Skip to content

storage: s3 - gives files 'public-read' access #2173

storage: s3 - gives files 'public-read' access

storage: s3 - gives files 'public-read' access #2173

name: Build and Test
on:
push:
branches:
- main
pull_request_target:
branches:
- main
env:
AIRFLOW_HOME: /home/runner/work/workflows/workflows
REGISTRY: registry.cern.ch
IMAGE: cern-sis/workflows
jobs:
build_test:
name: Build and Test
runs-on: ubuntu-latest
steps:
- name: Checkout
if: ${{ github.event_name == 'push' }}
uses: actions/checkout@v3
- name: Checkout PR
if: ${{ github.event_name == 'pull_request_target' }}
uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Install Python 3
uses: actions/setup-python@v4
with:
python-version: 3.10.11
- name: Install python dependencies
run: |
pip install --upgrade pip
pip install --no-cache-dir --upgrade setuptools
pip install --no-cache-dir --upgrade wheel
pip install -r requirements.txt -r requirements-test.txt -r requirements-airflow.txt
- name: Run services for IT Tests, create buckets
run: make start
- name: List services for IT Tests
run: docker ps
- name: List all dags
run: airflow dags list
- name: Build Image
id: build
uses: cern-sis/gh-workflows/.github/actions/docker-build@v6
with:
registry: ${{ env.REGISTRY }}
image: ${{ env.IMAGE }}
tags: type=ref,event=pr
cache: false
username: ${{ secrets.HARBOR_USERNAME }}
password: ${{ secrets.HARBOR_PASSWORD }}
- name: Run tests with pytest and generate report
run: >
docker run
--name workflows
--network=host
-v "$(pwd)"/tests:/opt/airflow/tests
-v "$(pwd)"/data:/opt/airflow/data
--entrypoint pytest
$REGISTRY/$IMAGE@${{ steps.build.outputs.image-digest }}
tests
--cov=./
--cov-report=xml
- name: Copy test coverage file to host machine
run: docker cp workflows:/opt/airflow/coverage.xml .
- name: Upload Coverage to Codecov
uses: codecov/codecov-action@v3
with:
verbose: true
- name: Deploy QA
if: ${{ github.event_name == 'push' }}
uses: cern-sis/gh-workflows/.github/actions/kubernetes-project-new-images@v6
with:
event-type: update
images: ${{ env.REGISTRY }}/${{ env.IMAGE }}@${{ steps.build.outputs.image-digest }}
token: ${{ secrets.PAT_FIRE_EVENTS_ON_CERN_SIS_KUBERNETES }}