Skip to content
πŸš€ Deploy - Standard Production Deployment

Merge development into main #2

Sign in to view logs

Merge development into main

Merge development into main #2

Workflow file for this run

.github/workflows/deploy.yml at 7f7d0be
name: πŸš€ Deploy - Standard Production Deployment
on:
push:
branches: [main, release/*]
tags: ['v*']
workflow_dispatch:
inputs:
deployment_type:
description: 'Deployment Type'
required: true
default: 'staging'
type: choice
options:
- 'staging'
- 'production'
user_percentage:
description: 'User Rollout Percentage (1-100)'
required: false
default: '10'
type: string
skip_healthcare_validation:
description: 'Skip Healthcare Validation (DANGEROUS - Use only for hotfixes)'
required: false
default: false
type: boolean
env:
EXPO_TOKEN: ${{ secrets.EXPO_TOKEN }}
NODE_VERSION: '20'
HEALTHCARE_COMPLIANCE: 'true'
NEW_ARCHITECTURE: 'true'
CLINICAL_VALIDATION: 'true'
jobs:
# Healthcare Validation Gate - REQUIRED for all deployments
healthcare-validation-gate:
name: πŸ₯ Healthcare Validation Gate
runs-on: ubuntu-latest
timeout-minutes: 15
outputs:
crisis-validated: ${{ steps.crisis-gate.outputs.validated }}
clinical-validated: ${{ steps.clinical-gate.outputs.validated }}
compliance-validated: ${{ steps.compliance-gate.outputs.validated }}
deployment-approved: ${{ steps.final-gate.outputs.approved }}
steps:
- name: πŸ” Checkout Repository
uses: actions/checkout@v4
with:
fetch-depth: 2
- name: πŸ“¦ Setup Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
cache-dependency-path: 'app/package-lock.json'
- name: πŸ“₯ Install Dependencies
run: |
cd app
npm ci --prefer-offline --no-audit
- name: 🚨 Crisis Authority Gate
id: crisis-gate
run: |
cd app
echo "🚨 HEALTHCARE GATE: Crisis Authority Validation"
if [ "${{ github.event.inputs.skip_healthcare_validation }}" == "true" ]; then
echo "⚠️ WARNING: Healthcare validation skipped - EMERGENCY MODE"
echo "validated=skipped" >> $GITHUB_OUTPUT
else
echo "🚨 Validating Crisis Response Systems..."
npm run validate:crisis-authority
npm run test:crisis -- --ci --testNamePattern="Crisis.*Response.*Time" --testTimeout=10000
echo "validated=true" >> $GITHUB_OUTPUT
echo "βœ… Crisis Authority: VALIDATED"
fi
- name: 🩺 Clinical Authority Gate
id: clinical-gate
run: |
cd app
echo "🩺 HEALTHCARE GATE: Clinical Authority Validation"
if [ "${{ github.event.inputs.skip_healthcare_validation }}" == "true" ]; then
echo "⚠️ WARNING: Healthcare validation skipped - EMERGENCY MODE"
echo "validated=skipped" >> $GITHUB_OUTPUT
else
echo "🩺 Validating Clinical Accuracy Systems..."
npm run validate:clinical-authority
npm run test:clinical -- --ci --testNamePattern="PHQ.*GAD.*Accuracy" --testTimeout=15000
echo "validated=true" >> $GITHUB_OUTPUT
echo "βœ… Clinical Authority: VALIDATED"
fi
- name: πŸ”’ Compliance Authority Gate
id: compliance-gate
run: |
cd app
echo "πŸ”’ HEALTHCARE GATE: Compliance Authority Validation"
if [ "${{ github.event.inputs.skip_healthcare_validation }}" == "true" ]; then
echo "⚠️ WARNING: Healthcare validation skipped - EMERGENCY MODE"
echo "validated=skipped" >> $GITHUB_OUTPUT
else
echo "πŸ”’ Validating HIPAA & Data Privacy..."
npm run validate:compliance-authority
npm run test:security -- --ci --testNamePattern="HIPAA.*Compliance" --testTimeout=10000
echo "validated=true" >> $GITHUB_OUTPUT
echo "βœ… Compliance Authority: VALIDATED"
fi
- name: πŸ₯ Final Healthcare Gate Decision
id: final-gate
run: |
crisis="${{ steps.crisis-gate.outputs.validated }}"
clinical="${{ steps.clinical-gate.outputs.validated }}"
compliance="${{ steps.compliance-gate.outputs.validated }}"
echo "πŸ₯ Healthcare Gate Summary:"
echo "Crisis: $crisis"
echo "Clinical: $clinical"
echo "Compliance: $compliance"
if [ "$crisis" == "true" ] && [ "$clinical" == "true" ] && [ "$compliance" == "true" ]; then
echo "βœ… HEALTHCARE DEPLOYMENT APPROVED"
echo "approved=true" >> $GITHUB_OUTPUT
elif [ "$crisis" == "skipped" ] || [ "$clinical" == "skipped" ] || [ "$compliance" == "skipped" ]; then
echo "⚠️ EMERGENCY DEPLOYMENT APPROVED (Healthcare validation skipped)"
echo "approved=emergency" >> $GITHUB_OUTPUT
else
echo "❌ HEALTHCARE DEPLOYMENT BLOCKED"
echo "approved=false" >> $GITHUB_OUTPUT
exit 1
fi
- name: πŸ“Š Upload Healthcare Gate Report
uses: actions/upload-artifact@v3
if: always()
with:
name: healthcare-gate-report
path: |
app/coverage/
app/__tests__/reports/
retention-days: 90
# Pre-Build Validation
pre-build-validation:
name: πŸ” Pre-Build Validation
runs-on: ubuntu-latest
timeout-minutes: 20
needs: healthcare-validation-gate
if: needs.healthcare-validation-gate.outputs.deployment-approved == 'true' || needs.healthcare-validation-gate.outputs.deployment-approved == 'emergency'
steps:
- name: πŸ” Checkout Repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: πŸ“¦ Setup Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
cache-dependency-path: 'app/package-lock.json'
- name: πŸ“₯ Install Dependencies
run: |
cd app
npm ci --prefer-offline --no-audit
- name: πŸ₯ Production Readiness Validation
run: |
cd app
echo "πŸ₯ Validating production readiness..."
npm run validate:production-readiness
echo "βœ… Production readiness validated"
- name: πŸš€ New Architecture Pre-Build Check
run: |
cd app
echo "πŸš€ Validating New Architecture configuration..."
npm run perf:new-arch-quick
echo "βœ… New Architecture validated for production build"
- name: πŸ” Security Pre-Build Validation
run: |
cd app
echo "πŸ” Security validation before build..."
npm run validate:security-critical
npm audit --audit-level=moderate
echo "βœ… Security validation passed"
- name: β™Ώ Accessibility Pre-Build Validation
run: |
cd app
echo "β™Ώ Accessibility validation before build..."
npm run validate:accessibility
echo "βœ… Accessibility validation passed"
# Production Build & Deployment
production-build:
name: πŸ—οΈ Production Build & Deploy
runs-on: ubuntu-latest
timeout-minutes: 45
needs: [healthcare-validation-gate, pre-build-validation]
if: success()
strategy:
matrix:
platform: [ios, android]
steps:
- name: πŸ” Checkout Repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: πŸ“¦ Setup Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
cache-dependency-path: 'app/package-lock.json'
- name: πŸ”§ Setup EAS CLI
uses: expo/expo-github-action@v8
with:
expo-version: latest
eas-version: latest
token: ${{ secrets.EXPO_TOKEN }}
- name: πŸ“₯ Install Dependencies
run: |
cd app
npm ci --prefer-offline --no-audit
- name: πŸ₯ Final Healthcare Validation Before Build
run: |
cd app
echo "πŸ₯ Final healthcare validation before build..."
if [ "${{ needs.healthcare-validation-gate.outputs.deployment-approved }}" == "emergency" ]; then
echo "⚠️ EMERGENCY BUILD - Healthcare validation was skipped"
else
echo "βœ… Healthcare compliance validated - proceeding with build"
fi
- name: πŸ—οΈ Build Application
run: |
cd app
if [ "${{ github.event.inputs.deployment_type }}" == "staging" ]; then
echo "πŸ§ͺ Building for staging environment..."
eas build --platform ${{ matrix.platform }} --profile staging --non-interactive
else
echo "πŸš€ Building for production environment..."
eas build --platform ${{ matrix.platform }} --profile production --non-interactive
fi
- name: πŸ“Š Upload Build Artifacts
uses: actions/upload-artifact@v3
with:
name: build-artifacts-${{ matrix.platform }}
path: |
app/dist/
app/build-logs/
retention-days: 90
# Deployment to Cloud Infrastructure
cloud-deployment:
name: ☁️ Cloud Infrastructure Deployment
runs-on: ubuntu-latest
timeout-minutes: 15
needs: production-build
if: success()
steps:
- name: πŸ” Checkout Repository
uses: actions/checkout@v4
- name: πŸ“¦ Setup Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
cache-dependency-path: 'app/package-lock.json'
- name: πŸ“₯ Install Dependencies
run: |
cd app
npm ci --prefer-offline --no-audit
- name: ☁️ Deploy to Supabase Cloud
env:
SUPABASE_ACCESS_TOKEN: ${{ secrets.SUPABASE_ACCESS_TOKEN }}
SUPABASE_PROJECT_ID: ${{ secrets.SUPABASE_PROJECT_ID }}
run: |
cd app
echo "☁️ Deploying to Supabase cloud infrastructure..."
npm run deploy:supabase-cloud
echo "βœ… Cloud infrastructure deployment completed"
- name: πŸ—„οΈ Database Migration Validation
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
run: |
cd app
echo "πŸ—„οΈ Validating database migrations..."
npm run db:migrate:validate
echo "βœ… Database migrations validated"
- name: πŸ” Cloud Security Validation
run: |
cd app
echo "πŸ” Validating cloud security configuration..."
npm run validate:cloud-security
echo "βœ… Cloud security validated"
# App Store Submission (Production Only)
app-store-submission:
name: πŸͺ App Store Submission
runs-on: ubuntu-latest
timeout-minutes: 15
needs: [production-build, cloud-deployment]
if: |
success() &&
((startsWith(github.ref, 'refs/tags/v')) ||
(github.event.inputs.deployment_type == 'production'))
strategy:
matrix:
platform: [ios, android]
steps:
- name: πŸ” Checkout Repository
uses: actions/checkout@v4
- name: πŸ”§ Setup EAS CLI
uses: expo/expo-github-action@v8
with:
expo-version: latest
eas-version: latest
token: ${{ secrets.EXPO_TOKEN }}
- name: πŸͺ Submit to App Store
run: |
cd app
echo "πŸͺ Submitting to ${{ matrix.platform }} app store..."
if [ "${{ matrix.platform }}" == "ios" ]; then
echo "🍎 iOS App Store submission..."
eas submit --platform ios --profile production --non-interactive
else
echo "πŸ€– Google Play Store submission..."
eas submit --platform android --profile production --non-interactive
fi
- name: πŸ“Š App Store Submission Report
run: |
echo "πŸͺ App Store Submission Summary:" > app-store-report-${{ matrix.platform }}.md
echo "- Platform: ${{ matrix.platform }}" >> app-store-report-${{ matrix.platform }}.md
echo "- Submission Time: $(date -u '+%Y-%m-%d %H:%M:%S UTC')" >> app-store-report-${{ matrix.platform }}.md
echo "- Healthcare Validation: ${{ needs.healthcare-validation-gate.outputs.deployment-approved }}" >> app-store-report-${{ matrix.platform }}.md
- name: πŸ“Š Upload App Store Report
uses: actions/upload-artifact@v3
with:
name: app-store-report-${{ matrix.platform }}
path: app-store-report-${{ matrix.platform }}.md
retention-days: 365
# Post-Deployment Validation
post-deployment-validation:
name: βœ… Post-Deployment Validation
runs-on: ubuntu-latest
timeout-minutes: 20
needs: [healthcare-validation-gate, production-build, cloud-deployment]
if: success()
steps:
- name: πŸ” Checkout Repository
uses: actions/checkout@v4
- name: πŸ“¦ Setup Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
cache-dependency-path: 'app/package-lock.json'
- name: πŸ“₯ Install Dependencies
run: |
cd app
npm ci --prefer-offline --no-audit
- name: πŸ₯ Post-Deployment Healthcare Validation
run: |
cd app
echo "πŸ₯ Validating healthcare services post-deployment..."
npm run test:crisis -- --testNamePattern="Crisis.*Integration" --ci
npm run test:clinical -- --testNamePattern="Clinical.*Integration" --ci
echo "βœ… Healthcare services validated post-deployment"
- name: πŸš€ New Architecture Benefits Validation
run: |
cd app
echo "πŸš€ Validating New Architecture benefits post-deployment..."
npm run test:new-arch-comprehensive -- --ci
echo "βœ… New Architecture benefits confirmed"
- name: πŸ” Security & Compliance Post-Deployment Check
run: |
cd app
echo "πŸ” Post-deployment security & compliance check..."
npm run validate:post-deployment-security
echo "βœ… Security & compliance validated post-deployment"
- name: πŸ“Š Performance Metrics Validation
run: |
cd app
echo "πŸ“Š Validating performance metrics..."
npm run perf:validate-post-deployment
echo "βœ… Performance metrics validated"
# Deployment Report Generation
deployment-report:
name: πŸ“‹ Deployment Report
runs-on: ubuntu-latest
timeout-minutes: 10
needs: [healthcare-validation-gate, production-build, cloud-deployment, post-deployment-validation]
if: always()
steps:
- name: πŸ” Checkout Repository
uses: actions/checkout@v4
- name: πŸ“‹ Generate Deployment Report
run: |
echo "# πŸš€ Standard Deployment Report - FullMind MBCT" > deployment-report.md
echo "" >> deployment-report.md
echo "## Deployment Summary" >> deployment-report.md
echo "- **Deployment Type**: ${{ github.event.inputs.deployment_type || 'production' }}" >> deployment-report.md
echo "- **Deployment Time**: $(date -u '+%Y-%m-%d %H:%M:%S UTC')" >> deployment-report.md
echo "- **Git Commit**: ${{ github.sha }}" >> deployment-report.md
echo "- **Healthcare Validation**: ${{ needs.healthcare-validation-gate.outputs.deployment-approved }}" >> deployment-report.md
echo "" >> deployment-report.md
echo "## Healthcare Authority Validation" >> deployment-report.md
echo "- **Crisis Authority**: ${{ needs.healthcare-validation-gate.outputs.crisis-validated }}" >> deployment-report.md
echo "- **Clinical Authority**: ${{ needs.healthcare-validation-gate.outputs.clinical-validated }}" >> deployment-report.md
echo "- **Compliance Authority**: ${{ needs.healthcare-validation-gate.outputs.compliance-validated }}" >> deployment-report.md
echo "" >> deployment-report.md
echo "## Deployment Results" >> deployment-report.md
echo "- **Production Build**: ${{ needs.production-build.result }}" >> deployment-report.md
echo "- **Cloud Deployment**: ${{ needs.cloud-deployment.result }}" >> deployment-report.md
echo "- **Post-Deployment Validation**: ${{ needs.post-deployment-validation.result }}" >> deployment-report.md
echo "" >> deployment-report.md
echo "## Healthcare Compliance Status" >> deployment-report.md
if [ "${{ needs.healthcare-validation-gate.outputs.deployment-approved }}" == "true" ]; then
echo "βœ… **HEALTHCARE COMPLIANCE**: FULLY VALIDATED" >> deployment-report.md
echo "βœ… **CRISIS SYSTEMS**: OPERATIONAL" >> deployment-report.md
echo "βœ… **CLINICAL ACCURACY**: VALIDATED" >> deployment-report.md
echo "βœ… **HIPAA COMPLIANCE**: VALIDATED" >> deployment-report.md
elif [ "${{ needs.healthcare-validation-gate.outputs.deployment-approved }}" == "emergency" ]; then
echo "⚠️ **HEALTHCARE COMPLIANCE**: EMERGENCY DEPLOYMENT" >> deployment-report.md
echo "⚠️ **VALIDATION SKIPPED**: Healthcare validation bypassed" >> deployment-report.md
else
echo "❌ **HEALTHCARE COMPLIANCE**: FAILED" >> deployment-report.md
fi
- name: πŸ“Š Upload Deployment Report
uses: actions/upload-artifact@v3
with:
name: standard-deployment-report
path: deployment-report.md
retention-days: 365
- name: πŸŽ‰ Deployment Success Notification
if: success()
run: |
echo "πŸŽ‰ STANDARD DEPLOYMENT SUCCESSFUL! πŸŽ‰"
echo ""
echo "πŸš€ FullMind MBCT Healthcare Application"
echo "βœ… Healthcare Validation: ${{ needs.healthcare-validation-gate.outputs.deployment-approved }}"
echo "βœ… Build Status: ${{ needs.production-build.result }}"
echo "βœ… Cloud Deployment: ${{ needs.cloud-deployment.result }}"
echo "βœ… Post-Deployment Validation: ${{ needs.post-deployment-validation.result }}"
echo ""
echo "πŸ₯ Healthcare Systems: OPERATIONAL"
echo "πŸ“Š Monitoring: ACTIVE (See monitoring workflow)"
echo "🚨 Emergency Rollback: Available (See emergency-deploy workflow)"