diff options
| -rw-r--r-- | .github/workflows/build-deploy.yaml | 77 | ||||
| -rw-r--r-- | .github/workflows/lint-build-deploy.yaml | 139 | ||||
| -rw-r--r-- | .github/workflows/lint.yaml | 58 | ||||
| -rw-r--r-- | .github/workflows/status_embed.yaml | 1 |
4 files changed, 135 insertions, 140 deletions
diff --git a/.github/workflows/build-deploy.yaml b/.github/workflows/build-deploy.yaml new file mode 100644 index 0000000..88189b2 --- /dev/null +++ b/.github/workflows/build-deploy.yaml @@ -0,0 +1,77 @@ +name: Build & Deploy + +on: + workflow_call: + inputs: + sha-tag: + description: "A short-form SHA tag for the commit that triggered this workflow" + required: true + type: string + +jobs: + build: + name: Build & Push + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + # The current version (v2) of Docker's build-push action uses + # buildx, which comes with BuildKit features that help us speed + # up our builds using additional cache features. Buildx also + # has a lot of other features that are not as relevant to us. + # + # See https://github.com/docker/build-push-action + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Github Container Registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + # Build and push the container to the GitHub Container + # Repository. The container will be tagged as "latest" + # and with the short SHA of the commit. + - name: Build and push + uses: docker/build-push-action@v4 + with: + context: . + file: ./Dockerfile + push: true + cache-from: type=registry,ref=ghcr.io/python-discord/king-arthur:latest + cache-to: type=inline + tags: | + ghcr.io/python-discord/king-arthur:latest + ghcr.io/python-discord/king-arthur:${{ inputs.sha-tag }} + build-args: git_sha=${{ github.sha }} + + deploy: + environment: production + name: Deploy + runs-on: ubuntu-latest + needs: build + + steps: + + - name: Checkout code + uses: actions/checkout@v3 + with: + repository: python-discord/kubernetes + + - name: Authenticate with Kubernetes + uses: azure/k8s-set-context@v3 + with: + method: kubeconfig + kubeconfig: ${{ secrets.KUBECONFIG }} + + - name: Deploy to Kubernetes + uses: Azure/k8s-deploy@v1 + with: + manifests: | + namespaces/default/king-arthur/deployment.yaml + images: 'ghcr.io/python-discord/king-arthur:${{ inputs.sha-tag }}' + kubectl-version: 'latest' diff --git a/.github/workflows/lint-build-deploy.yaml b/.github/workflows/lint-build-deploy.yaml deleted file mode 100644 index ba79ca1..0000000 --- a/.github/workflows/lint-build-deploy.yaml +++ /dev/null @@ -1,139 +0,0 @@ -name: Lint, Build & Deploy - -on: - push: - branches: - - main - pull_request: - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -jobs: - lint: - name: Lint - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - - name: Install Python Dependencies - uses: HassanAbouelela/actions/setup-python@setup-python_v1.4.0 - with: - python_version: '3.10' - - - name: Run pre-commit hooks - run: SKIP=ruff pre-commit run --all-files - - # Run `ruff` using github formatting to enable automatic inline annotations. - - name: Run ruff - run: "ruff check --format=github ." - - build: - if: github.ref == 'refs/heads/main' - name: Build & Push - runs-on: ubuntu-latest - - steps: - # Create a commit SHA-based tag for the container repositories - - name: Create SHA Container Tag - id: sha_tag - run: | - tag=$(cut -c 1-7 <<< $GITHUB_SHA) - echo "::set-output name=tag::$tag" - - name: Checkout code - uses: actions/checkout@v2 - - # The current version (v2) of Docker's build-push action uses - # buildx, which comes with BuildKit features that help us speed - # up our builds using additional cache features. Buildx also - # has a lot of other features that are not as relevant to us. - # - # See https://github.com/docker/build-push-action - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - - name: Login to Github Container Registry - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - # Build and push the container to the GitHub Container - # Repository. The container will be tagged as "latest" - # and with the short SHA of the commit. - - name: Build and push - uses: docker/build-push-action@v2 - with: - context: . - file: ./Dockerfile - push: true - cache-from: type=registry,ref=ghcr.io/python-discord/king-arthur:latest - cache-to: type=inline - tags: | - ghcr.io/python-discord/king-arthur:latest - ghcr.io/python-discord/king-arthur:${{ steps.sha_tag.outputs.tag }} - build-args: | - git_sha=${{ github.sha }} - - deploy: - environment: production - name: Deploy - runs-on: ubuntu-latest - needs: [lint, build] - - steps: - - name: Create SHA Container Tag - id: sha_tag - run: | - tag=$(cut -c 1-7 <<< $GITHUB_SHA) - echo "::set-output name=tag::$tag" - - - name: Checkout code - uses: actions/checkout@v2 - with: - repository: python-discord/kubernetes - - - name: Authenticate with Kubernetes - uses: azure/k8s-set-context@v1 - with: - method: kubeconfig - kubeconfig: ${{ secrets.KUBECONFIG }} - - - name: Deploy to Kubernetes - uses: Azure/k8s-deploy@v1 - with: - manifests: | - namespaces/default/king-arthur/deployment.yaml - images: 'ghcr.io/python-discord/king-arthur:${{ steps.sha_tag.outputs.tag }}' - kubectl-version: 'latest' - - artifact: - name: Generate Artifact - if: always() && github.event_name == 'pull_request' - needs: [lint, build, deploy] - runs-on: ubuntu-latest - steps: - # Prepare the Pull Request Payload artifact. If this fails, we - # we fail silently using the `continue-on-error` option. It's - # nice if this succeeds, but if it fails for any reason, it - # does not mean that our lint-test checks failed. - - name: Prepare Pull Request Payload artifact - id: prepare-artifact - if: always() && github.event_name == 'pull_request' - continue-on-error: true - run: cat $GITHUB_EVENT_PATH | jq '.pull_request' > pull_request_payload.json - - # This only makes sense if the previous step succeeded. To - # get the original outcome of the previous step before the - # `continue-on-error` conclusion is applied, we use the - # `.outcome` value. This step also fails silently. - - name: Upload a Build Artifact - if: always() && steps.prepare-artifact.outcome == 'success' - continue-on-error: true - uses: actions/upload-artifact@v2 - with: - name: pull-request-payload - path: pull_request_payload.json diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml new file mode 100644 index 0000000..b5e7fd7 --- /dev/null +++ b/.github/workflows/lint.yaml @@ -0,0 +1,58 @@ +name: Lint + +on: + workflow_call + +jobs: + lint: + name: Lint + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Install Python Dependencies + uses: HassanAbouelela/actions/setup-python@setup-python_v1.4.0 + with: + python_version: '3.10' + + # Run flake8 and have it format the linting errors in the format of + # the GitHub Workflow command to register error annotations. This + # means that our flake8 output is automatically added as an error + # annotation to both the run result and in the "Files" tab of a + # pull request. + # + # Format used: + # ::error file={filename},line={line},col={col}::{message} + - name: Run flake8 + run: "flake8 \ + --format='::error file=%(path)s,line=%(row)d,col=%(col)d::\ + [flake8] %(code)s: %(text)s'" + + artifact: + name: Generate & Upload Pull request Artifacts + if: always() && github.event_name == 'pull_request' + needs: lint + runs-on: ubuntu-latest + steps: + # Prepare the Pull Request Payload artifact. If this fails, we + # we fail silently using the `continue-on-error` option. It's + # nice if this succeeds, but if it fails for any reason, it + # does not mean that our lint-test checks failed. + - name: Prepare Pull Request Payload artifact + id: prepare-artifact + if: always() && github.event_name == 'pull_request' + continue-on-error: true + run: cat $GITHUB_EVENT_PATH | jq '.pull_request' > pull_request_payload.json + + # This only makes sense if the previous step succeeded. To + # get the original outcome of the previous step before the + # `continue-on-error` conclusion is applied, we use the + # `.outcome` value. This step also fails silently. + - name: Upload a Build Artifact + if: always() && steps.prepare-artifact.outcome == 'success' + continue-on-error: true + uses: actions/upload-artifact@v3 + with: + name: pull-request-payload + path: pull_request_payload.json diff --git a/.github/workflows/status_embed.yaml b/.github/workflows/status_embed.yaml index 604eb08..3669329 100644 --- a/.github/workflows/status_embed.yaml +++ b/.github/workflows/status_embed.yaml @@ -13,7 +13,6 @@ jobs: status_embed: name: Send Status Embed to Discord runs-on: ubuntu-latest - steps: # A workflow_run event does not contain all the information # we need for a PR embed. That's why we upload an artifact |