Skip to content

ci: Build public ghcr images #200

ci: Build public ghcr images

ci: Build public ghcr images #200

Workflow file for this run

# yamllint disable rule:line-length rule:truthy
---
name: CI/CD
on:
pull_request:
branches:
- main
- master
push:
branches:
- main
- master
env:
IMAGE_REPOSITORY: ghcr.io/${{ github.repository_owner }}/${{ github.event.repository.name }}
DATABASE_URL: psql://postgres:postgres@localhost:5432/django_wtf
DJANGO_SETTINGS_MODULE: config.settings.test
REDIS_URL: redis://localhost:6379/
CELERY_BROKER_URL: redis://localhost:6379/
# Common Django Env
DJANGO_ADMIN_URL: ""
DJANGO_SECRET_KEY: placeholder-g7cLmscguS3fnxCPK2j12lc73j0vDAuUciazNxbl09AVj4dTtY
DJANGO_HASHID_FIELD_SALT: salty
DJANGO_AWS_ACCESS_KEY_ID: ""
DJANGO_AWS_SECRET_ACCESS_KEY: ""
DJANGO_AWS_STORAGE_BUCKET_NAME: ""
PROMETHEUS_EXPORT_MIGRATIONS: "false"
MAILGUN_API_KEY: ""
MAILGUN_DOMAIN: ""
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
build:
name: Build
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Login to Image Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Inject slug/short variables
uses: rlespinasse/[email protected]
- name: Build and push Default
if: github.event_name == 'pull_request'
uses: docker/build-push-action@v4
with:
context: .
push: true
tags: |
${{ env.IMAGE_REPOSITORY }}:${{ github.event.pull_request.head.sha }}
${{ env.IMAGE_REPOSITORY }}:${{ env.GITHUB_REF_NAME_SLUG }}-latest
cache-from: type=gha
cache-to: type=gha,mode=min
- name: Build and push Production
if: github.event_name == 'push'
uses: docker/build-push-action@v4
with:
context: .
push: true
# Push latest image
tags: |
${{ env.IMAGE_REPOSITORY }}:${{ github.sha }}
${{ env.IMAGE_REPOSITORY }}:latest
cache-from: type=gha
cache-to: type=gha,mode=min
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- uses: actions/setup-python@v4
id: setup-python
with:
python-version: 3.12
- name: Install Poetry
uses: snok/install-poetry@v1
with:
version: 1.8.3
virtualenvs-create: true
virtualenvs-in-project: true
installer-parallel: true
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v3
with:
path: .venv
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}
- name: Install dependencies
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
run: |
poetry install --no-interaction --no-root
- name: Format (black)
run: |
source .venv/bin/activate
black --check $(git ls-files -- '*.py' ':!:**/migrations/*.py')
- name: Sort imports (isort)
run: |
source .venv/bin/activate
isort --check-only $(git ls-files -- '*.py' ':!:**/migrations/*.py')
- name: Type Check (mypy)
run: |
source .venv/bin/activate
mypy .
- name: Lint (pylint)
run: |
source .venv/bin/activate
pylint $(git ls-files -- '*.py' ':!:**/migrations/*.py')
- name: Validate templates
run: |
source .venv/bin/activate
./manage.py validate_templates --ignore-app jazzmin
- name: Python Upgrade (pyupgrade)
run: |
source .venv/bin/activate
pyupgrade $(git ls-files -- '*.py' ':!:**/migrations/*.py') --py311-plus
- name: Django Upgrade (django-upgrade)
run: |
source .venv/bin/activate
django-upgrade $(git ls-files -- '*.py' ':!:**/migrations/*.py') --target=4.2
- name: Django Template/Html Lint (djlint)
run: |
source .venv/bin/activate
djlint . --check
test:
name: Test
runs-on: ubuntu-latest
services:
postgres:
image: postgres:15
ports: ["5432:5432"]
env:
POSTGRES_DB: django_wtf
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
redis:
image: redis:6
ports: ["6379:6379"]
steps:
- name: Checkout
uses: actions/checkout@v3
- uses: actions/setup-python@v4
id: setup-python
with:
python-version: 3.12
- name: Install Poetry
uses: snok/install-poetry@v1
with:
version: 1.8.3
virtualenvs-create: true
virtualenvs-in-project: true
installer-parallel: true
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v3
with:
path: .venv
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}
- name: Install dependencies
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
run: |
poetry install --no-interaction --no-root
source .venv/bin/activate
- name: Run Migrations
run: |
source .venv/bin/activate
./manage.py migrate
# Some Django checks require migrations to run for full functionality
# Therefore run migrations first before checking for missing migrations
- name: Check for Missing Migrations
if: github.event == 'dont-run'
run: |
source .venv/bin/activate
DJANGO_SETTINGS_MODULE=config.settings.production \
./manage.py makemigrations --check --dry-run
- name: Django Check
run: |
source .venv/bin/activate
DJANGO_SETTINGS_MODULE=config.settings.production \
./manage.py check --deploy --fail-level=WARNING
- name: Test Loading Fixtures
if: github.event == 'dont-run'
run: |
source .venv/bin/activate
./manage.py load_fixtures
- name: Run Pytest
run: |
source .venv/bin/activate
pytest django_wtf --cov django_wtf # --run-concurrent