3d0824e023
We create a package i18n to manage the translations of the project. It help us to extract the translations from the frontend to be deployed to crowdin. It also help us to format the translations from crowdin to be used by the frontend apps.
362 lines
12 KiB
YAML
362 lines
12 KiB
YAML
name: People Workflow
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
tags:
|
|
- 'v*'
|
|
pull_request:
|
|
branches:
|
|
- '*'
|
|
|
|
jobs:
|
|
lint-git:
|
|
runs-on: ubuntu-latest
|
|
if: github.event_name == 'pull_request' # Makes sense only for pull requests
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
with:
|
|
fetch-depth: 0
|
|
- name: show
|
|
run: git log
|
|
- name: Enforce absence of print statements in code
|
|
run: |
|
|
! git diff origin/${{ github.event.pull_request.base.ref }}..HEAD -- . ':(exclude)**/people.yml' | grep "print("
|
|
- name: Check absence of fixup commits
|
|
run: |
|
|
! git log | grep 'fixup!'
|
|
- name: Install gitlint
|
|
run: pip install --user requests gitlint
|
|
- name: Lint commit messages added to main
|
|
run: ~/.local/bin/gitlint --commits origin/${{ github.event.pull_request.base.ref }}..HEAD
|
|
|
|
check-changelog:
|
|
runs-on: ubuntu-latest
|
|
if: |
|
|
contains(github.event.pull_request.labels.*.name, 'noChangeLog') == false &&
|
|
github.event_name == 'pull_request'
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Check that the CHANGELOG has been modified in the current branch
|
|
run: git whatchanged --name-only --pretty="" origin/${{ github.event.pull_request.base.ref }}..HEAD | grep CHANGELOG
|
|
|
|
lint-changelog:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
- name: Check CHANGELOG max line length
|
|
run: |
|
|
max_line_length=$(cat CHANGELOG.md | grep -Ev "^\[.*\]: https://github.com" | wc -L)
|
|
if [ $max_line_length -ge 80 ]; then
|
|
echo "ERROR: CHANGELOG has lines longer than 80 characters."
|
|
exit 1
|
|
fi
|
|
|
|
test-front-desk:
|
|
runs-on: ubuntu-latest
|
|
defaults:
|
|
run:
|
|
working-directory: src/frontend/apps/desk
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '18.x'
|
|
cache: 'yarn'
|
|
cache-dependency-path: src/frontend/yarn.lock
|
|
- name: Install dependencies
|
|
run: yarn install --frozen-lockfile
|
|
- name: Test Desk App
|
|
run: yarn test
|
|
|
|
lint-front:
|
|
runs-on: ubuntu-latest
|
|
defaults:
|
|
run:
|
|
working-directory: src/frontend/
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '18.x'
|
|
cache: 'yarn'
|
|
cache-dependency-path: src/frontend/yarn.lock
|
|
|
|
- name: Install dependencies
|
|
run: yarn install --frozen-lockfile
|
|
|
|
- name: Check linting
|
|
run: yarn lint
|
|
|
|
test-e2e:
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 10
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set services env variables
|
|
run: |
|
|
make create-env-files
|
|
|
|
- name: Build and Start Docker Servers
|
|
env:
|
|
DOCKER_BUILDKIT: 1
|
|
COMPOSE_DOCKER_CLI_BUILD: 1
|
|
run: |
|
|
docker-compose build --pull --build-arg BUILDKIT_INLINE_CACHE=1
|
|
make run
|
|
|
|
- name: Apply DRH migrations
|
|
run: |
|
|
make migrate
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '18.x'
|
|
cache: 'yarn'
|
|
cache-dependency-path: src/frontend/yarn.lock
|
|
|
|
- name: Install dependencies
|
|
run: cd src/frontend/ && yarn install --frozen-lockfile
|
|
|
|
- name: Install Playwright Browsers
|
|
run: cd src/frontend/apps/e2e && yarn install
|
|
|
|
- name: Build CI App
|
|
run: cd src/frontend/ && yarn ci:build
|
|
|
|
- name: Run e2e tests
|
|
run: cd src/frontend/ && yarn e2e:test
|
|
|
|
- uses: actions/upload-artifact@v3
|
|
if: always()
|
|
with:
|
|
name: playwright-report
|
|
path: src/frontend/apps/e2e/report/
|
|
retention-days: 7
|
|
|
|
build-mails:
|
|
runs-on: ubuntu-latest
|
|
defaults:
|
|
run:
|
|
working-directory: src/mail
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
- name: Install Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '18'
|
|
- name: Install yarn
|
|
run: npm install -g yarn
|
|
- name: Install node dependencies
|
|
run: yarn install --frozen-lockfile
|
|
- name: Build mails
|
|
run: yarn build
|
|
|
|
build-docker:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
- name: Generate a version.json file describing app release
|
|
run: |
|
|
printf '{"commit":"${{ github.sha }}","version":"${{ github.ref }}","source":"https://github.com/${{ github.repository_owner }}/${{ github.repository }}","build":"${{ github.run_id }}"}\n' > src/backend/people/version.json
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v1
|
|
- name: Build production image
|
|
run: docker build -t people:${{ github.sha }} --target production .
|
|
- name: Check built image availability
|
|
run: docker images "people:${{ github.sha }}*"
|
|
|
|
lint-back:
|
|
runs-on: ubuntu-latest
|
|
defaults:
|
|
run:
|
|
working-directory: src/backend
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
- name: Install Python
|
|
uses: actions/setup-python@v3
|
|
with:
|
|
python-version: '3.10'
|
|
- name: Install development dependencies
|
|
run: pip install --user .[dev]
|
|
- name: Check code formatting with ruff
|
|
run: ~/.local/bin/ruff format . --diff
|
|
- name: Lint code with ruff
|
|
run: ~/.local/bin/ruff check .
|
|
- name: Lint code with pylint
|
|
run: ~/.local/bin/pylint .
|
|
|
|
test-back:
|
|
runs-on: ubuntu-latest
|
|
defaults:
|
|
run:
|
|
working-directory: src/backend
|
|
|
|
services:
|
|
postgres:
|
|
image: postgres:16
|
|
env:
|
|
POSTGRES_DB: people
|
|
POSTGRES_USER: dinum
|
|
POSTGRES_PASSWORD: pass
|
|
ports:
|
|
- 5432:5432
|
|
# needed because the postgres container does not provide a healthcheck
|
|
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
|
|
|
|
env:
|
|
DJANGO_CONFIGURATION: Test
|
|
DJANGO_SETTINGS_MODULE: people.settings
|
|
DJANGO_SECRET_KEY: ThisIsAnExampleKeyForTestPurposeOnly
|
|
DJANGO_JWT_PRIVATE_SIGNING_KEY: ThisIsAnExampleKeyForDevPurposeOnly
|
|
DB_HOST: localhost
|
|
DB_NAME: people
|
|
DB_USER: dinum
|
|
DB_PASSWORD: pass
|
|
DB_PORT: 5432
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
- name: Create writable /data
|
|
run: |
|
|
sudo mkdir -p /data/media && \
|
|
sudo mkdir -p /data/static
|
|
- name: Install Python
|
|
uses: actions/setup-python@v3
|
|
with:
|
|
python-version: '3.10'
|
|
- name: Install development dependencies
|
|
run: pip install --user .[dev]
|
|
- name: Install gettext (required to compile messages)
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y gettext
|
|
- name: Generate a MO file from strings extracted from the project
|
|
run: python manage.py compilemessages
|
|
- name: Run tests
|
|
run: ~/.local/bin/pytest -n 2
|
|
|
|
i18n-crowdin:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Install gettext (required to make messages)
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y gettext
|
|
|
|
- name: Install Python
|
|
uses: actions/setup-python@v3
|
|
with:
|
|
python-version: '3.10'
|
|
|
|
- name: Install development dependencies
|
|
working-directory: src/backend
|
|
run: pip install --user .[dev]
|
|
|
|
- name: Generate the translation base file
|
|
run: ~/.local/bin/django-admin makemessages --keep-pot --all
|
|
|
|
- name: Load sops secrets
|
|
uses: rouja/actions-sops@main
|
|
with:
|
|
secret-file: .github/workflows/secrets.enc.env
|
|
age-key: ${{ secrets.SOPS_PRIVATE }}
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '18.x'
|
|
cache: 'yarn'
|
|
cache-dependency-path: src/frontend/yarn.lock
|
|
|
|
- name: Install dependencies
|
|
run: cd src/frontend/ && yarn install --frozen-lockfile
|
|
|
|
- name: Download sources from Crowdin to stay synchronized
|
|
run: |
|
|
docker run \
|
|
--rm \
|
|
-e CROWDIN_API_TOKEN=$CROWDIN_API_TOKEN \
|
|
-e CROWDIN_PROJECT_ID=$CROWDIN_PROJECT_ID \
|
|
-e CROWDIN_BASE_PATH=$CROWDIN_BASE_PATH \
|
|
-v "${{ github.workspace }}:/app" \
|
|
crowdin/cli:3.16.0 \
|
|
crowdin download sources -c /app/crowdin/config.yml
|
|
|
|
- name: Extract the frontend translation
|
|
run: make frontend-i18n-extract
|
|
|
|
- name: Upload files to Crowdin
|
|
run: |
|
|
docker run \
|
|
--rm \
|
|
-e CROWDIN_API_TOKEN=$CROWDIN_API_TOKEN \
|
|
-e CROWDIN_PROJECT_ID=$CROWDIN_PROJECT_ID \
|
|
-e CROWDIN_BASE_PATH=$CROWDIN_BASE_PATH \
|
|
-v "${{ github.workspace }}:/app" \
|
|
crowdin/cli:3.16.0 \
|
|
crowdin upload sources -c /app/crowdin/config.yml
|
|
|
|
hub:
|
|
runs-on: ubuntu-latest
|
|
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
- name: Generate a version.json file describing app release
|
|
run: |
|
|
printf '{"commit":"${{ github.sha }}","version":"${{ github.ref }}","source":"https://github.com/${{ github.repository_owner }}/${{ github.repository }}","build":"${{ github.run_id }}"}\n' > src/backend/people/version.json
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v1
|
|
- name: Build production image
|
|
run: docker build -t people:${{ github.sha }} --target production .
|
|
- name: Check built images availability
|
|
run: docker images "people:${{ github.sha }}*"
|
|
- name: Load sops secrets
|
|
uses: rouja/actions-sops@main
|
|
with:
|
|
secret-file: .github/workflows/secrets.enc.env
|
|
age-key: ${{ secrets.SOPS_PRIVATE }}
|
|
- name: Login to DockerHub
|
|
run: echo "$DOCKER_HUB_PASSWORD" | docker login -u "$DOCKER_HUB_USER" --password-stdin
|
|
- name: Tag images
|
|
run: |
|
|
DOCKER_TAG=$([[ -z "${{ github.event.ref }}" ]] && echo "${{ github.event.ref }}" || echo "${{ github.event.ref }}" | sed 's/^v//')
|
|
RELEASE_TYPE=$([[ -z "${{ github.event.ref }}" ]] && echo "branch" || echo "tag ")
|
|
echo "DOCKER_TAG: ${DOCKER_TAG} (Git ${RELEASE_TYPE}${{ github.event.ref }})"
|
|
docker tag people:${{ github.sha }} numerique-gouv/people:${DOCKER_TAG}
|
|
if [[ -n "${{ github.event.ref }}" ]]; then
|
|
docker tag people:${{ github.sha }} numerique-gouv/people:latest
|
|
fi
|
|
docker images | grep -E "^numerique-gouv/people\s*(${DOCKER_TAG}.*|latest|main)"
|
|
- name: Publish images
|
|
run: |
|
|
DOCKER_TAG=$([[ -z "${{ github.event.ref }}" ]] && echo "${{ github.event.ref }}" || echo "${{ github.event.ref }}" | sed 's/^v//')
|
|
RELEASE_TYPE=$([[ -z "${{ github.event.ref }}" ]] && echo "branch" || echo "tag ")
|
|
echo "DOCKER_TAG: ${DOCKER_TAG} (Git ${RELEASE_TYPE}${{ github.event.ref }})"
|
|
docker push numerique-gouv/people:${DOCKER_TAG}
|
|
if [[ -n "${{ github.event.ref }}" ]]; then
|
|
docker push numerique-gouv/people:latest
|
|
fi
|