Skip to content

Commit

Permalink
rework and dry github actions
Browse files Browse the repository at this point in the history
  • Loading branch information
@wendelfabianchinsamy
wendelfabianchinsamy committed Nov 30, 2023
1 parent 6fd4b58 commit e3acc43
Show file tree
Hide file tree
Showing 5 changed files with 109 additions and 223 deletions.
47 changes: 47 additions & 0 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
name: Build and Tag
on:
workflow_call:
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile
push: true
tags: ${{ github.repository }}:latest
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
- name: Push to GitHub Packages
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile
push: true
tags: ghcr.io/${{ github.repository }}:latest
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
140 changes: 6 additions & 134 deletions .github/workflows/deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,143 +5,15 @@ on:
- "master"
jobs:
test:
runs-on: ubuntu-latest
services:
memcached:
image: memcached:1.4.31
ports:
- 11211/udp
env:
MEMCACHE_SERVERS: "localhost:11211"
SECRET_KEY_BASE: ${{ secrets.SECRET_KEY_BASE }}
SESSION_ENCRYPTED_COOKIE_SALT: ${{ secrets.SESSION_ENCRYPTED_COOKIE_SALT }}
JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }}
JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }}
AWS_REGION: ${{ secrets.AWS_REGION }}
steps:
- uses: actions/checkout@v3
- name: Set up Ruby 2.6
uses: ruby/setup-ruby@v1
with:
ruby-version: '2.6'
- uses: actions/cache@v3
with:
path: vendor/bundle
key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
restore-keys: |
${{ runner.os }}-gems-
- name: Install
run: |
cp .env.build .env
gem install bundler
bundle config path vendor/bundle
bundle install --jobs 4 --retry 3
- name: Lint and Test
env:
MEMCACHE_SERVERS: "localhost:11211"
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
STAFF_ADMIN_TOKEN: ${{ secrets.STAFF_ADMIN_TOKEN }}
STAFF_PROFILES_ADMIN_TOKEN: ${{ secrets.STAFF_PROFILES_ADMIN_TOKEN }}
run: |
# bundle exec rubocop
bundle exec rspec
echo $?
# - name: Publish code coverage
# uses: paambaati/[email protected]
# env:
# CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
uses: ./.github/workflows/parallel_ci.yml
secrets: inherit

build:
needs: test
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile
push: true
tags: ${{ github.repository }}:latest
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
- name: Push to GitHub Packages
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile
push: true
tags: ghcr.io/${{ github.repository }}:latest
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
uses: ./.github/workflows/build.yml
secrets: inherit

deploy:
needs: [test, build]
runs-on: ubuntu-latest
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
steps:
- name: Checkout
uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Extract variables
shell: bash
run: |
echo "::set-output name=BRANCH::$(echo ${GITHUB_REF#refs/heads/} | sed 's/\//_/g')"
echo "::set-output name=TAG::$(git tag --points-at HEAD)"
echo "::set-output name=GIT_SHA::$(git rev-parse HEAD)"
echo "::set-output name=GIT_SHA_SHORT::$(git rev-parse --short HEAD)"
echo "::set-output name=MESSAGE::$(git log --format=%B -n 1 ${{ github.event.after }})"
id: extract_variables

- name: Checkout terraform config repo
uses: actions/checkout@v2
with:
# public repo with terraform configuration
repository: 'datacite/mastino'
persist-credentials: false
- name: Commit changes to terraform config repository
# use go template in terraform config repository to update git sha and tag
# commit and push changes to trigger terraform workflow
run: |
export GIT_SHA=${{ steps.extract_variables.outputs.GIT_SHA_SHORT }}
export GIT_TAG=${{ steps.extract_variables.outputs.TAG }}
export VERSION_FILENAME=stage/services/levriero/_levriero.auto.tfvars
sed -e "s/{{ .Env.GIT_SHA }}/$GIT_SHA/g" -e "s/{{ .Env.GIT_TAG }}/$GIT_TAG/g" $VERSION_FILENAME.tmpl > $VERSION_FILENAME
git config --local user.email "[email protected]"
git config --local user.name "GitHub Action"
git add $VERSION_FILENAME
git commit -m "Adding levriero git variables for commit ${{ steps.extract_variables.outputs.GIT_SHA }}"
- name: Push changes
uses: ad-m/[email protected]
with:
github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
repository: 'datacite/mastino'
branch: 'refs/heads/master'
tags: false
uses: ./.github/workflows/update_terraform.yml
secrets: inherit
2 changes: 1 addition & 1 deletion .github/workflows/pull_request.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,6 @@ on:
- master
workflow_dispatch:
jobs:
parallel-test:
test:
uses: ./.github/workflows/parallel_ci.yml
secrets: inherit
92 changes: 4 additions & 88 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,50 +4,8 @@ on:
types: [published]
jobs:
test:
runs-on: ubuntu-latest
services:
memcached:
image: memcached:1.4.31
ports:
- 11211/udp
env:
MEMCACHE_SERVERS: "localhost:11211"
SECRET_KEY_BASE: ${{ secrets.SECRET_KEY_BASE }}
SESSION_ENCRYPTED_COOKIE_SALT: ${{ secrets.SESSION_ENCRYPTED_COOKIE_SALT }}
JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }}
JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }}
AWS_REGION: ${{ secrets.AWS_REGION }}
steps:
- uses: actions/checkout@v3
- name: Set up Ruby 2.6
uses: ruby/setup-ruby@v1
with:
ruby-version: '2.6'
- uses: actions/cache@v3
with:
path: vendor/bundle
key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
restore-keys: |
${{ runner.os }}-gems-
- name: Install
run: |
cp .env.build .env
gem install bundler
bundle config path vendor/bundle
bundle install --jobs 4 --retry 3
- name: Lint and Test
env:
MEMCACHE_SERVERS: "localhost:11211"
STAFF_ADMIN_TOKEN: ${{ secrets.STAFF_ADMIN_TOKEN }}
STAFF_PROFILES_ADMIN_TOKEN: ${{ secrets.STAFF_PROFILES_ADMIN_TOKEN }}
run: |
# bundle exec rubocop
bundle exec rspec
echo $?
# - name: Publish code coverage
# uses: paambaati/[email protected]
# env:
# CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
uses: ./.github/workflows/parallel_ci.yml
secrets: inherit

build:
needs: test
Expand Down Expand Up @@ -100,47 +58,5 @@ jobs:

deploy:
needs: [test, build]
runs-on: ubuntu-latest
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
steps:
- name: Checkout
uses: actions/checkout@v2

- name: Extract variables
shell: bash
run: |
echo "::set-output name=BRANCH::$(echo ${GITHUB_REF#refs/heads/} | sed 's/\//_/g')"
echo "::set-output name=TAG::$(git tag --points-at HEAD)"
echo "::set-output name=GIT_SHA::$(git rev-parse HEAD)"
echo "::set-output name=GIT_SHA_SHORT::$(git rev-parse --short HEAD)"
id: extract_variables

- name: Checkout terraform config repo
uses: actions/checkout@v2
with:
# public repo with terraform configuration
repository: 'datacite/mastino'
persist-credentials: false
- name: Commit changes to terraform config repository
# use go template in terraform config repository to update git sha and tag
# commit and push changes to trigger terraform workflow
run: |
export GIT_SHA=${{ steps.extract_variables.outputs.GIT_SHA_SHORT }}
export GIT_TAG=${{ steps.extract_variables.outputs.TAG }}
export VERSION_FILENAME=prod-eu-west/services/levriero/_levriero.auto.tfvars
sed -e "s/{{ .Env.GIT_SHA }}/$GIT_SHA/g" -e "s/{{ .Env.GIT_TAG }}/$GIT_TAG/g" $VERSION_FILENAME.tmpl > $VERSION_FILENAME
git config --local user.email "[email protected]"
git config --local user.name "GitHub Action"
git add $VERSION_FILENAME
git commit -m "Adding levriero git variables for tag ${{ steps.extract_variables.outputs.GIT_TAG }}"
- name: Push changes
uses: ad-m/[email protected]
with:
github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
repository: 'datacite/mastino'
branch: 'refs/heads/master'
tags: false
uses: ./.github/workflows/update_terraform.yml
secrets: inherit
51 changes: 51 additions & 0 deletions .github/workflows/update_terraform.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
name: Update Terraform
on:
workflow_call:
jobs:
update-terraform:
runs-on: ubuntu-latest
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
steps:
- name: Checkout
uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Extract variables
shell: bash
run: |
echo "::set-output name=BRANCH::$(echo ${GITHUB_REF#refs/heads/} | sed 's/\//_/g')"
echo "::set-output name=TAG::$(git tag --points-at HEAD)"
echo "::set-output name=GIT_SHA::$(git rev-parse HEAD)"
echo "::set-output name=GIT_SHA_SHORT::$(git rev-parse --short HEAD)"
echo "::set-output name=MESSAGE::$(git log --format=%B -n 1 ${{ github.event.after }})"
id: extract_variables

- name: Checkout terraform config repo
uses: actions/checkout@v2
with:
# public repo with terraform configuration
repository: "datacite/mastino"
persist-credentials: false
- name: Commit changes to terraform config repository
# use go template in terraform config repository to update git sha and tag
# commit and push changes to trigger terraform workflow
run: |
export GIT_SHA=${{ steps.extract_variables.outputs.GIT_SHA_SHORT }}
export GIT_TAG=${{ steps.extract_variables.outputs.TAG }}
export VERSION_FILENAME=stage/services/levriero/_levriero.auto.tfvars
sed -e "s/{{ .Env.GIT_SHA }}/$GIT_SHA/g" -e "s/{{ .Env.GIT_TAG }}/$GIT_TAG/g" $VERSION_FILENAME.tmpl > $VERSION_FILENAME
git config --local user.email "[email protected]"
git config --local user.name "GitHub Action"
git add $VERSION_FILENAME
git commit -m "Adding levriero git variables for commit ${{ steps.extract_variables.outputs.GIT_SHA }}"
- name: Push changes
uses: ad-m/[email protected]
with:
github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
repository: "datacite/mastino"
branch: "refs/heads/master"
tags: false

0 comments on commit e3acc43

Please sign in to comment.