Skip to content

Commit

Permalink
fix: workflows
Browse files Browse the repository at this point in the history
  • Loading branch information
@tiptenbrink
tiptenbrink committed Dec 6, 2023
1 parent 4602abd commit 51d68f2
Show file tree
Hide file tree
Showing 5 changed files with 86 additions and 75 deletions.
31 changes: 18 additions & 13 deletions backend/workflows/ci.yml → .github/workflows/backend.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,32 +10,37 @@ on:
- main

jobs:
ci:
backend-ci:
runs-on: ubuntu-latest
defaults:
run:
working-directory: backend
env:
backend_path: ${{ github.workspace }}/backend
steps:
- uses: actions/checkout@v4
- run: pipx install poetry==1.7.1
- uses: actions/setup-python@v4
with:
python-version: '3.11'
cache: 'poetry'
cache-dependency-path: backend/poetry.lock
- run: |
poetry env use python3.11
poetry install
- name: Install library
run: poetry install
- uses: actions/setup-node@v3
poetry install --sync
- uses: actions/setup-node@v4
with:
node-version: '18'
node-version: '20'
cache: 'npm'
cache-dependency-path: ${{ github.workspace }}/authpage/package-lock.json
cache-dependency-path: authpage/package-lock.json
- name: Cache authpage
id: cached-authpage
uses: actions/cache@v3
with:
key: authpage-${{ hashFiles('${{ github.workspace }}/authpage') }}
path: ${{ github.workspace }}/src/apiserver/resources/static/credentials
key: authpage-${{ hashFiles('authpage') }}
path: backend/src/apiserver/resources/static/credentials
- name: Build credentials
if: ${{ steps.cached-authpage.outputs.cache-hit != 'true' }}
run: |
npm install
npm run build
Expand All @@ -54,8 +59,8 @@ jobs:
postgres:
image: ghcr.io/dsav-dodeka/postgres:localdev
credentials:
username: ${{ secrets.GH_DODEKACOMCOM_USER }}
password: ${{ secrets.GH_DODEKACOMCOM_TOKEN }}
username: ${{ github.actor }}
password: ${{ github.token }}
# These values must align with the config used by the tests in the repo
# The port is set in the image
env:
Expand All @@ -71,8 +76,8 @@ jobs:
redis:
image: ghcr.io/dsav-dodeka/redis:localdev
credentials:
username: ${{ secrets.GH_DODEKACOMCOM_USER }}
password: ${{ secrets.GH_DODEKACOMCOM_TOKEN }}
username: ${{ github.actor }}
password: ${{ github.token }}
# These values must align with the config used by the tests in the repo
# The port is set in the image
env:
Expand Down
39 changes: 24 additions & 15 deletions deploy/workflows/ci.yml → .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,19 +7,26 @@ on:
release:
types: [ published ]

permissions:
packages: write

jobs:
backend-ci:
uses: DSAV-Dodeka/dodeka/.github/workflows/backend.yml@main

config-deploy:
runs-on: ubuntu-latest

defaults:
run:
working-directory: deploy
steps:
- uses: actions/checkout@v3
with:
ref: ${{ github.head_ref }}
- run: pipx install poetry==1.6.1
- uses: actions/checkout@v4
- run: pipx install poetry==1.7.1
- uses: actions/setup-python@v4
with:
python-version: '3.11'
cache: 'poetry'
cache-dependency-path: deploy/poetry.lock
- run: poetry install
# Build config using tiptenbrink/confspawn
- name: Config
Expand All @@ -29,34 +36,36 @@ jobs:
poetry run confrecipe -r build/deploy/production/production.toml -e production
poetry run confrecipe -r build/data_sync/data_sync.toml -e production
poetry run confrecipe -r build/deploy/repl/repl.toml -e production
- uses: stefanzweifel/git-auto-commit-action@v4
- uses: stefanzweifel/git-auto-commit-action@v5
id: auto-commit-action
if: github.event_name != 'pull_request'
with:
commit_message: Config build (automated)
file_pattern: use/
file_pattern: deploy/use/
- name: "Run if changes have been detected"
if: steps.auto-commit-action.outputs.changes_detected == 'true'
run: exit 1

build_db:
# if: ${{ false }}
build-db:
needs: [backend-ci, config-deploy]
strategy:
matrix:
target: ['localdev', 'staging', 'production' ]
uses: DSAV-Dodeka/dodeka/.github/workflows/db.yml@main
with:
env: ${{ matrix.target }}

build_server:
# if: ${{ false }}
build-server:
needs: [backend-ci, config-deploy]
strategy:
matrix:
target: ['localdev', 'staging', 'production' ]
uses: DSAV-Dodeka/dodeka/.github/workflows/server.yml@main
with:
env: ${{ matrix.target }}
secrets:
GH_DODEKACOMCOM_TOKEN: ${{ secrets.GH_DODEKACOMCOM_TOKEN }}

build_kv:
# if: ${{ false }}
build-kv:
needs: [backend-ci, config-deploy]
strategy:
matrix:
target: ['localdev', 'staging', 'production' ]
Expand Down
21 changes: 13 additions & 8 deletions deploy/workflows/db.yml → .github/workflows/db.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,30 +8,35 @@ on:
type: string

jobs:
build_db:
build-db:
runs-on: ubuntu-latest

# In case of production only run when it is a non-prerelease release
if: ${{ inputs.env != 'production' }} || ${{ github.event_name == 'release' && !github.event.release.prerelease }}
defaults:
run:
working-directory: deploy
steps:
- uses: actions/checkout@v3
- run: pipx install poetry==1.4.2
- uses: actions/checkout@v4
- run: pipx install poetry==1.7.1
- uses: actions/setup-python@v4
with:
python-version: '3.11'
python-version: '3.10'
cache: 'poetry'
cache-dependency-path: deploy/poetry.lock
- run: poetry install
- name: Config
run: |
poetry run confspawn -c config.toml -s ./build/container/db -t ./context -e ${{ inputs.env }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
uses: docker/login-action@v3
with:
registry: ghcr.io
# We use the repo/action token, which has specified access to the package
username: ${{ github.actor}}
password: ${{ github.token }}
# Set up buildx for later build-push-action
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3

# *************************************************
# ************** SET CONTAINER TAGS ***************
Expand Down Expand Up @@ -71,7 +76,7 @@ jobs:
- name: Build and push
uses: docker/build-push-action@v3
with:
context: ${{ github.workspace }}/context
context: deploy/context
# Dockerfile tag
tags: ${{ env.IMAGE_TAG }}
cache-from: type=gha
Expand Down
16 changes: 9 additions & 7 deletions deploy/workflows/kv.yml → .github/workflows/kv.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,14 +10,16 @@ on:
jobs:
build-kv:
runs-on: ubuntu-latest

# In case of production only run when it is a non-prerelease release
if: ${{ inputs.env != 'production' }} || ${{ github.event_name == 'release' && !github.event.release.prerelease }}
steps:
- uses: actions/checkout@v3
- run: pipx install poetry==1.4.2
- uses: actions/checkout@v4
- run: pipx install poetry==1.7.1
- uses: actions/setup-python@v4
with:
python-version: '3.11'
python-version: '3.10'
cache: 'poetry'
cache-dependency-path: deploy/poetry.lock
- run: poetry install
# Build config using tiptenbrink/confspawn
- name: Config
Expand All @@ -44,15 +46,15 @@ jobs:
echo "${{ github.token }}" | gh auth login --with-token
./contextlibrejson/build_librejson.sh
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
uses: docker/login-action@v3
with:
registry: ghcr.io
# We use the repo/action token, which has specified access to the package
username: ${{ github.actor}}
password: ${{ github.token }}
# Set up buildx for later build-push-action
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-2buildx-action@v3

# *************************************************
# ************** SET CONTAINER TAGS ***************
Expand Down Expand Up @@ -92,7 +94,7 @@ jobs:
- name: Build and push
uses: docker/build-push-action@v3
with:
context: ${{ github.workspace }}/context
context: deploy/context
# Dockerfile tag
tags: ${{ env.IMAGE_TAG }}
cache-from: type=gha
Expand Down
54 changes: 22 additions & 32 deletions deploy/workflows/server.yml → .github/workflows/server.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,77 +6,67 @@ on:
env:
required: true
type: string
secrets:
GH_DODEKACOMCOM_TOKEN:
required: true

jobs:
build_server:
build-server:
runs-on: ubuntu-latest
env:
# The place the configuration repo will be placed at temporarily
SERVER_REPO_PATH: 'dodekabackend'

# In case of production only run when it is a non-prerelease release
if: ${{ inputs.env != 'production' }} || ${{ github.event_name == 'release' && !github.event.release.prerelease }}
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v3
with:
repository: 'DSAV-Dodeka/backend'
ref: 'main'
token: ${{ secrets.GH_DODEKACOMCOM_TOKEN }}
# Relative to ${{ github.workspace }}
path: ${{ env.SERVER_REPO_PATH }}
- run: pipx install poetry==1.4.2
- uses: actions/checkout@v4
- run: pipx install poetry==1.7.1
- uses: actions/setup-python@v4
with:
python-version: '3.11'
python-version: '3.10'
cache: 'poetry'
cache-dependency-path: deploy/poetry.lock
- run: poetry install
- name: Config
run: |
poetry run confspawn -c config.toml -s ./build/container/server -t ./context -e ${{ inputs.env }}
poetry run confspawn -c config.toml -s ./build/container/authpage -t ./contextauthpage -e ${{ inputs.env }}
# First the lock file and project declaration are moved
# Then the source is moved
# Then the context for building authpage is prepared
# dotglob is enabled to also allow the '.*' files to be moved
# Finally configuration files for building authpage is moved (TEMP until confspawn option)
- name: Move source
run: |
mv ${{ github.workspace }}/${{ env.SERVER_REPO_PATH }}/poetry.lock ${{ github.workspace }}/context
mv ${{ github.workspace }}/${{ env.SERVER_REPO_PATH }}/pyproject.toml ${{ github.workspace }}/context
mv ${{ github.workspace }}/${{ env.SERVER_REPO_PATH }}/src ${{ github.workspace }}/context/src
mv ${{ github.workspace }}/${{ env.SERVER_REPO_PATH }}/authpage ${{ github.workspace }}/context/authpage
mv backend/poetry.lock deploy/context
mv backend//pyproject.toml deploy/context
mv backend/src deploy/context/src
mv authpage deploy/context/authpage
shopt -s dotglob
mv ${{ github.workspace }}/contextauthpage/* ${{ github.workspace }}/context/authpage
mv deploy/contextauthpage/* deploy/context/authpage
- name: Cache authpage
id: cached-authpage
uses: actions/cache@v3
with:
key: authpage-${{ hashFiles(format('{0}/context/authpage', github.workspace)) }}
path: ${{ github.workspace }}/context/src/apiserver/resources/static/credentials
key: authpage-${{ hashFiles('deploy/context/authpage') }}
path: deploy/context/src/apiserver/resources/static/credentials
- uses: actions/setup-node@v3
if: steps.cached-authpage.outputs.cache-hit != 'true'
with:
node-version: '18'
node-version: '20'
cache: 'npm'
cache-dependency-path: ${{ github.workspace }}/context/authpage/package-lock.json
cache-dependency-path: deploy/context/authpage/package-lock.json
- name: Build credentials
if: ${{ (github.event_name == 'release' && github.event.action == 'published') || steps.cached-authpage.outputs.cache-hit != 'true' }}
run: |
npm install
npm run build-mode -- --mode ${{ inputs.env }}
working-directory: ${{ github.workspace }}/context/authpage
working-directory: deploy/context/authpage
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
uses: docker/login-action@v3
with:
registry: ghcr.io
# We use the repo/action token, which has specified access to the package
username: ${{ github.actor}}
password: ${{ github.token }}
# Set up buildx for later build-push-action
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3

# *************************************************
# ************** SET CONTAINER TAGS ***************
Expand Down Expand Up @@ -116,9 +106,9 @@ jobs:
- name: Build and push
uses: docker/build-push-action@v3
with:
context: ${{ github.workspace }}/context
context: deploy/context
# Dockerfile tag
file: ${{ github.workspace }}/context/server.Dockerfile
file: deploy/context/server.Dockerfile
tags: ${{ env.IMAGE_TAG }}
cache-from: type=gha
cache-to: type=gha, mode=max
Expand Down

0 comments on commit 51d68f2

Please sign in to comment.