: Start Build Openshift
shell: bash
run: |
oc start-build api-master-build --wait

- name: Tag+Deploy for dev
shell: bash
run: |
oc tag api:latest api:${{ env.TAG_NAME }}

- name: Rollout Restart Deployment
shell: bash
run: |
oc project 04d1a3-dev
oc rollout restart deployment/api

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 7 months ago

To address the issue, we need to explicitly define the permissions key in the workflow file. Since the workflow appears to perform actions such as checking out code (contents: read) and deploying an application, it is likely that the contents: read permission is sufficient. If the workflow requires additional permissions (e.g., pull-requests: write), they should also be specified explicitly. The permissions key can be added at the root level of the workflow to apply to all jobs, or it can be added to individual jobs if different permissions are required for different jobs.

Suggested changeset 1
.github/workflows/api-cd.dev.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/api-cd.dev.yml b/.github/workflows/api-cd.dev.yml
--- a/.github/workflows/api-cd.dev.yml
+++ b/.github/workflows/api-cd.dev.yml
@@ -15,6 +15,9 @@
         required: true
         default: "dev"
 
+permissions:
+  contents: read
+
 defaults:
   run:
     shell: bash
EOF
@@ -15,6 +15,9 @@
required: true
default: "dev"

permissions:
contents: read

defaults:
run:
shell: bash
Copilot is powered by AI and may make mistakes. Always verify output.
.github/workflows/api-cd.test.yml
Comment on lines +29 to +72
runs-on: ubuntu-24.04

if: github.event_name == 'push' && github.repository == 'bcgov/foi-requests'
environment:
name: "test"

steps:
- name: Install oc
uses: redhat-actions/oc-installer@v1
with:
oc_version: '4.6'

- uses: actions/checkout@v2

- name: Login Openshift
shell: bash
run: |
oc login --server=${{secrets.OPENSHIFT4_LOGIN_REGISTRY}} --token=${{secrets.OPENSHIFT4_SA_TOKEN}}

- name: Tools project
shell: bash
run: |
oc project ${{ secrets.OPENSHIFT4_FRONTEND_REPOSITORY }}-tools

- name: Build from text branch
shell: bash
run: |
oc patch bc/api-master-build -p '{"spec":{"source":{"git":{"ref":"master"}}}}'

- name: Start Build Openshift
shell: bash
run: |
oc start-build api-master-build --wait

- name: Tag+Deploy for test
shell: bash
run: |
oc tag api:latest api:${{ env.TAG_NAME }}

- name: Rollout Restart Deployment
shell: bash
run: |
oc project 04d1a3-test
oc rollout restart deployment/api

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 9 months ago

To fix the issue, we will add a permissions block at the workflow level to explicitly define the minimal permissions required. Based on the workflow's actions, it primarily interacts with the repository contents (e.g., checking out code) and does not appear to require write access. Therefore, we will set contents: read as the permission. This ensures that the GITHUB_TOKEN has only the necessary permissions to perform the workflow tasks.

Suggested changeset 1
.github/workflows/api-cd.test.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/api-cd.test.yml b/.github/workflows/api-cd.test.yml
--- a/.github/workflows/api-cd.test.yml
+++ b/.github/workflows/api-cd.test.yml
@@ -2,2 +2,4 @@
 
+permissions:
+  contents: read
 
EOF
@@ -2,2 +2,4 @@

permissions:
contents: read

Copilot is powered by AI and may make mistakes. Always verify output.
.github/workflows/web-cd.dev.yml
Comment on lines +30 to +83
runs-on: ubuntu-24.04

if: github.event_name == 'push' && github.repository == 'bcgov/foi-requests'
environment:
name: "dev"

steps:
- name: Install oc
uses: redhat-actions/oc-installer@v1
with:
oc_version: '4.6'

- uses: actions/checkout@v2

- name: Install oc
uses: redhat-actions/oc-installer@v1
with:
oc_version: '4.6'

- name: Login Openshift
shell: bash
run: |
oc login --server=${{secrets.OPENSHIFT4_LOGIN_REGISTRY}} --token=${{secrets.OPENSHIFT4_SA_TOKEN}}

- name: Tools project
shell: bash
run: |
oc project ${{ secrets.OPENSHIFT4_FRONTEND_REPOSITORY }}-tools

- name: Build from text branch
shell: bash
run: |
oc patch bc/web-artifact-build -p '{"spec":{"source":{"git":{"ref":"dev"}}}}'

- name: Start Build Openshift part 1/2
shell: bash
run: |
oc start-build web-artifact-build --wait

- name: Start Build Openshift part 2/2
shell: bash
run: |
oc start-build web-image-build --wait

- name: Tag+Deploy for dev
shell: bash
run: |
oc tag web:latest web:${{ env.TAG_NAME }}

- name: Rollout Restart Deployment
shell: bash
run: |
oc project 04d1a3-dev
oc rollout restart deployment/web

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 7 months ago

To fix this issue, add a permissions block to the workflow. Ideally, this block should be placed at the root level of the workflow to apply the permissions globally to all jobs. Based on the workflow's usage, the minimum required permissions are likely contents: read since there are no GitHub-related write operations like creating pull requests or dispatching workflows. This will limit the GITHUB_TOKEN to read-only access to repository contents, adhering to the principle of least privilege.

Suggested changeset 1
.github/workflows/web-cd.dev.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/web-cd.dev.yml b/.github/workflows/web-cd.dev.yml
--- a/.github/workflows/web-cd.dev.yml
+++ b/.github/workflows/web-cd.dev.yml
@@ -1,5 +1,7 @@
 name: Deploy web to dev
 
+permissions:
+  contents: read
 
 on:
   push:
EOF
@@ -1,5 +1,7 @@
name: Deploy web to dev

permissions:
contents: read

on:
push:
Copilot is powered by AI and may make mistakes. Always verify output.
.github/workflows/web-cd.test.yml
Comment on lines +29 to +77
runs-on: ubuntu-24.04

if: github.event_name == 'push' && github.repository == 'bcgov/foi-requests'
environment:
name: "test"

steps:
- name: Install oc
uses: redhat-actions/oc-installer@v1
with:
oc_version: '4.6'

- uses: actions/checkout@v2

- name: Login Openshift
shell: bash
run: |
oc login --server=${{secrets.OPENSHIFT4_LOGIN_REGISTRY}} --token=${{secrets.OPENSHIFT4_SA_TOKEN}}

- name: Tools project
shell: bash
run: |
oc project ${{ secrets.OPENSHIFT4_FRONTEND_REPOSITORY }}-tools

- name: Build from master branch
shell: bash
run: |
oc patch bc/web-artifact-build -p '{"spec":{"source":{"git":{"ref":"master"}}}}'

- name: Start Build Openshift part 1/2
shell: bash
run: |
oc start-build web-artifact-build --wait

- name: Start Build Openshift part 2/2
shell: bash
run: |
oc start-build web-image-build --wait

- name: Tag+Deploy for test
shell: bash
run: |
oc tag web:latest web:${{ env.TAG_NAME }}

- name: Rollout Restart Deployment
shell: bash
run: |
oc project 04d1a3-test
oc rollout restart deployment/web

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 9 months ago

To fix the issue, we will add a permissions block at the root level of the workflow. This block will specify the least privileges required for the workflow to function correctly. Based on the workflow's steps, it primarily interacts with OpenShift and does not seem to require write access to the repository. Therefore, we will set contents: read as the minimal permission.

Suggested changeset 1
.github/workflows/web-cd.test.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/web-cd.test.yml b/.github/workflows/web-cd.test.yml
--- a/.github/workflows/web-cd.test.yml
+++ b/.github/workflows/web-cd.test.yml
@@ -2,2 +2,4 @@
 
+permissions:
+  contents: read
 
EOF
@@ -2,2 +2,4 @@

permissions:
contents: read

Copilot is powered by AI and may make mistakes. Always verify output.
@abin-aot
Disclaimer added to base component HTML
23d2d8f
@abin-aot
Merge pull request #465 from bcgov/dev-AA-disclaimer-strike
d5ea9c6 
Dev  disclaimer strike
@abin-aot
Merge pull request #466 from bcgov/dev
95d43a1 
Disclaimer for Job Action on Base component html - !!!need to remove after strike
@sonarqubecloud
Copy link

sonarqubecloud bot commented Sep 23, 2025

Quality Gate Failed Quality Gate failed

Failed conditions
4.5% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud

@sonarqubecloud
Copy link

sonarqubecloud bot commented Nov 7, 2025

Quality Gate Failed Quality Gate failed

Failed conditions
4.5% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.