Skip to content

Update 'users' unique constraints #510

Update 'users' unique constraints

Update 'users' unique constraints #510

Workflow file for this run

# Continuous integration, including test and integration test
name: CI
# Run in master and dev branches and in all pull requests to those branches, as well as on workflow dispatch for downstream testing
on:
workflow_dispatch:
push:
branches: [ master, dev ]
pull_request:
branches: [ master, dev ]
env:
DOCKER_IMAGE: radarbase/radar-appserver
jobs:
# Build and test the code
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
java-version: 17
distribution: temurin
- uses: gradle/gradle-build-action@v2
# Compile the code
- name: Compile code
run: ./gradlew assemble
# Use 'docker compose' instead of 'docker-compose' to use v2
- name: Setup docker services
run: |
sudo mkdir -p /usr/local/var/lib/radar/appserver/logs/
sudo chown -R $(whoami) /usr/local/var/lib/radar/appserver/logs
docker compose -f src/integrationTest/resources/docker/non_appserver/docker-compose.yml up -d
# Wait for services to start up.
sleep 50
- name: Install gpg secret key
run: |
cat <(echo -e "${{ secrets.GPG_SECRET_KEY }}") | gpg --batch --import
gpg --list-secret-keys --keyid-format LONG
- name: Decrypt google application credentials
run: |
gpg --pinentry-mode loopback --local-user "Yatharth Ranjan" --batch --yes --passphrase "${{ secrets.GPG_SECRET_KEY_PASSPHRASE }}" --output src/integrationTest/resources/google-credentials.json --decrypt src/integrationTest/resources/google-credentials.enc.gpg
# Gradle check
- name: Check
run: GOOGLE_APPLICATION_CREDENTIALS=$(pwd)/src/integrationTest/resources/google-credentials.json ./gradlew check
- name: Upload build artifacts
if: always()
uses: actions/upload-artifact@v3
with:
path: build/reports
if-no-files-found: ignore
retention-days: 5
# Build and test the code against the :dev docker image of parent repositories
test-downstream:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# only run this on 'ready for review' PRs or when triggered by an upstream job
if: github.event.pull_request.draft == false || github.event_name == 'workflow_dispatch'
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
java-version: 17
distribution: temurin
# Use 'docker compose' instead of 'docker-compose' to use v2
- name: Setup docker services (:dev)
run: |
sudo mkdir -p /usr/local/var/lib/radar/appserver/logs/
sudo chown -R $(whoami) /usr/local/var/lib/radar/appserver/logs
# call docker compose without args to include the override file
cd src/integrationTest/resources/docker/appserver_downstream
docker compose up -d
# Wait for services to start up.
sleep 50
- name: Install gpg secret key
run: |
cat <(echo -e "${{ secrets.GPG_SECRET_KEY }}") | gpg --batch --import
gpg --list-secret-keys --keyid-format LONG
- name: Decrypt google application credentials
run: |
gpg --pinentry-mode loopback --local-user "Yatharth Ranjan" --batch --yes --passphrase "${{ secrets.GPG_SECRET_KEY_PASSPHRASE }}" --output src/integrationTest/resources/google-credentials.json --decrypt src/integrationTest/resources/google-credentials.enc.gpg
# Gradle check
- name: Check
run: GOOGLE_APPLICATION_CREDENTIALS=$(pwd)/src/integrationTest/resources/google-credentials.json ./gradlew check
# Check that the docker image builds correctly
docker:
# The type of runner that the job will run on
runs-on: ubuntu-latest
if: github.event_name != 'workflow_dispatch'
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
# Add Docker labels and tags
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v4
with:
images: ${{ env.DOCKER_IMAGE }}
# Setup docker build environment
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Cache Docker layers
id: cache-buildx
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ hashFiles('Dockerfile', '**/*.gradle.kts', 'gradle.properties', 'src/main/**') }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Cache parameters
id: cache-parameters
run: |
if [ "${{ steps.cache-buildx.outputs.cache-hit }}" = "true" ]; then
echo "::set-output name=cache-to::"
else
echo "::set-output name=cache-to::type=local,dest=/tmp/.buildx-cache-new,mode=max"
fi
- name: Build docker
uses: docker/build-push-action@v3
with:
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: ${{ steps.cache-parameters.outputs.cache-to }}
load: true
tags: ${{ steps.docker_meta.outputs.tags }}
# Use runtime labels from docker_meta as well as fixed labels
labels: |
${{ steps.docker_meta.outputs.labels }}
maintainer=Yatharth Ranjan <yatharth.ranjan@kcl.ac.uk>, Pauline Conde <pauline.conde@kcl.ac.uk>
org.opencontainers.image.authors=Yatharth Ranjan <yatharth.ranjan@kcl.ac.uk>, Pauline Conde <pauline.conde@kcl.ac.uk>
org.opencontainers.image.vendor=RADAR-base
org.opencontainers.image.licenses=Apache-2.0
- name: Inspect docker image
run: docker image inspect ${{ env.DOCKER_IMAGE }}:${{ steps.docker_meta.outputs.version }}
# Push the image on the dev and master branches
- name: Push image
if: ${{ github.event_name != 'pull_request' }}
run: docker push ${{ env.DOCKER_IMAGE }}:${{ steps.docker_meta.outputs.version }}
# Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
- name: Move docker build cache
if: steps.cache-buildx.outputs.cache-hit != 'true'
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache