Skip to content

WIP

WIP #870

Workflow file for this run

name: CI
on: [push]
env:
COMPOSE_PROJECT_NAME: build
PS_SUBNET: 172.34.202.0/16
PS_GATEWAY_IP: 172.34.0.1
PHRASEA_DOMAIN: phrasea.local
TRAEFIK_HTTPS_PORT: 4442
TRAEFIK_HTTP_PORT: 8042
HTTPS_PORT_PREFIX: ':4442'
REGISTRY_NAMESPACE: ghcr.io/${{ github.repository_owner }}/ps-
DOCKER_TAG: ${{ github.sha }}
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
jobs:
build_php-fpm-base:
name: 'Build php-fpm-base'
uses: ./.github/workflows/build_base.yaml
with:
image: php-fpm-base
context: ./infra/docker/php-fpm-base
secrets: inherit
build_nginx-fpm-base:
name: 'Build nginx-fpm-base'
uses: ./.github/workflows/build_base.yaml
with:
image: nginx-fpm-base
context: ./infra/docker/nginx-fpm-base
secrets: inherit
build_nodejs-base:
name: 'Build nodejs-base'
uses: ./.github/workflows/build_base.yaml
with:
image: nodejs-base
context: ./infra/docker/nodejs-base
secrets: inherit
build_nginx-cache-purge:
name: 'Build nginx-cache-purge'
uses: ./.github/workflows/build_base.yaml
with:
image: nginx-cache-purge
context: ./infra/docker/nginx-cache-purge
secrets: inherit
build_auth_api:
name: 'Build Auth API'
strategy:
matrix:
images: [api-php, api-nginx, worker]
uses: ./.github/workflows/build.yaml
with:
image: auth-${{ matrix.images }}
context: ./auth/api
target: ${{ matrix.images }}
withLibs: true
secrets: inherit
needs:
- build_php-fpm-base
- build_nginx-fpm-base
build_dashboard:
name: 'Build Dashboard'
uses: ./.github/workflows/build.yaml
with:
image: dashboard
context: ./dashboard
secrets: inherit
build_databox_api:
name: 'Build Databox API'
strategy:
matrix:
images: [api-php, api-nginx, worker]
uses: ./.github/workflows/build.yaml
with:
image: databox-${{ matrix.images }}
context: ./databox/api
target: ${{ matrix.images }}
withLibs: true
secrets: inherit
needs:
- build_php-fpm-base
- build_nginx-fpm-base
build_databox_client:
name: 'Build Databox Client'
uses: ./.github/workflows/build.yaml
with:
image: databox-client
context: ./databox/client
withLibs: true
secrets: inherit
needs:
- build_nodejs-base
build_databox_indexer:
name: 'Build Databox Indexer'
uses: ./.github/workflows/build.yaml
with:
image: databox-indexer
context: ./databox/indexer
secrets: inherit
build_expose_api:
name: 'Build Expose API'
strategy:
matrix:
images: [api-php, api-nginx, worker]
uses: ./.github/workflows/build.yaml
with:
image: expose-${{ matrix.images }}
context: ./expose/api
target: ${{ matrix.images }}
withLibs: true
secrets: inherit
needs:
- build_php-fpm-base
- build_nginx-cache-purge
build_expose_client:
name: 'Build Expose Client'
uses: ./.github/workflows/build.yaml
with:
image: expose-client
context: ./expose/client
withLibs: true
secrets: inherit
needs:
- build_nodejs-base
build_matomo:
name: 'Build Matomo'
strategy:
matrix:
images: [php, nginx]
uses: ./.github/workflows/build.yaml
with:
image: matomo-${{ matrix.images }}
context: ./infra/docker/matomo-${{ matrix.images }}
secrets: inherit
build_notify_api:
name: 'Build Notify API'
strategy:
matrix:
images: [api-php, api-nginx, worker]
uses: ./.github/workflows/build.yaml
with:
image: notify-${{ matrix.images }}
context: ./notify/api
target: ${{ matrix.images }}
withLibs: true
secrets: inherit
needs:
- build_php-fpm-base
- build_nginx-fpm-base
build_report_api:
name: 'Build Report API'
uses: ./.github/workflows/build.yaml
with:
image: report-api
context: report
secrets: inherit
build_uploader_api:
name: 'Build Uploader API'
strategy:
matrix:
images: [api-php, api-nginx, worker]
uses: ./.github/workflows/build.yaml
with:
image: uploader-${{ matrix.images }}
context: ./uploader/api
target: ${{ matrix.images }}
withLibs: true
secrets: inherit
needs:
- build_php-fpm-base
- build_nginx-fpm-base
build_uploader_client:
name: 'Build Uploader Client'
uses: ./.github/workflows/build.yaml
with:
image: uploader-client
context: ./uploader/client
withLibs: true
secrets: inherit
needs:
- build_nodejs-base
setup:
name: 'Setup stack'
runs-on: ubuntu-latest
needs:
- build_auth_api
- build_dashboard
- build_databox_api
- build_databox_client
- build_databox_indexer
- build_expose_api
- build_expose_client
- build_matomo
- build_notify_api
- build_report_api
- build_uploader_api
- build_uploader_client
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Log in to the Container registry
uses: docker/login-action@v2
with:
registry: ${{ env.IMAGE_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Pull images
run: |
docker compose pull
- name: Setup
run: |
docker compose down --volumes
sudo PHRASEA_DOMAIN=${PHRASEA_DOMAIN} bin/dev/append-etc-hosts.sh
bin/setup.sh
- name: Test
run: bin/test.sh
- name: Clean containers
if: ${{ always() }}
run: |
docker compose down --volumes
- name: Login to Docker Hub
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
if: env.DOCKERHUB_USERNAME != null && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/'))
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Push images to Dockerhub
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
if: env.DOCKERHUB_USERNAME != null && startsWith(github.ref, 'refs/tags/')
run: |
docker image ls | grep ${{ env.DOCKER_TAG }} | awk '{ print $1 }' | xargs -I {} echo docker tag {}:${{ env.DOCKER_TAG }} {}:${{ github.ref_name }} | sed "s,${{ env.REGISTRY_NAMESPACE }},alchemyfr/ps-,2" | bash
REGISTRY_NAMESPACE=alchemyfr/ps- DOCKER_TAG=${{ github.ref_name }} docker compose push
set -ex
LATEST_TAG=$(curl \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ github.token }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/${{ github.repository }}/releases/latest | jq --raw-output '.tag_name')
if [ "${LATEST_TAG}" == "${{ github.ref_name }}" ]; then
docker image ls | grep ${{ env.DOCKER_TAG }} | awk '{ print $1 }' | xargs -I {} echo docker tag {}:${{ env.DOCKER_TAG }} {}:latest | sed "s,${{ env.REGISTRY_NAMESPACE }},alchemyfr/ps-,2" | bash
REGISTRY_NAMESPACE=alchemyfr/ps- DOCKER_TAG=latest docker compose push
fi
- name: Configure AWS Credentials
env:
AWS_ECR_ACCESS_KEY_ID: ${{ secrets.AWS_ECR_ACCESS_KEY_ID }}
if: env.AWS_ECR_ACCESS_KEY_ID != null
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ECR_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_ECR_ACCESS_KEY_SECRET }}
aws-region: us-east-1
- name: Login to Amazon ECR Public
id: login-ecr-public
uses: aws-actions/amazon-ecr-login@v1
with:
registry-type: public
- name: Push images to AWS ECR
env:
AWS_ECR_ACCESS_KEY_ID: ${{ secrets.AWS_ECR_ACCESS_KEY_ID }}
REGISTRY_ALIAS: b2s9z7l1
if: env.AWS_ECR_ACCESS_KEY_ID != null
run: |
ECR_REGISTRY="${{ steps.login-ecr-public.outputs.registry }}/${REGISTRY_ALIAS}"
docker image ls | grep ${{ env.DOCKER_TAG }} | awk '{ print $1 }' | xargs -I {} echo docker tag {}:${{ env.DOCKER_TAG }} {}:${{ github.ref_name }} | sed "s,${{ env.REGISTRY_NAMESPACE }},${ECR_REGISTRY}/ps-,2" | bash
REGISTRY_NAMESPACE=${ECR_REGISTRY}/ps- DOCKER_TAG=${{ github.ref_name }} docker compose push