Merge branch 'fix-platform-deployment' of github.com:pennlabs/platfor… #501
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Generated by cdkactions. Do not modify | |
# Generated as part of the 'platform' stack. | |
name: Build and Deploy | |
on: push | |
jobs: | |
django-check: | |
name: Django Check | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Cache | |
uses: actions/cache@v2 | |
with: | |
path: ~/.local/share/virtualenvs | |
key: v0-${{ hashFiles('backend/Pipfile.lock') }} | |
- name: Install Dependencies | |
run: |- | |
cd backend | |
pip install pipenv | |
pipenv install --deploy --dev | |
- name: Lint (flake8) | |
run: |- | |
cd backend | |
pipenv run flake8 . | |
- name: Lint (black) | |
run: |- | |
cd backend | |
pipenv run black --check . | |
- name: Test (run in parallel) | |
run: |- | |
cd backend | |
pipenv run python -m coverage run --concurrency=multiprocessing manage.py test --settings=Platform.settings.ci --parallel | |
pipenv run python -m coverage combine | |
container: | |
image: python:3.10-buster | |
env: | |
DATABASE_URL: postgres://postgres:postgres@postgres:5432/postgres | |
services: | |
postgres: | |
image: postgres:12 | |
env: | |
POSTGRES_USER: postgres | |
POSTGRES_DB: postgres | |
POSTGRES_PASSWORD: postgres | |
options: "--health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5" | |
publish-backend: | |
name: Publish backend | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: docker/setup-qemu-action@v1 | |
- uses: docker/setup-buildx-action@v1 | |
- name: Cache Docker layers | |
uses: actions/cache@v2 | |
with: | |
path: /tmp/.buildx-cache | |
key: buildx-publish-backend | |
- uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Build/Publish | |
uses: docker/build-push-action@v2 | |
with: | |
context: backend | |
file: backend/Dockerfile | |
push: ${{ github.ref == 'refs/heads/master' }} | |
cache-from: type=local,src=/tmp/.buildx-cache,type=registry,ref=pennlabs/platform-backend:latest | |
cache-to: type=local,dest=/tmp/.buildx-cache | |
tags: pennlabs/platform-backend:latest,pennlabs/platform-backend:${{ github.sha }} | |
needs: django-check | |
publish-platform-dev: | |
name: Publish platform-dev | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: docker/setup-qemu-action@v1 | |
- uses: docker/setup-buildx-action@v1 | |
- name: Cache Docker layers | |
uses: actions/cache@v2 | |
with: | |
path: /tmp/.buildx-cache | |
key: buildx-publish-platform-dev | |
- uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Build/Publish | |
uses: docker/build-push-action@v2 | |
with: | |
context: backend | |
file: backend/Dockerfile.dev | |
push: ${{ github.ref == 'refs/heads/master' }} | |
cache-from: type=local,src=/tmp/.buildx-cache,type=registry,ref=pennlabs/platform-dev:latest | |
cache-to: type=local,dest=/tmp/.buildx-cache | |
tags: pennlabs/platform-dev:latest,pennlabs/platform-dev:${{ github.sha }} | |
needs: django-check | |
react-check: | |
name: React Check | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Cache | |
uses: actions/cache@v2 | |
with: | |
path: "**/node_modules" | |
key: v0-${{ hashFiles('frontend/yarn.lock') }} | |
- name: Install Dependencies | |
run: |- | |
cd frontend | |
yarn install --frozen-lockfile | |
- name: Lint | |
run: |- | |
cd frontend | |
yarn lint | |
- name: Test | |
run: |- | |
cd frontend | |
yarn test | |
- name: Upload Code Coverage | |
run: |- | |
ROOT=$(pwd) | |
cd frontend | |
yarn run codecov -p $ROOT -F frontend | |
container: | |
image: node:14 | |
publish-frontend: | |
name: Publish frontend | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: docker/setup-qemu-action@v1 | |
- uses: docker/setup-buildx-action@v1 | |
- name: Cache Docker layers | |
uses: actions/cache@v2 | |
with: | |
path: /tmp/.buildx-cache | |
key: buildx-publish-frontend | |
- uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Build/Publish | |
uses: docker/build-push-action@v2 | |
with: | |
context: frontend | |
file: frontend/Dockerfile | |
push: ${{ github.ref == 'refs/heads/master' }} | |
cache-from: type=local,src=/tmp/.buildx-cache,type=registry,ref=pennlabs/platform-frontend:latest | |
cache-to: type=local,dest=/tmp/.buildx-cache | |
tags: pennlabs/platform-frontend:latest,pennlabs/platform-frontend:${{ github.sha }} | |
needs: react-check | |
deploy: | |
runs-on: ubuntu-latest | |
if: github.ref == 'refs/heads/master' | |
steps: | |
- uses: actions/checkout@v2 | |
- id: synth | |
name: Synth cdk8s manifests | |
run: |- | |
cd k8s | |
yarn install --frozen-lockfile | |
# get repo name (by removing owner/organization) | |
export RELEASE_NAME=${REPOSITORY#*/} | |
# Export RELEASE_NAME as an output | |
echo "::set-output name=RELEASE_NAME::$RELEASE_NAME" | |
yarn build | |
env: | |
GIT_SHA: ${{ github.sha }} | |
REPOSITORY: ${{ github.repository }} | |
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} | |
- name: Deploy | |
run: |- | |
aws eks --region us-east-1 update-kubeconfig --name production --role-arn arn:aws:iam::${AWS_ACCOUNT_ID}:role/kubectl | |
# get repo name from synth step | |
RELEASE_NAME=${{ steps.synth.outputs.RELEASE_NAME }} | |
# Deploy | |
kubectl apply -f k8s/dist/ -l app.kubernetes.io/component=certificate | |
kubectl apply -f k8s/dist/ --prune -l app.kubernetes.io/part-of=$RELEASE_NAME | |
env: | |
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} | |
AWS_ACCESS_KEY_ID: ${{ secrets.GH_AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.GH_AWS_SECRET_ACCESS_KEY }} | |
needs: | |
- publish-backend | |
- publish-frontend | |
- publish-platform-dev |