trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

all: migrate to github

This commit is contained in:
Jens Langhammer 2019-12-30 10:25:35 +01:00
parent b21fd10093
commit f986dc89ad
12 changed files with 206 additions and 173 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

193
.github/workflows/ci.yml vendored Normal file
View File

@ -0,0 +1,193 @@
name: passbook | CI
on:
- push
- release
env:
POSTGRES_DB: passbook
POSTGRES_USER: passbook
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
jobs:
# Linting
pylint:
runs-on: [ubuntu-latest]
steps:
- uses: actions/checkout@v1
- uses: actions/setup-python@v1
with:
python-version: '3.7'
- uses: actions/cache@v1
with:
path: ~/.local/share/virtualenvs/
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
restore-keys: |
${{ runner.os }}-pipenv-
- name: Install dependencies
run: pip install -U pip pipenv && pipenv install --dev
- name: Lint with pylint
run: pipenv run pylint passbook
isort:
runs-on: [ubuntu-latest]
steps:
- uses: actions/checkout@v1
- uses: actions/setup-python@v1
with:
python-version: '3.7'
- uses: actions/cache@v1
with:
path: ~/.local/share/virtualenvs/
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
restore-keys: |
${{ runner.os }}-pipenv-
- name: Install dependencies
run: pip install -U pip pipenv && pipenv install --dev
- name: Lint with isort
run: pipenv run isort -c
prospector:
runs-on: [ubuntu-latest]
steps:
- uses: actions/checkout@v1
- uses: actions/setup-python@v1
with:
python-version: '3.7'
- uses: actions/cache@v1
with:
path: ~/.local/share/virtualenvs/
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
restore-keys: |
${{ runner.os }}-pipenv-
- name: Install dependencies
run: pip install -U pip pipenv && pipenv install --dev
- name: Lint with prospector
run: pipenv run prospector
# Actual CI tests
migrations:
needs:
- pylint
- isort
- prospector
services:
postgres:
image: postgres:latest
env:
POSTGRES_DB: passbook
POSTGRES_USER: passbook
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
ports:
- 5432:5432
redis:
image: redis:latest
ports:
- 6379:6379
runs-on: [ubuntu-latest]
steps:
- uses: actions/checkout@v1
- uses: actions/setup-python@v1
with:
python-version: '3.7'
- uses: actions/cache@v1
with:
path: ~/.local/share/virtualenvs/
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
restore-keys: |
${{ runner.os }}-pipenv-
- name: Install dependencies
run: pip install -U pip pipenv && pipenv install --dev
- name: Run migrations
run: pipenv run ./manage.py migrate
coverage:
needs:
- pylint
- isort
- prospector
services:
postgres:
image: postgres:latest
env:
POSTGRES_DB: passbook
POSTGRES_USER: passbook
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
ports:
- 5432:5432
redis:
image: redis:latest
ports:
- 6379:6379
runs-on: [ubuntu-latest]
steps:
- uses: actions/checkout@v1
- uses: actions/setup-python@v1
with:
python-version: '3.7'
- uses: actions/cache@v1
with:
path: ~/.local/share/virtualenvs/
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
restore-keys: |
${{ runner.os }}-pipenv-
- name: Install dependencies
run: pip install -U pip pipenv && pipenv install --dev
- name: Run coverage
run: pipenv run ./scripts/coverage.sh
# Build
build-server:
needs:
- migrations
- coverage
runs-on: [ubuntu-latest]
steps:
- uses: actions/checkout@v1
- name: Docker Login Registry
env:
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
- name: Building Docker Image
run: docker build --no-cache -t beryju/passbook:${{ github.sha }} -f Dockerfile .
- name: Push Docker Container to Registry
run: docker push beryju/passbook:${{ github.sha }}
build-static:
needs:
- migrations
- coverage
runs-on: [ubuntu-latest]
services:
postgres:
image: postgres:latest
env:
POSTGRES_DB: passbook
POSTGRES_USER: passbook
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
redis:
image: redis:latest
steps:
- uses: actions/checkout@v1
- name: Docker Login Registry
env:
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
- name: Building Docker Image
run: docker build
--no-cache
--network=$(docker network ls | grep github | awk '{print $1}')
-t beryju/passbook-static:${{ github.sha }}
-f static.Dockerfile .
- name: Push Docker Container to Registry
run: docker push beryju/passbook-static:${{ github.sha }}
package-helm:
needs:
- build-server
- build-static
runs-on: [ubuntu-latest]
steps:
- uses: actions/checkout@v1
- name: Install Helm
run: |
apt update && apt install -y curl
curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
helm init
- name: Helm package
run: |
helm dependency update helm/passbook
helm package helm/passbook

160
.gitlab-ci.yml
View File

@ -1,160 +0,0 @@
# Global Variables
stages:
- build-base-image
- build-dev-image
- test
- build
- package
- post-release
image: docker.beryju.org/passbook/dev:latest
variables:
POSTGRES_DB: passbook
POSTGRES_USER: passbook
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
before_script:
- pip install pipenv
# Ensure all dependencies are installed, even those not included in passbook/dev
# According to pipenv docs, -d outputs all packages, however it actually does not
- pipenv lock -r > requirements-all.txt
- pipenv lock -rd >> requirements-all.txt
- pip install -r requirements-all.txt
create-base-image:
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
before_script:
- echo "{\"auths\":{\"docker.beryju.org\":{\"auth\":\"$DOCKER_AUTH\"}}}" > /kaniko/.docker/config.json
script:
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/base.Dockerfile --destination docker.beryju.org/passbook/base:latest
stage: build-base-image
only:
refs:
- tags
- /^version/.*$/
build-dev-image:
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
before_script:
- echo "{\"auths\":{\"docker.beryju.org\":{\"auth\":\"$DOCKER_AUTH\"}}}" > /kaniko/.docker/config.json
script:
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/dev.Dockerfile --destination docker.beryju.org/passbook/dev:latest
stage: build-dev-image
only:
refs:
- tags
- /^version/.*$/
isort:
script:
- isort -c -sg env
stage: test
services:
- postgres:latest
- redis:latest
migrations:
script:
- python manage.py migrate
stage: test
services:
- postgres:latest
- redis:latest
prospector:
script:
- prospector
stage: test
services:
- postgres:latest
- redis:latest
pylint:
script:
- pylint passbook
stage: test
services:
- postgres:latest
- redis:latest
coverage:
script:
- ./scripts/coverage.sh
stage: test
services:
- postgres:latest
- redis:latest
build-passbook-server:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
before_script:
- echo "{\"auths\":{\"docker.beryju.org\":{\"auth\":\"$DOCKER_AUTH\"}}}" > /kaniko/.docker/config.json
script:
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination docker.beryju.org/passbook/server:latest --destination docker.beryju.org/passbook/server:0.7.5-beta
only:
- tags
- /^version/.*$/
build-docs:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
before_script:
- echo "{\"auths\":{\"docker.beryju.org\":{\"auth\":\"$DOCKER_AUTH\"}}}" > /kaniko/.docker/config.json
script:
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/docs/Dockerfile --destination docker.beryju.org/passbook/docs:latest --destination docker.beryju.org/passbook/docs:0.7.5-beta
only:
- tags
- /^version/.*$/
build-passbook-static:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
before_script:
- echo "{\"auths\":{\"docker.beryju.org\":{\"auth\":\"$DOCKER_AUTH\"}}}" > /kaniko/.docker/config.json
script:
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/static.Dockerfile --destination docker.beryju.org/passbook/static:latest --destination docker.beryju.org/passbook/static:0.7.5-beta
only:
- tags
- /^version/.*$/
# running collectstatic fully initialises django, hence we need that databases
services:
- postgres:latest
- redis:latest
package-helm:
image: debian:stretch-slim
stage: package
before_script:
- apt update && apt install -y curl
- curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
script:
- helm dependency update helm
- helm package helm
artifacts:
paths:
- passbook-*.tgz
expire_in: 1 week
only:
- tags
- /^version/.*$/
notify-sentry:
image: getsentry/sentry-cli
stage: post-release
variables:
SENTRY_URL: https://sentry.beryju.org
SENTRY_ORG: beryjuorg
SENTRY_PROJECT: passbook
before_script:
- apk add curl
script:
- sentry-cli releases new passbook@0.7.5-beta
- sentry-cli releases set-commits --auto passbook@0.7.5-beta
only:
- tags
- /^version/.*$/

2
Dockerfile
View File

@ -1,4 +1,4 @@
FROM docker.beryju.org/passbook/base:latest FROM beryju/passbook-base:latest
COPY ./passbook/ /app/passbook COPY ./passbook/ /app/passbook
COPY ./manage.py /app/ COPY ./manage.py /app/

2
dev.Dockerfile
View File

@ -1,3 +1,3 @@
FROM docker.beryju.org/passbook/base:latest FROM beryju/passbook-base:latest
RUN pip install -r /app/requirements-dev.txt --no-cache-dir RUN pip install -r /app/requirements-dev.txt --no-cache-dir

6
docker-compose.yml
View File

@ -21,7 +21,7 @@ services:
labels: labels:
- traefik.enable=false - traefik.enable=false
server: server:
image: docker.beryju.org/passbook/server:${SERVER_TAG:-latest} image: beryju/passbook:${SERVER_TAG:-latest}
command: command:
- uwsgi - uwsgi
- uwsgi.ini - uwsgi.ini
@ -40,7 +40,7 @@ services:
- traefik.docker.network=internal - traefik.docker.network=internal
- traefik.frontend.rule=PathPrefix:/ - traefik.frontend.rule=PathPrefix:/
worker: worker:
image: docker.beryju.org/passbook/server:${SERVER_TAG:-latest} image: beryju/passbook:${SERVER_TAG:-latest}
command: command:
- celery - celery
- worker - worker
@ -60,7 +60,7 @@ services:
- PASSBOOK_POSTGRESQL__HOST=postgresql - PASSBOOK_POSTGRESQL__HOST=postgresql
- PASSBOOK_POSTGRESQL__PASSWORD=${PG_PASS:-thisisnotagoodpassword} - PASSBOOK_POSTGRESQL__PASSWORD=${PG_PASS:-thisisnotagoodpassword}
static: static:
image: docker.beryju.org/passbook/static:latest image: beryju/passbook-static:latest
networks: networks:
- internal - internal
labels: labels:

2
docs/k8s/deployment.yml
View File

@ -19,7 +19,7 @@ spec:
spec: spec:
containers: containers:
- name: passbook-docs - name: passbook-docs
image: "docker.beryju.org/passbook/docs:latest" image: "beryju/passbook-docs:latest"
ports: ports:
- name: http - name: http
containerPort: 80 containerPort: 80

2
helm/templates/static-deployment.yaml
View File

@ -21,7 +21,7 @@ spec:
spec: spec:
containers: containers:
- name: {{ .Chart.Name }}-static - name: {{ .Chart.Name }}-static
image: "docker.beryju.org/passbook/static:{{ .Values.image.tag }}" image: "beryju/passbook-static:{{ .Values.image.tag }}"
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
ports: ports:
- name: http - name: http

4
helm/templates/web-deployment.yaml
View File

@ -26,7 +26,7 @@ spec:
name: {{ include "passbook.fullname" . }}-config name: {{ include "passbook.fullname" . }}-config
initContainers: initContainers:
- name: passbook-database-migrations - name: passbook-database-migrations
image: "docker.beryju.org/passbook/server:{{ .Values.image.tag }}" image: "beryju/passbook:{{ .Values.image.tag }}"
command: command:
- ./manage.py - ./manage.py
args: args:
@ -56,7 +56,7 @@ spec:
key: postgresql-password key: postgresql-password
containers: containers:
- name: {{ .Chart.Name }} - name: {{ .Chart.Name }}
image: "docker.beryju.org/passbook/server:{{ .Values.image.tag }}" image: "beryju/passbook:{{ .Values.image.tag }}"
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
command: command:
- uwsgi - uwsgi

2
helm/templates/worker-deployment.yaml
View File

@ -26,7 +26,7 @@ spec:
name: {{ include "passbook.fullname" . }}-config name: {{ include "passbook.fullname" . }}-config
containers: containers:
- name: {{ .Chart.Name }} - name: {{ .Chart.Name }}
image: "docker.beryju.org/passbook/server:{{ .Values.image.tag }}" image: "beryju/passbook:{{ .Values.image.tag }}"
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
command: command:
- celery - celery

2
passbook/providers/app_gw/templates/app_gw/k8s-manifest.yaml
View File

@ -25,7 +25,7 @@ spec:
value: {{ provider.client.client_secret }} value: {{ provider.client.client_secret }}
- name: OAUTH2_PROXY_COOKIE_SECRET - name: OAUTH2_PROXY_COOKIE_SECRET
value: {{ cookie_secret }} value: {{ cookie_secret }}
image: docker.beryju.org/passbook/gatekeeper:{{ version }} image: beryju/passbook-gatekeeper:{{ version }}
imagePullPolicy: Always imagePullPolicy: Always
name: passbook-gatekeeper name: passbook-gatekeeper
ports: ports:

2
passbook/providers/app_gw/templates/app_gw/setup_modal.html
View File

@ -34,7 +34,7 @@
services: services:
passbook_gatekeeper: passbook_gatekeeper:
container_name: gatekeeper container_name: gatekeeper
image: docker.beryju.org/passbook/gatekeeper:{{ version }} image: beryju/passbook-gatekeeper:{{ version }}
ports: ports:
- 4180:4180 - 4180:4180
environment: environment:

2
static.Dockerfile
View File

@ -1,4 +1,4 @@
FROM docker.beryju.org/passbook/dev:latest as static-build FROM beryju/passbook-dev:latest as static-build
COPY ./passbook/ /app/passbook COPY ./passbook/ /app/passbook
COPY ./manage.py /app/ COPY ./manage.py /app/