name: meet Workflow on: push: branches: - main pull_request: branches: - "*" jobs: lint-git: runs-on: ubuntu-latest if: github.event_name == 'pull_request' # Makes sense only for pull requests steps: - name: Checkout repository uses: actions/checkout@v2 with: fetch-depth: 0 - name: show run: git log - name: Enforce absence of print statements in code run: | ! git diff origin/${{ github.event.pull_request.base.ref }}..HEAD -- . ':(exclude)**/meet.yml' | grep "print(" - name: Check absence of fixup commits run: | ! git log | grep 'fixup!' - name: Install gitlint run: pip install --user requests gitlint - name: Lint commit messages added to main run: ~/.local/bin/gitlint --commits origin/${{ github.event.pull_request.base.ref }}..HEAD build-mails: runs-on: ubuntu-latest defaults: run: working-directory: src/mail steps: - name: Checkout repository uses: actions/checkout@v4 - name: Install Node.js uses: actions/setup-node@v4 with: node-version: "18" - name: Restore the mail templates uses: actions/cache@v4 id: mail-templates with: path: "src/backend/core/templates/mail" key: mail-templates-${{ hashFiles('src/mail/mjml') }} - name: Install yarn if: steps.mail-templates.outputs.cache-hit != 'true' run: npm install -g yarn - name: Install node dependencies if: steps.mail-templates.outputs.cache-hit != 'true' run: yarn install --frozen-lockfile - name: Build mails if: steps.mail-templates.outputs.cache-hit != 'true' run: yarn build - name: Cache mail templates if: steps.mail-templates.outputs.cache-hit != 'true' uses: actions/cache@v4 with: path: "src/backend/core/templates/mail" key: mail-templates-${{ hashFiles('src/mail/mjml') }} lint-back: runs-on: ubuntu-latest defaults: run: working-directory: src/backend steps: - name: Checkout repository uses: actions/checkout@v2 - name: Install Python uses: actions/setup-python@v3 with: python-version: "3.10" - name: Install development dependencies run: pip install --user .[dev] - name: Check code formatting with ruff run: ~/.local/bin/ruff format . --diff - name: Lint code with ruff run: ~/.local/bin/ruff check . - name: Lint code with pylint run: ~/.local/bin/pylint . test-back: runs-on: ubuntu-latest needs: build-mails defaults: run: working-directory: src/backend services: postgres: image: postgres:16 env: POSTGRES_DB: meet POSTGRES_USER: dinum POSTGRES_PASSWORD: pass ports: - 5432:5432 # needed because the postgres container does not provide a healthcheck options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 env: DJANGO_CONFIGURATION: Test DJANGO_SETTINGS_MODULE: meet.settings DJANGO_SECRET_KEY: ThisIsAnExampleKeyForTestPurposeOnly OIDC_OP_JWKS_ENDPOINT: /endpoint-for-test-purpose-only DB_HOST: localhost DB_NAME: meet DB_USER: dinum DB_PASSWORD: pass DB_PORT: 5432 STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage AWS_S3_ENDPOINT_URL: http://localhost:9000 AWS_S3_ACCESS_KEY_ID: impress AWS_S3_SECRET_ACCESS_KEY: password LIVEKIT_API_SECRET: secret LIVEKIT_API_KEY: devkey steps: - name: Checkout repository uses: actions/checkout@v4 - name: Create writable /data run: | sudo mkdir -p /data/media && \ sudo mkdir -p /data/static - name: Restore the mail templates uses: actions/cache@v4 id: mail-templates with: path: "src/backend/core/templates/mail" key: mail-templates-${{ hashFiles('src/mail/mjml') }} - name: Install Python uses: actions/setup-python@v3 with: python-version: "3.10" - name: Install development dependencies run: pip install --user .[dev] - name: Install gettext (required to compile messages) run: | sudo apt-get update sudo apt-get install -y gettext - name: Generate a MO file from strings extracted from the project run: python manage.py compilemessages - name: Run tests run: ~/.local/bin/pytest -n 2 i18n-crowdin: runs-on: ubuntu-latest steps: - uses: actions/create-github-app-token@v1 id: app-token with: app-id: ${{ secrets.APP_ID }} private-key: ${{ secrets.PRIVATE_KEY }} owner: ${{ github.repository_owner }} repositories: "infrastructure,secrets" - name: Checkout repository uses: actions/checkout@v2 with: submodules: recursive token: ${{ steps.app-token.outputs.token }} - name: Load sops secrets uses: rouja/actions-sops@main with: secret-file: secrets/numerique-gouv/meet/secrets.enc.env age-key: ${{ secrets.SOPS_PRIVATE }} - name: Install gettext (required to make messages) run: | sudo apt-get update sudo apt-get install -y gettext - name: Install Python uses: actions/setup-python@v3 with: python-version: "3.10" - name: Install development dependencies working-directory: src/backend run: pip install --user .[dev] - name: Generate the translation base file run: ~/.local/bin/django-admin makemessages --keep-pot --all - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: "18.x" cache: "npm" cache-dependency-path: src/frontend/package-lock.json - name: Install dependencies run: cd src/frontend/ && npm ci - name: Extract the frontend translation run: make frontend-i18n-extract - name: Upload files to Crowdin uses: crowdin/github-action@v2 with: config: crowdin/config.yml upload_sources: true upload_translations: true download_translations: false env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }} CROWDIN_BASE_PATH: ${{ github.workspace }} CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}