Merge pull request #209 from matematikk-mooc/theaht/DIT-95 #360

Workflow file for this run

	name: Test, build and deploy

	# Controls when the action will run. Triggers the workflow on manual trigger or push
	on:
	workflow_dispatch:
	push:
	branches:
	- staging
	- master
	- test
	paths-ignore:
	- '**.md'
	- '.github/workflows/health-test.yml'
	- '.github/health_test_src/**'
	- '**.dev.yml'

	jobs:
	test-build-deploy:
	name: Runs unit tests, builds docker image and deploys image
	runs-on: ubuntu-latest
	env:
	DB_HOST: 127.0.0.1
	KPAS_DOMAIN: kpas-lti-staging-kpas.azurewebsites.net #NB! must match certificate in .github/kpas_ssl_certs
	CANVAS_DOMAIN: bibsys.instructure.com
	CANVAS_ACCOUNT_ID: 99
	KPAS_LTI_GIT_COMMIT: 7274efb45554b025d3b9800ab4e915003fe81fb0 #Exactly which state in the KPAS-LTI git repository should be used as dependency during our tests
	DJANGO_SECRET_KEY: not_secret_key
	#CA_FILE_NAME: ca.crt

	AZURE_CONTAINER_REGISTRY: udirkpas.azurecr.io
	AZURE_RESOURCE_GROUP: laravel
	AZURE_APP_NAME: statistics-api
	WEBSITES_PORT: 8000

	steps:
	# GitHub repository checkout
	- name: GitHub repository checkout
	uses: actions/checkout@v4

	- name: Log in to Azure
	run: \|
	az login --service-principal --username 50d27170-f4e0-4185-ac88-27d0348a5dc5 --password ${{ secrets.AZURE_CLIENT_SECRET }} --tenant 8cd185d3-3aa6-4594-833d-a058dabb5b6d

	- name: Log in to Docker
	run: \|
	az acr login --username 50d27170-f4e0-4185-ac88-27d0348a5dc5 --password ${{ secrets.AZURE_CLIENT_SECRET }} --name udirkpas.azurecr.io

	- name: Start MySQL service
	run: \|
	sudo bash -c 'echo "[mysqld]" >> /etc/mysql/my.cnf'
	sudo bash -c 'echo "port = 3307" >> /etc/mysql/my.cnf'
	sudo bash -c 'echo "bind-address = 0.0.0.0" >> /etc/mysql/my.cnf'
	sudo systemctl start mysql.service

	- name: Install python depedencies
	run: \|
	sudo apt-get install python3-setuptools
	python3 -m pip install -r requirements.txt

	- name: Run Django migrations
	run: \|
	mysql --port=3307 --protocol=tcp --host=127.0.0.1 -uroot -proot -e 'CREATE DATABASE `canvas-api`;'
	DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py makemigrations
	DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py migrate

	- name: Run Django unit tests
	run: \|
	DJANGO_DEBUG=True CANVAS_ACCESS_KEY=${{ secrets.CANVAS_ACCESS_KEY }} DJANGO_SETTINGS_MODULE=statistics_api.tests.test_settings DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py test --settings statistics_api.tests.test_settings --verbosity=3

	# Checking that only the issue is the SECURE_HSTS_SECONDS warning
	- name: Run manage.py check --deploy
	run: \|
	DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 DJANGO_SECRET_KEY=notasecretkeyExfvXUyFFA9iAH7BYwsL1nN3XIbBcX7djoBSque6bOLXmnf7GD PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py check --deploy
	if [ `DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 DJANGO_SECRET_KEY=notasecretkeyExfvXUyFFA9iAH7BYwsL1nN3XIbBcX7djoBSque6bOLXmnf7GD PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py check --deploy 2>&1 \| grep -E "System check identified [0-9]+ issue" \| grep -E -o [0-9]+ \| head -1` -lt 2 ]
	then
	exit 0
	else
	exit 1
	fi

	- name: Build and push Docker image to registry, triggering new deployment
	run: \|
	if [ "$GITHUB_REF" = "refs/heads/staging" ]
	then
	docker build --build-arg WEBSITES_PORT=$WEBSITES_PORT . -f Dockerfile -t $AZURE_CONTAINER_REGISTRY/statistics-api-staging:$GITHUB_SHA -t $AZURE_CONTAINER_REGISTRY/statistics-api-staging:latest
	az webapp config appsettings set --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} -g $AZURE_RESOURCE_GROUP -n $AZURE_APP_NAME --slot staging --settings \
	"CANVAS_ACCESS_KEY=${{ secrets.CANVAS_ACCESS_KEY }}" \
	"DB_PASSWORD=${{ secrets.STAGING_DB_PASSWORD }}" \
	"DB_USERNAME=${{ secrets.STAGING_DB_USERNAME }}" \
	"DJANGO_SECRET_KEY=${{ secrets.STAGING_DJANGO_SECRET_KEY }}" \
	"DOCKER_REGISTRY_SERVER_PASSWORD=${{ secrets.DOCKER_REGISTRY_SERVER_PASSWORD }}" \
	"KPAS_API_ACCESS_TOKEN=${{ secrets.STAGING_KPAS_API_ACCESS_TOKEN }}" \
	"WEBSITES_PORT=$WEBSITES_PORT" \
	"DOCKER_REGISTRY_SERVER_URL=https://$AZURE_CONTAINER_REGISTRY" \
	"GIT_COMMIT=${GITHUB_SHA}" \
	@"${GITHUB_WORKSPACE}/.github/app_service_config/staging_app_service_config.json"
	docker push $AZURE_CONTAINER_REGISTRY/statistics-api-staging:$GITHUB_SHA
	docker push $AZURE_CONTAINER_REGISTRY/statistics-api-staging:latest
	elif [ "$GITHUB_REF" = "refs/heads/master" ]
	then
	docker build --build-arg WEBSITES_PORT=$WEBSITES_PORT . -f Dockerfile -t $AZURE_CONTAINER_REGISTRY/statistics-api:$GITHUB_SHA -t $AZURE_CONTAINER_REGISTRY/statistics-api:latest
	az webapp config appsettings set --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} -g $AZURE_RESOURCE_GROUP -n $AZURE_APP_NAME --settings \
	"CANVAS_ACCESS_KEY=${{ secrets.CANVAS_ACCESS_KEY }}" \
	"DB_PASSWORD=${{ secrets.DB_PASSWORD }}" \
	"DB_USERNAME=${{ secrets.DB_USERNAME }}" \
	"DJANGO_SECRET_KEY=${{ secrets.DJANGO_SECRET_KEY }}" \
	"DOCKER_REGISTRY_SERVER_PASSWORD=${{ secrets.DOCKER_REGISTRY_SERVER_PASSWORD }}" \
	"KPAS_API_ACCESS_TOKEN=${{ secrets.KPAS_API_ACCESS_TOKEN }}" \
	"WEBSITES_PORT=$WEBSITES_PORT" \
	"DOCKER_REGISTRY_SERVER_URL=https://$AZURE_CONTAINER_REGISTRY" \
	"GIT_COMMIT=${GITHUB_SHA}" \
	@"${GITHUB_WORKSPACE}/.github/app_service_config/app_service_config.json"
	docker push $AZURE_CONTAINER_REGISTRY/statistics-api:$GITHUB_SHA
	docker push $AZURE_CONTAINER_REGISTRY/statistics-api:latest
	fi

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #209 from matematikk-mooc/theaht/DIT-95 #360

Workflow file

Merge pull request #209 from matematikk-mooc/theaht/DIT-95 #360

Jobs

Run details

Workflow file for this run