Skip to content
This repository has been archived by the owner on Jul 30, 2024. It is now read-only.
Build

Merge pull request #157 from espoon-voltti/chore/add-two-new-hobby-ca… #206

Sign in to view logs

Merge pull request #157 from espoon-voltti/chore/add-two-new-hobby-ca…

Merge pull request #157 from espoon-voltti/chore/add-two-new-hobby-ca… #206

Workflow file for this run

.github/workflows/build.yml at 44181f4
---
name: Build
on: [push]
env:
AWS_REGION: eu-west-1
ECR_REGISTRY: 307238562370.dkr.ecr.eu-west-1.amazonaws.com
permissions:
id-token: write
contents: read
jobs:
lint-shell:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: espoon-voltti/voltti-actions/shellcheck@v1
dependencies:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: '3.7.12'
cache: 'pip'
- run: pip install -r requirements.txt -r requirements-dev.txt
lint:
needs: dependencies
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: '3.7.12'
cache: 'pip'
- run: pip install -r requirements.txt -r requirements-dev.txt
- name: Lint
run: flake8 .
test:
needs: dependencies
runs-on: ubuntu-20.04
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: secret
POSTGRES_DB: linkedevents
DB_MIGRATION_USER: linkedevents_migration
DB_MIGRATION_PASSWORD: secret
DB_APP_USER: linkedevents_application
DB_APP_PASSWORD: secret
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: '3.7.12'
cache: 'pip'
- run: pip install -r requirements.txt -r requirements-dev.txt
- name: Test
run: ./bin/test_ci.sh
build:
needs:
- dependencies
- lint
- test
- lint-shell
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: '3.7.12'
cache: 'pip'
- run: pip install -r requirements.txt -r requirements-dev.txt
- name: Install dependencies required for running the management commands
run: |
#sudo apt-get update
sudo apt-get install -y --no-install-recommends --no-install-suggests \
gdal-bin
- name: Override the default Linked Events templates with city specific templates
run: python manage.py install_templates helevents
- name: Upload build
uses: actions/upload-artifact@v3
with:
name: templates
path: |
templates/
retention-days: 7
dockerize-dist:
needs:
- build
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- name: Download build
uses: actions/download-artifact@v3
with:
name: templates
path: templates/
- name: Build image
uses: espoon-voltti/voltti-actions/docker-build-push@master
id: build
with:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE }}
AWS_REGION: ${{ env.AWS_REGION }}
registry: ${{ env.ECR_REGISTRY }}
name: espooevents/service
target: dist
dockerfile: Dockerfile.dist
build-args: |
build=${{ github.run_number }}
commit=${{ github.sha }}
BASE_IMAGE_VERSION=3.7.12-slim
outputs:
image: ${{ steps.build.outputs.image }}
dockerize-importer:
needs:
- build
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- name: Download build
uses: actions/download-artifact@v3
with:
name: templates
path: templates/
- name: Build image
uses: espoon-voltti/voltti-actions/docker-build-push@master
id: build
with:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE }}
AWS_REGION: ${{ env.AWS_REGION }}
registry: ${{ env.ECR_REGISTRY }}
name: espooevents/service-importer
dockerfile: Dockerfile.dist
target: admin
build-args: |
build=${{ github.run_number }}
commit=${{ github.sha }}
BASE_IMAGE_VERSION=3.7.12-slim-buster
tag:
if: github.ref == 'refs/heads/master'
runs-on: ubuntu-20.04
needs:
- dockerize-dist
- dockerize-importer
steps:
- uses: actions/checkout@v3
- run: git fetch --prune --unshallow
- name: Setup SSH
shell: bash
run: |
mkdir -p ~/.ssh
chmod 700 ~/.ssh
echo "$SSH_KEY" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
env:
SSH_KEY: ${{ secrets.ESPOOEVENTS_SSH_KEY }}
- name: Create tag
run: |
git config user.name "$(git log -n 1 --pretty=format:%an)"
git config user.email "$(git log -n 1 --pretty=format:%ae)"
./bin/push-version-tag.sh
- if: always()
run: rm -rf ~/.aws
deploy:
if: ${{ github.ref == 'refs/heads/master' }}
runs-on: ubuntu-20.04
needs:
- tag
strategy:
fail-fast: false
matrix:
include:
- environment: staging
- environment: prod
environment:
name: ${{ matrix.environment }}
env:
SERVICE_NAME: espooevents-service
MODULE_NAME: espooevents_service
steps:
- name: Check out infra
uses: actions/checkout@v3
with:
repository: espoon-voltti/espooevents-infra
ssh-key: '${{ secrets.ESPOOEVENTS_SSH_KEY }}'
ref: 'refs/heads/master'
- name: Write AWS config
shell: bash
run: |
mkdir -p ~/.aws
echo '${{ secrets.AWS_CONFIG_TERRAFORM }}' > ~/.aws/config
cat << EOF > ~/.aws/credentials
[voltti-federation]
aws_access_key_id = ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key = ${{ secrets.AWS_SECRET_ACCESS_KEY }}
EOF
- uses: espoon-voltti/voltti-actions/tfenv@master
- name: Setup SSH
shell: bash
run: |
mkdir -p ~/.ssh
chmod 700 ~/.ssh
echo "$SSH_KEY" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
env:
SSH_KEY: ${{ secrets.ESPOOEVENTS_SSH_KEY }}
- name: Prepare Terraform
working-directory: terraform/espooevents-ecs
run: |
terraform init
terraform workspace select "${{ matrix.environment }}"
- name: Install applications
working-directory: terraform/espooevents-ecs
run: |
terraform apply \
-input=false \
-auto-approve \
-lock-timeout=300s \
-var "${SERVICE_NAME}_version=${{ github.sha }}" \
-target="module.${MODULE_NAME}"
- name: Wait for stable
run: |
aws ecs \
wait services-stable \
--region eu-west-1 \
--profile "voltti-${{ matrix.environment }}" \
--cluster "voltti-ecs-cluster-${{ matrix.environment }}" \
--services "${SERVICE_NAME}"
- if: always()
run: rm -rf ~/.aws
- if: failure()
uses: espoon-voltti/voltti-actions/notify@v1
with:
webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }}