Add preliminary cicd workflow #48

Summary
Jobs
- build
- deploy
Run details
- Usage
- Workflow file

Workflow file for this run

	name: CI/CD

	on:
	pull_request:
	branches:
	- development
	push:
	branches:
	- development
	- base

	jobs:
	build:
	if: github.ref != 'refs/heads/base' \|\| github.ref != 'refs/heads/development'
	runs-on: ubuntu-latest

	env:
	APPLICATION_NAME: gemini
	CONTAINER: gemini-web
	APPLICATION_PORT: 8006

	services:
	docker:
	image: docker:stable
	options: --privileged

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Python
	uses: actions/setup-python@v5
	with:
	python-version: '3.10'

	- name: Cache dependencies
	uses: actions/cache@v3
	with:
	path: \|
	$HOME/.cache/pip
	$HOME/.cache/pre-commit
	key: ${{ runner.os }}-pip-${{ hashFiles('*/.lock') }}

	- name: Copy config file
	run: cp ${{ env.APPLICATION_NAME }}/config.py.example ${{ env.APPLICATION_NAME }}/config.py

	- name: Login to Docker
	run: echo "${{ secrets.DOCKER_PASSWORD }}" \| docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin

	- name: Start Docker containers
	run: docker-compose up -d

	- name: Wait for services to be ready
	run: ./wait-for-it.sh $CONTAINER:$APPLICATION_PORT -- docker-compose exec -T $CONTAINER pip install coverage

	- name: Install pre-commit
	run: \|
	pip install "pre-commit===2.13.0"
	pre-commit install

	- name: Run pre-commit checks
	run: pre-commit run --all-files --show-diff-on-failure

	- name: Run tests with coverage
	run: docker-compose exec -T $CONTAINER coverage run manage.py test

	- name: Generate coverage report
	run: docker-compose exec -T $CONTAINER coverage report --omit=/migrations/ -m

	deploy:
	needs: build
	runs-on: ubuntu-latest
	#if: github.ref == 'refs/heads/main' \|\| github.ref == 'refs/heads/development'

	#CHANGE THIS TO BRANCH NAME AFTER TESTING
	environment:
	name: development
	#environment:
	#name: ${{ github.ref_name }}

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Export secrets to environment variables
	uses: oNaiPs/secrets-to-env-action@v1.5
	with:
	secrets: ${{ toJSON(secrets) }}

	- name: Clone deploy scripts if not present
	run: \|
	if [ ! -d deploy_scripts ]; then
	git clone https://github.com/RockefellerArchiveCenter/deploy_scripts.git;
	fi

	- name: Substitute environment variables
	uses: tvarohohlavy/inplace-envsubst-action@v1.0.0
	with:
	files: \|
	$APPLICATION_NAME/config.py.deploy
	.env.deploy
	appspec.yml.deploy
	deploy_scripts/create_apache_config.sh.deploy
	deploy_scripts/curl_index.sh.deploy
	deploy_scripts/curl_status_endpoint.sh.deploy
	deploy_scripts/install_dependencies_django.sh.deploy
	deploy_scripts/restart_apachectl.sh.deploy
	deploy_scripts/run_management_commands_django.sh.deploy
	deploy_scripts/set_permissions.sh.deploy
	deploy_scripts/stop_cron.sh.deploy

	- name: Rename deploy files
	run: \|
	mv $APPLICATION_NAME/config.py.deploy $APPLICATION_NAME/config.py
	mv .env.deploy .env
	mv appspec.yml.deploy appspec.yml
	mv deploy_scripts/create_apache_config.sh.deploy deploy_scripts/create_apache_config.sh
	mv deploy_scripts/curl_index.sh.deploy deploy_scripts/curl_index.sh
	mv deploy_scripts/curl_status_endpoint.sh.deploy deploy_scripts/curl_status_endpoint.sh
	mv deploy_scripts/install_dependencies_django.sh.deploy deploy_scripts/install_dependencies_django.sh
	mv deploy_scripts/restart_apachectl.sh.deploy deploy_scripts/restart_apachectl.sh
	mv deploy_scripts/run_management_commands_django.sh.deploy deploy_scripts/run_management_commands_django.sh
	mv deploy_scripts/set_permissions.sh.deploy deploy_scripts/set_permissions.sh
	mv deploy_scripts/stop_cron.sh.deploy deploy_scripts/stop_cron.sh

	- name: Make deploy scripts executable
	run: chmod +x deploy_scripts/*.sh

	- name: Create deployment zip
	run: sudo deploy_scripts/make_zip_django.sh $DEPLOY_ZIP_DIR $DEPLOY_ZIP_NAME

	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v4.0.2
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
	role-to-assume: ${{ secrets.AWS_DEPLOY_ROLE }}
	role-skip-session-tagging: true
	role-duration-seconds: 1000
	aws-region: us-east-1

	- name: Deploy to S3
	run: aws s3 cp $DEPLOY_ZIP_DIR s3://$AWS_BUCKET_NAME --recursive --acl public-read-write

	- name: Configure AWS CodeDeploy Credentials
	uses: aws-actions/configure-aws-credentials@v4.0.2
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
	role-to-assume: ${{ secrets.AWS_CODEDEPLOY_ROLE }}
	role-skip-session-tagging: true
	role-duration-seconds: 1000
	aws-region: us-east-1

	- name: Confirm caller identity
	run: aws sts get-caller-identity

	- name: Deploy to AWS CodeDeploy
	run: aws deploy create-deployment
	--region us-east-1
	--application-name $APPLICATION_NAME
	--deployment-config-name CodeDeployDefault.OneAtATime
	--deployment-group-name $DEPLOYMENT_GROUP
	--s3-location bucket=$AWS_BUCKET_NAME,bundleType=zip,key=$DEPLOY_ZIP_NAME

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add preliminary cicd workflow #48

Workflow file

Add preliminary cicd workflow #48

Jobs

Run details

Workflow file for this run