200 lines
6 KiB
YAML
200 lines
6 KiB
YAML
name: passbook-ci
|
|
on:
|
|
- push
|
|
env:
|
|
POSTGRES_DB: passbook
|
|
POSTGRES_USER: passbook
|
|
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
|
|
|
|
jobs:
|
|
# Linting
|
|
pylint:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v1
|
|
- uses: actions/cache@v1
|
|
with:
|
|
path: ~/.local/share/virtualenvs/
|
|
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-pipenv-
|
|
- name: Install dependencies
|
|
run: pip install -U pip pipenv && pipenv install --dev
|
|
- name: Lint with pylint
|
|
run: pipenv run pylint passbook
|
|
black:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v1
|
|
- uses: actions/cache@v1
|
|
with:
|
|
path: ~/.local/share/virtualenvs/
|
|
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-pipenv-
|
|
- name: Install dependencies
|
|
run: pip install -U pip pipenv && pipenv install --dev
|
|
- name: Lint with black
|
|
run: pipenv run black --check passbook
|
|
prospector:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v1
|
|
- uses: actions/cache@v1
|
|
with:
|
|
path: ~/.local/share/virtualenvs/
|
|
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-pipenv-
|
|
- name: Install dependencies
|
|
run: pip install -U pip pipenv && pipenv install --dev && pipenv install --dev prospector --skip-lock
|
|
- name: Lint with prospector
|
|
run: pipenv run prospector
|
|
bandit:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v1
|
|
- uses: actions/cache@v1
|
|
with:
|
|
path: ~/.local/share/virtualenvs/
|
|
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-pipenv-
|
|
- name: Install dependencies
|
|
run: pip install -U pip pipenv && pipenv install --dev
|
|
- name: Lint with bandit
|
|
run: pipenv run bandit -r passbook
|
|
# Actual CI tests
|
|
migrations:
|
|
needs:
|
|
- pylint
|
|
- black
|
|
- prospector
|
|
services:
|
|
postgres:
|
|
image: postgres:latest
|
|
env:
|
|
POSTGRES_DB: passbook
|
|
POSTGRES_USER: passbook
|
|
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
|
|
ports:
|
|
- 5432:5432
|
|
redis:
|
|
image: redis:latest
|
|
ports:
|
|
- 6379:6379
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v1
|
|
- uses: actions/cache@v1
|
|
with:
|
|
path: ~/.local/share/virtualenvs/
|
|
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-pipenv-
|
|
- name: Install dependencies
|
|
run: pip install -U pip pipenv && pipenv install --dev
|
|
- name: Run migrations
|
|
run: pipenv run ./manage.py migrate
|
|
coverage:
|
|
needs:
|
|
- pylint
|
|
- black
|
|
- prospector
|
|
services:
|
|
postgres:
|
|
image: postgres:latest
|
|
env:
|
|
POSTGRES_DB: passbook
|
|
POSTGRES_USER: passbook
|
|
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
|
|
ports:
|
|
- 5432:5432
|
|
redis:
|
|
image: redis:latest
|
|
ports:
|
|
- 6379:6379
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v1
|
|
- uses: actions/cache@v1
|
|
with:
|
|
path: ~/.local/share/virtualenvs/
|
|
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-pipenv-
|
|
- name: Install dependencies
|
|
run: pip install -U pip pipenv && pipenv install --dev
|
|
- name: Run coverage
|
|
run: pipenv run ./scripts/coverage.sh
|
|
# Build
|
|
build-server:
|
|
needs:
|
|
- migrations
|
|
- coverage
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v1
|
|
- name: Docker Login Registry
|
|
env:
|
|
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
|
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
|
run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
|
|
- name: Building Docker Image
|
|
run: docker build
|
|
--no-cache
|
|
-t beryju/passbook:${GITHUB_REF##*/}
|
|
-f Dockerfile .
|
|
- name: Push Docker Container to Registry
|
|
run: docker push beryju/passbook:${GITHUB_REF##*/}
|
|
build-gatekeeper:
|
|
needs:
|
|
- migrations
|
|
- coverage
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v1
|
|
- name: Docker Login Registry
|
|
env:
|
|
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
|
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
|
run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
|
|
- name: Building Docker Image
|
|
run: |
|
|
cd gatekeeper
|
|
docker build \
|
|
--no-cache \
|
|
-t beryju/passbook-gatekeeper:${GITHUB_REF##*/} \
|
|
-f Dockerfile .
|
|
- name: Push Docker Container to Registry
|
|
run: docker push beryju/passbook-gatekeeper:${GITHUB_REF##*/}
|
|
build-static:
|
|
needs:
|
|
- migrations
|
|
- coverage
|
|
runs-on: ubuntu-latest
|
|
services:
|
|
postgres:
|
|
image: postgres:latest
|
|
env:
|
|
POSTGRES_DB: passbook
|
|
POSTGRES_USER: passbook
|
|
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
|
|
redis:
|
|
image: redis:latest
|
|
steps:
|
|
- uses: actions/checkout@v1
|
|
- name: Docker Login Registry
|
|
env:
|
|
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
|
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
|
run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
|
|
- name: Building Docker Image
|
|
run: docker build
|
|
--no-cache
|
|
--network=$(docker network ls | grep github | awk '{print $1}')
|
|
-t beryju/passbook-static:${GITHUB_REF##*/}
|
|
-f static.Dockerfile .
|
|
- name: Push Docker Container to Registry
|
|
run: docker push beryju/passbook-static:${GITHUB_REF##*/}
|