name: passbook-ci on: - push env: POSTGRES_DB: passbook POSTGRES_USER: passbook POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77" jobs: # Linting pylint: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - uses: actions/cache@v1 with: path: ~/.local/share/virtualenvs/ key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }} restore-keys: | ${{ runner.os }}-pipenv- - name: Install dependencies run: pip install wheel && pip install -U pipenv && pipenv install --dev - name: Lint with pylint run: pipenv run pylint passbook black: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - uses: actions/cache@v1 with: path: ~/.local/share/virtualenvs/ key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }} restore-keys: | ${{ runner.os }}-pipenv- - name: Install dependencies run: pip install wheel && pip install -U pipenv && pipenv install --dev - name: Lint with black run: pipenv run black --check passbook prospector: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - uses: actions/cache@v1 with: path: ~/.local/share/virtualenvs/ key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }} restore-keys: | ${{ runner.os }}-pipenv- - name: Install dependencies run: pip install wheel && pip install -U pipenv && pipenv install --dev && pipenv install --dev prospector --skip-lock - name: Lint with prospector run: pipenv run prospector bandit: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - uses: actions/cache@v1 with: path: ~/.local/share/virtualenvs/ key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }} restore-keys: | ${{ runner.os }}-pipenv- - name: Install dependencies run: pip install wheel && pip install -U pipenv && pipenv install --dev - name: Lint with bandit run: pipenv run bandit -r passbook # Actual CI tests migrations: needs: - pylint - black - prospector services: postgres: image: postgres:latest env: POSTGRES_DB: passbook POSTGRES_USER: passbook POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77" ports: - 5432:5432 redis: image: redis:latest ports: - 6379:6379 runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - uses: actions/cache@v1 with: path: ~/.local/share/virtualenvs/ key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }} restore-keys: | ${{ runner.os }}-pipenv- - name: Install dependencies run: pip install wheel && pip install -U pipenv && pipenv install --dev - name: Run migrations run: pipenv run ./manage.py migrate coverage: needs: - pylint - black - prospector services: postgres: image: postgres:latest env: POSTGRES_DB: passbook POSTGRES_USER: passbook POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77" ports: - 5432:5432 redis: image: redis:latest ports: - 6379:6379 runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - uses: actions/cache@v1 with: path: ~/.local/share/virtualenvs/ key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }} restore-keys: | ${{ runner.os }}-pipenv- - name: Install dependencies run: pip install wheel && pip install -U pipenv && pipenv install --dev - name: Run coverage run: pipenv run ./scripts/coverage.sh # Build build-server: needs: - migrations - coverage runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - name: Docker Login Registry env: DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD - name: Building Docker Image run: docker build --no-cache -t beryju/passbook:${GITHUB_REF##*/} -f Dockerfile . - name: Push Docker Container to Registry run: docker push beryju/passbook:${GITHUB_REF##*/} build-gatekeeper: needs: - migrations - coverage runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - name: Docker Login Registry env: DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD - name: Building Docker Image run: | cd gatekeeper docker build \ --no-cache \ -t beryju/passbook-gatekeeper:${GITHUB_REF##*/} \ -f Dockerfile . - name: Push Docker Container to Registry run: docker push beryju/passbook-gatekeeper:${GITHUB_REF##*/} build-static: needs: - migrations - coverage runs-on: ubuntu-latest services: postgres: image: postgres:latest env: POSTGRES_DB: passbook POSTGRES_USER: passbook POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77" redis: image: redis:latest steps: - uses: actions/checkout@v1 - name: Docker Login Registry env: DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD - name: Building Docker Image run: docker build --no-cache --network=$(docker network ls | grep github | awk '{print $1}') -t beryju/passbook-static:${GITHUB_REF##*/} -f static.Dockerfile . - name: Push Docker Container to Registry run: docker push beryju/passbook-static:${GITHUB_REF##*/}