chore(deps): update actions/checkout action to v6 #330
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Python check | |
| on: | |
| workflow_call: | |
| inputs: | |
| push_docker_image: | |
| type: string # true or false | |
| default: "false" | |
| outputs: | |
| docker_image_name: | |
| description: "Only docker image name" | |
| value: ${{ jobs.test.outputs.docker_image_name }} | |
| docker_image_tag: | |
| description: "Only docker image tag" | |
| value: ${{ jobs.test.outputs.docker_image_tag }} | |
| docker_image: | |
| description: "docker image with tag" | |
| value: ${{ jobs.test.outputs.docker_image }} | |
| pull_request: | |
| # NOTE: For other, they should be run through helm github action ./helm-publish.yml | |
| env: | |
| COMPOSE_FILE: gh-docker-compose.yml | |
| jobs: | |
| pre_commit_checks: | |
| name: Pre-Commit checks | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@main | |
| - uses: actions/setup-python@v5 | |
| - uses: astral-sh/setup-uv@v6 | |
| with: | |
| enable-cache: true | |
| - name: Sync | |
| run: uv sync --all-extras | |
| - uses: pre-commit/action@main | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| needs: pre_commit_checks | |
| outputs: | |
| docker_image_name: ${{ steps.prep.outputs.tagged_image_name }} | |
| docker_image_tag: ${{ steps.prep.outputs.tag }} | |
| docker_image: ${{ steps.prep.outputs.tagged_image }} | |
| steps: | |
| - uses: actions/checkout@main | |
| with: | |
| submodules: true | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| if: ${{ inputs.push_docker_image }} | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: 🐳 Prepare Docker | |
| id: prep | |
| env: | |
| IMAGE_NAME: ghcr.io/${{ github.repository }} | |
| run: | | |
| BRANCH_NAME=$(echo $GITHUB_REF_NAME | sed 's|:|-|' | tr '[:upper:]' '[:lower:]' | sed 's/_/-/g' | cut -c1-100 | sed 's/-*$//') | |
| # XXX: Check if there is a slash in the BRANCH_NAME eg: project/add-docker | |
| if [[ "$BRANCH_NAME" == *"/"* ]]; then | |
| # XXX: Change the docker image package to -dev | |
| IMAGE_NAME="$IMAGE_NAME-dev" | |
| TAG="$(echo "$BRANCH_NAME" | sed 's|/|-|g').c$(echo $GITHUB_SHA | head -c7)" | |
| else | |
| TAG="$BRANCH_NAME.c$(echo $GITHUB_SHA | head -c7)" | |
| fi | |
| IMAGE_NAME=$(echo $IMAGE_NAME | tr '[:upper:]' '[:lower:]') | |
| echo "tagged_image_name=${IMAGE_NAME}" >> $GITHUB_OUTPUT | |
| echo "tag=${TAG}" >> $GITHUB_OUTPUT | |
| echo "tagged_image=${IMAGE_NAME}:${TAG}" >> $GITHUB_OUTPUT | |
| echo "::notice::Tagged docker image: ${IMAGE_NAME}:${TAG}" | |
| - name: 🐳 Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: 🐳 Cache Docker layers | |
| uses: actions/cache@v4 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.ref }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx-refs/develop | |
| ${{ runner.os }}-buildx- | |
| - name: 🐳 Build image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| builder: ${{ steps.buildx.outputs.name }} | |
| file: Dockerfile | |
| push: false | |
| load: true | |
| provenance: false # XXX: Without this we have untagged images in ghcr.io | |
| tags: ${{ steps.prep.outputs.tagged_image }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Prep django containers | |
| env: | |
| DOCKER_IMAGE_BACKEND: ${{ steps.prep.outputs.tagged_image }} | |
| run: | | |
| touch .env && docker compose run --rm web bash -c 'wait-for-it db:5432 && ./manage.py check' | |
| - name: 🕮 Validate if there are no pending django migrations. | |
| env: | |
| DOCKER_IMAGE_BACKEND: ${{ steps.prep.outputs.tagged_image }} | |
| run: | | |
| docker compose run --rm web bash -c './manage.py makemigrations --check --dry-run' || { | |
| echo 'There are some changes to be reflected in the migration. Make sure to run makemigrations'; | |
| exit 1; | |
| } | |
| - name: 🕮 Validate latest graphql schema. | |
| env: | |
| DOCKER_IMAGE_BACKEND: ${{ steps.prep.outputs.tagged_image }} | |
| run: | | |
| docker compose run --rm web bash -c 'wait-for-it db:5432 && ./manage.py graphql_schema --out /ci-share/schema-latest.graphql' && | |
| cmp --silent schema.graphql ./ci-share/schema-latest.graphql || { | |
| echo 'The schema.graphql is not up to date with the latest changes. Please update and push latest'; | |
| diff schema.graphql ./ci-share/schema-latest.graphql; | |
| exit 1; | |
| } | |
| # TODO: Replace codeclimate with codecov? | |
| - name: 🤞 Run Test 🧪 & Publish coverage to code climate | |
| env: | |
| CC_TEST_REPORTER_ID: ${{ secrets.CODE_CLIMATE_ID }} | |
| DOCKER_IMAGE_BACKEND: ${{ steps.prep.outputs.tagged_image }} | |
| run: docker compose run --rm web /code/scripts/run_tests.sh | |
| - name: 🐳 Docker push | |
| if: ${{ inputs.push_docker_image }} | |
| env: | |
| DOCKER_IMAGE_BACKEND: ${{ steps.prep.outputs.tagged_image }} | |
| run: docker push $DOCKER_IMAGE_BACKEND | |
| validate_helm: | |
| name: Validate Helm | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@main | |
| - name: Install Helm | |
| uses: azure/setup-helm@v4 | |
| - name: 🐳 Helm dependency | |
| run: | | |
| yq --indent 0 '.dependencies | map(select(.repository | test("^oci:") | not)) | map(["helm", "repo", "add", .name, .repository] | join(" ")) | .[]' ./helm/Chart.lock | sh -- | |
| helm dependency build ./helm/ | |
| - name: Helm lint | |
| run: helm lint ./helm --values ./helm/linter_values.yaml | |
| - name: Helm template | |
| run: helm template ./helm --values ./helm/linter_values.yaml |