Skip to content

build staging

build staging #408

---
name: build staging
# Actions that take place after every commit the 'staging' branch.
# Here every commit is built, tagged (as 'latest' or with the tag) and tested.
# We ignore any production-like tags in this workflow.
#
# If a DOCKERHUB_USERNAME secret is defined the image is pushed.
#
# Actions also run on a schedule - the container is built, tested,
# pushed and deployed (if the relevant secrets are set) based on
# a defined schedule.
# ---------------
# Control secrets
# ---------------
#
# At the GitHub 'organisation' or 'project' level you are expected to
# have the following GitHub 'Repository Secrets' defined
# (i.e. via 'Settings -> Secrets'): -
#
# BE_NAMESPACE optional - default xchem
# FE_IMAGE_TAG optional - default latest
# FE_NAMESPACE optional - default xchem
# STACK_BRANCH optional - default master
# STACK_GITHUB_NAMESPACE optional - default xchem
# STACK_NAMESPACE optional - default xchem
#
# DOCKERHUB_USERNAME optional
# DOCKERHUB_TOKEN optional - required if DOCKERHUB_USERNAME
#
# TRIGGER_DOWNSTREAM optional - set to 'yes'
# to trigger downstream projects
#
# STACK_USER optional - set if triggering
# STACK_USER_TOKEN optional - set if triggering
#
# -----------
# Environment (GitHub Environments)
# -----------
#
# (none)
on:
push:
branches:
- 'staging'
tags-ignore:
# Ignore any production-grade tags (i.e. "2022.1" or "1.0.0"),
# they're reserved for the production branch. Here
# we expect a non-production tag, i.e. "2022.1-rc.1" or "1.0.0-rc.1"
- '[0-9]+.[0-9]+'
- '[0-9]+.[0-9]+.[0-9]+'
schedule:
# Build every Sunday (0) at 4:30pm
- cron: '30 16 * * 0'
env:
# The following 'defaults' are used in the 'Initialise workflow variables' step,
# which creates 'outputs' for use in steps and jobs that follow it.
# The values set here are used unless a matching secret is found.
# Secrets are the way users dynamically control the behaviour of this Action.
#
# For Jobs conditional on the presence of a secret see this Gist...
# https://gist.github.com/jonico/24ffebee6d2fa2e679389fac8aef50a3
BE_NAMESPACE: xchem
FE_IMAGE_TAG: latest
FE_NAMESPACE: xchem
STACK_BRANCH: master
STACK_GITHUB_NAMESPACE: xchem
STACK_NAMESPACE: xchem
jobs:
build:
runs-on: ubuntu-latest
outputs:
push: ${{ steps.vars.outputs.push }}
tag: ${{ steps.vars.outputs.tag }}
trigger: ${{ steps.vars.outputs.trigger }}
steps:
- name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4
- name: Initialise workflow variables
id: vars
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
TRIGGER_DOWNSTREAM: ${{ secrets.TRIGGER_DOWNSTREAM }}
run: |
# BE_NAMESPACE
BE_NAMESPACE="${{ env.BE_NAMESPACE }}"
if [ -n "${{ secrets.BE_NAMESPACE }}" ]; then BE_NAMESPACE="${{ secrets.BE_NAMESPACE }}"; fi
echo BE_NAMESPACE=${BE_NAMESPACE}
echo "BE_NAMESPACE=${BE_NAMESPACE}" >> $GITHUB_OUTPUT
# FE_IMAGE_TAG
FE_IMAGE_TAG="${{ env.FE_IMAGE_TAG }}"
if [ -n "${{ secrets.FE_IMAGE_TAG }}" ]; then FE_IMAGE_TAG="${{ secrets.FE_IMAGE_TAG }}"; fi
echo FE_IMAGE_TAG=${FE_IMAGE_TAG}
echo "FE_IMAGE_TAG=${FE_IMAGE_TAG}" >> $GITHUB_OUTPUT
# FE_NAMESPACE
FE_NAMESPACE="${{ env.FE_NAMESPACE }}"
if [ -n "${{ secrets.FE_NAMESPACE }}" ]; then FE_NAMESPACE="${{ secrets.FE_NAMESPACE }}"; fi
echo FE_NAMESPACE=${FE_NAMESPACE}
echo "FE_NAMESPACE=${FE_NAMESPACE}" >> $GITHUB_OUTPUT
# STACK_BRANCH
STACK_BRANCH="${{ env.STACK_BRANCH }}"
if [ -n "${{ secrets.STACK_BRANCH }}" ]; then STACK_BRANCH="${{ secrets.STACK_BRANCH }}"; fi
echo STACK_BRANCH=${STACK_BRANCH}
echo "STACK_BRANCH=${STACK_BRANCH}" >> $GITHUB_OUTPUT
# STACK_GITHUB_NAMESPACE
STACK_GITHUB_NAMESPACE="${{ env.STACK_GITHUB_NAMESPACE }}"
if [ -n "${{ secrets.STACK_GITHUB_NAMESPACE }}" ]; then STACK_GITHUB_NAMESPACE="${{ secrets.STACK_GITHUB_NAMESPACE }}"; fi
echo STACK_GITHUB_NAMESPACE=${STACK_GITHUB_NAMESPACE}
echo "STACK_GITHUB_NAMESPACE=${STACK_GITHUB_NAMESPACE}" >> $GITHUB_OUTPUT
# STACK_NAMESPACE
STACK_NAMESPACE="${{ env.STACK_NAMESPACE }}"
if [ -n "${{ secrets.STACK_NAMESPACE }}" ]; then STACK_NAMESPACE="${{ secrets.STACK_NAMESPACE }}"; fi
echo STACK_NAMESPACE=${STACK_NAMESPACE}
echo "STACK_NAMESPACE=${STACK_NAMESPACE}" >> $GITHUB_OUTPUT
# What image tag are we using? 'latest' (if not tagged) or a GitHub tag?
TAG="latest"
if [[ "${{ github.ref }}" =~ ^refs/tags/ ]]; then TAG="${{ env.GITHUB_REF_SLUG }}"; fi
echo tag=${TAG}
echo "tag=${TAG}" >> $GITHUB_OUTPUT
# Do we push, i.e. is DOCKERHUB_USERNAME defined?
echo push=${{ env.DOCKERHUB_USERNAME != '' }}
echo "push=${{ env.DOCKERHUB_USERNAME != '' }}" >> $GITHUB_OUTPUT
# Do we trigger downstream, i.e. is TRIGGER_DOWNSTREAM 'yes'?
echo trigger=${{ env.TRIGGER_DOWNSTREAM == 'yes' }}
echo "trigger=${{ env.TRIGGER_DOWNSTREAM == 'yes' }}" >> $GITHUB_OUTPUT
- name: Checkout
uses: actions/checkout@v4
- name: Lint Dockerfile
uses: hadolint/[email protected]
with:
dockerfile: Dockerfile
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.11'
- name: Run pre-commit (all files)
run: |
pip install --requirement build-requirements.txt
pre-commit run --all-files
- name: Docker build
uses: docker/build-push-action@v5
with:
context: .
tags: ${{ steps.vars.outputs.BE_NAMESPACE }}/fragalysis-backend:${{ steps.vars.outputs.tag }}
- name: Test (docker compose)
uses: hoverkraft-tech/[email protected]
with:
compose-file: ./docker-compose.test.yml
up-flags: --build --exit-code-from tests --abort-on-container-exit
env:
BE_NAMESPACE: ${{ steps.vars.outputs.BE_NAMESPACE }}
BE_IMAGE_TAG: ${{ steps.vars.outputs.tag }}
- name: Login to DockerHub
if: steps.vars.outputs.push == 'true'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Push
if: steps.vars.outputs.push == 'true'
run: docker push ${{ steps.vars.outputs.BE_NAMESPACE }}/fragalysis-backend:${{ steps.vars.outputs.tag }}
# Trigger the stack build for every non-scheduled (staging) build.
- name: Trigger stack
if: |
steps.vars.outputs.trigger == 'true' &&
github.event_name != 'schedule'
uses: informaticsmatters/trigger-ci-action@v1
with:
ci-owner: ${{ steps.vars.outputs.STACK_GITHUB_NAMESPACE }}
ci-repository: fragalysis-stack
ci-name: build main
ci-ref: refs/heads/${{ steps.vars.outputs.STACK_BRANCH }}
ci-inputs: >-
be_namespace=${{ steps.vars.outputs.BE_NAMESPACE }}
be_image_tag=${{ steps.vars.outputs.TAG }}
fe_namespace=${{ steps.vars.outputs.FE_NAMESPACE }}
fe_image_tag=${{ steps.vars.outputs.FE_IMAGE_TAG }}
stack_namespace=${{ steps.vars.outputs.STACK_NAMESPACE }}
ci-user: ${{ secrets.STACK_USER }}
ci-user-token: ${{ secrets.STACK_USER_TOKEN }}