Skip to content
This repository has been archived by the owner on Nov 24, 2023. It is now read-only.
CI

Bump downshift from 7.0.5 to 8.2.3 #1225

Sign in to view logs

Bump downshift from 7.0.5 to 8.2.3

Bump downshift from 7.0.5 to 8.2.3 #1225

Workflow file for this run

.github/workflows/main.yml at 4c6f9a8
---
name: CI
env:
IMAGE_NAME: interactive
PUBLIC_IMAGE_NAME: ghcr.io/opensafely-core/interactive
REGISTRY: ghcr.io
SSH_AUTH_SOCK: /tmp/agent.sock
on:
push:
workflow_dispatch:
jobs:
assets:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- name: Install Node.js
uses: actions/setup-node@v3
with:
node-version: "16"
cache: "npm"
- name: Install node_modules
run: npm ci
- name: Test assets
run: npm run test:coverage
- name: Build assets
run: npm run build
- name: Store assets
uses: actions/upload-artifact@v3
with:
name: node-assets
path: assets/dist/bundle
check:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- uses: "actions/setup-python@v4"
with:
python-version: "3.10"
cache: "pip"
cache-dependency-path: requirements.*.txt
- uses: extractions/setup-just@95b912dc5d3ed106a72907f2f9b91e76d60bdb76 # v1.5.0
- name: Check formatting, linting and import sorting
run: just check
test:
needs: [assets, check]
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- uses: "actions/setup-python@v4"
with:
python-version: "3.10"
cache: "pip"
cache-dependency-path: requirements.*.txt
- uses: extractions/setup-just@95b912dc5d3ed106a72907f2f9b91e76d60bdb76 # v1.5.0
- name: Retrieve assets
uses: actions/download-artifact@v3
with:
name: node-assets
path: assets/dist/bundle
- name: Run tests
env:
SECRET_KEY: 12345 # Fake key for GitHub Actions
run: |
just check-migrations
just test --hypothesis-profile ci
lint-dockerfile:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- uses: hadolint/[email protected]
with:
dockerfile: docker/Dockerfile
failure-threshold: error
docker-test:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- uses: extractions/setup-just@95b912dc5d3ed106a72907f2f9b91e76d60bdb76 # v1.5.0
- name: Run unit tests on docker dev image
run: |
# build docker and run test
just docker-test --hypothesis-profile ci
docker-smoke-test:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- uses: extractions/setup-just@95b912dc5d3ed106a72907f2f9b91e76d60bdb76 # v1.5.0
- name: Run smoke test on prod image
run: |
# test the prod image builds, as its slightly different, and has caught us out before.
just docker-serve prod -d
sleep 5
just docker-smoke-test || { docker logs docker_prod_1; exit 1; }
deploy:
needs: [check, test, docker-test, lint-dockerfile, docker-smoke-test]
runs-on: ubuntu-22.04
concurrency: deploy-production
permissions:
contents: read
packages: write
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: extractions/setup-just@95b912dc5d3ed106a72907f2f9b91e76d60bdb76 # v1.5.0
- name: Build docker image
run: |
just docker-build prod
- name: Login to Packages Container registry
run: |
docker login $REGISTRY -u ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }}
- name: publish docker image
run: |
docker tag $IMAGE_NAME $PUBLIC_IMAGE_NAME:latest
docker push $PUBLIC_IMAGE_NAME:latest
- name: Setup SSH Agent
run: |
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
ssh-add - <<< "${{ secrets.DOKKU3_DEPLOY_SSH_KEY }}"
- name: Deploy to dokku
run: |
SHA=$(docker inspect --format='{{index .RepoDigests 0}}' $PUBLIC_IMAGE_NAME:latest)
ssh -o "UserKnownHostsFile=/dev/null" -o "StrictHostKeyChecking=no" [email protected] git:from-image interactive $SHA
- name: Create Sentry release
uses: getsentry/action-release@85e0095193a153d57c458995f99d0afd81b9e5ea
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_RELEASE_INTEGRATION_TOKEN }}
SENTRY_ORG: ebm-datalab
SENTRY_PROJECT: interactive
with:
environment: production
ignore_empty: true