Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature/GitHub actions #34

Closed
wants to merge 44 commits into from
Closed

Feature/GitHub actions #34

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
44 commits
Select commit Hold shift + click to select a range
b2398a5
add linting github action
zcernigoj Oct 18, 2023
a99f6a9
cleanup lint github action
zcernigoj Oct 18, 2023
11af680
add integration-tests github action
zcernigoj Oct 18, 2023
ae1b78a
integration-tests action job cleanup even if tests fail
zcernigoj Oct 18, 2023
219ab75
add env variables for integration-tests github action
zcernigoj Oct 18, 2023
1ea4ed9
fix wrongly named env vars in integration-tests github action
zcernigoj Oct 18, 2023
5736e1b
use better name for lint and integration-tests github actions
zcernigoj Oct 18, 2023
a2f6806
add github action for deploying to lambda
zcernigoj Oct 18, 2023
b416e7a
different expression for checking if tag exists for deploy-testing gi…
zcernigoj Oct 18, 2023
6c356ea
run deploy-testing github action on release
zcernigoj Oct 18, 2023
2b40a8c
run deploy-testing github action on tag
zcernigoj Oct 18, 2023
3d0de1a
rename file with deploy testing github action
zcernigoj Oct 18, 2023
51b26f3
revise tags regex for deploy-testing github action
zcernigoj Oct 19, 2023
de55b87
revise tags regex for deploy-testing github action again
zcernigoj Oct 19, 2023
1c74505
revise tags regex for deploy-testing github action again 2
zcernigoj Oct 19, 2023
87b3937
revise tags regex for deploy-testing github action again 3
zcernigoj Oct 19, 2023
1c50566
better name for file that contains deploy-testing github action
zcernigoj Oct 19, 2023
fe26d69
check if in the correct directory for deploy-testing github job
zcernigoj Oct 19, 2023
4ef607c
execute commands in github action in correct directory
zcernigoj Oct 19, 2023
8efa7bc
set correct python version in deploy-testing github action
zcernigoj Oct 19, 2023
1a263d6
use exact git tag name instead of the whole ref string in deploy-test…
zcernigoj Oct 19, 2023
19b78bc
print github tag in deploy-testing github action
zcernigoj Oct 19, 2023
9d7193f
use GITHUB_REF_NAME for tags in deploy-testing github action
zcernigoj Oct 19, 2023
068536d
fix wrong variable reference in deploy-testing github action
zcernigoj Oct 19, 2023
d8e9491
improve whole deploy-testing github action
zcernigoj Oct 19, 2023
eedbb93
print zappa settings in deploy-testing github action
zcernigoj Oct 19, 2023
0846e55
list process definitions files in deploy-testing github action
zcernigoj Oct 19, 2023
cc55765
set correct logging level variable to zappa settings for deploying to…
zcernigoj Oct 19, 2023
df08011
remove debugging stuff from deploy_testing.yaml
zcernigoj Oct 19, 2023
3d3c992
wait for lint and test using Wait on check
zcernigoj Oct 19, 2023
69ed3da
duplicate lint and integration-tests in deploy_testing.yaml so these …
zcernigoj Oct 19, 2023
191f9bd
use reusable github actions instead of duplicating code
zcernigoj Oct 20, 2023
ebdf5a0
raise errors if env variables for usage reporting are not set
zcernigoj Oct 20, 2023
02f6bad
print to check if secret is set in reusable lint and test github actions
zcernigoj Oct 20, 2023
799eca8
pass all secrets to reusable github workflow
zcernigoj Oct 20, 2023
2a47a71
reusable lint and test github workflow
zcernigoj Oct 20, 2023
e40d6a5
add deploy-production workflow
zcernigoj Oct 20, 2023
8f167a1
fix variable names in deploy_production.yaml
zcernigoj Oct 20, 2023
536d91a
Merge branch 'feature/lambda-docker' into feature/github-actions
zcernigoj Oct 20, 2023
2b6cc74
Merge branch 'master' into feature/github-actions
zcernigoj Oct 24, 2023
ee148f8
Merge branch 'feature/lambda-docker' into feature/github-actions
zcernigoj Oct 24, 2023
c44bb5c
Merge branch 'feature/lambda-docker' into feature/github-actions
zcernigoj Oct 25, 2023
e9f42a4
Merge branch 'feature/lambda-docker' into 'master'
zcernigoj Oct 25, 2023
bb7a775
Merge branch 'master' into feature/github-actions
zcernigoj Oct 25, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
97 changes: 97 additions & 0 deletions .github/workflows/deploy_production.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,97 @@
name: Deploy production
on:
push:
tags:
- 'v[0-9]+.[0-9]+.[0-9]+'

jobs:

run-reusable-lint-and-test:
uses: ./.github/workflows/reusable_lint_and_test.yaml
secrets: inherit

deploy-production:
needs: run-reusable-lint-and-test

if: startsWith(github.ref, 'refs/tags/v')

runs-on: ubuntu-latest

env:
DEPLOYMENT_NAME: "production-docker"
PROD_ECR_REGISTRY: ${{ secrets.PROD_ECR_REGISTRY }}
PROD_ECR_REGISTRY_IMAGE: ${{ secrets.PROD_ECR_REGISTRY_IMAGE }}

steps:
- uses: actions/checkout@v4

- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.9'

- name: configure aws access credentials
run: |
mkdir -p ~/.aws
echo -e "[default]\nregion=eu-central-1" > ~/.aws/config
echo -e "[default]\naws_access_key_id=${{ secrets.PRODZAPPA_AWS_ACCESS_KEY_ID }}\naws_secret_access_key=${{ secrets.PRODZAPPA_AWS_SECRET_ACCESS_KEY }}" > ~/.aws/credentials

- name: install pipenv and aws
run: |
pip install pipenv==2021.5.29
pip install awscli --no-build-isolation

- name: download process definitions
run: |
chmod +x download-process-definitions.sh
./download-process-definitions.sh

- name: install dependencies needed for deployment
working-directory: ./rest
run: pipenv install --dev

- name: create zappa_settings.json on-the-fly
working-directory: ./rest
run: |
cp zappa_settings.json.template zappa_settings.json
sed -i "s/@@AWS_ACCESS_KEY_ID@@/${{ secrets.PRODDATA_AWS_ACCESS_KEY_ID }}/g" zappa_settings.json
sed -i "s#@@AWS_SECRET_ACCESS_KEY@@#${{ secrets.PRODDATA_AWS_SECRET_ACCESS_KEY }}#g" zappa_settings.json
sed -i "s/@@PRODUCTION_SH_CLIENT_ID@@/${{ secrets.PRODUCTION_SH_CLIENT_ID }}/g" zappa_settings.json
sed -i "s/@@PRODUCTION_SH_CLIENT_SECRET@@/${{ secrets.PRODUCTION_SH_CLIENT_SECRET }}/g" zappa_settings.json
sed -i "s/@@BACKEND_VERSION@@/$GITHUB_REF_NAME/g" zappa_settings.json
sed -i "s/@@RESULTS_S3_BUCKET_NAME_MAIN@@/${{ secrets.RESULTS_S3_BUCKET_NAME_MAIN_PRODUCTION }}/g" zappa_settings.json
sed -i "s/@@RESULTS_S3_BUCKET_NAME_CREODIAS@@/${{ secrets.RESULTS_S3_BUCKET_NAME_CREODIAS_PRODUCTION }}/g" zappa_settings.json
sed -i "s/@@RESULTS_S3_BUCKET_NAME_USWEST@@/${{ secrets.RESULTS_S3_BUCKET_NAME_USWEST_PRODUCTION }}/g" zappa_settings.json
sed -i "s/@@RESULTS_S3_BUCKET_ACCESS_KEY_ID_MAIN@@/${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_MAIN_PRODUCTION }}/g" zappa_settings.json
sed -i "s/@@RESULTS_S3_BUCKET_ACCESS_KEY_ID_CREODIAS@@/${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_CREODIAS_PRODUCTION }}/g" zappa_settings.json
sed -i "s/@@RESULTS_S3_BUCKET_ACCESS_KEY_ID_USWEST@@/${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_USWEST_PRODUCTION }}/g" zappa_settings.json
sed -i "s#@@RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_MAIN@@#${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_MAIN_PRODUCTION }}#g" zappa_settings.json
sed -i "s/@@RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_CREODIAS@@/${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_CREODIAS_PRODUCTION }}/g" zappa_settings.json
sed -i "s#@@RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_USWEST@@#${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_USWEST_PRODUCTION }}#g" zappa_settings.json
sed -i "s#@@USAGE_REPORTING_BASE_URL_PRODUCTION@@#${{ secrets.USAGE_REPORTING_BASE_URL_PRODUCTION }}#g" zappa_settings.json
sed -i "s#@@USAGE_REPORTING_AUTH_URL_PRODUCTION@@#${{ secrets.USAGE_REPORTING_AUTH_URL_PRODUCTION }}#g" zappa_settings.json
sed -i "s#@@USAGE_REPORTING_AUTH_CLIENT_ID_PRODUCTION@@#${{ secrets.USAGE_REPORTING_AUTH_CLIENT_ID_PRODUCTION }}#g" zappa_settings.json
sed -i "s#@@USAGE_REPORTING_AUTH_CLIENT_SECRET_PRODUCTION@@#${{ secrets.USAGE_REPORTING_AUTH_CLIENT_SECRET_PRODUCTION }}#g" zappa_settings.json
sed -i "s#@@LOGGING_LEVEL@@#${{ secrets.LOGGING_LEVEL_PRODUCTION }}#g" zappa_settings.json

- name: generate zappa_settings.py for docker image from zappa_settings.json
working-directory: ./rest
run: pipenv run zappa save-python-settings-file "$DEPLOYMENT_NAME"

- name: build docker image with correct tags
working-directory: ./rest
run: docker build -t "$PROD_ECR_REGISTRY/$PROD_ECR_REGISTRY_IMAGE:$GITHUB_REF_NAME" -t "$PROD_ECR_REGISTRY/$PROD_ECR_REGISTRY_IMAGE:latest" --build-arg VERSION=$GITHUB_REF_NAME --build-arg VCS_REF=$GITHUB_SHA --build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') .

- name: login for AWS ECR docker
working-directory: ./rest
run: aws ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin "$PROD_ECR_REGISTRY"

- name: push docker images (versioned with CI tag and "latest") to AWS ECR with docker
working-directory: ./rest
run: |
docker push "$PROD_ECR_REGISTRY/$PROD_ECR_REGISTRY_IMAGE:$GITHUB_REF_NAME"
docker push "$PROD_ECR_REGISTRY/$PROD_ECR_REGISTRY_IMAGE:latest"

- name: deploy lambda with new docker image
working-directory: ./rest
run: pipenv run zappa deploy "$DEPLOYMENT_NAME" -d "$PROD_ECR_REGISTRY/$PROD_ECR_REGISTRY_IMAGE:latest" || pipenv run zappa update "$DEPLOYMENT_NAME" -d "$PROD_ECR_REGISTRY/$PROD_ECR_REGISTRY_IMAGE:latest"
98 changes: 98 additions & 0 deletions .github/workflows/deploy_testing.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
name: Deploy testing
on:
push:
tags:
- 'v[0-9]+.[0-9]+.[0-9]+'
- 'v[0-9]+.[0-9]+.[0-9]+-rc.[0-9]+'

jobs:

run-reusable-lint-and-test:
uses: ./.github/workflows/reusable_lint_and_test.yaml
secrets: inherit

deploy-testing:
needs: run-reusable-lint-and-test

if: startsWith(github.ref, 'refs/tags/v')

runs-on: ubuntu-latest

env:
DEPLOYMENT_NAME: "testing-docker"
TESTING_ECR_REGISTRY: ${{ secrets.TESTING_ECR_REGISTRY }}
TESTING_ECR_REGISTRY_IMAGE: ${{ secrets.TESTING_ECR_REGISTRY_IMAGE }}

steps:
- uses: actions/checkout@v4

- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.9'

- name: configure aws access credentials
run: |
mkdir -p ~/.aws
echo -e "[default]\nregion=eu-central-1" > ~/.aws/config
echo -e "[default]\naws_access_key_id=${{ secrets.TESTINGZAPPA_AWS_ACCESS_KEY_ID }}\naws_secret_access_key=${{ secrets.TESTINGZAPPA_AWS_SECRET_ACCESS_KEY }}" > ~/.aws/credentials

- name: install pipenv and aws
run: |
pip install pipenv==2021.5.29
pip install awscli --no-build-isolation

- name: download process definitions
run: |
chmod +x download-process-definitions.sh
./download-process-definitions.sh

- name: install dependencies needed for deployment
working-directory: ./rest
run: pipenv install --dev

- name: create zappa_settings.json on-the-fly
working-directory: ./rest
run: |
cp zappa_settings.json.template zappa_settings.json
sed -i "s/@@AWS_ACCESS_KEY_ID@@/${{ secrets.TESTINGDATA_AWS_ACCESS_KEY_ID }}/g" zappa_settings.json
sed -i "s#@@AWS_SECRET_ACCESS_KEY@@#${{ secrets.TESTINGDATA_AWS_SECRET_ACCESS_KEY }}#g" zappa_settings.json
sed -i "s/@@TESTING_SH_CLIENT_ID@@/${{ secrets.TESTING_SH_CLIENT_ID }}/g" zappa_settings.json
sed -i "s/@@TESTING_SH_CLIENT_SECRET@@/${{ secrets.TESTING_SH_CLIENT_SECRET }}/g" zappa_settings.json
sed -i "s/@@BACKEND_VERSION@@/$GITHUB_REF_NAME/g" zappa_settings.json
sed -i "s/@@RESULTS_S3_BUCKET_NAME_MAIN@@/${{ secrets.RESULTS_S3_BUCKET_NAME_MAIN }}/g" zappa_settings.json
sed -i "s/@@RESULTS_S3_BUCKET_NAME_CREODIAS@@/${{ secrets.RESULTS_S3_BUCKET_NAME_CREODIAS }}/g" zappa_settings.json
sed -i "s/@@RESULTS_S3_BUCKET_NAME_USWEST@@/${{ secrets.RESULTS_S3_BUCKET_NAME_USWEST }}/g" zappa_settings.json
sed -i "s/@@RESULTS_S3_BUCKET_ACCESS_KEY_ID_MAIN@@/${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_MAIN }}/g" zappa_settings.json
sed -i "s/@@RESULTS_S3_BUCKET_ACCESS_KEY_ID_CREODIAS@@/${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_CREODIAS }}/g" zappa_settings.json
sed -i "s/@@RESULTS_S3_BUCKET_ACCESS_KEY_ID_USWEST@@/${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_USWEST }}/g" zappa_settings.json
sed -i "s#@@RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_MAIN@@#${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_MAIN }}#g" zappa_settings.json
sed -i "s/@@RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_CREODIAS@@/${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_CREODIAS }}/g" zappa_settings.json
sed -i "s#@@RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_USWEST@@#${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_USWEST }}#g" zappa_settings.json
sed -i "s#@@USAGE_REPORTING_BASE_URL_TESTING@@#${{ secrets.USAGE_REPORTING_BASE_URL_TESTING }}#g" zappa_settings.json
sed -i "s#@@USAGE_REPORTING_AUTH_URL_TESTING@@#${{ secrets.USAGE_REPORTING_AUTH_URL_TESTING }}#g" zappa_settings.json
sed -i "s#@@USAGE_REPORTING_AUTH_CLIENT_ID_TESTING@@#${{ secrets.USAGE_REPORTING_AUTH_CLIENT_ID_TESTING }}#g" zappa_settings.json
sed -i "s#@@USAGE_REPORTING_AUTH_CLIENT_SECRET_TESTING@@#${{ secrets.USAGE_REPORTING_AUTH_CLIENT_SECRET_TESTING }}#g" zappa_settings.json
sed -i "s#@@LOGGING_LEVEL@@#${{ secrets.LOGGING_LEVEL_TESTING }}#g" zappa_settings.json

- name: generate zappa_settings.py for docker image from zappa_settings.json
working-directory: ./rest
run: pipenv run zappa save-python-settings-file "$DEPLOYMENT_NAME"

- name: build docker image with correct tags
working-directory: ./rest
run: docker build -t "$TESTING_ECR_REGISTRY/$TESTING_ECR_REGISTRY_IMAGE:$GITHUB_REF_NAME" -t "$TESTING_ECR_REGISTRY/$TESTING_ECR_REGISTRY_IMAGE:latest" --build-arg VERSION=$GITHUB_REF_NAME --build-arg VCS_REF=$GITHUB_SHA --build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') .

- name: login for AWS ECR docker
working-directory: ./rest
run: aws ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin "$TESTING_ECR_REGISTRY"

- name: push docker images (versioned with CI tag and "latest") to AWS ECR with docker
working-directory: ./rest
run: |
docker push "$TESTING_ECR_REGISTRY/$TESTING_ECR_REGISTRY_IMAGE:$GITHUB_REF_NAME"
docker push "$TESTING_ECR_REGISTRY/$TESTING_ECR_REGISTRY_IMAGE:latest"

- name: deploy lambda with new docker image
working-directory: ./rest
run: pipenv run zappa deploy "$DEPLOYMENT_NAME" -d "$TESTING_ECR_REGISTRY/$TESTING_ECR_REGISTRY_IMAGE:latest" || pipenv run zappa update "$DEPLOYMENT_NAME" -d "$TESTING_ECR_REGISTRY/$TESTING_ECR_REGISTRY_IMAGE:latest"
7 changes: 7 additions & 0 deletions .github/workflows/lint_and_test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
name: Lint and test
on: [push, pull_request]

jobs:
run-reusable-lint-and-test:
uses: ./.github/workflows/reusable_lint_and_test.yaml
secrets: inherit
56 changes: 56 additions & 0 deletions .github/workflows/reusable_lint_and_test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
name: Reusable lint and test
on:
workflow_call:

jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.9'

- name: Install black
run: python -m pip install --upgrade black==22.3.0

- name: make sure that the *same* version is used in Pipfiles to avoid incompatibilities
run: grep 'black = "==22.3.0"' rest/Pipfile

- name: check the files for correct formatting
run: black -l 120 --check . || exit 1

integration-tests:
runs-on: ubuntu-latest

env:
TESTS_SH_CLIENT_ID: ${{ secrets.TESTS_SH_CLIENT_ID }}
TESTS_SH_CLIENT_SECRET: ${{ secrets.TESTS_SH_CLIENT_SECRET }}
RESULTS_S3_BUCKET_NAME_MAIN: ${{ secrets.RESULTS_S3_BUCKET_NAME_MAIN }}
RESULTS_S3_BUCKET_NAME_CREODIAS: ${{ secrets.RESULTS_S3_BUCKET_NAME_CREODIAS }}
RESULTS_S3_BUCKET_NAME_USWEST: ${{ secrets.RESULTS_S3_BUCKET_NAME_USWEST }}
RESULTS_S3_BUCKET_ACCESS_KEY_ID_MAIN: ${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_MAIN }}
RESULTS_S3_BUCKET_ACCESS_KEY_ID_CREODIAS: ${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_CREODIAS }}
RESULTS_S3_BUCKET_ACCESS_KEY_ID_USWEST: ${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_USWEST }}
RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_MAIN: ${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_MAIN }}
RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_CREODIAS: ${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_CREODIAS }}
RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_USWEST: ${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_USWEST }}
USAGE_REPORTING_BASE_URL_TESTING: ${{ secrets.USAGE_REPORTING_BASE_URL_TESTING }}
USAGE_REPORTING_AUTH_URL_TESTING: ${{ secrets.USAGE_REPORTING_AUTH_URL_TESTING }}
USAGE_REPORTING_AUTH_CLIENT_ID_TESTING: ${{ secrets.USAGE_REPORTING_AUTH_CLIENT_ID_TESTING }}
USAGE_REPORTING_AUTH_CLIENT_SECRET_TESTING: ${{ secrets.USAGE_REPORTING_AUTH_CLIENT_SECRET_TESTING }}

steps:
- uses: actions/checkout@v4

- name: Docker-compose build
run: docker-compose -f docker-compose.yml -f docker-compose.pytest.yml build

- name: Docker-compose up and run pytest
run: docker-compose -f docker-compose.yml -f docker-compose.pytest.yml up --exit-code-from pytest

- name: Docker-compose cleanup
if: always()
run: docker-compose -f docker-compose.yml -f docker-compose.pytest.yml down -v
Loading