Dependency updates #1214
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Tests | |
on: [push, pull_request] | |
jobs: | |
build: | |
runs-on: ubuntu-20.04 | |
# don't run on pushes to forks | |
if: github.event_name == 'pull_request' || github.repository == 'harvard-lil/h2o' | |
steps: | |
- uses: actions/checkout@v3 | |
### build docker images locally ### | |
- name: Rebuild docker images | |
id: rebuild | |
uses: harvard-lil/docker-compose-update-action@main | |
### run tests ### | |
- name: docker compose up | |
run: | | |
# separate pull so downloads run in parallel, with | |
# --ignore-pull-failures for PRs with new images that haven't been pushed yet: | |
docker compose -f docker-compose.yml pull --ignore-pull-failures || true | |
docker compose -f docker-compose.yml up -d # use -f to suppress docker-compose.override.yml | |
docker ps -a # show running containers | |
docker compose logs # show logs | |
- name: Collect static files | |
shell: 'script -q -e -c "bash --noprofile --norc -eo pipefail {0}"' # avoid docker-compose "the input device is not a TTY" -- see https://github.com/actions/runner/issues/241#issuecomment-842566950 | |
run: docker compose exec web ./manage.py collectstatic --noinput # collect static files | |
- name: Python tests | |
shell: 'script -q -e -c "bash --noprofile --norc -eo pipefail {0}"' # avoid docker-compose "the input device is not a TTY" -- see https://github.com/actions/runner/issues/241#issuecomment-842566950 | |
run: | | |
set -x | |
docker compose exec web pytest \ | |
--cov --cov-config=setup.cfg --cov-report xml `# write coverage data to .coverage for upload by codecov` \ | |
-vv -n auto --dist loadgroup | |
- name: Javascript tests | |
shell: 'script -q -e -c "bash --noprofile --norc -eo pipefail {0}"' # avoid docker-compose "the input device is not a TTY" -- see https://github.com/actions/runner/issues/241#issuecomment-842566950 | |
run: | | |
set -x | |
docker compose exec web bash -c "umask 0 && mkdir /app/web/.npmcache && npm config set cache /app/web/.npmcache && npm install" | |
docker compose exec web npm run lint | |
docker compose exec web npm run build | |
docker compose exec web npm run test | |
### codecov ### | |
# https://github.com/codecov/codecov-action | |
- name: Codecov | |
uses: codecov/codecov-action@v1 | |
# build, push, and deploy pandoc-lambda image to stage if necessary | |
# this requires that AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_DEFAULT_REGION, | |
# and AWS_ACCOUNT_ID be set. | |
# TODO: this could potentially use existing built image | |
- name: Publish pandoc-lambda image | |
if: github.event_name == 'push' && github.ref == 'refs/heads/develop' && contains(steps.rebuild.outputs.services-rebuilt, 'pandoc-lambda') | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
run: | | |
aws --version | |
cd docker/pandoc-lambda/ | |
IMG=pandoc-lambda | |
TAG=`git rev-parse --short HEAD` | |
ACCT=${AWS_ACCOUNT_ID} | |
REGION=${AWS_DEFAULT_REGION} | |
ARN=arn:aws:lambda:${REGION}:${ACCT}:function:h2o-export-stage | |
aws ecr get-login-password --region ${REGION} | docker login --username AWS --password-stdin ${ACCT}.dkr.ecr.${REGION}.amazonaws.com | |
docker buildx build --push --provenance=false --platform linux/amd64 --tag ${ACCT}.dkr.ecr.${REGION}.amazonaws.com/${IMG}:${TAG} . | |
aws lambda update-function-code --function-name ${ARN} --image-uri ${ACCT}.dkr.ecr.${REGION}.amazonaws.com/${IMG}:${TAG} --region ${REGION} | |
# Commit built assets if necessary, then deploy via Salt reactor | |
- name: Deploy | |
if: github.event_name == 'push' && github.ref == 'refs/heads/develop' | |
shell: 'script -q -e -c "bash --noprofile --norc -eo pipefail {0}"' # avoid docker-compose "the input device is not a TTY" -- https://github.com/actions/runner/issues/241#issuecomment-842566950 | |
env: | |
DEPLOY_KEY: ${{ secrets.DEPLOY_KEY }} | |
DEPLOY_URL: ${{ secrets.DEPLOY_URL }} | |
DEPLOY_HEADER: ${{ secrets.DEPLOY_HEADER }} | |
run: | | |
set -x | |
git config user.email "[email protected]" | |
git config user.name "Github Actions" | |
if [[ `git status docker-compose.yml docker-compose.override.yml --porcelain` ]] ; then | |
git add docker-compose.yml docker-compose.override.yml | |
git commit -m "Bump image version [skip ci]" | |
git push origin develop || exit 1 | |
fi | |
if [[ `git status web/static/dist/ web/webpack-stats.json --porcelain` ]] ; then | |
git add web/static/dist/ web/webpack-stats.json | |
git commit -m "Add built JS [skip ci]" | |
git push origin develop || exit 1 | |
fi | |
export DEPLOY_CONTENT='{"GITHUB_RUN_NUMBER":"'$GITHUB_RUN_NUMBER'","GITHUB_SHA":"'$GITHUB_SHA'","GITHUB_REF":"'$GITHUB_REF'","GITHUB_REPOSITORY":"'$GITHUB_REPOSITORY'","GITHUB_ACTOR":"'$GITHUB_ACTOR'"}' ; | |
export DEPLOY_SIG="sha1=`echo -n "$DEPLOY_CONTENT" | openssl sha1 -hmac $DEPLOY_KEY | sed 's/^.* //'`" ; | |
curl -X POST "$DEPLOY_URL" --data "$DEPLOY_CONTENT" -H "Content-Type: application/json" -H "$DEPLOY_HEADER: $DEPLOY_SIG" | |
### push docker images to registry, from main branch, once tests pass ### | |
- name: Push docker images | |
if: github.event_name == 'push' && github.ref == 'refs/heads/develop' | |
uses: harvard-lil/docker-compose-update-action@main | |
with: | |
registry: "registry.lil.tools" | |
registry-user: ${{ secrets.REPOSITORY_USER }} | |
registry-pass: ${{ secrets.REPOSITORY_TOKEN }} | |
bake-action: "push" |