1- name : Python check
1+ name : Pre-Commit checks
22
33on :
44 workflow_call :
5- inputs :
6- push_docker_image :
7- type : string # true or false
8- default : " false"
9- secrets :
10- CODECOV_TOKEN :
11- required : true
12- outputs :
13- docker_image_name :
14- description : " Only docker image name"
15- value : ${{ jobs.test.outputs.docker_image_name }}
16- docker_image_tag :
17- description : " Only docker image tag"
18- value : ${{ jobs.test.outputs.docker_image_tag }}
19- docker_image :
20- description : " docker image with tag"
21- value : ${{ jobs.test.outputs.docker_image }}
22- pull_request :
23- # NOTE: For other, they should be run through helm github action ./helm-publish.yml
24-
25- env :
26- COMPOSE_FILE : docker-compose.yaml:.github/gh-docker-compose.yaml
27- DJANGO_SECRET_KEY : " insecure-django-secret-key"
285
296jobs :
307 pre_commit_checks :
3310
3411 steps :
3512 - uses : actions/checkout@main
13+
14+ - uses : astral-sh/setup-uv@v5
15+ with python-version-file : ' .python-version'
16+
3617 - uses : astral-sh/setup-uv@v5
3718 with :
3819 enable-cache : true
@@ -44,143 +25,6 @@ jobs:
4425 run : uv lock --locked --offline
4526
4627 - name : uv sync
47- run : uv sync --all-extras
28+ run : uv sync --all-groups --all- extras
4829
4930 - uses : pre-commit/action@main
50-
51- test :
52- name : Test
53- runs-on : ubuntu-latest
54- needs : pre_commit_checks
55-
56- outputs :
57- docker_image_name : ${{ steps.prep.outputs.tagged_image_name }}
58- docker_image_tag : ${{ steps.prep.outputs.tag }}
59- docker_image : ${{ steps.prep.outputs.tagged_image }}
60-
61- steps :
62- - uses : actions/checkout@main
63-
64- - name : Login to GitHub Container Registry
65- uses : docker/login-action@v3
66- if : ${{ inputs.push_docker_image }}
67- with :
68- registry : ghcr.io
69- username : ${{ github.actor }}
70- password : ${{ secrets.GITHUB_TOKEN }}
71-
72- - name : 🐳 Prepare Docker
73- id : prep
74- env :
75- IMAGE_NAME : ghcr.io/${{ github.repository }}
76- run : |
77- BRANCH_NAME=$(echo $GITHUB_REF_NAME | sed 's|:|-|' | tr '[:upper:]' '[:lower:]' | sed 's/_/-/g' | cut -c1-100 | sed 's/-*$//')
78-
79- # NOTE: `c` is to avoid error by helm if GITHUB_SHA[:7] has only numbers
80- GIT_HASH="c$(echo $GITHUB_SHA | head -c7)"
81-
82- # XXX: Check if there is a slash in the BRANCH_NAME eg: project/add-docker
83- if [[ "$BRANCH_NAME" == *"/"* ]]; then
84- # XXX: Change the docker image package to -alpha
85- IMAGE_NAME="$IMAGE_NAME-alpha"
86- TAG="$(echo "$BRANCH_NAME" | sed 's|/|-|g').$(echo $GIT_HASH)"
87- else
88- TAG="$BRANCH_NAME.$(echo $GIT_HASH)"
89- fi
90-
91- IMAGE_NAME=$(echo $IMAGE_NAME | tr '[:upper:]' '[:lower:]')
92- echo "tagged_image_name=${IMAGE_NAME}" >> $GITHUB_OUTPUT
93- echo "tag=${TAG}" >> $GITHUB_OUTPUT
94- echo "tagged_image=${IMAGE_NAME}:${TAG}" >> $GITHUB_OUTPUT
95- echo "::notice::Tagged docker image: ${IMAGE_NAME}:${TAG}"
96-
97- name : 🐳 Set up Docker Buildx
98- id : buildx
99- uses : docker/setup-buildx-action@v3
100-
101- - name : 🐳 Build image
102- uses : docker/build-push-action@v6
103- with :
104- context : .
105- file : Dockerfile
106- push : false
107- load : true
108- tags : ${{ steps.prep.outputs.tagged_image }}
109- cache-from : type=gha
110- cache-to : type=gha,mode=max
111-
112- - name : Start app resources
113- timeout-minutes : 1
114- env :
115- DOCKER_IMAGE : ${{ steps.prep.outputs.tagged_image }}
116- run : |
117- docker compose run --rm web ./manage.py wait_for_resources --all || {
118- echo 'Failed to wait for the resources';
119- exit 1;
120- }
121-
122- name : Validate if there are no pending django migrations.
123- env :
124- DOCKER_IMAGE : ${{ steps.prep.outputs.tagged_image }}
125- run : |
126- docker compose run --rm web ./manage.py makemigrations --check --dry-run || {
127- echo 'There are some changes to be reflected in the migration. Make sure to run makemigrations';
128- exit 1;
129- }
130-
131- name : Validate latest graphQl schema.
132- env :
133- DOCKER_IMAGE : ${{ steps.prep.outputs.tagged_image }}
134- run : |
135- docker compose run --rm web ./manage.py graphql_schema --out /ci-share/schema-latest.graphql &&
136- cmp --silent schema.graphql ./ci-share/schema-latest.graphql || {
137- echo 'The schema.graphql is not up to date with the latest changes. Please update and push latest';
138- diff schema.graphql ./ci-share/schema-latest.graphql;
139- exit 1;
140- }
141-
142- name : 🤞 Run Test 🧪 & Publish coverage to code climate
143- env :
144- DOCKER_IMAGE : ${{ steps.prep.outputs.tagged_image }}
145- run : docker compose run --rm web /code/misc/run_tests.sh
146-
147- - name : Upload test coverage to Codecov
148- uses : codecov/codecov-action@v5
149- with :
150- token : ${{ secrets.CODECOV_TOKEN }}
151- fail_ci_if_error : true
152-
153- - name : Upload test results to Codecov
154- uses : codecov/test-results-action@v1
155- if : ${{ !cancelled() }}
156- with :
157- token : ${{ secrets.CODECOV_TOKEN }}
158- fail_ci_if_error : true
159-
160- - name : 🐳 Docker push
161- if : ${{ inputs.push_docker_image }}
162- env :
163- IMAGE_TAG : ${{ steps.prep.outputs.tagged_image }}
164- run : docker push $IMAGE_TAG
165-
166- validate_helm :
167- name : Validate Helm
168- runs-on : ubuntu-latest
169-
170- steps :
171- - uses : actions/checkout@main
172-
173- - name : Install Helm
174- uses : azure/setup-helm@v4
175-
176- - name : 🐳 Helm dependency
177- run : |
178- yq --indent 0 '.dependencies | map(select(.repository | test("^oci:") | not)) | map(["helm", "repo", "add", .name, .repository] | join(" ")) | .[]' ./helm/Chart.lock | sh --
179- helm dependency build ./helm/
180-
181- name : Helm lint
182- run : helm lint ./helm --values ./helm/linter_values.yaml
183-
184- - name : Helm template
185- run : helm template ./helm --values ./helm/linter_values.yaml
186-
0 commit comments