authentik/.github/workflows/ci.yml

200 lines
6.1 KiB
YAML
Raw Normal View History

name: passbook-ci
2019-12-30 09:25:35 +00:00
on:
- push
env:
POSTGRES_DB: passbook
POSTGRES_USER: passbook
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
jobs:
# Linting
pylint:
runs-on: ubuntu-latest
2019-12-30 09:25:35 +00:00
steps:
- uses: actions/checkout@v1
- uses: actions/cache@v1
with:
path: ~/.local/share/virtualenvs/
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
restore-keys: |
${{ runner.os }}-pipenv-
- name: Install dependencies
2020-03-04 20:11:26 +00:00
run: pip install wheel && pip install -U pipenv && pipenv install --dev
2019-12-30 09:25:35 +00:00
- name: Lint with pylint
run: pipenv run pylint passbook
2019-12-31 11:51:16 +00:00
black:
runs-on: ubuntu-latest
2019-12-30 09:25:35 +00:00
steps:
- uses: actions/checkout@v1
- uses: actions/cache@v1
with:
path: ~/.local/share/virtualenvs/
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
restore-keys: |
${{ runner.os }}-pipenv-
- name: Install dependencies
2020-03-04 20:11:26 +00:00
run: pip install wheel && pip install -U pipenv && pipenv install --dev
2019-12-31 11:51:16 +00:00
- name: Lint with black
run: pipenv run black --check passbook
2019-12-30 09:25:35 +00:00
prospector:
runs-on: ubuntu-latest
2019-12-30 09:25:35 +00:00
steps:
- uses: actions/checkout@v1
- uses: actions/cache@v1
with:
path: ~/.local/share/virtualenvs/
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
restore-keys: |
${{ runner.os }}-pipenv-
- name: Install dependencies
2020-03-04 20:11:26 +00:00
run: pip install wheel && pip install -U pipenv && pipenv install --dev && pipenv install --dev prospector --skip-lock
2019-12-30 09:25:35 +00:00
- name: Lint with prospector
run: pipenv run prospector
bandit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: actions/cache@v1
with:
path: ~/.local/share/virtualenvs/
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
restore-keys: |
${{ runner.os }}-pipenv-
- name: Install dependencies
2020-03-04 20:11:26 +00:00
run: pip install wheel && pip install -U pipenv && pipenv install --dev
- name: Lint with bandit
run: pipenv run bandit -r passbook
2019-12-30 09:25:35 +00:00
# Actual CI tests
migrations:
needs:
- pylint
2019-12-31 11:52:15 +00:00
- black
2019-12-30 09:25:35 +00:00
- prospector
services:
postgres:
image: postgres:latest
env:
POSTGRES_DB: passbook
POSTGRES_USER: passbook
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
ports:
- 5432:5432
redis:
image: redis:latest
ports:
- 6379:6379
runs-on: ubuntu-latest
2019-12-30 09:25:35 +00:00
steps:
- uses: actions/checkout@v1
- uses: actions/cache@v1
with:
path: ~/.local/share/virtualenvs/
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
restore-keys: |
${{ runner.os }}-pipenv-
- name: Install dependencies
2020-03-04 20:11:26 +00:00
run: pip install wheel && pip install -U pipenv && pipenv install --dev
2019-12-30 09:25:35 +00:00
- name: Run migrations
run: pipenv run ./manage.py migrate
coverage:
needs:
- pylint
2019-12-31 11:52:15 +00:00
- black
2019-12-30 09:25:35 +00:00
- prospector
services:
postgres:
image: postgres:latest
env:
POSTGRES_DB: passbook
POSTGRES_USER: passbook
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
ports:
- 5432:5432
redis:
image: redis:latest
ports:
- 6379:6379
runs-on: ubuntu-latest
2019-12-30 09:25:35 +00:00
steps:
- uses: actions/checkout@v1
- uses: actions/cache@v1
with:
path: ~/.local/share/virtualenvs/
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
restore-keys: |
${{ runner.os }}-pipenv-
- name: Install dependencies
2020-03-04 20:11:26 +00:00
run: pip install wheel && pip install -U pipenv && pipenv install --dev
2019-12-30 09:25:35 +00:00
- name: Run coverage
run: pipenv run ./scripts/coverage.sh
2020-02-23 12:54:19 +00:00
# Build
build-server:
needs:
- migrations
- coverage
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Docker Login Registry
env:
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
- name: Building Docker Image
run: docker build
--no-cache
-t beryju/passbook:${GITHUB_REF##*/}
-f Dockerfile .
- name: Push Docker Container to Registry
run: docker push beryju/passbook:${GITHUB_REF##*/}
build-gatekeeper:
needs:
- migrations
- coverage
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Docker Login Registry
env:
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
- name: Building Docker Image
run: |
cd gatekeeper
docker build \
--no-cache \
-t beryju/passbook-gatekeeper:${GITHUB_REF##*/} \
-f Dockerfile .
- name: Push Docker Container to Registry
run: docker push beryju/passbook-gatekeeper:${GITHUB_REF##*/}
build-static:
needs:
- migrations
- coverage
runs-on: ubuntu-latest
services:
postgres:
image: postgres:latest
env:
POSTGRES_DB: passbook
POSTGRES_USER: passbook
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
redis:
image: redis:latest
steps:
- uses: actions/checkout@v1
- name: Docker Login Registry
env:
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
- name: Building Docker Image
run: docker build
--no-cache
--network=$(docker network ls | grep github | awk '{print $1}')
-t beryju/passbook-static:${GITHUB_REF##*/}
-f static.Dockerfile .
- name: Push Docker Container to Registry
run: docker push beryju/passbook-static:${GITHUB_REF##*/}