Merge pull request #388 from ebmdatalab/remove-job-and-catch-slack-er… #424
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: CI | |
env: | |
IMAGE_NAME: bennettbot | |
PUBLIC_IMAGE_NAME: ghcr.io/ebmdatalab/bennettbot | |
REGISTRY: ghcr.io | |
SSH_AUTH_SOCK: /tmp/agent.sock | |
on: | |
push: | |
workflow_dispatch: | |
jobs: | |
check: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: opensafely-core/setup-action@v1 | |
with: | |
install-just: true | |
python-version: "3.9" | |
cache-dependency-path: requirements.*.txt | |
- name: Check formatting, linting and import sorting | |
run: just check | |
test: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: opensafely-core/setup-action@v1 | |
with: | |
install-just: true | |
python-version: "3.9" | |
cache-dependency-path: requirements.*.txt | |
- name: Run tests | |
run: | | |
just test | |
docker-check: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: opensafely-core/setup-action@v1 | |
with: | |
install-just: true | |
- name: Check formatting, linting and import sorting on docker | |
run: just docker/check | |
docker-test: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: opensafely-core/setup-action@v1 | |
with: | |
install-just: true | |
- name: Run tests in docker | |
run: just docker/test | |
deploy: | |
needs: [check, test, docker-check, docker-test] | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
if: github.ref == 'refs/heads/main' | |
concurrency: deploy-production | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: opensafely-core/setup-action@v1 | |
with: | |
install-just: true | |
- name: Build docker image | |
run: | | |
just docker/build prod | |
- name: Publish docker image | |
run: | | |
echo ${{ secrets.GITHUB_TOKEN }} | docker login $REGISTRY -u ${{ github.actor }} --password-stdin | |
docker tag $IMAGE_NAME $PUBLIC_IMAGE_NAME:latest | |
docker push $PUBLIC_IMAGE_NAME:latest | |
- name: Deploy image | |
run: | | |
ssh-agent -a $SSH_AUTH_SOCK > /dev/null | |
ssh-add - <<< "${{ secrets.DOKKU3_DEPLOY_SSH_KEY }}" | |
SHA=$(docker inspect --format='{{index .RepoDigests 0}}' $PUBLIC_IMAGE_NAME:latest) | |
ssh -o "UserKnownHostsFile=/dev/null" -o "StrictHostKeyChecking=no" [email protected] git:from-image bennettbot $SHA |