Triggered by informatter #32
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Full Stack CI/CD Pipeline | |
| # TODO run unit tests when available | |
| run-name: Triggered by ${{ github.actor }} | |
| on: | |
| push: | |
| # runs action on pushes to develop and master | |
| branches: | |
| - master | |
| - develop | |
| # runs action on PRs to develop | |
| pull_request: | |
| branches: | |
| - develop | |
| env: | |
| PYTHON_VERSION: "3.11.7" | |
| POETRY_VERSION: "1.8.2" | |
| jobs: | |
| lint_backend: | |
| name: Lint Backend | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| #sets the working directory to the backend dir for all the lint_backend job | |
| working-directory: ./backend | |
| steps: | |
| #- name: Checkout Repository | |
| - uses: actions/checkout@v4 | |
| # steps: | |
| # - uses: actions/checkout@v3 | |
| # - name: Install poetry | |
| # run: pipx install poetry | |
| # - uses: actions/setup-python@v3 | |
| # with: | |
| # python-version: '3.9' | |
| # cache: 'poetry' | |
| # - run: poetry install | |
| # - run: poetry run pytest | |
| - name: Install poetry | |
| run: | | |
| pipx install poetry==${{ env.POETRY_VERSION }} | |
| poetry --version | |
| #- name: Set up Python ${{ env.PYTHON_VERSION }} | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| cache: 'poetry' # caching pip dependencies | |
| - name: Install Dependencies | |
| run: poetry install --no-root | |
| # - run: | | |
| # pip install poetry==${{ env.POETRY_VERSION }} | |
| # poetry --version | |
| # poetry install --no-root | |
| # - name: Install poetry | |
| # run: | | |
| # pipx install poetry==${{ env.POETRY_VERSION }} | |
| # poetry --version | |
| # poetry install --no-root | |
| # - name: Display Python version | |
| # run: python --version | |
| # - name: Install Poetry | |
| # run: | | |
| # ls -la . | |
| # pip install poetry | |
| # - name: Print Poetry Version | |
| # run: poetry --version | |
| # - name: Install Poetry Dependencies | |
| # run: | | |
| # poetry install --no-root | |
| - name: Run Linting | |
| id: backend_linting_step | |
| run: | | |
| poetry run ruff check . | |
| poetry run pyright . | |
| poetry run bandit -r . | |
| # - name: Extract Current Branch Name | |
| # id: extract_branch_name | |
| # run: | | |
| # if [[ "${GITHUB_EVENT_NAME}" == "push" ]]; then | |
| # echo "::set-output name=branch::$(echo ${GITHUB_REF##*/})" | |
| # elif [[ "${GITHUB_EVENT_NAME}" == "pull_request" ]]; then | |
| # echo "::set-output name=branch::$(echo $GITHUB_BASE_REF)" | |
| # else | |
| # echo "::set-output name=branch::INVALID_EVENT_BRANCH_UNKNOWN" | |
| # fi | |
| # - name: Configure AWS credentials | |
| # if: ${{ steps.backend_linting_step.outcome == 'success' }} | |
| # uses: aws-actions/configure-aws-credentials@v4 | |
| # # Change to use GitHub's OIDC provider which uses JWTs instead of IAM credentials see: https://github.com/aws-actions/configure-aws-credentials | |
| # with: | |
| # arn:aws:iam::${{secrets.AWS_ACCOUNT_ID}}:role/GithHubActionsInformatter | |
| # #arn:aws:iam::${{secrets.AWS_ACCOUNT_ID}}:user/github-actions-image-push | |
| # role-to-assume: arn:aws:iam::${{secrets.AWS_ACCOUNT_ID}}:role/GithHubActionsInformatter | |
| # # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| # # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| # aws-region: ${{ secrets.AWS_REGION }} | |
| # - name: Login to Amazon ECR | |
| # id: login-ecr | |
| # uses: aws-actions/amazon-ecr-login@v2 | |
| # - name: Build And Push Image To AWS ECR | |
| # env: | |
| # IMAGE_TAG: ${{ steps.extract_branch_name.outputs.branch }} | |
| # REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| # REPOSITORY: sample-ai-rag-app | |
| # run: | | |
| # ls -la | |
| # docker build --tag $REGISTRY/$REPOSITORY:$IMAGE_TAG --file backend.dockerfile . | |
| # docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
| # TODO only enable on pushes | |
| deploy_backend: | |
| needs: lint_backend | |
| name: Deploy Backend | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| #sets the working directory to the backend dir for all the lint_backend job | |
| working-directory: ./backend | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| # - name: Print Poetry Version | |
| # run: poetry --version # command will fail because its not currently installed | |
| - name: ls la | |
| run: ls -la | |
| - name: Branch used | |
| id: extract_branch_name | |
| run: | | |
| if [[ "${GITHUB_EVENT_NAME}" == "push" ]]; then | |
| echo "::set-output name=branch::$(echo ${GITHUB_REF##*/})" | |
| elif [[ "${GITHUB_EVENT_NAME}" == "pull_request" ]]; then | |
| echo "::set-output name=branch::$(echo $GITHUB_BASE_REF)" | |
| else | |
| echo "::set-output name=branch::INVALID_EVENT_BRANCH_UNKNOWN" | |
| fi | |
| - name: Configure AWS credentials | |
| if: ${{ steps.backend_linting_step.outcome == 'success' }} | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| # Change to use GitHub's OIDC provider which uses JWTs instead of IAM credentials see: https://github.com/aws-actions/configure-aws-credentials | |
| with: | |
| #arn:aws:iam::${{secrets.AWS_ACCOUNT_ID}}:user/github-actions-image-push | |
| role-to-assume: arn:aws:iam::${{secrets.AWS_ACCOUNT_ID}}:role/GithHubActionsInformatter | |
| # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Build, tag, and push docker image to Amazon ECR | |
| env: | |
| IMAGE_TAG: ${{ steps.extract_branch_name.outputs.branch }} | |
| REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| REPOSITORY: sample-ai-rag-app | |
| #docker build -t rag-api:local -f backend.dockerfile . | |
| run: | | |
| ls -la | |
| docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG -f backend.dockerfile . | |
| docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
| # TODO | |
| # lint_frontend: | |
| # name: Lint Frontend | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout Repository | |
| # uses: actions/checkout@v4 | |
| # - name: Set up Node.js | |
| # uses: actions/setup-node@v4 | |
| # with: | |
| # node-version: '16' | |
| # - name: Install Dependencies | |
| # run: npm install | |
| # - name: Run ESLint | |
| # run: | | |
| # npm run lint |