Skip to content

Miscellaneous

Miscellaneous #5707

Workflow file for this run

---
name: CI
on:
# Triggers the workflow on push or pull request events
push:
pull_request:
release:
tags:
- 'v*'
types: [published]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
env:
REGISTRY: ghcr.io
IMAGE_NAME_SBS: surfscz/sram-sbs
IMAGE_NAME_SERVER: surfscz/sram-sbs-server
jobs:
Server_tests:
name: Server tests
runs-on: ubuntu-latest
# Test different python versions
strategy:
fail-fast: false
matrix:
python-version: [ '3.9', '3.10', '3.11', '3.12' ]
services:
# How to use MySQL
mysql:
image: mysql:5.7
env:
MYSQL_ROOT_PASSWORD: root
ports:
- 3306:3306
options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3
redis:
# Docker Hub image
image: redis
# Set health checks to wait until redis has started
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
# Maps port 6379 on service container to the host
- 6379:6379
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup mysql server
run: >
mysql -uroot -proot -h127.0.0.1 -e "
DROP DATABASE IF EXISTS sbs_test;
CREATE DATABASE IF NOT EXISTS sbs_test DEFAULT CHARACTER SET utf8mb4 DEFAULT COLLATE utf8mb4_unicode_ci;
CREATE DATABASE IF NOT EXISTS sbs_gw0 DEFAULT CHARACTER SET utf8mb4 DEFAULT COLLATE utf8mb4_unicode_ci;
CREATE DATABASE IF NOT EXISTS sbs_gw1 DEFAULT CHARACTER SET utf8mb4 DEFAULT COLLATE utf8mb4_unicode_ci;
CREATE DATABASE IF NOT EXISTS sbs_gw2 DEFAULT CHARACTER SET utf8mb4 DEFAULT COLLATE utf8mb4_unicode_ci;
CREATE DATABASE IF NOT EXISTS sbs_gw3 DEFAULT CHARACTER SET utf8mb4 DEFAULT COLLATE utf8mb4_unicode_ci;
CREATE USER 'sbs'@'%' IDENTIFIED BY 'sbs';
GRANT ALL PRIVILEGES ON *.* TO 'sbs'@'%' WITH GRANT OPTION;
"
- name: Load SBS schema
# not strictly necessary, but it avoids running 200+ migrations during tests
run: |
mysql -uroot -proot -h127.0.0.1 sbs_gw0 < misc/sbs-db.sql;
mysql -uroot -proot -h127.0.0.1 sbs_gw1 < misc/sbs-db.sql;
mysql -uroot -proot -h127.0.0.1 sbs_gw2 < misc/sbs-db.sql;
mysql -uroot -proot -h127.0.0.1 sbs_gw3 < misc/sbs-db.sql;
- name: Install SAML2 dependencies
run: |
sudo apt-get update
sudo apt-get install -y libxml2-dev libxmlsec1-dev libxml2
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
cache: 'pip'
cache-dependency-path: 'server/requirements/*.txt'
- name: Display Python version
run: |
python -c "import sys; print(sys.version)"
echo coverage: .${{ matrix.coverage }}.
- name: Install dependencies
run: |
python -m pip install pip setuptools wheel
pip install --upgrade pip
pip install -r ./server/requirements/test.txt
pip install flake8
# Setup tmate session
#- name: Setup tmate session
# uses: mxschmitt/action-tmate@v3
- name: Run flake8
run: |
cd ./server
flake8 .
- name: Run tests with coverage
run: |
cd ./server
coverage run -m pytest test --cov-report xml --cov=server --numprocesses=4
timeout-minutes: 20
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
with:
token: ${{ secrets.CODECOV_TOKEN }}
if: success()
Client_build:
name: Client build
runs-on: ubuntu-latest
steps:
- name: Run errands
run: |
sudo apt -y install curl
- name: Checkout
uses: actions/checkout@v4
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "DIR=$(yarn cache dir)" >> $GITHUB_OUTPUT
- uses: actions/cache@v4
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.DIR }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Use Node.js 20
uses: actions/setup-node@v4
with:
# node-version: "16.20.0"
node-version: "20.8.0"
cache: "yarn"
cache-dependency-path: '**/yarn.lock'
- name: Install dependencies
shell: bash
run: |
source ~/.nvm/nvm.sh
rm -rf ~/.yarn
curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version 1.22.19
export PATH="$HOME/.yarn/bin:$HOME/.config/yarn/global/node_modules/.bin:$PATH"
yarn -v
# nvm install "16.10.0"
# nvm use "16.10.0"
env:
VNM_DIR: ~/.nvm
- name: Run tests
shell: bash
run: |
cd client
yarn install
yarn test
yarn build
env:
CI: true
VNM_DIR: ~/.nvm
INLINE_RUNTIME_CHUNK: False
IMAGE_INLINE_SIZE_LIMIT: 0
timeout-minutes: 15
#- name: Setup tmate session
# uses: mxschmitt/action-tmate@v3
- name: Save version info
run: |
git log -1 > ./server/api/git.info
git describe --all --long > ./version.txt
- name: Create build file
run: |
tar -cJ -f /tmp/sbs.tar.xz \
--transform 's,^\./,sbs/,' --sort=name \
--owner=0 --group=0 --mode=u=rwX,go=rX \
--exclude=./client/node_modules --exclude=./.git \
.
- name: Show what we are shipping
run: |
tar tvJf /tmp/sbs.tar.xz
- name: Create Artifact
uses: actions/upload-artifact@v4
with:
name: "sbs-build"
path: "/tmp/sbs.tar.xz"
Artifact_upload:
name: Create release
if: >
github.actor!='dependabot[bot]' &&
github.event_name!='pull_request' &&
( github.ref_type=='tag' || github.ref_type=='branch' )
needs:
- "Client_build"
- "Server_tests"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Fetch build
id: fetch_artifact
uses: actions/download-artifact@v4
with:
name: "sbs-build"
path: "artifacts/"
- name: Info
run: |
ls -la ${{steps.fetch_artifact.outputs.download-path}}
sha1sum ${{steps.fetch_artifact.outputs.download-path}}/* || true
sha256sum ${{steps.fetch_artifact.outputs.download-path}}/* || true
- name: Create Release
if: "github.ref_type=='tag'"
uses: softprops/action-gh-release@v2
with:
files: "${{steps.fetch_artifact.outputs.download-path}}/*"
- name: Advance latest tag
if: "github.ref_type=='branch'"
uses: EndBug/latest-tag@v1
with:
ref: "branch+${{github.ref_name}}"
description: "Latest commit in branch ${{github.ref_name}}"
- name: remove all previous "latest" releases
if: "github.ref_type=='branch'"
uses: dev-drprasad/delete-older-releases@v0.3.3
with:
keep_latest: 0
delete_tag_pattern: "branch+${{github.ref_name}}"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Create Release for main/latest
if: "github.ref_type=='branch'"
uses: softprops/action-gh-release@v2
with:
name: "Latest from branch ${{github.ref_name}}"
tag_name: "branch+${{github.ref_name}}"
prerelease: true
files: "${{steps.fetch_artifact.outputs.download-path}}/sbs.tar.xz"
- name: Get token
id: get_token
uses: machine-learning-apps/actions-app-token@master
with:
APP_PEM: ${{ secrets.SRAM_ACTIONAPP_PEM }}
APP_ID: ${{ secrets.SRAM_ACTIONAPP_APPID }}
- name: Test new SBS build in SCZ-deploy's CI-runner
if: "github.ref_name=='main'"
uses: actions/github-script@v7
with:
github-token: ${{ steps.get_token.outputs.app_token }}
script: |
await github.rest.actions.createWorkflowDispatch({
owner: 'SURFscz',
repo: 'SRAM-deploy',
workflow_id: 'ci-runner.yml',
ref: 'main'
})
Docker_image:
name: Create image
if: >
github.actor!='dependabot[bot]' &&
github.event_name!='pull_request' &&
( github.ref_type=='tag' || github.ref_type=='branch' )
needs:
- "Client_build"
- "Server_tests"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Fetch build
uses: actions/download-artifact@v4
with:
name: "sbs-build"
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# The SBS image
- name: Extract metadata (tags, labels) for SBS image
id: meta-sbs
uses: docker/metadata-action@v5
with:
images: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME_SBS }}
- name: Build and push Docker SBS image
uses: docker/build-push-action@v5
with:
context: "."
file: "Dockerfile.sbs"
pull: true
push: true
tags: ${{ steps.meta-sbs.outputs.tags }}
labels: ${{ steps.meta-sbs.outputs.labels }}
# The SBS (apache) server image
- name: Extract metadata (tags, labels) for SBS-server image
id: meta-sbs-server
uses: docker/metadata-action@v5
with:
images: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME_SERVER }}
- name: Build and push Docker SBS-server image
uses: docker/build-push-action@v5
with:
context: "."
file: "Dockerfile.sbs-server"
pull: true
push: true
tags: ${{ steps.meta-sbs-server.outputs.tags }}
labels: ${{ steps.meta-sbs-server.outputs.labels }}
Schema_pr:
name: Update schema cache
runs-on: ubuntu-latest
if: "github.ref == 'refs/heads/main'"
services:
mysql:
image: mysql:5.7
env:
MYSQL_ROOT_PASSWORD: root
ports:
- 3306:3306
options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup mysql server
run: >
mysql -uroot -proot -h127.0.0.1 -e "
DROP DATABASE IF EXISTS sbs;
CREATE DATABASE IF NOT EXISTS sbs DEFAULT CHARACTER SET utf8mb4 DEFAULT COLLATE utf8mb4_unicode_ci;
CREATE USER 'sbs'@'%' IDENTIFIED BY 'sbs';
GRANT ALL PRIVILEGES ON *.* TO 'sbs'@'%' WITH GRANT OPTION;
"
- name: Load SBS schema
# not strictly necessary, but it avoids running 200+ migrations during tests
run: |
mysql -uroot -proot -h127.0.0.1 sbs < misc/sbs-db.sql
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
cache: 'pip'
cache-dependency-path: 'server/requirements/*.txt'
- name: Install dependencies
run: |
python -m pip install pip setuptools wheel
pip install --upgrade pip
pip install -r ./server/requirements/test.txt
- name: Run alembic migrations
run: |
cd server
alembic --config migrations/alembic.ini upgrade head
echo alembic_current=$(alembic --config migrations/alembic.ini current) >> "$GITHUB_ENV"
env:
CONFIG: "config/test_config.yml"
- name: Dump latest database schema
run: |
echo "-- Dump of empty SBS database, alembic revision $alembic_current" > misc/sbs-db.sql
mysqldump -h 127.0.0.1 -u sbs --password=sbs --skip-comments sbs >> misc/sbs-db.sql
- name: Create Pull Request
uses: "peter-evans/create-pull-request@v6"
with:
add-paths: |
misc/sbs-db.sql
commit-message: "Update schema cache for Alembic revision ${{ env.alembic_current }}"
branch: "update-schema-cache"
title: "Update schema cache"
body: |
This PR updates the schema cache to the latest version.
It was created by a GitHub Actions workflow.