diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index fe9059d..9c6427a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,11 +12,38 @@ on: workflow_dispatch: env: - IMAGE_NAME: floris272/open-producten-test + IMAGE_NAME: maykinmedia/open-producten DJANGO_SETTINGS_MODULE: open_producten.conf.ci DOCKER_BUILDKIT: '1' jobs: + + setup: + name: Set up the build variables + runs-on: ubuntu-latest + outputs: + tag: ${% templatetag openvariable %} steps.vars.outputs.tag {% templatetag closevariable %} + git_hash: ${% templatetag openvariable %} steps.vars.outputs.git_hash {% templatetag closevariable %} + + steps: + - name: Extract version information + id: vars + run: | + # Strip git ref prefix from version + VERSION=$(echo "${% templatetag openvariable %} github.ref {% templatetag closevariable %}" | sed -e 's,.*/\(.*\),\1,') + + # Strip "v" prefix from tag name (if present at all) + [[ "${% templatetag openvariable %} github.ref {% templatetag closevariable %}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//') + + # Use Docker `latest` tag convention + [ "$VERSION" == "main" ] && VERSION=latest + + # PRs result in version 'merge' -> transform that into 'latest' + [ "$VERSION" == "merge" ] && VERSION=latest + + echo "tag=${VERSION}" >> $GITHUB_OUTPUT + echo "git_hash=${GITHUB_SHA}" >> $GITHUB_OUTPUT + tests: name: Run the Django test suite runs-on: ubuntu-latest @@ -29,17 +56,21 @@ jobs: ports: - 5432:5432 # Needed because the postgres container does not provide a healthcheck - options: - --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 + options: >- + --name postgres + --health-cmd pg_isready + --health-interval 10s + --health-timeout 5s + --health-retries 5 --name postgres redis: image: redis:6 ports: - 6379:6379 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up backend environment - uses: maykinmedia/setup-django-backend@v1 + uses: maykinmedia/setup-django-backend@v1.3 with: python-version: '3.11' optimize-postgres: 'yes' @@ -48,13 +79,6 @@ jobs: # apt-packages: 'gettext postgresql-client' # the default # npm-ci-flags: '--legacy-peer-deps' -> preferably use a .npmrc file - # Any additional services -> create docker-compose setups in a (new) `docker` - # subdirectory. - # - name: Start CI docker services - # run: | - # docker-compose -f docker-compose.ci.yml up -d - # working-directory: docker - - name: Run tests run: | python src/manage.py compilemessages @@ -87,56 +111,74 @@ jobs: # runs-on: ubuntu-latest # steps: - # - uses: actions/checkout@v3 - # - uses: actions/setup-python@v4 + # - uses: actions/checkout@v4 + # - uses: maykinmedia/setup-django-backend@v1.3 # with: - # python-version: '3.9' - - # # - name: Install OS dependencies - # # run: | - # # sudo apt-get update - # # sudo apt-get install libxml2-dev libxmlsec1-dev libxmlsec1-openssl - - # - name: Install dependencies - # run: | - # pip install -r requirements/ci.txt + # python-version: '3.11' + # setup-node: 'no' + # # apt-packages: 'gettext postgresql-client' # the default # - name: Build and test docs + # run: | + # export OPENSSL_CONF=$(pwd)/openssl.conf + # pytest check_sphinx.py -v --tb=auto # working-directory: docs - # run: pytest check_sphinx.py -v --tb=auto - docker: - needs: tests - name: Build (and push) Docker image + docker_build: + name: Build Docker image runs-on: ubuntu-latest + outputs: + image_tag: ${% templatetag openvariable %} steps.image_build.outputs.image_tag {% templatetag closevariable %} + + needs: + - setup steps: - - uses: actions/checkout@v2 - - name: Set tag - id: vars + - uses: actions/checkout@v4 + + - name: Build the production Docker image + id: image_build run: | - # Strip git ref prefix from version - VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,') + image_tag="$IMAGE_NAME:$RELEASE_VERSION" + echo "image_tag=${image_tag}" >> $GITHUB_OUTPUT + docker build . \ + --tag $image_tag \ + --build-arg COMMIT_HASH=${% templatetag openvariable %} needs.setup.outputs.git_hash {% templatetag closevariable %} \ + --build-arg RELEASE=${% templatetag openvariable %} needs.setup.outputs.tag {% templatetag closevariable %} \ + env: + RELEASE_VERSION: ${% templatetag openvariable %} needs.setup.outputs.tag {% templatetag closevariable %} - # Strip "v" prefix from tag name (if present at all) - [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//') + - run: docker image save -o image.tar $IMAGE_NAME:${% templatetag openvariable %} needs.setup.outputs.tag {% templatetag closevariable %} + - name: Store image artifact + uses: actions/upload-artifact@v4 + with: + name: docker-image + path: image.tar + retention-days: 1 - # Use Docker `latest` tag convention - [ "$VERSION" == "develop" ] && VERSION=latest + docker_push: + needs: + - tests + - docker_build - echo ::set-output name=tag::${VERSION} + name: Push Docker image + runs-on: ubuntu-latest + if: github.event_name == 'push' # Exclude PRs - - name: Build the Docker image - env: - RELEASE_VERSION: ${{ steps.vars.outputs.tag }} - run: docker build . --tag $IMAGE_NAME:$RELEASE_VERSION + steps: + - name: Download built image + uses: actions/download-artifact@v4 + with: + name: docker-image + + - name: Load image + run: | + docker image load -i image.tar - name: Log into registry - if: github.event_name == 'push' # exclude PRs - run: echo "${{ secrets.DOCKER_TOKEN }}" | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin + run: + echo "${% templatetag openvariable %} secrets.DOCKER_TOKEN {% templatetag closevariable %}" | docker login -u ${% templatetag openvariable %} secrets.DOCKER_USERNAME {% templatetag closevariable %} + --password-stdin - - name: Push the Docker image - if: github.event_name == 'push' # exclude PRs - env: - RELEASE_VERSION: ${{ steps.vars.outputs.tag }} - run: docker push $IMAGE_NAME:$RELEASE_VERSION + - name: Push the Docker image (production) + run: docker push ${% templatetag openvariable %} needs.docker_build.outputs.image_tag {% templatetag closevariable %}