Update CI dependencies #16893
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous integration | |
on: | |
push: | |
branches: | |
- master | |
- '[0-9]+.[0-9]+' | |
tags: | |
- '*' | |
pull_request: | |
env: | |
HAS_SECRETS: ${{ secrets.HAS_SECRETS }} | |
jobs: | |
not-failed-backport: | |
name: Test that's not a failed backport | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 5 | |
steps: | |
- run: 'false' | |
if: github.event.head_commit.message == '[skip ci] Add instructions to finish the backport.' | |
main: | |
name: Continuous integration | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 135 | |
if: "!startsWith(github.event.head_commit.message, '[skip ci] ')" | |
env: | |
MAIN_BRANCH: master | |
MAJOR_VERSION: '2.9' | |
steps: | |
- run: '! ls BACKPORT_TODO' | |
- run: df -h | |
- name: Clean all docker images | |
run: docker system prune --all --force | |
- run: sudo rm -rf /usr/local/lib/android | |
- run: df -h | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
token: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }} | |
if: env.HAS_SECRETS == 'HAS_SECRETS' | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
if: env.HAS_SECRETS != 'HAS_SECRETS' | |
- uses: camptocamp/initialise-gopass-summon-action@v2 | |
with: | |
ci-gpg-private-key: ${{secrets.CI_GPG_PRIVATE_KEY}} | |
github-gopass-ci-token: ${{secrets.GOPASS_CI_GITHUB_TOKEN}} | |
patterns: pypi docker transifex | |
if: env.HAS_SECRETS == 'HAS_SECRETS' | |
- run: echo "${HOME}/.local/bin" >> ${GITHUB_PATH} | |
- run: python3 -m pip install --user --requirement=ci/requirements.txt | |
- run: c2cciutils-download-applications --applications-file=ci/applications.yaml --versions-file=ci/applications-versions.yaml | |
- id: version | |
run: scripts/get-version --auto-increment --github | |
- uses: actions/cache@v4 | |
with: | |
path: ~/.cache/pre-commit | |
key: pre-commit-${{ hashFiles('.pre-commit-config.yaml') }} | |
restore-keys: "pre-commit-${{ hashFiles('.pre-commit-config.yaml') }}\npre-commit-" | |
- run: pre-commit run --all-files | |
- run: git diff --exit-code --patch > /tmp/pre-commit.patch || true | |
if: failure() | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: Apply pre-commit fix.patch | |
path: /tmp/pre-commit.patch | |
retention-days: 1 | |
if: failure() | |
- name: Environment information | |
run: c2cciutils-env | |
- run: python3 -m pip install --user --requirement=requirements.txt | |
# Build images | |
- run: make build-runner | |
- run: make build-tools | |
- run: make checks | |
if: always() | |
- run: make build-config | |
# Build and lint QGIS images | |
- run: QGIS_VERSION=3.34-gdal3.8 make build-qgisserver | |
- run: QGIS_VERSION=3.34-gdal3.8 make prospector-qgisserver | |
# Tests | |
- run: make preparetest | |
- run: c2cciutils-docker-logs | |
if: failure() | |
- run: make tests-commons | |
- run: c2cciutils-docker-logs | |
- run: make tests-geoportal | |
- run: c2cciutils-docker-logs | |
- run: make tests-admin | |
- run: c2cciutils-docker-logs | |
- run: make tests-qgisserver | |
- run: c2cciutils-docker-logs | |
- run: c2cciutils-docker-logs | |
if: always() | |
- run: docker compose down | |
- name: Test version generation for the changelog | |
run: scripts/updated_version latest latest | |
- run: sudo git clean -fdx | |
# Documentation | |
- run: > | |
docker build --tag=camptocamp/geomapfish-doc | |
--build-arg=MAJOR_VERSION=${MAJOR_VERSION} | |
--build-arg=MAIN_BRANCH=${MAIN_BRANCH} | |
doc | |
env: | |
DOCKER_BUILDKIT: '1' | |
- name: Extract documentation | |
run: ci/extract-documentation artifacts/documentations/ || true | |
if: always() | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: Documentation | |
path: artifacts/documentations/ | |
if-no-files-found: ignore | |
retention-days: 5 | |
if: always() | |
# Test App with Docker compose version 2.x | |
- timeout-minutes: 30 | |
run: ci/test-app | |
- name: Docker logs | |
continue-on-error: true | |
run: | | |
cd ${HOME}/workspace/testgeomapfishapp/ | |
c2cciutils-docker-logs | |
if: failure() | |
# Use minimal version from the documentation | |
- uses: actions/setup-python@v5 | |
with: | |
# When we upgrade this we should also upgrade the requirements | |
# in the documentation: doc/integrator/requirements.rst | |
# and the first pyupgrade pre-commit hook in .pre-commit-config.yaml | |
python-version: '3.8' | |
- run: pip install --user --requirement=ci/requirements-project.txt | |
- run: docker compose version | |
# Test App | |
- timeout-minutes: 30 | |
run: ci/test-app | |
- name: Docker logs | |
continue-on-error: true | |
run: | | |
cd ${HOME}/workspace/testgeomapfishapp/ | |
c2cciutils-docker-logs | |
if: failure() | |
- run: git stash | |
- run: git pull --ff-only origin ${{ env.MAIN_BRANCH }} | |
if: > | |
github.ref == format('refs/heads/{0}', env.MAIN_BRANCH) | |
&& env.HAS_SECRETS == 'HAS_SECRETS' | |
- run: git stash pop || true | |
# Test Upgrade | |
- run: DOCKER_TAG=${{ steps.version.outputs.full }} make build-tools | |
- run: DOCKER_TAG=${{ steps.version.outputs.full }} make build-runner | |
- run: DOCKER_TAG=${{ steps.version.outputs.full }} make build-config | |
- run: docker images | grep "<none>" | awk '{print $3}' | xargs --no-run-if-empty docker rmi || true | |
- run: ci/test-upgrade init ${HOME}/workspace | |
- run: ci/test-upgrade 270 ${HOME}/workspace | |
- run: ci/test-upgrade 280 ${HOME}/workspace | |
- run: ci/test-upgrade 29 ${HOME}/workspace | |
- run: ci/test-upgrade cleanup ${HOME}/workspace | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: '3.10' | |
- run: pip install --user --requirement=ci/requirements-back.txt | |
- run: docker compose version | |
- name: Init Git | |
run: | |
git remote set-url origin https://${GITHUB_ACTOR}:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository | |
}} | |
- run: make build-tools | |
- run: make build-runner | |
- run: make build-config | |
- run: ci/create-new-project ${HOME}/workspace geomapfishapp | |
- run: (cd ${HOME}/workspace/geomapfishapp/; ./build) | |
- name: Update the changelog | |
run: ci/changelog ${{ steps.version.outputs.full }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- run: git diff CHANGELOG.md | |
- name: Push version and changelog | |
run: | | |
set -eux | |
git add ci/ci.yaml ci/changelog.yaml CHANGELOG.md | |
git diff --staged --quiet || (\ | |
git commit -m "[skip ci] Update the minor version"; \ | |
git push origin HEAD:${{ env.MAIN_BRANCH }} \ | |
) | |
if: > | |
github.ref == format('refs/heads/{0}', env.MAIN_BRANCH) | |
&& env.HAS_SECRETS == 'HAS_SECRETS' | |
- name: Publish | |
run: > | |
c2cciutils-publish | |
--docker-versions=${{ steps.version.outputs.versions }} | |
--snyk-version=${{ steps.version.outputs.snyk_version }} | |
if: > | |
env.HAS_SECRETS == 'HAS_SECRETS' | |
&& steps.version.outputs.versions != '' | |
- name: Publish version branch to pypi | |
run: | | |
c2cciutils-publish --group=pypi --type=version_tag --version=${{ steps.version.outputs.full }} | |
if: > | |
github.ref == format('refs/heads/{0}', env.MAIN_BRANCH) | |
&& env.HAS_SECRETS == 'HAS_SECRETS' | |
&& env.MAIN_BRANCH != 'master' | |
- run: git diff --exit-code --patch > /tmp/dpkg-versions.patch || true | |
if: failure() | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: Update dpkg versions list.patch | |
path: /tmp/dpkg-versions.patch | |
retention-days: 1 | |
if: failure() | |
- name: Notify demo | |
run: > | |
curl --request POST --header "Content-Type: application/json" | |
--header 'Accept: application/vnd.github.v3+json' | |
--header "Authorization: token ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}" | |
https://api.github.com/repos/camptocamp/demo_geomapfish/dispatches | |
--data '{"event_type": "geomapfish_${{ env.MAJOR_VERSION }}_updated", | |
"client_payload": {"version": "'"${{ steps.version.outputs.upgrade_version }}"'"}}' | |
if: > | |
github.ref == format('refs/heads/{0}', env.MAIN_BRANCH) | |
&& env.HAS_SECRETS == 'HAS_SECRETS' | |
- name: Publish to Transifex | |
run: | | |
git diff || true | |
git status || true | |
git status --ignored || true | |
make build-tools | |
docker run --name=transifex -ti --rm --detach --volume=${HOME}:/root camptocamp/geomapfish-tools tail -f /dev/null | |
docker exec transifex bash -c \ | |
'(cd /opt/c2cgeoportal; make --makefile=dependencies.mk transifex-send)' | |
docker stop transifex | |
env: | |
DOCKER_BUILDKIT: '1' | |
if: > | |
github.ref == format('refs/heads/{0}', env.MAIN_BRANCH) | |
&& env.HAS_SECRETS == 'HAS_SECRETS' | |
- name: Publish documentation to GitHub.io | |
run: ci/publish-documentation | |
if: > | |
github.ref == format('refs/heads/{0}', env.MAIN_BRANCH) | |
&& env.HAS_SECRETS == 'HAS_SECRETS' | |
- run: > | |
docker run --rm --volume=/var/run/docker.sock:/var/run/docker.sock nate/dockviz | |
images --tree | |
if: always() | |
- run: docker images | |
if: always() | |
- run: docker system df | |
if: always() | |
- run: df -h | |
if: always() |