From 1cbb5aef159fa9dde97eaa06bac1794d1dda1ad3 Mon Sep 17 00:00:00 2001 From: Khai Do Date: Mon, 15 Jan 2024 16:36:52 -0800 Subject: [PATCH] Refactor GH workflows Refactor Github action from a single workflow to multiple workflows. The purpose is to make the workflows easier to follow and understand. --- .github/workflows/integration-tests.yaml | 47 ++++++ .github/workflows/main.yaml | 189 ----------------------- .github/workflows/release.yaml | 45 ++++++ .github/workflows/staging.yaml | 34 ++++ .github/workflows/tests.yaml | 69 +++++++++ 5 files changed, 195 insertions(+), 189 deletions(-) create mode 100644 .github/workflows/integration-tests.yaml delete mode 100644 .github/workflows/main.yaml create mode 100644 .github/workflows/release.yaml create mode 100644 .github/workflows/staging.yaml create mode 100644 .github/workflows/tests.yaml diff --git a/.github/workflows/integration-tests.yaml b/.github/workflows/integration-tests.yaml new file mode 100644 index 000000000..dd02e10c7 --- /dev/null +++ b/.github/workflows/integration-tests.yaml @@ -0,0 +1,47 @@ +name: integration-tests + +env: + AWS_REGION: us-east-1 + AWS_ROLE_DURATION: 3600 + # role generated from https://github.com/Sceptre/sceptre-aws/blob/master/config/prod/gh-oidc-sceptre-tests.yaml + AWS_ROLE: arn:aws:iam::743644221192:role/gh-oidc-sceptre-tests + +on: + workflow_run: + workflows: + - tests + branches: "*" + types: + - completed + +jobs: + integration-tests: + needs: + - unit-tests + runs-on: ubuntu-latest + permissions: + id-token: write + steps: + - uses: actions/checkout@v4 + - name: Install Poetry + uses: snok/install-poetry@v1 + - name: Install dependencies + run: poetry install --no-interaction --all-extras + # Update poetry for https://github.com/python-poetry/poetry/issues/7184 + - name: update poetry + run: poetry self update --no-ansi + - name: Setup Python + id: setup-python + uses: actions/setup-python@v5 + with: + python-version: '3.10' + cache: 'poetry' + - name: Assume AWS role + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: ${{ env.AWS_REGION }} + role-to-assume: ${{ env.AWS_ROLE }} + role-session-name: GHA-${{ github.repository_owner }}-${{ github.event.repository.name }}-${{ github.run_id }} + role-duration-seconds: ${{ env.AWS_ROLE_DURATION }} + - name: run tests + run: poetry run behave integration-tests/features --junit --junit-directory build/behave diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml deleted file mode 100644 index bd3c51fff..000000000 --- a/.github/workflows/main.yaml +++ /dev/null @@ -1,189 +0,0 @@ -name: main - -env: - AWS_REGION: us-east-1 - AWS_ROLE_DURATION: 3600 - # role generated from https://github.com/Sceptre/sceptre-aws/blob/master/config/prod/gh-oidc-sceptre-tests.yaml - AWS_ROLE: arn:aws:iam::743644221192:role/gh-oidc-sceptre-tests - -on: - push: - branches: - - 'master' - tags: - - 'v[0-9]+.[0-9]+.[0-9]+([0-9]+)' - pull_request: - branches: - - 'master' - -jobs: - linting: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Install Poetry - uses: snok/install-poetry@v1 - - name: Install dependencies - run: poetry install --no-interaction --all-extras - - name: run pre-commit - run: poetry run pre-commit run --all-files --show-diff-on-failure - packaging: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Install Poetry - uses: snok/install-poetry@v1 - - name: Install dependencies - run: poetry install --no-interaction --all-extras - - name: build package - run: poetry build - documentation: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Install Poetry - uses: snok/install-poetry@v1 - - name: Install dependencies - run: poetry install --no-interaction --all-extras - - name: build documentation - run: poetry run make html --directory docs - unit-tests: - runs-on: ubuntu-latest - strategy: - fail-fast: true - matrix: - python: ["3.8", "3.9", "3.10", "3.11", "3.12"] - steps: - - name: Check out repository - uses: actions/checkout@v4 - - name: Setup Python - id: setup-python - uses: actions/setup-python@v5 - with: - python-version: ${{ matrix.python }} - - name: Install Poetry - uses: snok/install-poetry@v1 - - name: Install dependencies - run: poetry install --no-interaction --all-extras - - name: run python tests - run: poetry run tox -e py - - name: run python test report - run: poetry run tox -e report - docker-build: - runs-on: ubuntu-latest - steps: - - name: Check out repository - uses: actions/checkout@v4 - - name: Build Docker Image - uses: docker/build-push-action@v5 - with: - context: . - -# temporarily comment out to get GH action into place. Will fix tests on a follow on PR. -# https://github.com/Sceptre/sceptre/pull/1412#discussion_r1452566731 -# integration-tests: -# needs: -# - unit-tests -# if: ${{ github.event_name != 'pull_request' }} -# runs-on: ubuntu-latest -# permissions: -# id-token: write -# steps: -# - uses: actions/checkout@v4 -# - name: Install Poetry -# uses: snok/install-poetry@v1 -# - name: Install dependencies -# run: poetry install --no-interaction --all-extras -# # Update poetry for https://github.com/python-poetry/poetry/issues/7184 -# - name: update poetry -# run: poetry self update --no-ansi -# - name: Setup Python -# id: setup-python -# uses: actions/setup-python@v5 -# with: -# python-version: '3.10' -# cache: 'poetry' -# - name: Assume AWS role -# uses: aws-actions/configure-aws-credentials@v4 -# with: -# aws-region: ${{ env.AWS_REGION }} -# role-to-assume: ${{ env.AWS_ROLE }} -# role-session-name: GHA-${{ github.repository_owner }}-${{ github.event.repository.name }}-${{ github.run_id }} -# role-duration-seconds: ${{ env.AWS_ROLE_DURATION }} -# - name: run tests -# run: poetry run behave integration-tests/features --junit --junit-directory build/behave - - docker-build-push: - needs: - - docker-build - if: ${{ github.ref == 'refs/heads/master' }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Log in to the Container registry - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v5 - - name: Build and push Docker image to sceptreorg/sceptre:${{ steps.meta.outputs.tags }} - uses: docker/build-push-action@v5 - with: - context: . - push: true - tags: sceptreorg/sceptre:${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - docker-build-release: - needs: - - linting - - packaging - - documentation - - unit-tests - - docker-build -# - integration-tests - if: ${{ github.ref_type == 'tag' }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Log in to the Container registry - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v5 - - name: Build and push Docker image to sceptreorg/sceptre:latest - uses: docker/build-push-action@v5 - with: - context: . - push: true - tags: sceptreorg/sceptre:latest - labels: ${{ steps.meta.outputs.labels }} - - name: Build and push Docker image to sceptreorg/sceptre:${{ steps.meta.outputs.tags }} - uses: docker/build-push-action@v5 - with: - context: . - push: true - tags: sceptreorg/sceptre:${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - pypi-release: - needs: - - linting - - packaging - - documentation - - unit-tests - - docker-build -# - integration-tests - if: ${{ github.ref_type == 'tag' }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Install Poetry - uses: snok/install-poetry@v1 - - name: Install dependencies - run: poetry install --no-interaction --all-extras - - name: Publish to pypi - run: poetry publish --build -u __token__ -p ${{ secrets.PYPI_API_TOKEN }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 000000000..5f62ae317 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,45 @@ +name: release + +on: + push: + tags: + - 'v[0-9]+.[0-9]+.[0-9]+([0-9]+)' + +jobs: + docker-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + # The latest tag refers to the latest released version + - name: Build and push Docker image to sceptreorg/sceptre:latest + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: sceptreorg/sceptre:latest + labels: ${{ steps.meta.outputs.labels }} + - name: Build and push Docker image to sceptreorg/sceptre:${{ steps.meta.outputs.tags }} + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: sceptreorg/sceptre:${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + pypi-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Install Poetry + uses: snok/install-poetry@v1 + - name: Install dependencies + run: poetry install --no-interaction --all-extras + - name: Publish to pypi + run: poetry publish --build -u __token__ -p ${{ secrets.PYPI_API_TOKEN }} diff --git a/.github/workflows/staging.yaml b/.github/workflows/staging.yaml new file mode 100644 index 000000000..dc254ec89 --- /dev/null +++ b/.github/workflows/staging.yaml @@ -0,0 +1,34 @@ +name: staging + +on: + workflow_run: + workflows: + - tests + - integration-tests + branches: + - master + types: + - completed + +jobs: + docker-build-push: + needs: + - docker-build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + - name: Build and push Docker image to sceptreorg/sceptre:${{ steps.meta.outputs.tags }} + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: sceptreorg/sceptre:${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml new file mode 100644 index 000000000..6b5654e1a --- /dev/null +++ b/.github/workflows/tests.yaml @@ -0,0 +1,69 @@ +name: tests + +on: + pull_request: + branches: + - 'master' + +jobs: + linting: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Install Poetry + uses: snok/install-poetry@v1 + - name: Install dependencies + run: poetry install --no-interaction --all-extras + - name: run pre-commit + run: poetry run pre-commit run --all-files --show-diff-on-failure + packaging: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Install Poetry + uses: snok/install-poetry@v1 + - name: Install dependencies + run: poetry install --no-interaction --all-extras + - name: build package + run: poetry build + documentation: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Install Poetry + uses: snok/install-poetry@v1 + - name: Install dependencies + run: poetry install --no-interaction --all-extras + - name: build documentation + run: poetry run make html --directory docs + unit-tests: + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + python: ["3.8", "3.9", "3.10", "3.11", "3.12"] + steps: + - name: Check out repository + uses: actions/checkout@v4 + - name: Setup Python + id: setup-python + uses: actions/setup-python@v5 + with: + python-version: ${{ matrix.python }} + - name: Install Poetry + uses: snok/install-poetry@v1 + - name: Install dependencies + run: poetry install --no-interaction --all-extras + - name: run python tests + run: poetry run tox -e py + - name: run python test report + run: poetry run tox -e report + docker-build: + runs-on: ubuntu-latest + steps: + - name: Check out repository + uses: actions/checkout@v4 + - name: Build Docker Image + uses: docker/build-push-action@v5 + with: + context: .