From dcd1113f766288d85cf9d1a22fb49d5f5caa467b Mon Sep 17 00:00:00 2001 From: Daniel Thorn Date: Mon, 29 Apr 2024 09:02:00 -0700 Subject: [PATCH] OBS-158: Add github actions CI --- .github/workflows/build-and-push.yml | 93 ++++++++++++++++++++++++++++ 1 file changed, 93 insertions(+) create mode 100644 .github/workflows/build-and-push.yml diff --git a/.github/workflows/build-and-push.yml b/.github/workflows/build-and-push.yml new file mode 100644 index 00000000..c11dbad4 --- /dev/null +++ b/.github/workflows/build-and-push.yml @@ -0,0 +1,93 @@ +name: Build, test and push a Docker image + +on: + push: + branches: + - main + tags: + - v20[0-9][0-9].[01][0-9].[0-3][0-9] # e.g. v2023.12.04 + - v20[0-9][0-9].[01][0-9].[0-3][0-9]-[0-9] # e.g. v2023.12.04-2 + pull_request: + branches: + - main + +jobs: + build: + permissions: + contents: read + deployments: write + id-token: write + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Get info + run: | + uname -v + docker info + - name: Create version.json + run: | + # create a version.json per + # https://github.com/mozilla-services/Dockerflow/blob/master/docs/version_object.md + printf '{"commit":"%s","version":"%s","source":"%s","build":"%s"}\n' \ + "$GITHUB_SHA" \ + "$GITHUB_REF_NAME" \ + "$GITHUB_SERVER_URL/$GITHUB_REPOSITORY" \ + "$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" > version.json + - name: Output version.json + run: cat version.json + - name: Build Docker images + run: make build + - name: Verify requirements.txt contains correct dependencies + run: | + docker compose run --rm --no-deps ci shell ./bin/run_verify_reqs.sh + - name: Run lint check + run: | + make my.env + docker compose run --rm --no-deps ci shell ./bin/run_lint.sh + - name: Run tests + run: | + make my.env + docker compose up --detach --no-color \ + localstack \ + statsd \ + fakesentry + docker compose run --rm ci shell ./bin/run_tests.sh + - name: Run systemtest + run: | + docker compose run --rm ci-web shell ./bin/run_setup.sh + docker compose up --detach --wait --wait-timeout=10 ci-web + docker compose run --rm ci-web shell bash -c 'cd systemtest && NGINX_TESTS=0 POST_CHECK=1 HOST=http://ci-web:8000 pytest -vv' + - name: Run systemtest with pubsub and gcs + run: | + echo 'CRASHMOVER_CRASHPUBLISH_CLASS=antenna.ext.pubsub.crashpublish.PubSubCrashPublish' >> my.env + echo 'CRASHMOVER_CRASHSTORAGE_CLASS=antenna.ext.gcs.crashstorage.GcsCrashStorage' >> my.env + docker compose run --rm ci-web shell ./bin/run_setup.sh + docker compose up --detach --wait --wait-timeout=10 ci-web + # Use -m "not aws" to select gcp and unmarked tests + docker compose run --rm ci-web shell bash -c 'cd systemtest && NGINX_TESTS=0 POST_CHECK=1 HOST=http://ci-web:8000 pytest -vv -m "not aws"' + # remove config on last two lines + sed '$d' -i my.env + sed '$d' -i my.env + + - name: Set Docker image tag to "latest" for updates of the main branch + if: github.ref == 'refs/heads/main' + run: | + echo IMAGE_TAG=latest >> "$GITHUB_ENV" + # Updates to the main branch are deployed to stage. + echo DEPLOYMENT_ENV=stage >> "$GITHUB_ENV" + - name: Set Docker image tag to the git tag for tagged builds + if: startsWith(github.ref, 'refs/tags/') + run: | + echo IMAGE_TAG="$GITHUB_REF_NAME" >> "$GITHUB_ENV" + # Version tags are deployed to prod. + echo DEPLOYMENT_ENV=prod >> "$GITHUB_ENV" + - name: Push the Docker image to GAR + if: env.IMAGE_TAG != '' + uses: mozilla-it/deploy-actions/docker-push@v3.9.0 + with: + local_image: local/antenna_deploy_base:latest + image_repo_path: ${{ secrets.DOCKER_IMAGE_PATH }} + image_tag: ${{ env.IMAGE_TAG }} + workload_identity_pool_project_number: ${{ secrets.WORKLOAD_IDENTITY_POOL_PROJECT_NUMBER }} + project_id: ${{ secrets.GCP_PROJECT_ID }} + deployment_env: ${{ env.DEPLOYMENT_ENV }}