add workflows

john0isaac · john0isaac · commit d648371e6d0b · 2024-03-01T23:20:20.000+02:00
diff --git a/.github/workflows/azure-dev.yml b/.github/workflows/azure-dev.yml
@@ -0,0 +1,107 @@
+name: Deploy to Azure with azd
+
+on:
+    workflow_dispatch:
+    push:
+      branches:
+        - main
+        - cruft/update
+
+# GitHub Actions workflow to deploy to Azure using azd
+# To configure required secrets for connecting to Azure, simply run `azd pipeline config`
+
+# Set up permissions for deploying with secretless Azure federated credentials
+# https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-portal%2Clinux#set-up-azure-login-with-openid-connect-authentication
+permissions:
+    id-token: write
+    contents: read
+
+jobs:
+    build:
+      runs-on: ubuntu-latest
+      outputs:
+        uri: ${{ steps.output.outputs.uri }}
+      env:
+        AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
+        AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
+        AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
+        AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
+      steps:
+        - name: Checkout
+          uses: actions/checkout@v3
+
+        - name: Install azd
+          uses: Azure/setup-azd@v0.1.0
+
+        - name: Log in with Azure (Federated Credentials)
+          if: ${{ env.AZURE_CLIENT_ID != '' }}
+          run: |
+            azd auth login `
+              --client-id "$Env:AZURE_CLIENT_ID" `
+              --federated-credential-provider "github" `
+              --tenant-id "$Env:AZURE_TENANT_ID"
+          shell: pwsh
+
+        - name: Log in with Azure (Client Credentials)
+          if: ${{ env.AZURE_CREDENTIALS != '' }}
+          run: |
+            $info = $Env:AZURE_CREDENTIALS | ConvertFrom-Json -AsHashtable;
+            Write-Host "::add-mask::$($info.clientSecret)"
+
+            azd auth login `
+              --client-id "$($info.clientId)" `
+              --client-secret "$($info.clientSecret)" `
+              --tenant-id "$($info.tenantId)"
+          shell: pwsh
+          env:
+            AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
+
+        - name: Provision Infrastructure
+          run: azd provision --no-prompt
+          env:
+            AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
+            AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
+            AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
+
+        - name: Deploy Application
+          run: azd deploy --no-prompt
+          env:
+            AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
+            AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
+            AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
+
+        - name: Output Deployment URI
+          id: output
+          run: |
+            azd env get-values > .env
+            source .env
+            echo "uri=$BACKEND_URI" >> "$GITHUB_OUTPUT"
+
+    smoketests:
+      runs-on: ubuntu-latest
+      needs: build
+      steps:
+
+        - name: Basic smoke test (curl)
+          env:
+            URI: ${{needs.build.outputs.uri}}
+          run: |
+            echo "Sleeping 1 minute due to https://github.com/Azure/azure-dev/issues/2669"
+            sleep 60
+            curl -sSf $URI
+        - name: Checkout
+          uses: actions/checkout@v3
+
+        - name: Setup python
+          uses: actions/setup-python@v4
+          with:
+            python-version: 3.12
+
+        - name: End-to-end smoke tests (playwright)
+          env:
+            URI: ${{needs.build.outputs.uri}}
+          run: |
+            python3 -m pip install --upgrade pip
+            python3 -m pip install -r requirements-dev.txt
+            python3 -m playwright install chromium --with-deps
+            python3 -m pytest --exitfirst src/tests/smoke/smoketests.py --live-server-url $URI
diff --git a/.github/workflows/cruft.yml b/.github/workflows/cruft.yml
@@ -0,0 +1,68 @@
+name: Update repository with Cruft
+permissions:
+  contents: write
+  pull-requests: write
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 2 * * 1" # Every Monday at 2am
+jobs:
+  update:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: true
+      matrix:
+        include:
+          - add-paths: .
+            body: Use this to merge the changes to this repository.
+            branch: cruft/update
+            commit-message: "chore: accept new Cruft update"
+            title: New updates detected with Cruft
+          - add-paths: .cruft.json
+            body: Use this to reject the changes in this repository.
+            branch: cruft/reject${{ github.run_id }}
+            commit-message: "chore: reject new Cruft update"
+            title: Reject new updates detected with Cruft
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-python@v4
+        with:
+          python-version: "3.12"
+
+      - name: Install Cruft
+        run: pip3 install -r requirements-dev.txt
+
+      - name: Check if update is available
+        continue-on-error: false
+        id: check
+        run: |
+          CHANGES=0
+          if [ -f .cruft.json ]; then
+            if ! cruft check; then
+              CHANGES=1
+            fi
+          else
+            echo "No .cruft.json file"
+          fi
+
+          echo "has_changes=$CHANGES" >> "$GITHUB_OUTPUT"
+
+      - name: Run update if available
+        if: steps.check.outputs.has_changes == '1'
+        run: |
+          git config --global user.email "you@example.com"
+          git config --global user.name "GitHub"
+
+          cruft update --skip-apply-ask --refresh-private-variables
+          git restore --staged .
+
+      - name: Create pull request
+        if: steps.check.outputs.has_changes == '1'
+        run: |
+          echo "::set-output name=branch::${{ matrix.branch }}"
+          echo "::set-output name=commit-message::${{ matrix.commit-message }}"
+          git checkout -b "${{ matrix.branch }}"
+          git add ${{ matrix.add-paths }}
+          git commit -m "${{ matrix.commit-message }}"
+          git push origin "${{ matrix.branch }}"
diff --git a/.github/workflows/devcontainer-ci.yml b/.github/workflows/devcontainer-ci.yml
@@ -0,0 +1,30 @@
+name: Check Dev Container
+
+on:
+  push:
+    branches: [ "main" ]
+    paths:
+      - ".devcontainer/**"
+      - ".github/workflows/devcontainer-ci.yaml"
+  pull_request:
+    branches: [ "main" ]
+    paths:
+      - ".devcontainer/**"
+      - ".github/workflows/devcontainer-ci.yaml"
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+    - name: Use Node.js 20.x
+      uses: actions/setup-node@v3
+      with:
+        node-version: 20.x
+    - run: npm install -g @devcontainers/cli
+    - run: devcontainer build --config ./.devcontainer/devcontainer.json --workspace-folder "$(pwd)"
diff --git a/.github/workflows/format.yml b/.github/workflows/format.yml
@@ -0,0 +1,34 @@
+name: Run Python linter and formatter
+
+on:
+  push:
+    branches: [ main ]
+    paths-ignore:
+      - '**.md'
+      - 'lab/**'
+      - 'assets/**'
+
+  pull_request:
+    branches: [ main ]
+    paths-ignore:
+      - '**.md'
+      - 'lab/**'
+      - 'assets/**'
+
+jobs:
+    checks-format:
+        runs-on: ubuntu-latest
+        steps:
+        - uses: actions/checkout@v3
+        - uses: actions/setup-python@v4
+          with:
+                python-version: 3.12
+                cache: 'pip'
+        - name: Install dependencies
+          run: |
+            python -m pip install --upgrade pip
+            pip install -r requirements-dev.txt
+        - name: Lint with ruff
+          run: |
+            ruff check .
+            ruff format .
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -0,0 +1,66 @@
+name: Run Python E2E tests
+
+on:
+  push:
+    branches: [ main ]
+    paths-ignore:
+      - '**.md'
+      - 'lab/**'
+      - 'assets/**'
+
+  pull_request:
+    branches: [ main ]
+    paths-ignore:
+      - '**.md'
+      - 'lab/**'
+      - 'assets/**'
+
+jobs:
+  test_package:
+
+    name: Test ${{ matrix.os }} Python ${{ matrix.python_version }}
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: ["ubuntu-20.04"]
+        python_version: ["3.8", "3.9", "3.10", "3.11", "3.12"]
+    services:
+      db:
+        image: mysql:8.2
+        env:
+          MYSQL_ROOT_PASSWORD: mysql
+          MYSQL_DATABASE: relecloud
+        ports:
+        - 3306:3306
+        # needed because the mysql container does not provide a healthcheck
+        options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3
+    steps:
+        - uses: actions/checkout@v3
+        - name: Setup python
+          uses: actions/setup-python@v2
+          with:
+
+            python-version: ${{ matrix.python_version }}
+            architecture: x64
+        - name: Install dependencies
+          run: |
+            python3 -m pip install --upgrade pip
+            python3 -m pip install -r requirements-dev.txt
+            playwright install chromium --with-deps
+        - name: Seed data
+          run: |
+            python3 src/manage.py migrate
+            python3 src/manage.py loaddata src/seed_data.json
+          env:
+            MYSQL_HOST: localhost
+            MYSQL_USER: root
+            MYSQL_PASS: mysql
+            MYSQL_DATABASE: relecloud
+        - name: Run tests 
+          run: python3 -m pytest
+          env:
+            MYSQL_HOST: localhost
+            MYSQL_USER: root
+            MYSQL_PASS: mysql
+            MYSQL_DATABASE: relecloud
