Prepare deployment #40
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: meet Workflow | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- "*" | |
jobs: | |
lint-git: | |
runs-on: ubuntu-latest | |
if: github.event_name == 'pull_request' # Makes sense only for pull requests | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: show | |
run: git log | |
- name: Enforce absence of print statements in code | |
run: | | |
! git diff origin/${{ github.event.pull_request.base.ref }}..HEAD -- . ':(exclude)**/meet.yml' | grep "print(" | |
- name: Check absence of fixup commits | |
run: | | |
! git log | grep 'fixup!' | |
- name: Install gitlint | |
run: pip install --user requests gitlint | |
- name: Lint commit messages added to main | |
run: ~/.local/bin/gitlint --commits origin/${{ github.event.pull_request.base.ref }}..HEAD | |
check-changelog: | |
runs-on: ubuntu-latest | |
if: | | |
contains(github.event.pull_request.labels.*.name, 'noChangeLog') == false && | |
github.event_name == 'pull_request' | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 50 | |
- name: Check that the CHANGELOG has been modified in the current branch | |
run: git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.event.after }} | grep 'CHANGELOG.md' | |
lint-changelog: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
- name: Check CHANGELOG max line length | |
run: | | |
max_line_length=$(cat CHANGELOG.md | grep -Ev "^\[.*\]: https://github.com" | wc -L) | |
if [ $max_line_length -ge 80 ]; then | |
echo "ERROR: CHANGELOG has lines longer than 80 characters." | |
exit 1 | |
fi | |
build-mails: | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: src/mail | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: "18" | |
- name: Restore the mail templates | |
uses: actions/cache@v4 | |
id: mail-templates | |
with: | |
path: "src/backend/core/templates/mail" | |
key: mail-templates-${{ hashFiles('src/mail/mjml') }} | |
- name: Install yarn | |
if: steps.mail-templates.outputs.cache-hit != 'true' | |
run: npm install -g yarn | |
- name: Install node dependencies | |
if: steps.mail-templates.outputs.cache-hit != 'true' | |
run: yarn install --frozen-lockfile | |
- name: Build mails | |
if: steps.mail-templates.outputs.cache-hit != 'true' | |
run: yarn build | |
- name: Cache mail templates | |
if: steps.mail-templates.outputs.cache-hit != 'true' | |
uses: actions/cache@v4 | |
with: | |
path: "src/backend/core/templates/mail" | |
key: mail-templates-${{ hashFiles('src/mail/mjml') }} | |
lint-back: | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: src/backend | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
- name: Install Python | |
uses: actions/setup-python@v3 | |
with: | |
python-version: "3.10" | |
- name: Install development dependencies | |
run: pip install --user .[dev] | |
- name: Check code formatting with ruff | |
run: ~/.local/bin/ruff format . --diff | |
- name: Lint code with ruff | |
run: ~/.local/bin/ruff check . | |
- name: Lint code with pylint | |
run: ~/.local/bin/pylint . | |
test-back: | |
runs-on: ubuntu-latest | |
needs: build-mails | |
defaults: | |
run: | |
working-directory: src/backend | |
services: | |
postgres: | |
image: postgres:16 | |
env: | |
POSTGRES_DB: meet | |
POSTGRES_USER: dinum | |
POSTGRES_PASSWORD: pass | |
ports: | |
- 5432:5432 | |
# needed because the postgres container does not provide a healthcheck | |
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 | |
env: | |
DJANGO_CONFIGURATION: Test | |
DJANGO_SETTINGS_MODULE: meet.settings | |
DJANGO_SECRET_KEY: ThisIsAnExampleKeyForTestPurposeOnly | |
OIDC_OP_JWKS_ENDPOINT: /endpoint-for-test-purpose-only | |
DB_HOST: localhost | |
DB_NAME: meet | |
DB_USER: dinum | |
DB_PASSWORD: pass | |
DB_PORT: 5432 | |
STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage | |
AWS_S3_ENDPOINT_URL: http://localhost:9000 | |
AWS_S3_ACCESS_KEY_ID: impress | |
AWS_S3_SECRET_ACCESS_KEY: password | |
LIVEKIT_API_SECRET: secret | |
LIVEKIT_API_KEY: devkey | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Create writable /data | |
run: | | |
sudo mkdir -p /data/media && \ | |
sudo mkdir -p /data/static | |
- name: Restore the mail templates | |
uses: actions/cache@v4 | |
id: mail-templates | |
with: | |
path: "src/backend/core/templates/mail" | |
key: mail-templates-${{ hashFiles('src/mail/mjml') }} | |
- name: Install Python | |
uses: actions/setup-python@v3 | |
with: | |
python-version: "3.10" | |
- name: Install development dependencies | |
run: pip install --user .[dev] | |
- name: Install gettext (required to compile messages) | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y gettext | |
- name: Generate a MO file from strings extracted from the project | |
run: python manage.py compilemessages | |
- name: Run tests | |
run: ~/.local/bin/pytest -n 2 | |
i18n-crowdin: | |
runs-on: ubuntu-latest | |
steps: | |
- | |
uses: actions/create-github-app-token@v1 | |
id: app-token | |
with: | |
app-id: ${{ secrets.APP_ID }} | |
private-key: ${{ secrets.PRIVATE_KEY }} | |
owner: ${{ github.repository_owner }} | |
repositories: "infrastructure,secrets" | |
- | |
name: Checkout repository | |
uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
token: ${{ steps.app-token.outputs.token }} | |
- | |
name: Load sops secrets | |
uses: rouja/actions-sops@main | |
with: | |
secret-file: secrets/numerique-gouv/meet/secrets.enc.env | |
age-key: ${{ secrets.SOPS_PRIVATE }} | |
- name: Install gettext (required to make messages) | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y gettext | |
- name: Install Python | |
uses: actions/setup-python@v3 | |
with: | |
python-version: "3.10" | |
- name: Install development dependencies | |
working-directory: src/backend | |
run: pip install --user .[dev] | |
- name: Generate the translation base file | |
run: ~/.local/bin/django-admin makemessages --keep-pot --all | |
- name: Setup Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: "18.x" | |
cache: "yarn" | |
cache-dependency-path: src/frontend/yarn.lock | |
- name: Install dependencies | |
run: cd src/frontend/ && yarn install --frozen-lockfile | |
- name: Extract the frontend translation | |
run: make frontend-i18n-extract | |
- name: Upload files to Crowdin | |
run: | | |
docker run \ | |
--rm \ | |
-e CROWDIN_API_TOKEN=$CROWDIN_API_TOKEN \ | |
-e CROWDIN_PROJECT_ID=$CROWDIN_PROJECT_ID \ | |
-e CROWDIN_BASE_PATH=$CROWDIN_BASE_PATH \ | |
-v "${{ github.workspace }}:/app" \ | |
crowdin/cli:3.16.0 \ | |
crowdin upload sources -c /app/crowdin/config.yml |