Containerize application and configure GitHub Actions to build and push Docker image to Harbor #92
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
workflow_dispatch: | |
pull_request: | |
push: | |
branches: | |
- main | |
jobs: | |
tests: | |
runs-on: ubuntu-20.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
python-version: ['3.6', '3.7', '3.8', '3.9'] | |
name: Python ${{ matrix.python-version }} Build & Tests | |
steps: | |
- name: Add apt repo | |
run: sudo add-apt-repository universe | |
# Setup Python | |
- name: Setup Python | |
uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4.5.0 | |
with: | |
python-version: ${{ matrix.python-version }} | |
architecture: x64 | |
# Checkout repo | |
- name: Checkout repo | |
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 | |
# Prep for the tests | |
- name: Create log file | |
run: touch logs.log | |
- name: Configure log file location | |
run: echo "`jq -r --arg REPO_DIR "$GITHUB_WORKSPACE/logs.log" \ | |
'.log_location=$REPO_DIR' scigateway_auth/config.json.example`" > scigateway_auth/config.json.example | |
- name: Create config.json | |
run: cp scigateway_auth/config.json.example scigateway_auth/config.json | |
# Install Nox, Poetry and API's dependencies | |
- name: Install Nox | |
run: pip install nox==2020.8.22 | |
- name: Install Poetry | |
run: pip install poetry==1.1.9 | |
# This fixes the issue with cachecontrol (https://github.com/psf/cachecontrol/issues/292). | |
# We will not be facing this issue when we upgrade to a newer Poetry version. | |
- name: Install Requests | |
run: pip install 'requests<2.30' | |
- name: Install dependencies | |
run: poetry install | |
# Run Nox tests session, saves and uploads a coverage report to codecov | |
- name: Run Nox tests session | |
run: nox -s tests -- --cov=scigateway_auth --cov-report=xml | |
- name: Upload code coverage report | |
if: matrix.python-version == '3.6' | |
uses: codecov/codecov-action@d9f34f8cd5cb3b3eb79b3e4b5dae3a16df499a70 # v3.1.1 | |
linting: | |
runs-on: ubuntu-20.04 | |
name: Linting | |
steps: | |
- name: Setup Python | |
uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4.5.0 | |
with: | |
python-version: '3.6' | |
architecture: x64 | |
- name: Checkout repo | |
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 | |
- name: Install Nox | |
run: pip install nox==2020.8.22 | |
- name: Install Poetry | |
run: pip install poetry==1.1.9 | |
- name: Run Nox lint session | |
run: nox -s lint | |
formatting: | |
runs-on: ubuntu-20.04 | |
name: Code Formatting | |
steps: | |
- name: Setup Python | |
uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4.5.0 | |
with: | |
python-version: '3.6' | |
architecture: x64 | |
- name: Checkout repo | |
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 | |
- name: Install Nox | |
run: pip install nox==2020.8.22 | |
- name: Install Poetry | |
run: pip install poetry==1.1.9 | |
- name: Run Nox black session | |
run: nox -s black | |
safety: | |
runs-on: ubuntu-20.04 | |
name: Dependency Safety | |
steps: | |
- name: Setup Python | |
uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4.5.0 | |
with: | |
python-version: '3.6' | |
architecture: x64 | |
- name: Checkout repo | |
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 | |
- name: Install Nox | |
run: pip install nox==2020.8.22 | |
- name: Install Poetry | |
run: pip install poetry==1.1.9 | |
- name: Run Nox safety session | |
run: nox -s safety | |
docker: | |
# This job triggers only if all the other jobs succeed and does different things depending on the context. | |
# The job builds the Docker image in all cases and also pushes the image to Harbor only if something is | |
# pushed to the main branch. | |
needs: [tests, linting, formatting, safety] | |
name: Docker | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 | |
- name: Login to Harbor | |
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 | |
with: | |
registry: harbor.stfc.ac.uk/datagateway | |
username: ${{ secrets.HARBOR_USERNAME }} | |
password: ${{ secrets.HARBOR_TOKEN }} | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@c4ee3adeed93b1fa6a762f209fb01608c1a22f1e # v4.4.0 | |
with: | |
images: harbor.stfc.ac.uk/datagateway/scigateway-auth | |
- name: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && 'Build and push Docker image to Harbor' || 'Build Docker image' }} | |
uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v4.0.0 | |
with: | |
context: . | |
push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} |