diff options
| author | 2020-11-14 19:35:38 +0100 | |
|---|---|---|
| committer | 2020-11-14 19:35:38 +0100 | |
| commit | 287aab16f0bbfff5c1e3400ab84a56385ce8800b (patch) | |
| tree | 859abaaa1d7b2b5a53dcef24f877040f2ab5ff2b | |
| parent | Merge pull request #496 from quanta-kt/candy (diff) | |
| parent | Add documentation to GitHub Actions workflow (diff) | |
Merge pull request #514 from python-discord/sebastiaan/backend/move-ci-to-gha
Migrate to GitHub Actions and GHCR
| -rw-r--r-- | .github/workflows/lint-build.yaml | 144 | ||||
| -rw-r--r-- | azure-pipelines.yml | 68 | 
2 files changed, 144 insertions, 68 deletions
| diff --git a/.github/workflows/lint-build.yaml b/.github/workflows/lint-build.yaml new file mode 100644 index 00000000..1fb6be3e --- /dev/null +++ b/.github/workflows/lint-build.yaml @@ -0,0 +1,144 @@ +name: Linting & Building + +on: +  push: +    branches: +      - master +  pull_request_target: + + +jobs: +  lint: +    name: Lint using pre-commit & flake8 +    runs-on: ubuntu-latest +    env: +      # Configure pip to cache dependencies and do a user install +      PIP_NO_CACHE_DIR: false +      PIP_USER: 1 + +      # Hide the graphical elements from pipenv's output +      PIPENV_HIDE_EMOJIS: 1 +      PIPENV_NOSPIN: 1 + +      # Make sure pipenv does not try reuse an environment it's running in +      PIPENV_IGNORE_VIRTUALENVS: 1 + +      # Specify explicit paths for python dependencies and the pre-commit +      # environment so we know which directories to cache +      PYTHONUSERBASE: ${{ github.workspace }}/.cache/py-user-base +      PRE_COMMIT_HOME: ${{ github.workspace }}/.cache/pre-commit-cache + +    steps: +      - name: Add custom PYTHONUSERBASE to PATH +        run: echo '${{ env.PYTHONUSERBASE }}/bin/' >> $GITHUB_PATH + +      # We don't want to persist credentials, as our GitHub Action +      # may be run when a PR is made from a fork. +      - name: Checkout repository +        uses: actions/checkout@v2 +        with: +          persist-credentials: false + +      - name: Setup python +        id: python +        uses: actions/setup-python@v2 +        with: +          python-version: '3.8' + +      # This step caches our Python dependencies. To make sure we +      # only restore a cache when the dependencies, the python version, +      # the runner operating system, and the dependency location haven't +      # changed, we create a cache key that is a composite of those states. +      # +      # Only when the context is exactly the same, we will restore the cache. +      - name: Python Dependency Caching +        uses: actions/cache@v2 +        id: python_cache +        with: +          path: ${{ env.PYTHONUSERBASE }} +          key: "python-0-${{ runner.os }}-${{ env.PYTHONUSERBASE }}-\ +          ${{ steps.python.outputs.python-version }}-\ +          ${{ hashFiles('./Pipfile', './Pipfile.lock') }}" + +      # Install our dependencies if we did not restore a dependency cache +      - name: Install dependencies using pipenv +        if: steps.python_cache.outputs.cache-hit != 'true' +        run: | +          pip install pipenv +          pipenv install --dev --deploy --system + +      # This step caches our pre-commit environment. To make sure we +      # do create a new environment when our pre-commit setup changes, +      # we create a cache key based on relevant factors. +      - name: Pre-commit Environment Caching +        uses: actions/cache@v2 +        with: +          path: ${{ env.PRE_COMMIT_HOME }} +          key: "precommit-0-${{ runner.os }}-${{ env.PRE_COMMIT_HOME }}-\ +          ${{ steps.python.outputs.python-version }}-\ +          ${{ hashFiles('./.pre-commit-config.yaml') }}" + +      # We will not run `flake8` here, as we will use a separate flake8 +      # action. As pre-commit does not support user installs, we set +      # PIP_USER=0 to not do a user install. +      - name: Run pre-commit hooks +        run: export PIP_USER=0; SKIP=flake8 pre-commit run --all-files + +      # This step requires `pull_request_target` as we need "write" permissions +      # to add annotations to the Actions results. A normal `pull_request` trigger +      # does not get those permissions for security reasons. +      - name: Run flake8 +        uses: julianwachholz/flake8-action@v1 +        with: +          checkName: lint +        env: +          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + +  build-and-push: +    name: Build and Push to Container Repositories +    needs: lint +    if: github.event_name != 'pull_request_target' && github.ref == 'refs/heads/master' +    runs-on: ubuntu-latest + +    steps: +      # Create a commit SHA-based tag for the container repositories +      - name: Create SHA Container Tag +        id: sha_tag +        run: | +          tag=$(cut -c 1-7 <<< $GITHUB_SHA) +          echo "::set-output name=tag::$tag" + +      - name: Checkout code +        uses: actions/checkout@v2 + +      - name: Set up Docker Buildx +        uses: docker/setup-buildx-action@v1 + +      - name: Login to DockerHub +        uses: docker/login-action@v1 +        with: +          username: ${{ secrets.DOCKER_USERNAME }} +          password: ${{ secrets.DOCKER_PASSWORD }} + +      - name: Login to Github Container Registry +        uses: docker/login-action@v1 +        with: +          registry: ghcr.io +          username: ${{ github.repository_owner }} +          password: ${{ secrets.GHCR_TOKEN  }} + +      # This step currently pushes to both DockerHub and GHCR to +      # make the migration easier. The DockerHub push will be +      # removed once we've migrated to our K8s cluster. +      - name: Build and push +        uses: docker/build-push-action@v2 +        with: +          context: . +          file: ./Dockerfile +          push: true +          cache-from: type=registry,ref=ghcr.io/python-discord/bot:latest +          tags: | +            ghcr.io/python-discord/seasonalbot:latest +            ghcr.io/python-discord/seasonalbot:${{ steps.sha_tag.outputs.tag }} +            pythondiscord/seasonalbot:latest +            pythondiscord/seasonalbot:${{ steps.sha_tag.outputs.tag }} diff --git a/azure-pipelines.yml b/azure-pipelines.yml deleted file mode 100644 index 687fdc1e..00000000 --- a/azure-pipelines.yml +++ /dev/null @@ -1,68 +0,0 @@ -# https://aka.ms/yaml - -jobs: -  - job: test -    displayName: 'Lint & Test' - -    pool: -      vmImage: 'Ubuntu 18.04' - -    variables: -      PIP_CACHE_DIR: ".cache/pip" -      PIP_SRC: ".cache/src" -      PIPENV_CACHE_DIR: ".cache/pipenv" -      PIPENV_DONT_USE_PYENV: 1 -      PIPENV_HIDE_EMOJIS: 1 -      PIPENV_IGNORE_VIRTUALENVS: 1 -      PIPENV_NOSPIN: 1 -      PRE_COMMIT_HOME: $(Pipeline.Workspace)/pre-commit-cache - -    steps: -      - task: UsePythonVersion@0 -        displayName: 'Set Python version' -        name: PythonVersion -        inputs: -          versionSpec: '3.8.x' -          addToPath: true - -      - script: pip3 install pipenv -        displayName: 'Install pipenv' - -      - script: pipenv install --dev --deploy --system -        displayName: 'Install project using pipenv' - -      # Create an executable shell script which replaces the original pipenv binary. -      # The shell script ignores the first argument and executes the rest of the args as a command. -      # It makes the `pipenv run flake8` command in the pre-commit hook work by circumventing -      # pipenv entirely, which is too dumb to know it should use the system interpreter rather than -      # creating a new venv. -      - script: | -          printf '%s\n%s' '#!/bin/bash' '"${@:2}"' > $(PythonVersion.pythonLocation)/bin/pipenv \ -          && chmod +x $(PythonVersion.pythonLocation)/bin/pipenv -        displayName: 'Mock pipenv binary' - -      - task: Cache@2 -        displayName: 'Restore pre-commit environment' -        inputs: -          key: pre-commit | "$(PythonVersion.pythonLocation)" | .pre-commit-config.yaml -          restoreKeys: | -            pre-commit | "$(PythonVersion.pythonLocation)" -          path: $(PRE_COMMIT_HOME) - -      - script: pre-commit run --all-files -        displayName: 'Run pre-commit hooks' - -  - job: build -    displayName: 'Build & Push Container' -    condition: and(succeeded(), ne(variables['Build.Reason'], 'PullRequest')) -    dependsOn: 'test' - -    steps: -      - task: Docker@2 -        displayName: 'Build & Push Container' -        inputs: -          containerRegistry: 'DockerHub' -          repository: 'pythondiscord/seasonalbot' -          command: 'buildAndPush' -          Dockerfile: '**/Dockerfile' -          tags: 'latest' | 
