-
Notifications
You must be signed in to change notification settings - Fork 0
173 lines (159 loc) · 9.11 KB
/
tests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
name: Test, build and deploy
# Controls when the action will run. Triggers the workflow on manual trigger or push
on:
workflow_dispatch:
push:
branches:
- staging
- master
- test
paths-ignore:
- '**.md'
- '.github/workflows/health-test.yml'
- '.github/health_test_src/**'
- '**.dev.yml'
jobs:
test-build-deploy:
name: Runs unit tests, builds docker image and deploys image
runs-on: ubuntu-latest
env:
DB_HOST: 127.0.0.1
KPAS_DOMAIN: kpas-lti-staging-kpas.azurewebsites.net #NB! must match certificate in .github/kpas_ssl_certs
CANVAS_DOMAIN: bibsys.instructure.com
CANVAS_ACCOUNT_ID: 99
KPAS_LTI_GIT_COMMIT: 7274efb45554b025d3b9800ab4e915003fe81fb0 #Exactly which state in the KPAS-LTI git repository should be used as dependency during our tests
DJANGO_SECRET_KEY: not_secret_key
#CA_FILE_NAME: ca.crt
AZURE_CONTAINER_REGISTRY: udirkpas.azurecr.io
AZURE_RESOURCE_GROUP: laravel
AZURE_APP_NAME: statistics-api
WEBSITES_PORT: 8000
steps:
# GitHub repository checkout
- name: GitHub repository checkout
uses: actions/checkout@v1
- name: Log in to Azure
run: |
az login --service-principal --username 50d27170-f4e0-4185-ac88-27d0348a5dc5 --password ${{ secrets.AZURE_CLIENT_SECRET }} --tenant 8cd185d3-3aa6-4594-833d-a058dabb5b6d
- name: Log in to Docker
run: |
az acr login --username 50d27170-f4e0-4185-ac88-27d0348a5dc5 --password ${{ secrets.AZURE_CLIENT_SECRET }} --name udirkpas.azurecr.io
- name: Start MySQL service
run: |
sudo bash -c 'echo "[mysqld]" >> /etc/mysql/my.cnf'
sudo bash -c 'echo "port = 3307" >> /etc/mysql/my.cnf'
sudo bash -c 'echo "bind-address = 0.0.0.0" >> /etc/mysql/my.cnf'
sudo systemctl start mysql.service
# - name: Pull code from KPAS-LTI GitHub repository
# run: |
# git clone https://github.com/matematikk-mooc/kpas-api
#
# - name: Copy self-signed certificates and keys to KPAS-LTI nginx directory
# run: |
# sed -i 's/server_name\ localhost;/server_name\ \_;/g' kpas-api/docker/nginx/sites/default.conf
# cp $GITHUB_WORKSPACE/.github/kpas_ssl_certs/* kpas-api/docker/nginx/ssl/
#
# - name: Add KPAS domain name to /etc/hosts
# run: |
# sudo bash -c "echo '127.0.0.1 kpas-dev.local' >> /etc/hosts"
#
# - name: Build and start KPAS-LTI service
# run: |
# cd kpas-api
# rm composer.lock
# sed -i '20 a "doctrine/dbal": "^2.0",' composer.json
# sed -i '20 a "doctrine/dbal": "^2.0",' composer.json.prod
# sed -i '20 a "doctrine/dbal": "^2.0",' composer.json.dev
# git checkout $KPAS_LTI_GIT_COMMIT
# echo "bind-address 0.0.0.0" >> docker/mysql/my.cnf
# sed -i "s/BUGSNAG_API_KEY=.*/BUGSNAG_API_KEY=/g" environments/production/.env
# sed -i 's/DB_HOST=.*/DB_HOST=mysql/g' environments/production/.env
# sed -i 's/DB_USERNAME=.*/DB_USERNAME=root/g' environments/production/.env
# sed -i 's/DB_PASSWORD=.*/DB_PASSWORD=root/g' environments/production/.env
# cd docker
# sed '32d' php-fpm/Dockerfile.dev > php-fpm/Dockerfile
# sed -i '20 a \ \ \ \ \ \ \ \ \ \ - NODE_VERSION=16' docker-compose.yml
# cp .env.example .env
# sudo chown $(whoami):$(whoami) -R * && sudo chmod 777 -R *
# docker-compose up --build -d
# COMPOSE_INTERACTIVE_NO_CLI=1 docker-compose exec --user root -T workspace ./startup.sh
# cd ./../..
#
# - name: Import NSR to KPAS MySQL
# run: |
# mysql_container_id=`docker ps | grep mysql | awk '{print$1}'`
# docker cp ${GITHUB_WORKSPACE}/.github/kpas_nsr_data/nsr_data.sql $mysql_container_id:/nsr_data.sql
# cd kpas-api/docker
# COMPOSE_INTERACTIVE_NO_CLI=1 docker-compose exec --user root -T mysql /bin/bash -c "mysql -proot -uroot default < /nsr_data.sql"
# cd ./../..
# curl https://kpas-dev.local:4430/api/nsr/counties/15 --verbose || true
- name: Install python depedencies
run: |
sudo apt-get install python3-setuptools
python3 -m pip install -r requirements.txt
- name: Run Django migrations
run: |
mysql --port=3307 --protocol=tcp --host=127.0.0.1 -uroot -proot -e 'CREATE DATABASE `canvas-api`;'
DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py makemigrations
DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py migrate
mysql --port=3307 --protocol=tcp --host=127.0.0.1 -uroot -proot -e 'CREATE DATABASE `test_canvas-api`;'
DB_DATABASE=test_canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py makemigrations
DB_DATABASE=test_canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py migrate
- name: Seed statistics_api test database
run: |
git lfs fetch --all
git lfs pull
unzip $GITHUB_WORKSPACE/statistics_api/tests/data/test_canvas-api.zip -d /tmp/
mysql --port=3307 --protocol=tcp --host=127.0.0.1 -uroot -proot test_canvas-api < /tmp/test_canvas-api.sql
- name: Run Django unit tests
run: |
DJANGO_DEBUG=True CANVAS_ACCESS_KEY=${{ secrets.CANVAS_ACCESS_KEY }} DJANGO_SETTINGS_MODULE=statistics_api.tests.test_settings DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py test --keepdb --settings statistics_api.tests.test_settings --verbosity=3
# Checking that only the issue is the SECURE_HSTS_SECONDS warning
- name: Run manage.py check --deploy
run: |
DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 DJANGO_SECRET_KEY=notasecretkeyExfvXUyFFA9iAH7BYwsL1nN3XIbBcX7djoBSque6bOLXmnf7GD PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py check --deploy
if [ `DB_DATABASE=canvas-api DB_USERNAME=root DB_PASSWORD=root DB_PORT=3307 DJANGO_SECRET_KEY=notasecretkeyExfvXUyFFA9iAH7BYwsL1nN3XIbBcX7djoBSque6bOLXmnf7GD PYTHONPATH="${GITHUB_WORKSPACE}" python3 manage.py check --deploy 2>&1 | grep -E "System check identified [0-9]+ issue" | grep -E -o [0-9]+ | head -1` -lt 2 ]
then
exit 0
else
exit 1
fi
# - name: Log in to Azure Docker container registry
# uses: docker/login-action@v1
# with:
# registry: ${{ env.AZURE_CONTAINER_REGISTRY }}
# username: ${{ secrets.AZURE_CLIENT_ID }}
# password: ${{ secrets.AZURE_CLIENT_SECRET }}
- name: Build and push Docker image to registry, triggering new deployment
run: |
if [ "$GITHUB_REF" = "refs/heads/staging" ]
then
docker build --build-arg WEBSITES_PORT=$WEBSITES_PORT . -f Dockerfile -t $AZURE_CONTAINER_REGISTRY/statistics-api-staging
az webapp config appsettings set --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} -g $AZURE_RESOURCE_GROUP -n $AZURE_APP_NAME --slot staging --settings \
"CANVAS_ACCESS_KEY=${{ secrets.CANVAS_ACCESS_KEY }}" \
"DB_PASSWORD=${{ secrets.STAGING_DB_PASSWORD }}" \
"DB_USERNAME=${{ secrets.STAGING_DB_USERNAME }}" \
"DJANGO_SECRET_KEY=${{ secrets.STAGING_DJANGO_SECRET_KEY }}" \
"DOCKER_REGISTRY_SERVER_PASSWORD=${{ secrets.DOCKER_REGISTRY_SERVER_PASSWORD }}" \
"KPAS_API_ACCESS_TOKEN=${{ secrets.STAGING_KPAS_API_ACCESS_TOKEN }}" \
"WEBSITES_PORT=$WEBSITES_PORT" \
"DOCKER_REGISTRY_SERVER_URL=https://$AZURE_CONTAINER_REGISTRY" \
"GIT_COMMIT=${GITHUB_SHA}" \
@"${GITHUB_WORKSPACE}/.github/app_service_config/staging_app_service_config.json"
docker push $AZURE_CONTAINER_REGISTRY/statistics-api-staging
elif [ "$GITHUB_REF" = "refs/heads/master" ]
then
docker build --build-arg WEBSITES_PORT=$WEBSITES_PORT . -f Dockerfile -t $AZURE_CONTAINER_REGISTRY/statistics-api
az webapp config appsettings set --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} -g $AZURE_RESOURCE_GROUP -n $AZURE_APP_NAME --settings \
"CANVAS_ACCESS_KEY=${{ secrets.CANVAS_ACCESS_KEY }}" \
"DB_PASSWORD=${{ secrets.DB_PASSWORD }}" \
"DB_USERNAME=${{ secrets.DB_USERNAME }}" \
"DJANGO_SECRET_KEY=${{ secrets.DJANGO_SECRET_KEY }}" \
"DOCKER_REGISTRY_SERVER_PASSWORD=${{ secrets.DOCKER_REGISTRY_SERVER_PASSWORD }}" \
"KPAS_API_ACCESS_TOKEN=${{ secrets.KPAS_API_ACCESS_TOKEN }}" \
"WEBSITES_PORT=$WEBSITES_PORT" \
"DOCKER_REGISTRY_SERVER_URL=https://$AZURE_CONTAINER_REGISTRY" \
"GIT_COMMIT=${GITHUB_SHA}" \
@"${GITHUB_WORKSPACE}/.github/app_service_config/app_service_config.json"
docker push $AZURE_CONTAINER_REGISTRY/statistics-api
fi