IFRC Event Extraction #30
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Python check | |
| on: | |
| workflow_call: | |
| inputs: | |
| push_docker_image: | |
| type: string # true or false | |
| default: "false" | |
| outputs: | |
| docker_image_name: | |
| description: "Only docker image name" | |
| value: ${{ jobs.test.outputs.docker_image_name }} | |
| docker_image_tag: | |
| description: "Only docker image tag" | |
| value: ${{ jobs.test.outputs.docker_image_tag }} | |
| docker_image: | |
| description: "docker image with tag" | |
| value: ${{ jobs.test.outputs.docker_image }} | |
| pull_request: | |
| # NOTE: For other, they should be run through helm github action ./helm-publish.yml | |
| env: | |
| COMPOSE_FILE: docker-compose.yml:gh-docker-compose.yml | |
| DJANGO_SECRET_KEY: "ci-test-insecure-django-secret-key" | |
| EMDAT_AUTHORIZATION_KEY: dummy-value | |
| IDMC_CLIENT_ID: dummy-value | |
| IFRC_DATA_URL: dummy-url | |
| EOAPI_DOMAIN: https://montandon-eoapi.dummy.com | |
| jobs: | |
| pre_commit_checks: | |
| name: Pre-Commit checks | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@main | |
| with: | |
| submodules: true | |
| - uses: actions/setup-python@v5 | |
| - uses: astral-sh/setup-uv@v5 | |
| with: | |
| enable-cache: true | |
| - name: Sync | |
| run: uv sync --all-extras | |
| - uses: pre-commit/action@main | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| needs: pre_commit_checks | |
| outputs: | |
| docker_image_name: ${{ steps.prep.outputs.tagged_image_name }} | |
| docker_image_tag: ${{ steps.prep.outputs.tag }} | |
| docker_image: ${{ steps.prep.outputs.tagged_image }} | |
| steps: | |
| - uses: actions/checkout@main | |
| with: | |
| submodules: true | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| if: ${{ inputs.push_docker_image }} | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: 🐳 Prepare Docker | |
| id: prep | |
| env: | |
| IMAGE_NAME: ghcr.io/${{ github.repository }} | |
| run: | | |
| BRANCH_NAME=$(echo $GITHUB_REF_NAME | sed 's|:|-|' | tr '[:upper:]' '[:lower:]' | sed 's/_/-/g' | cut -c1-100 | sed 's/-*$//') | |
| # XXX: Check if there is a slash in the BRANCH_NAME eg: project/add-docker | |
| if [[ "$BRANCH_NAME" == *"/"* ]]; then | |
| # XXX: Change the docker image package to -alpha | |
| IMAGE_NAME="$IMAGE_NAME-alpha" | |
| TAG="$(echo "$BRANCH_NAME" | sed 's|/|-|g').$(echo $GITHUB_SHA | head -c7)" | |
| else | |
| TAG="$BRANCH_NAME.$(echo $GITHUB_SHA | head -c7)" | |
| fi | |
| IMAGE_NAME=$(echo $IMAGE_NAME | tr '[:upper:]' '[:lower:]') | |
| echo "tagged_image_name=${IMAGE_NAME}" >> $GITHUB_OUTPUT | |
| echo "tag=${TAG}" >> $GITHUB_OUTPUT | |
| echo "tagged_image=${IMAGE_NAME}:${TAG}" >> $GITHUB_OUTPUT | |
| echo "::notice::Tagged docker image: ${IMAGE_NAME}:${TAG}" | |
| - name: 🐳 Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: 🐳 Cache Docker layers | |
| uses: actions/cache@v4 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.ref }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx-refs/develop | |
| ${{ runner.os }}-buildx- | |
| - name: 🐳 Build image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| builder: ${{ steps.buildx.outputs.name }} | |
| file: Dockerfile | |
| push: false | |
| load: true | |
| provenance: false # XXX: Without this we have untagged images in ghcr.io | |
| tags: ${{ steps.prep.outputs.tagged_image }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: 🕮 Validate if there are no pending django migrations. | |
| env: | |
| DOCKER_IMAGE_BACKEND: ${{ steps.prep.outputs.tagged_image }} | |
| run: | | |
| docker compose run --rm web bash -c 'wait-for-it db:5432 && ./manage.py makemigrations --check --dry-run' || { | |
| echo 'There are some changes to be reflected in the migration. Make sure to run makemigrations'; | |
| exit 1; | |
| } | |
| # - name: 🤞 Run Test 🧪 & Publish coverage to code climate | |
| # env: | |
| # DOCKER_IMAGE_BACKEND: ${{ steps.prep.outputs.tagged_image }} | |
| # run: docker compose run --rm web /code/scripts/run_tests.sh | |
| - name: 🐳 Docker push | |
| if: ${{ inputs.push_docker_image }} | |
| env: | |
| DOCKER_IMAGE_BACKEND: ${{ steps.prep.outputs.tagged_image }} | |
| run: docker push $DOCKER_IMAGE_BACKEND | |
| validate_helm: | |
| name: Validate Helm | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@main | |
| - name: Install Helm | |
| uses: azure/setup-helm@v4 | |
| - name: 🐳 Helm dependency | |
| run: | | |
| yq --indent 0 '.dependencies | map(["helm", "repo", "add", .name, .repository] | join(" ")) | .[]' ./helm/Chart.lock | sh -- | |
| helm dependency build ./helm | |
| - name: 🐳 Helm lint | |
| run: helm lint ./helm --values ./helm/values-test.yaml | |
| - name: 🐳 Helm template | |
| run: helm template ./helm --values ./helm/values-test.yaml |