azure-pipelines.yml

# Run pipeline on main branch, pull-requests into main, and tags
trigger:
  branches:
    include:
    - main
    - refs/tags/*

pr:
- main

pool:
  vmImage: ubuntu-latest

stages:

- stage: Test
  jobs:
  - job: Test
    steps:
    - task: Gitleaks@2
      displayName: 'Scan for secrets'
      inputs:
        scanlocation: '.'
        configtype: 'custom'
        scanmode: 'nogit'
        uploadresults: false
        reportformat: 'json'
        verbose: true

    - task: NodeTool@0
      displayName: 'Install Node.js'
      inputs:
        versionSpec: '20.x'

    - script: npm ci
      displayName: 'Npm Install'

    - task: SonarCloudPrepare@1
      displayName: 'Prepare analysis on SonarCloud'
      inputs:
        SonarCloud: 'SonarCloud'
        organization: 'nhsdigital'
        scannerMode: 'CLI'
        projectKey: 'nhsuk-user-feedback-store'
        projectName: 'User Feedback Store'
        extraProperties: |
          sonar.projectKey=nhsuk-user-feedback-store
          sonar.exclusions=$(System.DefaultWorkingDirectory)/dependency-scan-results/**
          sonar.javascript.lcov.reportPaths=coverage/lcov.info
          sonar.coverage.exclusions=**/*.config.js,**/coverage/**
          sonar.exclusions=node_modules/**
          sonar.language=js

    - script: npm run test
      displayName: 'Npm Test'

    - task: SonarCloudAnalyze@1
      displayName: 'Run SonarCloud Code Analysis'

    - task: SonarCloudPublish@1
      displayName: 'Publish Quality Gate Result'
      inputs:
        pollingTimeoutSec: '300'

    - task: sonarcloud-buildbreaker@2
      displayName: "Break the build if the quality gate fails"
      inputs:
        SonarCloud: 'SonarCloud'
        organization: 'nhsdigital'

- stage: DevDeployment
  displayName: 'Dev Deployment'
  condition: and(succeeded(), startsWith(variables['Build.SourceBranch'], 'refs/heads/main'))
  dependsOn:
  - Test
  jobs:
  - deployment: Deployment
    environment: 'dev'
    strategy:
      runOnce:
        deploy:
          steps:
          - template: azure-pipeline-templates/deploy.yaml
            parameters:
              environment: 'dev'
              region: 'uks'

- stage: StagDeployment
  displayName: 'Stag Deployment'
  condition: and(succeeded(), startsWith(variables['Build.SourceBranch'], 'refs/tags/'))
  dependsOn:
  - Test
  jobs:
  - deployment: Deployment
    environment: 'staging'
    strategy:
      runOnce:
        deploy:
          steps:
          - template: azure-pipeline-templates/deploy.yaml
            parameters:
              environment: 'stag'
              region: 'uks'

- stage: ProdDeployment
  displayName: 'Prod Deployment'
  dependsOn:
  - StagDeployment
  - Test
  jobs:
  - deployment: Deployment
    environment: 'production'
    strategy:
      runOnce:
        deploy:
          steps:
          - template: azure-pipeline-templates/deploy.yaml
            parameters:
              environment: 'prod'
              region: 'uks'