Pre-staging fixes #23
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Python check | |
| on: | |
| workflow_call: | |
| inputs: | |
| push_docker_image: | |
| type: string # true or false | |
| default: "false" | |
| outputs: | |
| docker_image_name: | |
| description: "Only docker image name" | |
| value: ${{ jobs.test.outputs.docker_image_name }} | |
| docker_image_tag: | |
| description: "Only docker image tag" | |
| value: ${{ jobs.test.outputs.docker_image_tag }} | |
| docker_image: | |
| description: "docker image with tag" | |
| value: ${{ jobs.test.outputs.docker_image }} | |
| pull_request: | |
| # NOTE: For other, they should be run through helm github action ./helm-publish.yml | |
| jobs: | |
| pre_commit_checks: | |
| name: ๐ด Pre-Commit checks ๐ด | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@main | |
| - name: Install poetry | |
| run: pipx install poetry | |
| - uses: actions/setup-python@main | |
| with: | |
| cache: 'poetry' | |
| - run: poetry install | |
| - uses: pre-commit/action@main | |
| test: | |
| name: ๐ด Test ๐ด | |
| runs-on: ubuntu-latest | |
| needs: pre_commit_checks | |
| outputs: | |
| docker_image_name: ${{ steps.prep.outputs.tagged_image_name }} | |
| docker_image_tag: ${{ steps.prep.outputs.tag }} | |
| docker_image: ${{ steps.prep.outputs.tagged_image }} | |
| steps: | |
| - uses: actions/checkout@main | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| if: ${{ inputs.push_docker_image }} | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: ๐ณ Prepare Docker | |
| id: prep | |
| env: | |
| IMAGE_NAME: ghcr.io/${{ github.repository }} | |
| run: | | |
| BRANCH_NAME=$(echo $GITHUB_REF_NAME | sed 's|:|-|' | tr '[:upper:]' '[:lower:]' | sed 's/_/-/g' | cut -c1-100 | sed 's/-*$//') | |
| # XXX: Check if there is a slash in the BRANCH_NAME eg: project/add-docker | |
| if [[ "$BRANCH_NAME" == *"/"* ]]; then | |
| # XXX: Change the docker image package to -alpha | |
| IMAGE_NAME="$IMAGE_NAME-alpha" | |
| TAG="$(echo "$BRANCH_NAME" | sed 's|/|-|g').$(echo $GITHUB_SHA | head -c7)" | |
| else | |
| TAG="$BRANCH_NAME.$(echo $GITHUB_SHA | head -c7)" | |
| fi | |
| IMAGE_NAME=$(echo $IMAGE_NAME | tr '[:upper:]' '[:lower:]') | |
| echo "tagged_image_name=${IMAGE_NAME}" >> $GITHUB_OUTPUT | |
| echo "tag=${TAG}" >> $GITHUB_OUTPUT | |
| echo "tagged_image=${IMAGE_NAME}:${TAG}" >> $GITHUB_OUTPUT | |
| echo "::notice::Tagged docker image: ${IMAGE_NAME}:${TAG}" | |
| - name: ๐ณ Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: ๐ณ Cache Docker layers | |
| uses: actions/cache@v4 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.ref }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx-refs/develop | |
| ${{ runner.os }}-buildx- | |
| - name: ๐ณ Build image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| builder: ${{ steps.buildx.outputs.name }} | |
| file: Dockerfile | |
| push: false | |
| load: true | |
| provenance: false # XXX: Without this we have untagged images in ghcr.io | |
| tags: ${{ steps.prep.outputs.tagged_image }} | |
| cache-from: type=local,src=/tmp/.buildx-cache | |
| cache-to: type=local,dest=/tmp/.buildx-cache-new | |
| - name: ๐ฎ Validate if there are no pending django migrations. | |
| env: | |
| DOCKER_IMAGE_BACKEND: ${{ steps.prep.outputs.tagged_image }} | |
| run: | | |
| docker compose -f ./gh-docker-compose.yml run --rm web bash -c 'wait-for-it db:5432 && ./manage.py makemigrations --check --dry-run' || { | |
| echo 'There are some changes to be reflected in the migration. Make sure to run makemigrations'; | |
| exit 1; | |
| } | |
| - name: ๐ฎ Validate latest graphql schema. | |
| env: | |
| DOCKER_IMAGE_BACKEND: ${{ steps.prep.outputs.tagged_image }} | |
| run: | | |
| docker compose -f ./gh-docker-compose.yml run --rm web bash -c 'wait-for-it db:5432 && ./manage.py graphql_schema --out /ci-share/schema-latest.graphql' && | |
| cmp --silent schema.graphql ./ci-share/schema-latest.graphql || { | |
| echo 'The schema.graphql is not up to date with the latest changes. Please update and push latest'; | |
| diff schema.graphql ./ci-share/schema-latest.graphql; | |
| exit 1; | |
| } | |
| - name: ๐ค Run Test ๐งช & Publish coverage to code climate | |
| env: | |
| DOCKER_IMAGE_BACKEND: ${{ steps.prep.outputs.tagged_image }} | |
| run: docker compose -f gh-docker-compose.yml run --rm web /code/scripts/run_tests.sh | |
| - name: ๐ณ Docker push | |
| if: ${{ inputs.push_docker_image }} | |
| uses: docker/build-push-action@v6 | |
| with: | |
| tags: ${{ steps.prep.outputs.tagged_image }} | |
| push: true | |
| # Temp fix | |
| # https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md#github-cache | |
| # https://github.com/docker/build-push-action/issues/252 | |
| # https://github.com/moby/buildkit/issues/1896 | |
| - name: ๐ณ Move docker cache (๐ง Hack fix) | |
| run: | | |
| rm -rf /tmp/.buildx-cache | |
| mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
| validate_helm: | |
| name: ๐ด Validate Helm ๐ด | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@main | |
| - name: Install Helm | |
| uses: azure/setup-helm@v4 | |
| - name: ๐ณ Helm dependency | |
| run: | | |
| yq --indent 0 '.dependencies | map(["helm", "repo", "add", .name, .repository] | join(" ")) | .[]' ./helm/Chart.lock | sh -- | |
| helm dependency build ./helm | |
| - name: ๐ณ Helm lint | |
| run: helm lint ./helm --values ./helm/values-test.yaml | |
| - name: ๐ณ Helm template | |
| run: helm template ./helm --values ./helm/values-test.yaml |