chore: Update dependencies #2162
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: CI | |
env: | |
IMAGE_NAME: airlock | |
PUBLIC_IMAGE_NAME: ghcr.io/opensafely-core/airlock | |
REGISTRY: ghcr.io | |
on: | |
push: | |
jobs: | |
check: | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: "opensafely-core/setup-action@v1" | |
with: | |
python-version: "3.11" | |
install-just: true | |
- name: Set up development environment | |
run: just devenv | |
- name: Check formatting and linting rules | |
run: just check | |
test: | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: "opensafely-core/setup-action@v1" | |
with: | |
python-version: "3.11" | |
install-just: true | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: ".node-version" | |
cache: "npm" | |
cache-dependency-path: package-lock.json | |
- name: Install node_modules | |
run: npm ci | |
- name: Build assets | |
run: npm run build | |
- name: Set up development environment | |
run: just devenv | |
- name: Run tests | |
run: | | |
RUN_SCREENSHOT_TESTS=True just test-all | |
# not actually needed for tests, but we want to make sure the dev tooling | |
# is still working | |
- name: Validate load-example-data dev tooling works | |
run: | | |
just manage migrate | |
just load-example-data | |
docker-test-dev: | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: "opensafely-core/setup-action@v1" | |
with: | |
python-version: "3.11" | |
install-just: true | |
- name: Build docs | |
run: | | |
just docs-build | |
- name: Build docker image for both prod and dev | |
run: | | |
just docker/build dev | |
- name: Run unit tests on docker dev image | |
run: | | |
# build docker and run test | |
just docker/test | |
docker-test-prod: | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: "opensafely-core/setup-action@v1" | |
with: | |
python-version: "3.11" | |
install-just: true | |
- name: Build docs | |
run: | | |
just docs-build | |
- name: Build docker image for both prod and dev | |
run: | | |
just docker/build prod | |
- name: Run smoke test on prod | |
run: | | |
just docker/serve prod -d | |
sleep 5 | |
just docker/smoke-test || { docker logs airlock-prod-1; exit 1; } | |
- name: Save docker image | |
run: | | |
docker save airlock | gzip > /tmp/airlock.tar.gz | |
- name: Upload docker image | |
uses: actions/upload-artifact@v4 | |
with: | |
name: airlock-image | |
path: /tmp/airlock.tar.gz | |
docker-publish: | |
needs: [check, test, docker-test-dev, docker-test-prod] | |
runs-on: ubuntu-22.04 | |
permissions: | |
contents: read | |
packages: write | |
if: github.ref == 'refs/heads/main' | |
concurrency: deploy-production | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: "opensafely-core/setup-action@v1" | |
with: | |
install-just: true | |
- name: Download docker image | |
uses: actions/download-artifact@v4 | |
with: | |
name: airlock-image | |
path: /tmp/image | |
- name: Import docker image | |
run: gunzip -c /tmp/image/airlock.tar.gz | docker load | |
- name: Test image we imported from previous job works | |
run: | | |
SKIP_BUILD=1 just docker/serve prod -d | |
sleep 5 | |
just docker/smoke-test || { docker logs airlock-prod-1; exit 1; } | |
- name: Publish image | |
run: | | |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login "$REGISTRY" -u "${{ github.actor }}" --password-stdin | |
docker tag "$IMAGE_NAME" "$PUBLIC_IMAGE_NAME:latest" | |
docker push "$PUBLIC_IMAGE_NAME:latest" |