Skip to content

fixes

fixes #838

Workflow file for this run

name: CI
on: [push]
env:
COMPOSE_PROJECT_NAME: build
PS_SUBNET: 172.34.202.0/16
PS_GATEWAY_IP: 172.34.0.1
PHRASEA_DOMAIN: phrasea.local
TRAEFIK_HTTPS_PORT: 4442
TRAEFIK_HTTP_PORT: 8042
HTTPS_PORT_PREFIX: ':4442'
REGISTRY_NAMESPACE: ghcr.io/${{ github.repository_owner }}/ps-
DOCKER_TAG: ${{ github.sha }}
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
VERIFY_SSL: "false"
SENTRY_RELEASE: ${{ github.sha }}
jobs:
build_keycloak:
name: 'Build Keycloak'
uses: ./.github/workflows/build_base.yaml
with:
image: keycloak
context: ./infra/docker/keycloak
target: keycloak
secrets: inherit
build_php-fpm-base:
name: 'Build php-fpm-base'
uses: ./.github/workflows/build_base.yaml
with:
image: php-fpm-base
context: ./infra/docker/php-fpm-base
secrets: inherit
build_configurator:
name: 'Build Configurator'
uses: ./.github/workflows/build_base.yaml
with:
image: configurator
context: ./configurator
secrets: inherit
needs:
- build_php-fpm-base
build_nginx-fpm-base:
name: 'Build nginx-fpm-base'
uses: ./.github/workflows/build_base.yaml
with:
image: nginx-fpm-base
context: ./infra/docker/nginx-fpm-base
secrets: inherit
build_nodejs-base:
name: 'Build nodejs-base'
uses: ./.github/workflows/build_base.yaml
with:
image: nodejs-base
context: ./infra/docker/nodejs-base
secrets: inherit
build_nginx-cache-purge:
name: 'Build nginx-cache-purge'
uses: ./.github/workflows/build_base.yaml
with:
image: nginx-cache-purge
context: ./infra/docker/nginx-cache-purge
secrets: inherit
build_dashboard:
name: 'Build Dashboard'
uses: ./.github/workflows/build.yaml
with:
image: dashboard
context: ./dashboard
secrets: inherit
build_databox_api:
name: 'Build Databox API'
uses: ./.github/workflows/build_api.yaml
with:
prefix: databox
context: ./databox/api
withLibs: true
secrets: inherit
needs:
- build_php-fpm-base
- build_nginx-fpm-base
build_databox_client:
name: 'Build Databox Client'
uses: ./.github/workflows/build.yaml
with:
image: databox-client
context: ./databox/client
withLibs: true
secrets: inherit
needs:
- build_nodejs-base
build_databox_indexer:
name: 'Build Databox Indexer'
uses: ./.github/workflows/build.yaml
with:
image: databox-indexer
context: ./databox/indexer
secrets: inherit
build_expose_api:
name: 'Build Expose API'
uses: ./.github/workflows/build_api.yaml
with:
prefix: expose
context: ./expose/api
withLibs: true
secrets: inherit
needs:
- build_php-fpm-base
- build_nginx-cache-purge
build_expose_client:
name: 'Build Expose Client'
uses: ./.github/workflows/build.yaml
with:
image: expose-client
context: ./expose/client
withLibs: true
secrets: inherit
needs:
- build_nodejs-base
build_matomo_php:
name: 'Build Matomo PHP'
uses: ./.github/workflows/build.yaml
with:
image: matomo-php
context: ./infra/docker/matomo-php
secrets: inherit
build_matomo_nginx:
name: 'Build Matomo NGINX'
uses: ./.github/workflows/build.yaml
with:
image: matomo-nginx
context: ./infra/docker/matomo-nginx
secrets: inherit
build_notify_api:
name: 'Build Notify API'
uses: ./.github/workflows/build_api.yaml
with:
prefix: notify
context: ./notify/api
withLibs: true
secrets: inherit
needs:
- build_php-fpm-base
- build_nginx-fpm-base
build_report_api:
name: 'Build Report API'
uses: ./.github/workflows/build.yaml
with:
image: report-api
context: report
secrets: inherit
build_uploader_api:
name: 'Build Uploader API'
uses: ./.github/workflows/build_api.yaml
with:
prefix: uploader
context: ./uploader/api
withLibs: true
secrets: inherit
needs:
- build_php-fpm-base
- build_nginx-fpm-base
build_uploader_client:
name: 'Build Uploader Client'
uses: ./.github/workflows/build.yaml
with:
image: uploader-client
context: ./uploader/client
withLibs: true
secrets: inherit
needs:
- build_nodejs-base
setup:
name: 'Setup stack'
runs-on: ubuntu-latest
needs:
- build_configurator
- build_dashboard
- build_databox_api
- build_databox_client
- build_databox_indexer
- build_expose_api
- build_expose_client
- build_keycloak
- build_matomo_nginx
- build_matomo_php
- build_notify_api
- build_report_api
- build_uploader_api
- build_uploader_client
steps:
- name: Install mkcert
run: |
sudo apt-get install wget libnss3-tools
wget https://github.com/FiloSottile/mkcert/releases/download/v1.4.3/mkcert-v1.4.3-linux-amd64
sudo mv mkcert-v1.4.3-linux-amd64 /usr/bin/mkcert
sudo chmod +x /usr/bin/mkcert
mkcert -install
- name: Checkout code
uses: actions/checkout@v3
- name: Log in to the Container registry
uses: docker/login-action@v2
with:
registry: ${{ env.IMAGE_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Pull images
run: |
docker compose pull
- name: Setup
run: |
docker compose down --volumes
bin/dev/make-cert.sh
sudo PHRASEA_DOMAIN=${PHRASEA_DOMAIN} bin/dev/append-etc-hosts.sh
bin/setup.sh
- name: Test
run: bin/test.sh
- name: Clean containers
if: ${{ always() }}
run: |
docker compose down --volumes
- name: Login to Docker Hub
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
if: env.DOCKERHUB_USERNAME != null && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/'))
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Push images to Dockerhub
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
if: env.DOCKERHUB_USERNAME != null && startsWith(github.ref, 'refs/tags/')
run: |
docker image ls | grep ${{ env.DOCKER_TAG }} | awk '{ print $1 }' | xargs -I {} echo docker tag {}:${{ env.DOCKER_TAG }} {}:${{ github.ref_name }} | sed "s,${{ env.REGISTRY_NAMESPACE }},alchemyfr/ps-,2" | bash
REGISTRY_NAMESPACE=alchemyfr/ps- DOCKER_TAG=${{ github.ref_name }} docker compose push
set -ex
LATEST_TAG=$(curl \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ github.token }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/${{ github.repository }}/releases/latest | jq --raw-output '.tag_name')
if [ "${LATEST_TAG}" == "${{ github.ref_name }}" ]; then
docker image ls | grep ${{ env.DOCKER_TAG }} | awk '{ print $1 }' | xargs -I {} echo docker tag {}:${{ env.DOCKER_TAG }} {}:latest | sed "s,${{ env.REGISTRY_NAMESPACE }},alchemyfr/ps-,2" | bash
REGISTRY_NAMESPACE=alchemyfr/ps- DOCKER_TAG=latest docker compose push
fi
- name: Configure AWS Credentials
env:
AWS_ECR_ACCESS_KEY_ID: ${{ secrets.AWS_ECR_ACCESS_KEY_ID }}
if: env.AWS_ECR_ACCESS_KEY_ID != null
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ECR_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_ECR_ACCESS_KEY_SECRET }}
aws-region: us-east-1
- name: Login to Amazon ECR Public
id: login-ecr-public
uses: aws-actions/amazon-ecr-login@v1
with:
registry-type: public
- name: Push images to AWS ECR
env:
AWS_ECR_ACCESS_KEY_ID: ${{ secrets.AWS_ECR_ACCESS_KEY_ID }}
REGISTRY_ALIAS: b2s9z7l1
if: env.AWS_ECR_ACCESS_KEY_ID != null
run: |
ECR_REGISTRY="${{ steps.login-ecr-public.outputs.registry }}/${REGISTRY_ALIAS}"
docker image ls | grep ${{ env.DOCKER_TAG }} | awk '{ print $1 }' | xargs -I {} echo docker tag {}:${{ env.DOCKER_TAG }} {}:${{ github.ref_name }} | sed "s,${{ env.REGISTRY_NAMESPACE }},${ECR_REGISTRY}/ps-,2" | bash
REGISTRY_NAMESPACE=${ECR_REGISTRY}/ps- DOCKER_TAG=${{ github.ref_name }} docker compose push
COMPOSE_PROFILES="configurator" REGISTRY_NAMESPACE=${ECR_REGISTRY}/ps- DOCKER_TAG=${{ github.ref_name }} docker compose push