-
Notifications
You must be signed in to change notification settings - Fork 20
124 lines (123 loc) · 4.28 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
name: CI
on:
pull_request:
merge_group:
jobs:
test-backend:
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Install Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install dependencies
run: |
sudo apt-get install libgraphviz-dev
python -m pip install --upgrade pip
pip install uv==0.4.4
uv sync --frozen
# Update output format to enable automatic inline annotations.
- name: Lint Python code
run: uv run ruff check --output-format=github
- name: Check Python formatting
run: uv run ruff format --check
test-frontend:
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Install NodeJS
uses: actions/setup-node@v4
with:
node-version: 20
- name: Install dependencies
run: |
cd frontend
npm ci
- name: Build packages
run: |
cd frontend
npm run build
- name: Check lints and formatting
run: |
cd frontend
npm run check
build-docker:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Set up Docker
uses: docker/setup-buildx-action@v3
- name: Login to Docker registry
uses: docker/login-action@v3
continue-on-error: true
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build Docker image
uses: docker/build-push-action@v6
with:
cache-from: type=registry,ref=ghcr.io/mrlvsb/kelvin-ci-cache
# Only write the cache in a merge build
# https://github.com/docker/build-push-action/issues/845#issuecomment-1512619265
cache-to: ${{ github.event_name == 'merge_group' && 'type=registry,ref=ghcr.io/mrlvsb/kelvin-ci-cache,compression=zstd' || '' }}
tags: ghcr.io/mrlvsb/kelvin:latest,ghcr.io/mrlvsb/kelvin:${{ github.sha }}
outputs: type=docker,dest=${{ runner.temp }}/kelvin.tar
- name: Share built image
uses: actions/upload-artifact@v4
with:
name: kelvin
path: ${{ runner.temp }}/kelvin.tar
retention-days: 1
deploy:
runs-on: ubuntu-latest
permissions:
packages: write
needs: [test-backend, test-frontend, build-docker]
environment: production
if: ${{ github.event_name == 'merge_group' }}
steps:
- name: Set up Docker
uses: docker/setup-buildx-action@v3
- name: Download built image
uses: actions/download-artifact@v4
with:
name: kelvin
path: ${{ runner.temp }}
- name: Load image
run: |
docker load --input ${{ runner.temp }}/kelvin.tar
docker image ls -a
- name: Login to Docker registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push Docker image
run: docker push --all-tags ghcr.io/mrlvsb/kelvin
# Summary job to enable easier handling of required status checks.
# On PRs, we need everything to be green, while deploy is skipped.
# On merge queue, we need everything to be green.
# ALL THE PREVIOUS JOBS NEED TO BE ADDED TO THE `needs` SECTION OF THIS JOB!
conclusion:
needs: [test-frontend, test-backend, build-docker, deploy]
# We need to ensure this job does *not* get skipped if its dependencies fail,
# because a skipped job is considered a success by GitHub. So we have to
# overwrite `if:`. We use `!cancelled()` to ensure the job does still not get run
# when the workflow is canceled manually.
if: ${{ !cancelled() }}
runs-on: ubuntu-latest
steps:
- name: Conclusion
run: |
# Print the dependent jobs to see them in the CI log
jq -C <<< '${{ toJson(needs) }}'
# Check if all jobs that we depend on (in the needs array)
# were either successful or skipped.
jq --exit-status 'all(.result == "success" or .result == "skipped")' <<< '${{ toJson(needs) }}'