filters refactor (#614) #244

Workflow file for this run

.github/workflows/release.yml at e810f00

	name: Release

	on:
	push:
	branches:
	- master
	paths:
	- ".github/workflows/release.yml"
	- "grai-server/**"
	- "grai-frontend/**"

	env:
	py_ver: "3.11"
	poetry_ver: "1.3.1"
	SECRET_KEY: "fixed-test-key-that-doesnt-matter"

	jobs:
	get-poetry-version:
	runs-on: ubuntu-latest

	outputs:
	poetry-version: ${{ steps.poetry-version.outputs.poetry-version }}
	tag-exists: ${{ steps.check-tag.outputs.exists }}

	defaults:
	run:
	working-directory: ./grai-server/app

	steps:
	- uses: actions/checkout@v3

	- uses: actions/setup-python@v4
	with:
	python-version: "${{ env.py_ver }}"

	- name: Install poetry
	run: pip install poetry==${{ env.poetry_ver }}

	- name: Get poetry version
	id: poetry-version
	run: \|
	echo "poetry-version=v$(poetry version --short)" >> $GITHUB_OUTPUT

	- uses: mukunku/tag-exists-action@v1.2.0
	id: check-tag
	with:
	tag: ${{ steps.poetry-version.outputs.poetry-version }}

	lint-server:
	runs-on: ubuntu-latest

	steps:
	- name: Check out Git repository
	uses: actions/checkout@v3

	- name: Install Python
	id: setup-python
	uses: actions/setup-python@v4
	with:
	python-version: "${{ env.py_ver }}"

	- run: pip install black isort

	- working-directory: "grai-server/app"
	run: \|
	black . --check --exclude /migrations/
	# isort . --profile black --check

	tests-server:
	runs-on: ubuntu-latest

	needs: lint-server

	defaults:
	run:
	working-directory: ./grai-server/app

	services:
	postgres:
	image: postgres:latest
	env:
	POSTGRES_USER: grai
	POSTGRES_PASSWORD: grai
	POSTGRES_DB: grai
	ports:
	- 5432:5432
	# needed because the postgres container does not provide a healthcheck
	options: --health-cmd pg_isready --health-interval 2s --health-timeout 5s --health-retries 15
	redis:
	image: redis/redis-stack-server:6.2.6-v9
	ports:
	- 6379:6379

	steps:
	- uses: actions/checkout@v3

	- uses: actions/setup-python@v4
	with:
	python-version: "${{ env.py_ver }}"

	- name: Install package
	run: \|
	pip install coverage

	- uses: abatilo/actions-poetry@v2
	with:
	poetry-version: "${{ env.poetry_ver }}"

	- run: poetry install

	- name: Tests
	env:
	DEBUG: False
	DB_HOST: "127.0.0.1"
	DB_PORT: "5432"
	DB_USER: grai
	DB_NAME: grai
	DB_PASSWORD: grai
	GITHUB_PRIVATE_KEY: installations/tests/sample.private-key.pem
	run: \|
	poetry run python manage.py migrate --noinput
	poetry run coverage run -m pytest
	poetry run coverage xml

	- name: Upload Coverage to Codecov
	uses: codecov/codecov-action@v3
	with:
	flags: grai-server
	token: ${{ secrets.CODECOV_TOKEN }}

	build-server-release:
	if: ${{needs.get-poetry-version.outputs.tag-exists == 'false' }}

	runs-on: ubuntu-latest

	needs: [get-poetry-version, lint-server, tests-server]

	permissions:
	contents: write

	outputs:
	image-digest-server: ${{ steps.docker-build-server.outputs.digest }}
	image-digest-worker: ${{ steps.docker-build-worker.outputs.digest }}
	image-digest-beat-worker: ${{ steps.docker-build-beat-worker.outputs.digest }}
	defaults:
	run:
	working-directory: grai-server/app

	steps:
	- uses: actions/checkout@v3

	- uses: ncipollo/release-action@v1
	with:
	tag: ${{ needs.get-poetry-version.outputs.poetry-version }}
	commit: ${{ github.sha }}
	generateReleaseNotes: true
	makeLatest: true

	- name: Log in to the Container registry
	uses: docker/login-action@v2
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GH_TOKEN }}

	- name: Extract metadata (tags, labels) for Docker
	id: meta-server
	uses: docker/metadata-action@v4
	with:
	images: ghcr.io/${{ github.repository }}/grai-server
	tags: \|
	type=raw,value=cloud,priority=100
	type=raw,value=latest,priority=100
	type=raw,value=${{ needs.get-poetry-version.outputs.poetry-version }},priority=100

	- name: Extract metadata (tags, labels) for Docker
	id: meta-worker
	uses: docker/metadata-action@v4
	with:
	images: ghcr.io/${{ github.repository }}/grai-worker
	tags: \|
	type=raw,value=cloud,priority=100
	type=raw,value=latest,priority=100
	type=raw,value=${{ needs.get-poetry-version.outputs.poetry-version }},priority=100

	- name: Extract metadata (tags, labels) for Docker
	id: meta-beat-worker
	uses: docker/metadata-action@v4
	with:
	images: ghcr.io/${{ github.repository }}/grai-beat-worker
	tags: \|
	type=raw,value=cloud,priority=100
	type=raw,value=latest,priority=100
	type=raw,value=${{ needs.get-poetry-version.outputs.poetry-version }},priority=100

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@master

	- name: Build
	id: docker-build-server
	uses: docker/build-push-action@v4
	with:
	context: grai-server/app
	target: grai-server
	push: true
	tags: ${{ steps.meta-server.outputs.tags }}
	labels: ${{ steps.meta-server.outputs.labels }}
	platforms: linux/amd64,linux/arm64
	cache-from: type=gha
	cache-to: type=gha,mode=max

	- name: Build
	id: docker-build-worker
	uses: docker/build-push-action@v4
	with:
	context: grai-server/app
	target: grai-worker
	push: true
	tags: ${{ steps.meta-worker.outputs.tags }}
	labels: ${{ steps.meta-worker.outputs.labels }}
	platforms: linux/amd64,linux/arm64
	cache-from: type=gha
	cache-to: type=gha,mode=max

	- name: Build
	id: docker-build-beat-worker
	uses: docker/build-push-action@v4
	with:
	context: grai-server/app
	target: grai-beat-worker
	push: true
	tags: ${{ steps.meta-beat-worker.outputs.tags }}
	labels: ${{ steps.meta-beat-worker.outputs.labels }}
	platforms: linux/amd64,linux/arm64
	cache-from: type=gha
	cache-to: type=gha,mode=max

	build-server-cloud:
	if: ${{needs.get-poetry-version.outputs.tag-exists == 'true' }}

	runs-on: ubuntu-latest

	needs: [get-poetry-version, lint-server, tests-server]

	permissions:
	contents: write

	outputs:
	image-digest-server: ${{ steps.docker-build-cloud-server.outputs.digest }}
	image-digest-worker: ${{ steps.docker-build-cloud-worker.outputs.digest }}
	image-digest-beat-worker: ${{ steps.docker-build-cloud-beat-worker.outputs.digest }}

	defaults:
	run:
	working-directory: grai-server/app

	steps:
	- uses: actions/checkout@v3

	- name: Log in to the Container registry
	uses: docker/login-action@v2
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GH_TOKEN }}

	- name: Extract metadata (tags, labels) for Docker
	id: meta-cloud-server
	uses: docker/metadata-action@v4
	with:
	images: ghcr.io/${{ github.repository }}/grai-server
	tags: \|
	type=raw,value=cloud,priority=100

	- name: Extract metadata (tags, labels) for Docker
	id: meta-cloud-worker
	uses: docker/metadata-action@v4
	with:
	images: ghcr.io/${{ github.repository }}/grai-worker
	tags: \|
	type=raw,value=cloud,priority=100

	- name: Extract metadata (tags, labels) for Docker
	id: meta-cloud-beat-worker
	uses: docker/metadata-action@v4
	with:
	images: ghcr.io/${{ github.repository }}/grai-beat-worker
	tags: \|
	type=raw,value=cloud,priority=100

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@master

	- name: Build Cloud Server
	id: docker-build-cloud-server
	uses: docker/build-push-action@v4
	with:
	context: grai-server/app
	target: grai-server
	push: true
	tags: ${{ steps.meta-cloud-server.outputs.tags }}
	labels: ${{ steps.meta-cloud-server.outputs.labels }}
	cache-from: type=gha
	cache-to: type=gha,mode=max

	- name: Build Cloud Worker
	id: docker-build-cloud-worker
	uses: docker/build-push-action@v4
	with:
	context: grai-server/app
	target: grai-worker
	push: true
	tags: ${{ steps.meta-cloud-worker.outputs.tags }}
	labels: ${{ steps.meta-cloud-worker.outputs.labels }}
	cache-from: type=gha
	cache-to: type=gha,mode=max

	- name: Build Cloud Beat Worker
	id: docker-build-cloud-beat-worker
	uses: docker/build-push-action@v4
	with:
	context: grai-server/app
	target: grai-beat-worker
	push: true
	tags: ${{ steps.meta-cloud-beat-worker.outputs.tags }}
	labels: ${{ steps.meta-cloud-beat-worker.outputs.labels }}
	cache-from: type=gha
	cache-to: type=gha,mode=max

	deploy-server:
	runs-on: ubuntu-latest

	needs: [build-frontend, build-server-cloud, build-server-release]

	if: ${{ always() && needs.build-frontend.result == 'success' && (needs.build-server-cloud.result == 'success' \|\| needs.build-server-release.result == 'success') }}

	steps:
	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v1-node16
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: ${{ secrets.AWS_REGION }}

	- name: Deploy to Kubernetes cluster - api
	uses: ianbelcher/eks-kubectl-action@master
	with:
	cluster_name: ${{ secrets.CLUSTER_NAME }}
	args: set image deployment/api-prod api=ghcr.io/${{ github.repository }}/grai-server@${{ needs.build-server-release.outputs.image-digest-server \|\| needs.build-server-cloud.outputs.image-digest-server }}

	- name: Deploy to Kubernetes cluster - celery
	uses: ianbelcher/eks-kubectl-action@master
	with:
	cluster_name: ${{ secrets.CLUSTER_NAME }}
	args: set image deployment/celery-worker-prod celery-worker=ghcr.io/${{ github.repository }}/grai-worker@${{ needs.build-server-release.outputs.image-digest-worker \|\| needs.build-server-cloud.outputs.image-digest-worker }}

	- name: Deploy to Kubernetes cluster - celery beat
	uses: ianbelcher/eks-kubectl-action@master
	with:
	cluster_name: ${{ secrets.CLUSTER_NAME }}
	args: set image deployment/celery-beat-worker-prod celery-beat-worker=ghcr.io/${{ github.repository }}/grai-beat-worker@${{ needs.build-server-release.outputs.image-digest-beat-worker \|\| needs.build-server-cloud.outputs.image-digest-beat-worker }}

	- name: Verify deployment
	uses: ianbelcher/eks-kubectl-action@master
	with:
	cluster_name: ${{ secrets.CLUSTER_NAME }}
	args: rollout status deployment/api-prod

	tests-frontend:
	runs-on: ubuntu-latest

	defaults:
	run:
	working-directory: grai-frontend

	env:
	REACT_APP_ALGOLIA_APP_ID: test

	steps:
	- uses: actions/checkout@master
	- name: Use latest Node.js
	uses: actions/setup-node@v3
	- name: Install dependencies
	run: npm ci
	- name: Run lint
	run: npm run lint
	- name: Run npm tests
	run: npm test -- --coverage
	- name: Upload coverage to Codecov
	uses: codecov/codecov-action@v3
	with:
	flags: grai-frontend
	token: ${{ secrets.CODECOV_TOKEN }}

	build-frontend:
	runs-on: ubuntu-latest

	needs: tests-frontend

	env:
	REACT_APP_SERVER_URL: ${{ secrets.REACT_APP_SERVER_URL }}
	REACT_APP_POSTHOG_API_KEY: ${{ secrets.REACT_APP_POSTHOG_API_KEY }}
	REACT_APP_POSTHOG_HOST: https://ph.grai.io
	REACT_APP_ALGOLIA_APP_ID: ${{ secrets.REACT_APP_ALGOLIA_APP_ID }}
	REACT_APP_SENTRY_DSN: ${{ secrets.REACT_APP_SENTRY_DSN }}

	defaults:
	run:
	working-directory: grai-frontend

	steps:
	- uses: actions/checkout@master
	- name: Use latest Node.js
	uses: actions/setup-node@v3
	- name: Install dependencies
	run: npm ci
	- name: Build
	run: npm run build
	- name: Setup environment variables
	run: ./env.sh
	- uses: actions/upload-artifact@master
	with:
	name: frontend-build
	path: "./grai-frontend/build"
	- name: Run bundlewatch
	run: npm run bundlewatch
	env:
	BUNDLEWATCH_GITHUB_TOKEN: ${{ secrets.BUNDLEWATCH_GITHUB_TOKEN }}

	deploy-frontend:
	runs-on: ubuntu-latest

	needs: [build-frontend, build-server-cloud, build-server-release]

	if: ${{ always() && needs.build-frontend.result == 'success' && (needs.build-server-cloud.result == 'success' \|\| needs.build-server-release.result == 'success') }}

	defaults:
	run:
	working-directory: grai-frontend

	steps:
	- uses: actions/download-artifact@master
	with:
	name: frontend-build
	path: "./grai-frontend/build"

	- name: Copy to s3
	uses: prewk/s3-cp-action@v2
	with:
	aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	source: "./grai-frontend/build"
	dest: s3://${{ secrets.APP_BUCKET }}
	flags: --recursive

	- name: Invalidate CloudFront
	uses: chetan/invalidate-cloudfront-action@v2
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	DISTRIBUTION: ${{ secrets.AWS_CF_DISTRIBUTION }}
	PATHS: "/*"
	AWS_REGION: "us-east-1"

	package-frontend:
	runs-on: ubuntu-latest

	needs: [get-poetry-version, tests-frontend]

	if: ${{needs.get-poetry-version.outputs.tag-exists == 'false' }}

	permissions:
	contents: write

	defaults:
	run:
	working-directory: grai-frontend

	steps:
	- uses: actions/checkout@v3

	- name: Log in to the Container registry
	uses: docker/login-action@v2
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GH_TOKEN }}

	- name: Extract metadata (tags, labels) for Docker
	id: meta
	uses: docker/metadata-action@v4
	with:
	images: ghcr.io/${{ github.repository }}/grai-frontend
	tags: \|
	type=raw,value=latest,priority=100
	type=raw,value=${{ needs.get-poetry-version.outputs.poetry-version }},priority=100

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@master

	- name: Build
	id: docker-build
	uses: docker/build-push-action@v4
	with:
	context: grai-frontend
	push: true
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}
	platforms: linux/amd64,linux/arm64
	cache-from: type=gha
	cache-to: type=gha,mode=max

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

filters refactor (#614) #244

Workflow file

filters refactor (#614) #244

Jobs

Run details

Workflow file for this run