Add GHA for pushes and prs to develop/staging

.dockerignore

@@ -1,17 +1,16 @@
 .*
 ~*
-*.ini
 *.yml
 *.min.min.js
 package*.*
 coverage.xml
 bin/
 Dockerfile*
 __pycache__
-tests
 node_modules
 src/*.egg-info
 src/aurora/staticfiles/
 Makefile
 README.md
 manage.py
+!.flake8

.env.example

@@ -0,0 +1,11 @@
+SECRET_KEY=secret-key
+
+DATABASE_URL=psql://postgres:postgres@db:5432/postgres
+CACHE_DEFAULT=redis://redis:6379/0
+STATIC_URL=/static/
+STATIC_ROOT=/var/static/
+
+POSTGRES_DB=postgres
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=postgres
+POSTGRES_HOST=db

.flake8

@@ -1,7 +1,17 @@
 [flake8]
 max-complexity = 20
 max-line-length = 120
-exclude = ~*
+exclude =
+    .venv,
+    venv,
+    .git,
+    __pycache__,
+    build,
+    dist,
+    migrations,
+    snapshots,
+    __pypackages__,
+
 ignore = E401,W391,E128,E261,E731,Q000,W504,W606,W503,E203
 ;putty-ignore =
     ;    tests/test_choice_as_instance.py : E501

.github/workflows/ci.yml

@@ -0,0 +1,214 @@
+name: CI
+
+on:
+  push:
+    branches:
+    - develop
+    - staging
+    - ci # WIP
+  pull_request:
+    branches:
+    - develop
+    - staging
+
+jobs:
+  build_and_push_dev:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: DockerHub login
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Push dev
+        run: |
+          docker buildx create --use
+          docker buildx build \
+            --cache-from ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:cache-flex-registration-${{ github.sha }}-dev \
+            --cache-from ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:cache-flex-registration-latest-dev \
+            --cache-to ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:cache-flex-registration-${{ github.sha }}-dev \
+            --cache-to ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:cache-flex-registration-latest-dev \
+            -t ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:flex-registration-${{ github.sha }}-dev \
+            -t ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:flex-registration-latest-dev \
+            -f ./docker/Dockerfile \
+            --target dev \
+            --push \
+            ./
+
+  isort:
+    runs-on: ubuntu-latest
+    needs: [build_and_push_dev]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: DockerHub login
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Check
+        continue-on-error: true # TODO
+        run: |
+          docker run --rm -i \
+            ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:flex-registration-${{ github.sha }}-dev \
+            isort . --check-only
+
+  black:
+    runs-on: ubuntu-latest
+    needs: [build_and_push_dev]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: DockerHub login
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Check
+        run: |
+          docker run --rm -i \
+            ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:flex-registration-${{ github.sha }}-dev \
+            black . --check
+
+  flake8:
+    runs-on: ubuntu-latest
+    needs: [build_and_push_dev]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: DockerHub login
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Check
+        run: |
+          docker run --rm -i \
+            ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:flex-registration-${{ github.sha }}-dev \
+            flake8 .
+
+  mypy:
+    runs-on: ubuntu-latest
+    needs: [build_and_push_dev]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: DockerHub login
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Check
+        continue-on-error: true # TODO
+        run: |
+          docker run --rm -i \
+            ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:flex-registration-${{ github.sha }}-dev \
+            mypy .
+
+  unit_tests:
+    runs-on: ubuntu-latest
+    needs: [build_and_push_dev]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: DockerHub login
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Unit tests
+        run: |
+          backend_image=${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:flex-registration-${{ github.sha }}-dev docker compose \
+            -f ./ops/compose.test.yml \
+            run backend pytest --create-db ./tests/
+
+  build_and_push_dist:
+    runs-on: ubuntu-latest
+    needs: [unit_tests, isort, black, flake8, mypy]
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: DockerHub login
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Push dist
+        run: |
+          docker buildx create --use
+          docker buildx build \
+            --cache-from ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:cache-flex-registration-${{ github.sha }}-dev \
+            --cache-from ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:cache-flex-registration-latest-dev \
+            --cache-from ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:cache-flex-registration-${{ github.sha }}-dist \
+            --cache-from ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:cache-flex-registration-latest-dist \
+            --cache-to ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:cache-flex-registration-${{ github.sha }}-dist \
+            --cache-to ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:cache-flex-registration-latest-dist \
+            -t ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:flex-registration-${{ github.sha }}-dist \
+            -t ${{ vars.DOCKERHUB_ORGANIZATION }}/hope-support-images:flex-registration-${{ github.sha }} \
+            -f ./docker/Dockerfile \
+            --target dist \
+            --push \
+            ./
+
+  deploy:
+    runs-on: ubuntu-latest
+    needs: [unit_tests, isort, black, flake8, mypy, build_and_push_dist]
+    if: |
+      github.event_name == 'push' &&
+      (
+        github.ref == 'refs/heads/ci' ||
+        github.ref == 'refs/heads/develop' ||
+        github.ref == 'refs/heads/staging' ||
+        github.ref == 'refs/heads/master'
+      )
+    steps:
+      - name: Trigger deploy
+        run: |
+          if [ ${{ github.ref }} == 'refs/heads/develop' ]; then
+            pipelineId=1331
+          elif [ ${{ github.ref }} == 'refs/heads/staging' ]; then
+            pipelineId=TODO
+          elif [ ${{ github.ref }} == 'refs/heads/master' ]; then
+            pipelineId=TODO
+          elif [ ${{ github.ref }} == 'refs/heads/ci' ]; then
+            pipelineId=1331
+          else
+            echo "No pipeline to trigger for ref ${{ github.ref }}"
+            exit 0
+          fi
+
+          IFS=',' read -ra pipelines <<< "$pipelineId"
+          for pipeline in "${pipelines[@]}"; do
+            jsonBody='{"variables": {"sha": {"isSecret": false, "value": "${{ github.sha }}"}, "tag": {"isSecret": false, "value": "flex-registration-${{ github.sha }}"}}}'
+            contentLength=$(echo -n $jsonBody | wc -c)
+            project=ICTD-HCT-MIS
+            organization=unicef
+
+            echo Triggering deploy for pipeline $pipeline
+            echo JSON body: $jsonBody
+
+            curl -f -v -L \
+              -u ":${{ secrets.AZURE_PAT }}" \
+              -H "Content-Type: application/json" \
+              -H "Content-Length: $contentLength" \
+              -d "$jsonBody" \
+              https://dev.azure.com/$organization/$project/_apis/pipelines/$pipeline/runs?api-version=7.1-preview.1
+            if [ $? -ne 0 ]; then
+              echo "Failed to trigger deploy for pipeline $pipeline"
+              exit 1
+            fi
+          done
+

.gitignore

@@ -1,4 +1,3 @@
-.*
 ~*
 *.min.min.js
 *.py[ico]
@@ -25,3 +24,4 @@ docker/conf/redis.conf
 src/aurora/staticfiles
 
 .pdm-python
+.vscode