Skip to content

Safe check JSON for checking Wharton (#199) #1060

Safe check JSON for checking Wharton (#199)

Safe check JSON for checking Wharton (#199) #1060

# Generated by cdkactions. Do not modify
# Generated as part of the 'application' stack.
name: Build and Deploy
on: push
jobs:
django-check:
name: Django Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Cache
uses: actions/cache@v2
with:
path: ~/.local/share/virtualenvs
key: v0-${{ hashFiles('backend/Pipfile.lock') }}
- name: Install Dependencies
run: |-
cd backend
pip install pipenv
pipenv install --deploy --dev
- name: Lint (flake8)
run: |-
cd backend
pipenv run flake8 .
- name: Lint (black)
run: |-
cd backend
pipenv run black --check .
# - name: Test (run in parallel)
# run: |-
# cd backend
# pipenv run coverage run --concurrency=multiprocessing manage.py test --settings=pennmobile.settings.ci --parallel
# pipenv run coverage combine
# - name: Upload Code Coverage
# run: |-
# ROOT=$(pwd)
# cd backend
# pipenv run codecov --root $ROOT --flags backend
container:
image: python:3.9.14-buster
env:
DATABASE_URL: postgres://postgres:postgres@postgres:5432/postgres
services:
postgres:
image: postgres:12
env:
POSTGRES_USER: postgres
POSTGRES_DB: postgres
POSTGRES_PASSWORD: postgres
options: "--health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5"
publish-backend:
name: Publish backend
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: docker/setup-qemu-action@v1
- uses: docker/setup-buildx-action@v1
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: buildx-publish-backend
- uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build/Publish
uses: docker/build-push-action@v2
with:
context: backend
file: backend/Dockerfile
push: ${{ github.ref == 'refs/heads/master' }}
cache-from: type=local,src=/tmp/.buildx-cache,type=registry,ref=pennlabs/penn-mobile-backend:latest
cache-to: type=local,dest=/tmp/.buildx-cache
tags: pennlabs/penn-mobile-backend:latest,pennlabs/penn-mobile-backend:${{ github.sha }}
needs: django-check
react-check:
name: React Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Cache
uses: actions/cache@v2
with:
path: "**/node_modules"
key: v0-${{ hashFiles('frontend/yarn.lock') }}
- name: Install Dependencies
run: |-
cd frontend
yarn install --frozen-lockfile
- name: Lint
run: |-
cd frontend
yarn lint
- name: Test
run: |-
cd frontend
yarn test
- name: Upload Code Coverage
run: |-
ROOT=$(pwd)
cd frontend
yarn run codecov -p $ROOT -F frontend
container:
image: node:14
publish-frontend:
name: Publish frontend
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: docker/setup-qemu-action@v1
- uses: docker/setup-buildx-action@v1
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: buildx-publish-frontend
- uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build/Publish
uses: docker/build-push-action@v2
with:
context: frontend
file: frontend/Dockerfile
push: ${{ github.ref == 'refs/heads/master' }}
cache-from: type=local,src=/tmp/.buildx-cache,type=registry,ref=pennlabs/penn-mobile-frontend:latest
cache-to: type=local,dest=/tmp/.buildx-cache
tags: pennlabs/penn-mobile-frontend:latest,pennlabs/penn-mobile-frontend:${{ github.sha }}
needs: react-check
deploy:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/master'
steps:
- uses: actions/checkout@v2
- id: synth
name: Synth cdk8s manifests
run: |-
cd k8s
yarn install --frozen-lockfile
# get repo name (by removing owner/organization)
export RELEASE_NAME=${REPOSITORY#*/}
# Export RELEASE_NAME as an output
echo "::set-output name=RELEASE_NAME::$RELEASE_NAME"
yarn build
env:
GIT_SHA: ${{ github.sha }}
REPOSITORY: ${{ github.repository }}
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
- name: Deploy
run: |-
aws eks --region us-east-1 update-kubeconfig --name production --role-arn arn:aws:iam::${AWS_ACCOUNT_ID}:role/kubectl
# get repo name from synth step
RELEASE_NAME=${{ steps.synth.outputs.RELEASE_NAME }}
# Deploy
kubectl apply -f k8s/dist/ -l app.kubernetes.io/component=certificate
kubectl apply -f k8s/dist/ --prune -l app.kubernetes.io/part-of=$RELEASE_NAME
env:
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
AWS_ACCESS_KEY_ID: ${{ secrets.GH_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.GH_AWS_SECRET_ACCESS_KEY }}
needs:
- publish-backend
- publish-frontend