ci: Build public ghcr images #200
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# yamllint disable rule:line-length rule:truthy | |
--- | |
name: CI/CD | |
on: | |
pull_request: | |
branches: | |
- main | |
- master | |
push: | |
branches: | |
- main | |
- master | |
env: | |
IMAGE_REPOSITORY: ghcr.io/${{ github.repository_owner }}/${{ github.event.repository.name }} | |
DATABASE_URL: psql://postgres:postgres@localhost:5432/django_wtf | |
DJANGO_SETTINGS_MODULE: config.settings.test | |
REDIS_URL: redis://localhost:6379/ | |
CELERY_BROKER_URL: redis://localhost:6379/ | |
# Common Django Env | |
DJANGO_ADMIN_URL: "" | |
DJANGO_SECRET_KEY: placeholder-g7cLmscguS3fnxCPK2j12lc73j0vDAuUciazNxbl09AVj4dTtY | |
DJANGO_HASHID_FIELD_SALT: salty | |
DJANGO_AWS_ACCESS_KEY_ID: "" | |
DJANGO_AWS_SECRET_ACCESS_KEY: "" | |
DJANGO_AWS_STORAGE_BUCKET_NAME: "" | |
PROMETHEUS_EXPORT_MIGRATIONS: "false" | |
MAILGUN_API_KEY: "" | |
MAILGUN_DOMAIN: "" | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Login to Image Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Inject slug/short variables | |
uses: rlespinasse/[email protected] | |
- name: Build and push Default | |
if: github.event_name == 'pull_request' | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
push: true | |
tags: | | |
${{ env.IMAGE_REPOSITORY }}:${{ github.event.pull_request.head.sha }} | |
${{ env.IMAGE_REPOSITORY }}:${{ env.GITHUB_REF_NAME_SLUG }}-latest | |
cache-from: type=gha | |
cache-to: type=gha,mode=min | |
- name: Build and push Production | |
if: github.event_name == 'push' | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
push: true | |
# Push latest image | |
tags: | | |
${{ env.IMAGE_REPOSITORY }}:${{ github.sha }} | |
${{ env.IMAGE_REPOSITORY }}:latest | |
cache-from: type=gha | |
cache-to: type=gha,mode=min | |
lint: | |
name: Lint | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- uses: actions/setup-python@v4 | |
id: setup-python | |
with: | |
python-version: 3.12 | |
- name: Install Poetry | |
uses: snok/install-poetry@v1 | |
with: | |
version: 1.8.3 | |
virtualenvs-create: true | |
virtualenvs-in-project: true | |
installer-parallel: true | |
- name: Load cached venv | |
id: cached-poetry-dependencies | |
uses: actions/cache@v3 | |
with: | |
path: .venv | |
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }} | |
- name: Install dependencies | |
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true' | |
run: | | |
poetry install --no-interaction --no-root | |
- name: Format (black) | |
run: | | |
source .venv/bin/activate | |
black --check $(git ls-files -- '*.py' ':!:**/migrations/*.py') | |
- name: Sort imports (isort) | |
run: | | |
source .venv/bin/activate | |
isort --check-only $(git ls-files -- '*.py' ':!:**/migrations/*.py') | |
- name: Type Check (mypy) | |
run: | | |
source .venv/bin/activate | |
mypy . | |
- name: Lint (pylint) | |
run: | | |
source .venv/bin/activate | |
pylint $(git ls-files -- '*.py' ':!:**/migrations/*.py') | |
- name: Validate templates | |
run: | | |
source .venv/bin/activate | |
./manage.py validate_templates --ignore-app jazzmin | |
- name: Python Upgrade (pyupgrade) | |
run: | | |
source .venv/bin/activate | |
pyupgrade $(git ls-files -- '*.py' ':!:**/migrations/*.py') --py311-plus | |
- name: Django Upgrade (django-upgrade) | |
run: | | |
source .venv/bin/activate | |
django-upgrade $(git ls-files -- '*.py' ':!:**/migrations/*.py') --target=4.2 | |
- name: Django Template/Html Lint (djlint) | |
run: | | |
source .venv/bin/activate | |
djlint . --check | |
test: | |
name: Test | |
runs-on: ubuntu-latest | |
services: | |
postgres: | |
image: postgres:15 | |
ports: ["5432:5432"] | |
env: | |
POSTGRES_DB: django_wtf | |
POSTGRES_USER: postgres | |
POSTGRES_PASSWORD: postgres | |
redis: | |
image: redis:6 | |
ports: ["6379:6379"] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- uses: actions/setup-python@v4 | |
id: setup-python | |
with: | |
python-version: 3.12 | |
- name: Install Poetry | |
uses: snok/install-poetry@v1 | |
with: | |
version: 1.8.3 | |
virtualenvs-create: true | |
virtualenvs-in-project: true | |
installer-parallel: true | |
- name: Load cached venv | |
id: cached-poetry-dependencies | |
uses: actions/cache@v3 | |
with: | |
path: .venv | |
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }} | |
- name: Install dependencies | |
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true' | |
run: | | |
poetry install --no-interaction --no-root | |
source .venv/bin/activate | |
- name: Run Migrations | |
run: | | |
source .venv/bin/activate | |
./manage.py migrate | |
# Some Django checks require migrations to run for full functionality | |
# Therefore run migrations first before checking for missing migrations | |
- name: Check for Missing Migrations | |
if: github.event == 'dont-run' | |
run: | | |
source .venv/bin/activate | |
DJANGO_SETTINGS_MODULE=config.settings.production \ | |
./manage.py makemigrations --check --dry-run | |
- name: Django Check | |
run: | | |
source .venv/bin/activate | |
DJANGO_SETTINGS_MODULE=config.settings.production \ | |
./manage.py check --deploy --fail-level=WARNING | |
- name: Test Loading Fixtures | |
if: github.event == 'dont-run' | |
run: | | |
source .venv/bin/activate | |
./manage.py load_fixtures | |
- name: Run Pytest | |
run: | | |
source .venv/bin/activate | |
pytest django_wtf --cov django_wtf # --run-concurrent |