Align production with staging (#555) #98
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: build production | |
| # Actions that take place on the 'production' branch. | |
| # Here we only respond to production-grade tags (i.e. "2022.1" or "1.0.0"). | |
| # We build two images - one using the tag and one using 'stable' | |
| # | |
| # If a DOCKERHUB_USERNAME secret is defined the image is pushed. | |
| # --------------- | |
| # Control secrets | |
| # --------------- | |
| # | |
| # At the GitHub 'organisation' or 'project' level you are expected to | |
| # have the following GitHub 'Repository Secrets' defined | |
| # (i.e. via 'Settings -> Secrets'): - | |
| # | |
| # BE_NAMESPACE optional - default xchem | |
| # | |
| # DOCKERHUB_USERNAME optional | |
| # DOCKERHUB_TOKEN optional - required if DOCKERHUB_USERNAME | |
| # | |
| # ----------- | |
| # Environment (GitHub Environments) | |
| # ----------- | |
| # | |
| # (none) | |
| on: | |
| push: | |
| tags: | |
| # Only handle production-grade tags (i.e. "2022.1" or "1.0.0") | |
| - '[0-9]+.[0-9]+' | |
| - '[0-9]+.[0-9]+.[0-9]+' | |
| env: | |
| # The following 'defaults' are used in the 'Initialise workflow variables' step, | |
| # which creates 'outputs' for use in steps and jobs that follow it. | |
| # The values set here are used unless a matching secret is found. | |
| # Secrets are the way users dynamically control the behaviour of this Action. | |
| # | |
| # For Jobs conditional on the presence of a secret see this Gist... | |
| # https://gist.github.com/jonico/24ffebee6d2fa2e679389fac8aef50a3 | |
| BE_NAMESPACE: xchem | |
| FE_IMAGE_TAG: stable | |
| FE_NAMESPACE: xchem | |
| STACK_BRANCH: master | |
| STACK_GITHUB_NAMESPACE: xchem | |
| STACK_NAMESPACE: xchem | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| push: ${{ steps.vars.outputs.push }} | |
| tag: ${{ steps.vars.outputs.tag }} | |
| trigger: ${{ steps.vars.outputs.trigger }} | |
| steps: | |
| - name: Inject slug/short variables | |
| uses: rlespinasse/github-slug-action@v4 | |
| - name: Initialise workflow variables | |
| id: vars | |
| env: | |
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
| TRIGGER_DOWNSTREAM: ${{ secrets.TRIGGER_DOWNSTREAM }} | |
| run: | | |
| # BE_NAMESPACE | |
| BE_NAMESPACE="${{ env.BE_NAMESPACE }}" | |
| if [ -n "${{ secrets.BE_NAMESPACE }}" ]; then BE_NAMESPACE="${{ secrets.BE_NAMESPACE }}"; fi | |
| echo BE_NAMESPACE=${BE_NAMESPACE} | |
| echo "BE_NAMESPACE=${BE_NAMESPACE}" >> $GITHUB_OUTPUT | |
| # FE_IMAGE_TAG | |
| FE_IMAGE_TAG="${{ env.FE_IMAGE_TAG }}" | |
| if [ -n "${{ secrets.FE_IMAGE_TAG }}" ]; then FE_IMAGE_TAG="${{ secrets.FE_IMAGE_TAG }}"; fi | |
| echo FE_IMAGE_TAG=${FE_IMAGE_TAG} | |
| echo "FE_IMAGE_TAG=${FE_IMAGE_TAG}" >> $GITHUB_OUTPUT | |
| # FE_NAMESPACE | |
| FE_NAMESPACE="${{ env.FE_NAMESPACE }}" | |
| if [ -n "${{ secrets.FE_NAMESPACE }}" ]; then FE_NAMESPACE="${{ secrets.FE_NAMESPACE }}"; fi | |
| echo FE_NAMESPACE=${FE_NAMESPACE} | |
| echo "FE_NAMESPACE=${FE_NAMESPACE}" >> $GITHUB_OUTPUT | |
| # STACK_BRANCH | |
| STACK_BRANCH="${{ env.STACK_BRANCH }}" | |
| if [ -n "${{ secrets.STACK_BRANCH }}" ]; then STACK_BRANCH="${{ secrets.STACK_BRANCH }}"; fi | |
| echo STACK_BRANCH=${STACK_BRANCH} | |
| echo "STACK_BRANCH=${STACK_BRANCH}" >> $GITHUB_OUTPUT | |
| # STACK_GITHUB_NAMESPACE | |
| STACK_GITHUB_NAMESPACE="${{ env.STACK_GITHUB_NAMESPACE }}" | |
| if [ -n "${{ secrets.STACK_GITHUB_NAMESPACE }}" ]; then STACK_GITHUB_NAMESPACE="${{ secrets.STACK_GITHUB_NAMESPACE }}"; fi | |
| echo STACK_GITHUB_NAMESPACE=${STACK_GITHUB_NAMESPACE} | |
| echo "STACK_GITHUB_NAMESPACE=${STACK_GITHUB_NAMESPACE}" >> $GITHUB_OUTPUT | |
| # STACK_NAMESPACE | |
| STACK_NAMESPACE="${{ env.STACK_NAMESPACE }}" | |
| if [ -n "${{ secrets.STACK_NAMESPACE }}" ]; then STACK_NAMESPACE="${{ secrets.STACK_NAMESPACE }}"; fi | |
| echo STACK_NAMESPACE=${STACK_NAMESPACE} | |
| echo "STACK_NAMESPACE=${STACK_NAMESPACE}" >> $GITHUB_OUTPUT | |
| # What image tag are we using? 'latest' (if not tagged) or a GitHub tag? | |
| TAG="latest" | |
| if [[ "${{ github.ref }}" =~ ^refs/tags/ ]]; then TAG="${{ env.GITHUB_REF_SLUG }}"; fi | |
| echo tag=${TAG} | |
| echo "tag=${TAG}" >> $GITHUB_OUTPUT | |
| # Do we push, i.e. is DOCKERHUB_USERNAME defined? | |
| echo push=${{ env.DOCKERHUB_USERNAME != '' }} | |
| echo "push=${{ env.DOCKERHUB_USERNAME != '' }}" >> $GITHUB_OUTPUT | |
| # Do we trigger downstream, i.e. is TRIGGER_DOWNSTREAM 'yes'? | |
| echo trigger=${{ env.TRIGGER_DOWNSTREAM == 'yes' }} | |
| echo "trigger=${{ env.TRIGGER_DOWNSTREAM == 'yes' }}" >> $GITHUB_OUTPUT | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Lint Dockerfile | |
| uses: hadolint/[email protected] | |
| with: | |
| dockerfile: Dockerfile | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| - name: Run pre-commit (all files) | |
| run: | | |
| pip install --requirement build-requirements.txt | |
| pre-commit run --all-files | |
| - name: Build | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| tags: | | |
| ${{ steps.vars.outputs.BE_NAMESPACE }}/fragalysis-backend:${{ steps.vars.outputs.tag }} | |
| ${{ steps.vars.outputs.BE_NAMESPACE }}/fragalysis-backend:stable | |
| - name: Test | |
| run: > | |
| docker-compose -f docker-compose.test.yml up | |
| --build | |
| --exit-code-from tests | |
| --abort-on-container-exit | |
| env: | |
| BE_NAMESPACE: ${{ steps.vars.outputs.BE_NAMESPACE }} | |
| BE_IMAGE_TAG: ${{ steps.vars.outputs.tag }} | |
| - name: Login to DockerHub | |
| if: steps.vars.outputs.push == 'true' | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Push | |
| if: steps.vars.outputs.push == 'true' | |
| run: | | |
| docker push ${{ steps.vars.outputs.BE_NAMESPACE }}/fragalysis-backend:${{ steps.vars.outputs.tag }} | |
| docker push ${{ steps.vars.outputs.BE_NAMESPACE }}/fragalysis-backend:stable | |
| # Trigger the stack build (expected for every tagged production branch). | |
| - name: Trigger stack | |
| if: steps.vars.outputs.trigger == 'true' | |
| uses: informaticsmatters/trigger-ci-action@v1 | |
| with: | |
| ci-owner: ${{ steps.vars.outputs.STACK_GITHUB_NAMESPACE }} | |
| ci-repository: fragalysis-stack | |
| ci-name: build main | |
| ci-ref: refs/heads/${{ steps.vars.outputs.STACK_BRANCH }} | |
| ci-inputs: >- | |
| be_namespace=${{ steps.vars.outputs.BE_NAMESPACE }} | |
| be_image_tag=${{ steps.vars.outputs.tag }} | |
| fe_namespace=${{ steps.vars.outputs.FE_NAMESPACE }} | |
| fe_image_tag=${{ steps.vars.outputs.FE_IMAGE_TAG }} | |
| stack_namespace=${{ steps.vars.outputs.STACK_NAMESPACE }} | |
| ci-user: ${{ secrets.STACK_USER }} | |
| ci-user-token: ${{ secrets.STACK_USER_TOKEN }} |