e20960e3e1
Github Actions are transitioning from Node 16 to Node 20. Make sure we use latest Github Actions versions to clean any deprecation warnings. The migration is upcoming.
375 lines
11 KiB
YAML
375 lines
11 KiB
YAML
name: People Workflow
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
tags:
|
|
- 'v*'
|
|
pull_request:
|
|
branches:
|
|
- '*'
|
|
|
|
jobs:
|
|
lint-git:
|
|
runs-on: ubuntu-latest
|
|
if: github.event_name == 'pull_request' # Makes sense only for pull requests
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
- name: show
|
|
run: git log
|
|
- name: Enforce absence of print statements in code
|
|
run: |
|
|
! git diff origin/${{ github.event.pull_request.base.ref }}..HEAD -- . ':(exclude)**/people.yml' | grep "print("
|
|
- name: Check absence of fixup commits
|
|
run: |
|
|
! git log | grep 'fixup!'
|
|
- name: Install gitlint
|
|
run: pip install --user requests gitlint
|
|
- name: Lint commit messages added to main
|
|
run: ~/.local/bin/gitlint --commits origin/${{ github.event.pull_request.base.ref }}..HEAD
|
|
|
|
check-changelog:
|
|
runs-on: ubuntu-latest
|
|
if: |
|
|
contains(github.event.pull_request.labels.*.name, 'noChangeLog') == false &&
|
|
github.event_name == 'pull_request'
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Check that the CHANGELOG has been modified in the current branch
|
|
run: git whatchanged --name-only --pretty="" origin/${{ github.event.pull_request.base.ref }}..HEAD | grep CHANGELOG
|
|
|
|
lint-changelog:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
- name: Check CHANGELOG max line length
|
|
run: |
|
|
max_line_length=$(cat CHANGELOG.md | grep -Ev "^\[.*\]: https://github.com" | wc -L)
|
|
if [ $max_line_length -ge 80 ]; then
|
|
echo "ERROR: CHANGELOG has lines longer than 80 characters."
|
|
exit 1
|
|
fi
|
|
|
|
install-front:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '18.x'
|
|
|
|
- name: Restore the frontend cache
|
|
uses: actions/cache@v4
|
|
id: front-node_modules
|
|
with:
|
|
path: 'src/frontend/**/node_modules'
|
|
key: front-node_modules-${{ hashFiles('src/frontend/**/yarn.lock') }}
|
|
|
|
- name: Install dependencies
|
|
if: steps.front-node_modules.outputs.cache-hit != 'true'
|
|
run: cd src/frontend/ && yarn install --frozen-lockfile
|
|
|
|
- name: Cache install frontend
|
|
if: steps.front-node_modules.outputs.cache-hit != 'true'
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: 'src/frontend/**/node_modules'
|
|
key: front-node_modules-${{ hashFiles('src/frontend/**/yarn.lock') }}
|
|
|
|
build-front:
|
|
runs-on: ubuntu-latest
|
|
needs: install-front
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Restore the frontend cache
|
|
uses: actions/cache@v4
|
|
id: front-node_modules
|
|
with:
|
|
path: 'src/frontend/**/node_modules'
|
|
key: front-node_modules-${{ hashFiles('src/frontend/**/yarn.lock') }}
|
|
|
|
- name: Build CI App
|
|
run: cd src/frontend/ && yarn ci:build
|
|
|
|
- name: Cache build frontend
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: src/frontend/apps/desk/out/
|
|
key: build-front-${{ github.run_id }}
|
|
|
|
test-front:
|
|
runs-on: ubuntu-latest
|
|
needs: install-front
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Restore the frontend cache
|
|
uses: actions/cache@v4
|
|
id: front-node_modules
|
|
with:
|
|
path: 'src/frontend/**/node_modules'
|
|
key: front-node_modules-${{ hashFiles('src/frontend/**/yarn.lock') }}
|
|
|
|
- name: Test App
|
|
run: cd src/frontend/ && yarn app:test
|
|
|
|
lint-front:
|
|
runs-on: ubuntu-latest
|
|
needs: install-front
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Restore the frontend cache
|
|
uses: actions/cache@v4
|
|
id: front-node_modules
|
|
with:
|
|
path: 'src/frontend/**/node_modules'
|
|
key: front-node_modules-${{ hashFiles('src/frontend/**/yarn.lock') }}
|
|
|
|
- name: Check linting
|
|
run: cd src/frontend/ && yarn lint
|
|
|
|
test-e2e:
|
|
runs-on: ubuntu-latest
|
|
needs: [build-mails, build-front]
|
|
timeout-minutes: 10
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set services env variables
|
|
run: |
|
|
make create-env-files
|
|
cat env.d/development/common.e2e.dist >> env.d/development/common
|
|
|
|
- name: Download mails' templates
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: mails-templates
|
|
path: src/backend/core/templates/mail
|
|
|
|
- name: Restore the frontend cache
|
|
uses: actions/cache@v4
|
|
id: front-node_modules
|
|
with:
|
|
path: 'src/frontend/**/node_modules'
|
|
key: front-node_modules-${{ hashFiles('src/frontend/**/yarn.lock') }}
|
|
|
|
- name: Restore the build cache
|
|
uses: actions/cache@v4
|
|
id: cache-build
|
|
with:
|
|
path: src/frontend/apps/desk/out/
|
|
key: build-front-${{ github.run_id }}
|
|
|
|
- name: Build and Start Docker Servers
|
|
env:
|
|
DOCKER_BUILDKIT: 1
|
|
COMPOSE_DOCKER_CLI_BUILD: 1
|
|
run: |
|
|
docker-compose build --pull --build-arg BUILDKIT_INLINE_CACHE=1
|
|
make run
|
|
|
|
- name: Apply DRF migrations
|
|
run: |
|
|
make migrate
|
|
|
|
- name: Add dummy data
|
|
run: |
|
|
make demo FLUSH_ARGS='--no-input'
|
|
|
|
- name: Install Playwright Browsers
|
|
run: cd src/frontend/apps/e2e && yarn install
|
|
|
|
- name: Run e2e tests
|
|
run: cd src/frontend/ && yarn e2e:test
|
|
|
|
- uses: actions/upload-artifact@v4
|
|
if: always()
|
|
with:
|
|
name: playwright-report
|
|
path: src/frontend/apps/e2e/report/
|
|
retention-days: 7
|
|
|
|
build-mails:
|
|
runs-on: ubuntu-latest
|
|
defaults:
|
|
run:
|
|
working-directory: src/mail
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
- name: Install Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '18'
|
|
- name: Install yarn
|
|
run: npm install -g yarn
|
|
- name: Install node dependencies
|
|
run: yarn install --frozen-lockfile
|
|
- name: Build mails
|
|
run: yarn build
|
|
- name: Persist mails' templates
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: mails-templates
|
|
path: src/backend/core/templates/mail
|
|
|
|
lint-back:
|
|
runs-on: ubuntu-latest
|
|
defaults:
|
|
run:
|
|
working-directory: src/backend
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
- name: Install Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: '3.10'
|
|
- name: Install development dependencies
|
|
run: pip install --user .[dev]
|
|
- name: Check code formatting with ruff
|
|
run: ~/.local/bin/ruff format . --diff
|
|
- name: Lint code with ruff
|
|
run: ~/.local/bin/ruff check .
|
|
- name: Lint code with pylint
|
|
run: ~/.local/bin/pylint .
|
|
|
|
test-back:
|
|
runs-on: ubuntu-latest
|
|
needs: build-mails
|
|
defaults:
|
|
run:
|
|
working-directory: src/backend
|
|
|
|
services:
|
|
postgres:
|
|
image: postgres:16
|
|
env:
|
|
POSTGRES_DB: people
|
|
POSTGRES_USER: dinum
|
|
POSTGRES_PASSWORD: pass
|
|
ports:
|
|
- 5432:5432
|
|
# needed because the postgres container does not provide a healthcheck
|
|
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
|
|
|
|
env:
|
|
DJANGO_CONFIGURATION: Test
|
|
DJANGO_SETTINGS_MODULE: people.settings
|
|
DJANGO_SECRET_KEY: ThisIsAnExampleKeyForTestPurposeOnly
|
|
OIDC_OP_JWKS_ENDPOINT: /endpoint-for-test-purpose-only
|
|
DB_HOST: localhost
|
|
DB_NAME: people
|
|
DB_USER: dinum
|
|
DB_PASSWORD: pass
|
|
DB_PORT: 5432
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
- name: Create writable /data
|
|
run: |
|
|
sudo mkdir -p /data/media && \
|
|
sudo mkdir -p /data/static
|
|
- name: Download mails' templates
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: mails-templates
|
|
path: src/backend/core/templates/mail
|
|
- name: Install Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: '3.10'
|
|
- name: Install development dependencies
|
|
run: pip install --user .[dev]
|
|
- name: Install gettext (required to compile messages)
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y gettext
|
|
- name: Generate a MO file from strings extracted from the project
|
|
run: python manage.py compilemessages
|
|
- name: Run tests
|
|
run: ~/.local/bin/pytest -n 2
|
|
|
|
i18n-crowdin:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Install gettext (required to make messages)
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y gettext
|
|
|
|
- name: Install Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: '3.10'
|
|
|
|
- name: Install development dependencies
|
|
working-directory: src/backend
|
|
run: pip install --user .[dev]
|
|
|
|
- name: Generate the translation base file
|
|
run: ~/.local/bin/django-admin makemessages --keep-pot --all
|
|
|
|
- name: Load sops secrets
|
|
uses: rouja/actions-sops@main
|
|
with:
|
|
secret-file: .github/workflows/secrets.enc.env
|
|
age-key: ${{ secrets.SOPS_PRIVATE }}
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '18.x'
|
|
cache: 'yarn'
|
|
cache-dependency-path: src/frontend/yarn.lock
|
|
|
|
- name: Install dependencies
|
|
run: cd src/frontend/ && yarn install --frozen-lockfile
|
|
|
|
- name: Download sources from Crowdin to stay synchronized
|
|
run: |
|
|
docker run \
|
|
--rm \
|
|
-e CROWDIN_API_TOKEN=$CROWDIN_API_TOKEN \
|
|
-e CROWDIN_PROJECT_ID=$CROWDIN_PROJECT_ID \
|
|
-e CROWDIN_BASE_PATH=$CROWDIN_BASE_PATH \
|
|
-v "${{ github.workspace }}:/app" \
|
|
crowdin/cli:3.16.0 \
|
|
crowdin download sources -c /app/crowdin/config.yml
|
|
|
|
- name: Extract the frontend translation
|
|
run: make frontend-i18n-extract
|
|
|
|
- name: Upload files to Crowdin
|
|
run: |
|
|
docker run \
|
|
--rm \
|
|
-e CROWDIN_API_TOKEN=$CROWDIN_API_TOKEN \
|
|
-e CROWDIN_PROJECT_ID=$CROWDIN_PROJECT_ID \
|
|
-e CROWDIN_BASE_PATH=$CROWDIN_BASE_PATH \
|
|
-v "${{ github.workspace }}:/app" \
|
|
crowdin/cli:3.16.0 \
|
|
crowdin upload sources -c /app/crowdin/config.yml
|