-
Notifications
You must be signed in to change notification settings - Fork 4
173 lines (169 loc) · 6.46 KB
/
django.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
name: CI build
on:
workflow_call:
secrets:
GOOGLE_API_KEY:
required: true
SMS_API_KEY:
required: true
EMAIL_ID:
required: true
EMAIL_PRIVATE_API_KEY:
required: true
GOOGLE_MAPS_API_KEY:
required: true
AWS_ACCESS_KEY:
required: true
AWS_SECRET_ACCESS_KEY:
required: true
YANDEX_CLIENT_DOCS_BUCKET_NAME:
required: true
FCM_SERVER_KEY:
required: true
FIREBASE_PROJECT_ID:
required: true
FIREBASE_PRIVATE_KEY_ID:
required: true
FIREBASE_PRIVATE_KEY:
required: true
FIREBASE_CLIENT_EMAIL:
required: true
FIREBASE_CLIENT_ID:
required: true
FIREBASE_CLIENT_CERT_URL:
required: true
push:
branches:
- '*'
- '*/*'
- '**'
- '!main'
- '!dev'
jobs:
docker_build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
# Registry login step intentionally missing
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-single-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-single-buildx
- name: Create env file
run: |
touch .env
echo GOOGLE_API_KEY=${{ secrets.GOOGLE_API_KEY }} >> .env
echo SMS_API_KEY=${{secrets.SMS_API_KEY}} >> .env
echo EMAIL_ID=${{ secrets.EMAIL_ID }} >> .env
echo EMAIL_PRIVATE_API_KEY=${{ secrets.EMAIL_PRIVATE_API_KEY }} >> .env
echo GOOGLE_MAPS_API_KEY=${{secrets.GOOGLE_MAPS_API_KEY}} >> .env
echo AWS_ACCESS_KEY=${{secrets.AWS_ACCESS_KEY}} >> .env
echo AWS_SECRET_ACCESS_KEY=${{secrets.AWS_SECRET_ACCESS_KEY}} >> .env
echo YANDEX_CLIENT_DOCS_BUCKET_NAME=${{secrets.YANDEX_CLIENT_DOCS_BUCKET_NAME}} >> .env
echo FCM_SERVER_KEY=${{secrets.FCM_SERVER_KEY}} >> .env
echo FIREBASE_PROJECT_ID=${{secrets.FIREBASE_PROJECT_ID}} >> .env
echo FIREBASE_PRIVATE_KEY_ID=${{secrets.FIREBASE_PRIVATE_KEY_ID}} >> .env
echo FIREBASE_PRIVATE_KEY=${{secrets.FIREBASE_PRIVATE_KEY}} >> .env
echo FIREBASE_CLIENT_EMAIL=${{secrets.FIREBASE_CLIENT_EMAIL}} >> .env
echo FIREBASE_CLIENT_ID=${{secrets.FIREBASE_CLIENT_ID}} >> .env
echo FIREBASE_CLIENT_CERT_URL=${{secrets.FIREBASE_CLIENT_CERT_URL}} >> .env
- name: Look up existing images
run: docker image ls
- name: Build local image
uses: docker/build-push-action@v2
with:
context: .
builder: ${{ steps.buildx.outputs.name }}
file: docker/local.Dockerfile
load: true
tags: django-local
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
- name: Look up images
run: docker image ls
- name: Type check
run: docker-compose run django mypy open_schools_platform/
- name: Run migrations
run: docker-compose run django python manage.py migrate
- name: Collectstatic
run: docker-compose run django python manage.py collectstatic
- name: Run tests
run: docker-compose run django py.test
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
build:
runs-on: ubuntu-latest
services:
postgres:
image: postgis/postgis:14-3.2
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: github_actions
ports:
- 5432:5432
# needed because the postgres container does not provide a healthcheck
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: 3.9
cache: "pip"
cache-dependency-path: |
requirements/local.txt
requirements/base.txt
requirements/dev.txt
# This is a more aggresive cache.
# The one above caches the wheel files, but still runs the installation for them
# While the cache below caches the entire Python directory.
- name: Cache pip
uses: actions/cache@v3
with:
path: /opt/hostedtoolcache/Python/3.9/x64/ # This path is specific to Ubuntu
key: python-${{ hashFiles('requirements/local.txt') }}-${{ hashFiles('requirements/base.txt') }}
- name: Create env file
run: |
touch .env
echo GOOGLE_API_KEY=${{ secrets.GOOGLE_API_KEY }} >> .env
echo SMS_API_KEY=${{secrets.SMS_API_KEY}} >> .env
echo EMAIL_ID=${{ secrets.EMAIL_ID }} >> .env
echo EMAIL_PRIVATE_API_KEY=${{ secrets.EMAIL_PRIVATE_API_KEY }} >> .env
echo GOOGLE_MAPS_API_KEY=${{secrets.GOOGLE_MAPS_API_KEY}} >> .env
echo AWS_ACCESS_KEY=${{secrets.AWS_ACCESS_KEY}} >> .env
echo AWS_SECRET_ACCESS_KEY=${{secrets.AWS_SECRET_ACCESS_KEY}} >> .env
echo YANDEX_CLIENT_DOCS_BUCKET_NAME=${{secrets.YANDEX_CLIENT_DOCS_BUCKET_NAME}} >> .env
echo FCM_SERVER_KEY=${{secrets.FCM_SERVER_KEY}} >> .env
echo FIREBASE_PROJECT_ID=${{secrets.FIREBASE_PROJECT_ID}} >> .env
echo FIREBASE_PRIVATE_KEY_ID=${{secrets.FIREBASE_PRIVATE_KEY_ID}} >> .env
echo FIREBASE_PRIVATE_KEY=${{secrets.FIREBASE_PRIVATE_KEY}} >> .env
echo FIREBASE_CLIENT_EMAIL=${{secrets.FIREBASE_CLIENT_EMAIL}} >> .env
echo FIREBASE_CLIENT_ID=${{secrets.FIREBASE_CLIENT_ID}} >> .env
echo FIREBASE_CLIENT_CERT_URL=${{secrets.FIREBASE_CLIENT_CERT_URL}} >> .env
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements/local.txt
sudo apt-get update
sudo apt-get install binutils libproj-dev gdal-bin
sudo apt-get install libgeos++
sudo apt-get install proj-bin
sudo apt install gdal-bin
- name: Lint check
run: flake8 open_schools_platform/
- name: Type check
run: mypy open_schools_platform/
- name: Run migrations
run: python manage.py migrate
- name: Collectstatic
run: python manage.py collectstatic
- name: Run tests
run: py.test