Merge pull request #230 from matematikk-mooc/aj/DIT-226 #375
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test, build and deploy | |
| # Controls when the action will run. Triggers the workflow on manual trigger or push | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - staging | |
| - master | |
| - test | |
| paths-ignore: | |
| - '**.md' | |
| - '.github/workflows/health-test.yml' | |
| - '.github/health_test_src/**' | |
| - '**.dev.yml' | |
| jobs: | |
| test-build-deploy: | |
| name: Runs unit tests, builds docker image and deploys image | |
| runs-on: ubuntu-latest | |
| env: | |
| DB_HOST: 127.0.0.1 | |
| DJANGO_SECRET_KEY: not_secret_key | |
| AZURE_CONTAINER_REGISTRY: udirkpas.azurecr.io | |
| AZURE_RESOURCE_GROUP: laravel | |
| AZURE_APP_NAME: statistics-api | |
| WEBSITES_PORT: 8000 | |
| steps: | |
| # GitHub repository checkout | |
| - name: GitHub repository checkout | |
| uses: actions/checkout@v4 | |
| - name: Log in to Azure | |
| run: | | |
| az login --service-principal --username 50d27170-f4e0-4185-ac88-27d0348a5dc5 --password ${{ secrets.AZURE_CLIENT_SECRET }} --tenant 8cd185d3-3aa6-4594-833d-a058dabb5b6d | |
| - name: Log in to Docker | |
| run: | | |
| az acr login --username 50d27170-f4e0-4185-ac88-27d0348a5dc5 --password ${{ secrets.AZURE_CLIENT_SECRET }} --name udirkpas.azurecr.io | |
| - name: Start MySQL service | |
| run: | | |
| sudo bash -c 'echo "[mysqld]" >> /etc/mysql/my.cnf' | |
| sudo bash -c 'echo "port = 3307" >> /etc/mysql/my.cnf' | |
| sudo bash -c 'echo "bind-address = 0.0.0.0" >> /etc/mysql/my.cnf' | |
| sudo systemctl start mysql.service | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.12.4' | |
| - name: Cache Python packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - name: Install Python dependencies | |
| run: | | |
| sudo apt-get install python3-setuptools | |
| python -m pip install --upgrade pip | |
| python -m pip install -r requirements.txt | |
| - name: Run Django migrations | |
| run: | | |
| mysql --port=3307 --protocol=tcp --host=127.0.0.1 -uroot -proot -e 'CREATE DATABASE `canvas-api`;' | |
| DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py makemigrations | |
| DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py migrate | |
| - name: Run Django unit tests | |
| run: | | |
| DJANGO_DEBUG=True DJANGO_SETTINGS_MODULE=statistics_api.tests.test_settings DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py test --settings statistics_api.tests.test_settings --verbosity=3 | |
| # Checking that only the issue is the SECURE_HSTS_SECONDS warning | |
| - name: Run manage.py check --deploy | |
| run: | | |
| DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 DJANGO_SECRET_KEY=notasecretkeyExfvXUyFFA9iAH7BYwsL1nN3XIbBcX7djoBSque6bOLXmnf7GD PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py check --deploy | |
| if [ `DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 DJANGO_SECRET_KEY=notasecretkeyExfvXUyFFA9iAH7BYwsL1nN3XIbBcX7djoBSque6bOLXmnf7GD PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py check --deploy 2>&1 | grep -E "System check identified [0-9]+ issue" | grep -E -o [0-9]+ | head -1` -lt 2 ] | |
| then | |
| exit 0 | |
| else | |
| exit 1 | |
| fi | |
| - name: Build and push Docker image to registry, triggering new deployment | |
| run: | | |
| if [ "$GITHUB_REF" = "refs/heads/staging" ] | |
| then | |
| docker build --build-arg WEBSITES_PORT=$WEBSITES_PORT . -f Dockerfile -t $AZURE_CONTAINER_REGISTRY/statistics-api-staging:$GITHUB_SHA -t $AZURE_CONTAINER_REGISTRY/statistics-api-staging:latest | |
| az webapp config appsettings set --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} -g $AZURE_RESOURCE_GROUP -n $AZURE_APP_NAME --slot staging --settings "GIT_COMMIT=${GITHUB_SHA}" | |
| docker push $AZURE_CONTAINER_REGISTRY/statistics-api-staging:$GITHUB_SHA | |
| docker push $AZURE_CONTAINER_REGISTRY/statistics-api-staging:latest | |
| elif [ "$GITHUB_REF" = "refs/heads/master" ] | |
| then | |
| docker build --build-arg WEBSITES_PORT=$WEBSITES_PORT . -f Dockerfile -t $AZURE_CONTAINER_REGISTRY/statistics-api:$GITHUB_SHA -t $AZURE_CONTAINER_REGISTRY/statistics-api:latest | |
| az webapp config appsettings set --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} -g $AZURE_RESOURCE_GROUP -n $AZURE_APP_NAME --settings "GIT_COMMIT=${GITHUB_SHA}" | |
| docker push $AZURE_CONTAINER_REGISTRY/statistics-api:$GITHUB_SHA | |
| docker push $AZURE_CONTAINER_REGISTRY/statistics-api:latest | |
| fi |