-
Notifications
You must be signed in to change notification settings - Fork 1
231 lines (219 loc) · 6.83 KB
/
wipac_cicd.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
name: wipac ci/cd
on:
push:
branches:
- '**'
tags-ignore:
- '**'
jobs:
keycloak-image-build:
runs-on: ubuntu-latest
outputs:
keycloak-tag: ${{ steps.docker_meta.outputs.tags }}
steps:
- uses: actions/checkout@v3
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v4
with:
images: |
ghcr.io/WIPACRepo/keycloak-rest-services
tags: |
type=ref,prefix=test-keycloak-,event=branch
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push Docker Image
uses: docker/build-push-action@v4
with:
context: .
file: resources/keycloak-image/Dockerfile
push: true
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}
ldap-image-build:
runs-on: ubuntu-latest
outputs:
ldap-tag: ${{ steps.docker_meta.outputs.tags }}
steps:
- uses: actions/checkout@v3
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v4
with:
images: |
ghcr.io/WIPACRepo/keycloak-rest-services
tags: |
type=ref,prefix=test-ldap-,event=branch
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push Docker Image
uses: docker/build-push-action@v4
with:
context: .
file: resources/ldap-image/Dockerfile
push: true
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}
flake8:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: '3.x'
- uses: WIPACrepo/[email protected]
py-setup:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v3
with:
token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
- uses: WIPACrepo/[email protected]
py-dependencies:
runs-on: ubuntu-latest
needs: [py-setup]
steps:
- name: checkout
uses: actions/checkout@v3
with:
token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
- uses: WIPACrepo/[email protected]
py-versions:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.versions.outputs.matrix }}
steps:
- uses: actions/checkout@v3
- id: versions
uses: WIPACrepo/[email protected]
pip-install:
needs: [py-versions]
runs-on: ubuntu-latest
strategy:
max-parallel: 4
fail-fast: false
matrix:
version: ${{ fromJSON(needs.py-versions.outputs.matrix) }}
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: ${{ matrix.version }}
- run: |
pip install --upgrade pip wheel setuptools
pip install .[actions]
py-tests:
needs: [keycloak-image-build, ldap-image-build, py-versions]
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
test: ["actions", "krs"]
services:
rabbitmq:
image: bitnami/rabbitmq:3.8
env:
RABBITMQ_USERNAME: admin
RABBITMQ_PASSWORD: admin
RABBITMQ_VHOST: keycloak
RABBITMQ_NODE_NAME: rabbit@rabbitmq
options: --health-cmd "rabbitmqctl node_health_check" --health-interval 10s --health-timeout 5s --health-retries 5
ports:
- 5672:5672
- 15672:15672
ldap:
image: ${{ needs.ldap-image-build.outputs.ldap-tag }}
ports:
- 1389:1389
keycloak:
image: ${{ needs.keycloak-image-build.outputs.keycloak-tag }}
env:
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
KK_TO_RMQ_URL: rabbitmq
CMD: start-dev
ports:
- 8080:8080
container:
image: python:${{ fromJSON(needs.py-versions.outputs.matrix)[0] }}
env:
KEYCLOAK_URL: http://keycloak:8080
KEYCLOAK_USERNAME: admin
KEYCLOAK_PASSWORD: admin
LDAP_URL: ldap://ldap:1389
LDAP_ADMIN_USER: "cn=admin,dc=icecube,dc=wisc,dc=edu"
LDAP_ADMIN_PASSWORD: admin
RABBITMQ_MGMT_URL: http://rabbitmq:15672
RABBITMQ_URL: amqp://admin:admin@rabbitmq/keycloak
steps:
- uses: actions/checkout@v3
- run: |
pip install --upgrade pip wheel setuptools
pip install .[tests,actions]
- run: |
python -m pytest tests/${{ matrix.test }} --tb=short --log-level=DEBUG
release:
if: ${{ github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' }}
needs: [py-setup, pip-install, py-tests]
runs-on: ubuntu-latest
concurrency: release
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
- name: Python Semantic Release
uses: relekang/[email protected]
with:
github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
repository_username: __token__
repository_password: ${{ secrets.PYPI_TOKEN }}
docker:
name: "Docker Image"
needs: [py-setup, pip-install, py-tests]
runs-on: ubuntu-latest
steps:
- name: Checkout Project
uses: actions/checkout@v3
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v4
with:
# list of Docker images to use as base name for tags
images: |
wipac/keycloak-rest-services
ghcr.io/WIPACRepo/keycloak-rest-services
tags: |
type=ref,event=branch
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}.{{minor}}.{{patch}}
- name: Login to DockerHub
uses: docker/login-action@v2
if: ${{ github.event_name != 'pull_request' }}
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
if: ${{ github.event_name != 'pull_request' }}
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push Docker Image
uses: docker/build-push-action@v4
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}