Skip to content

Merge pull request #689 from SpaceCowMedia/dependabot/pip/bot/telegra… #2331

Merge pull request #689 from SpaceCowMedia/dependabot/pip/bot/telegra…

Merge pull request #689 from SpaceCowMedia/dependabot/pip/bot/telegra… #2331

Workflow file for this run

name: CI/CD
on:
pull_request:
push:
branches:
- "**"
tags:
- "*"
paths-ignore:
- 'docs/**'
workflow_dispatch:
defaults:
run:
shell: bash
permissions: {}
jobs:
build:
runs-on: ubuntu-latest
env:
SECRET_KEY: ci_build_secret_key
outputs:
version: ${{ steps.semver.outputs.version }}
should-release: ${{ steps.semver.outputs.should-release }}
is-prerelease: ${{ steps.semver.outputs.is-github-prerelease }}
steps:
- name: Setup Docker Buildx 🐳
uses: docker/setup-buildx-action@v3
- id: semver
name: Checkout 🛎️
uses: EasyDesk/action-semver-checkout@v1
- name: Build and export image 🏗️
uses: docker/build-push-action@v6
with:
push: false
load: true
file: backend/Dockerfile
context: .
tags: spellbook-backend:latest
target: production
build-args: VERSION=${{ steps.semver.outputs.version }}
outputs: type=docker,dest=/tmp/spellbook-backend.tar
- name: Upload image artifact 📦
uses: actions/upload-artifact@v4
with:
name: spellbook-backend
path: /tmp/spellbook-backend.tar
- name: Upload migration artifatcs 📦
uses: actions/upload-artifact@v4
with:
name: spellbook-backend-migrations
path: backend/.kubernetes/migration
lint:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
python-version:
- '3.13'
- '3.12'
- '3.11'
- '3.10'
steps:
- name: Checkout 🛎️
uses: actions/checkout@v4
- name: Setup Python 🐍
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
cache: pip
- name: Install Linter 🧴
run: pip install flake8
- name: Lint backend 🧹
working-directory: backend
run: flake8 .
- name: Lint common 🧹
working-directory: common
run: flake8 .
- name: Lint bots 🧹
if: ${{ matrix.python-version == '3.12' }}
working-directory: bot
run: flake8 .
test:
strategy:
fail-fast: false
matrix:
python-version:
- '3.13'
- '3.12'
- '3.11'
- 'pypy3.10'
os:
- ubuntu-latest
- windows-latest
- macos-latest
runs-on: ${{ matrix.os }}
defaults:
run:
shell: bash
steps:
- name: Checkout 🛎️
uses: actions/checkout@v4
- name: Setup Python 🐍
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
cache: pip
- name: Install dependencies 🧶
run: pip install --no-cache-dir --no-deps tblib $(grep -ivE "#|cryptography|cffi" requirements.txt)
working-directory: backend
- name: Print Django version 🐍
run: python manage.py version
working-directory: backend
- name: Unit Test 🧪
run: python -Wd manage.py test --no-input ${{ !startsWith(matrix.python-version, 'pypy') && '--parallel auto' || '' }} --pythonpath ../common
working-directory: backend
integration-test:
runs-on: ubuntu-latest
needs: [build, bot-discord, bot-reddit, bot-telegram]
steps:
- name: Checkout 🛎️
uses: actions/checkout@v4
- name: Setup Docker Buildx 🐳
uses: docker/setup-buildx-action@v3
- name: Download backend image artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-backend
path: /tmp
- name: Download discord bot image artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-discord-bot
path: /tmp
- name: Download reddit bot image artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-reddit-bot
path: /tmp
- name: Download telegram bot image artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-telegram-bot
path: /tmp
- name: Load docker image 🐳
run: |
docker load --input /tmp/spellbook-backend.tar
docker load --input /tmp/spellbook-discord-bot.tar
docker load --input /tmp/spellbook-reddit-bot.tar
docker load --input /tmp/spellbook-telegram-bot.tar
docker image ls -a
- name: Docker compose up 🧫
run: docker compose -f docker-compose.yml up -d --no-build
- name: Unit test inside container 🧪
run: docker exec -e CI=true -i commander-spellbook-backend-web-1 python manage.py test --no-input --parallel 1 --settings=backend.production_settings
release:
runs-on: ubuntu-latest
needs:
- build
- lint
- test
- integration-test
- client-python
- client-typescript
- bot-discord
- bot-reddit
- bot-telegram
if: needs.build.outputs.should-release == 'true'
concurrency: release
permissions:
contents: write
packages: write
steps:
- name: Download backend image artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-backend
path: release
- name: Download discord bot image artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-discord-bot
path: release
- name: Download reddit bot image artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-reddit-bot
path: release
- name: Download telegram bot image artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-telegram-bot
path: release
- name: Download typescript client ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-client-typescript
path: publish/client/typescript
- name: Seup Node.js 🟩
uses: actions/setup-node@v4
with:
node-version: 20.x
registry-url: https://npm.pkg.github.com
- name: Publish typescript client 📤
working-directory: publish/client/typescript
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
npm version ${{ needs.build.outputs.version }}
npm ci
npm run build
npm publish --access public
- name: Release 📧
uses: EasyDesk/action-semver-release@v1
with:
version: ${{ needs.build.outputs.version }}
prerelease: ${{ needs.build.outputs.is-prerelease }}
prefix: CSB
files: |
release/*
deploy:
runs-on: ubuntu-latest
needs: [build, release]
concurrency:
group: production
cancel-in-progress: false
environment: scm-production
permissions:
id-token: write
env:
KUBECTL_TIMEOUT: 1800
steps:
- name: SetupDocker Buildx 🐳
uses: docker/setup-buildx-action@v3
- name: Configure AWS credentials 🛠
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::083767677168:role/spellbook-deploy
role-session-name: github-actions
aws-region: ${{ secrets.AWS_REGION }}
- name: Login to Amazon ECR 📦
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
with:
mask-password: true
- name: Download backend image artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-backend
path: /tmp
- name: Download discord bot image artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-discord-bot
path: /tmp
- name: Download reddit bot image artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-reddit-bot
path: /tmp
- name: Download telegram bot image artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-telegram-bot
path: /tmp
- name: Load image from artifact 🐳
run: |
docker load --input /tmp/spellbook-backend.tar
docker load --input /tmp/spellbook-discord-bot.tar
docker load --input /tmp/spellbook-reddit-bot.tar
docker load --input /tmp/spellbook-telegram-bot.tar
docker image ls -a
- name: Push versioned image to Amazon ECR 📦
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ secrets.AWS_ECR_REPO_NAME }}
IMAGE_TAG: ${{ needs.build.outputs.version }}
run: |
docker tag spellbook-backend:latest $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
- name: Download migration artifacts ⬇
id: migration-artifacts
uses: actions/download-artifact@v4
with:
name: spellbook-backend-migrations
path: /tmp/migrations
- name: Configure kubernetes 🐙
working-directory: ${{ steps.migration-artifacts.outputs.download-path }}
run: aws eks --region ${{ secrets.AWS_REGION }} update-kubeconfig --name spellbook-prod-cluster --kubeconfig spellbookkubeconfig.yaml
- name: Install and configure kubectl 🐙
uses: azure/setup-kubectl@v4
- name: Setup Kustomize 🛠
uses: imranismail/setup-kustomize@v2
- name: Run Kustomize to set image to sha 🛠
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ secrets.AWS_ECR_REPO_NAME }}
IMAGE_TAG: ${{ needs.build.outputs.version }}
working-directory: ${{ steps.migration-artifacts.outputs.download-path }}
run: |
kustomize edit set image $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
- name: Run migrations 🚶‍♂️
working-directory: ${{ steps.migration-artifacts.outputs.download-path }}
run: |
export KUBECONFIG=spellbookkubeconfig.yaml
kubectl delete job spellbook-migration -n spellbook || true
kubectl apply -k .
kubectl wait --timeout=${KUBECTL_TIMEOUT}s --for=condition=complete job/spellbook-migration -n spellbook &
completion_pid=$!
kubectl wait --timeout=${KUBECTL_TIMEOUT}s --for=condition=failed job/spellbook-migration -n spellbook && exit 1 &
failure_pid=$!
exit_code=0
if wait -n $completion_pid $failure_pid; then
echo "Job completed successfully"
else
echo "Job failed"
exit_code=1
fi
echo "Job logs:"
kubectl logs job/spellbook-migration -n spellbook
echo "Deleting job..."
kubectl delete job/spellbook-migration -n spellbook
exit $exit_code
- name: Push image to Amazon ECR 📦
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ secrets.AWS_ECR_REPO_NAME }}
IMAGE_TAG: latest
run: |
docker tag spellbook-backend:latest $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
- name: Push Discord bot image to Amazon ECR 📦
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ secrets.AWS_DISCORD_ECR_REPO_NAME }}
IMAGE_TAG: latest
run: |
docker tag spellbook-discord-bot:latest $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
- name: Rollout pods 🚀
working-directory: ${{ steps.migration-artifacts.outputs.download-path }}
run: |
export KUBECONFIG=spellbookkubeconfig.yaml
declare -a deployments=("spellbook-api" "spellbook-discord-bot")
for deployment in "${deployments[@]}"; do
kubectl rollout restart deployment/$deployment -n spellbook
timeout ${KUBECTL_TIMEOUT} kubectl rollout status deployment/$deployment -n spellbook
done
open-api:
runs-on: ubuntu-latest
needs: build
defaults:
run:
shell: bash
working-directory: client
steps:
- name: Checkout 🛎️
uses: actions/checkout@v4
- name: Setup Python 🐍
uses: actions/setup-python@v5
with:
python-version: 3.12
cache: pip
- name: Install spectacular dependencies 🧶
run: pip install --no-cache-dir --no-deps -r requirements.txt
working-directory: backend
- name: Chmod scripts 👑
run: chmod +x *.sh
- name: Generate OpenApi 🧬
env:
VERSION: ${{ needs.build.outputs.version }}
run: ./generate-openapi.sh
- name: Upload OpenApi artifact 📦
uses: actions/upload-artifact@v4
with:
name: spellbook-openapi
path: client/openapi.*
if-no-files-found: error
client-python:
runs-on: ubuntu-latest
needs: open-api
defaults:
run:
shell: bash
working-directory: client
steps:
- name: Checkout 🛎️
uses: actions/checkout@v4
- name: Setup Python 🐍
uses: actions/setup-python@v5
with:
python-version: 3.12
cache: pip
- name: Chmod scripts 👑
run: chmod +x *.sh
- name: Download OpenApi artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-openapi
path: client
- name: Generate client 🏗️
run: ./generate-client-python.sh
- name: Install client dependencies 🧶
# It is important to not use --no-deps here, otherwise httpcore will raise an error during the tests
run: pip install --no-cache-dir -r requirements.txt
working-directory: client/python
- name: Install test dependencies 🧶
run: pip install --no-cache-dir --no-deps -r requirements.txt
working-directory: backend
- name: Run python tests 🧪
run: python backend/manage.py test client/python/tests/ --no-input --parallel auto
working-directory: .
- name: Upload client artifact 📦
uses: actions/upload-artifact@v4
with:
name: spellbook-client-python
path: client/python/spellbook_client
client-typescript:
runs-on: ubuntu-latest
needs: open-api
defaults:
run:
shell: bash
working-directory: client
steps:
- name: Checkout 🛎️
uses: actions/checkout@v4
- name: Chmod scripts 👑
run: chmod +x *.sh
- name: Download OpenApi artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-openapi
path: client
- name: Generate client 🏗️
run: ./generate-client-typescript.sh
- name: Upload client artifact 📦
uses: actions/upload-artifact@v4
with:
name: spellbook-client-typescript
path: client/typescript
bot-discord:
runs-on: ubuntu-latest
needs: client-python
defaults:
run:
shell: bash
working-directory: bot/discord
steps:
- name: Setup Docker Buildx 🐳
uses: docker/setup-buildx-action@v3
- name: Checkout 🛎️
uses: actions/checkout@v4
- name: Download client artifact ⬇
uses: actions/download-artifact@v4
with:
name: spellbook-client-python
path: client/python/spellbook_client
- name: Build and export image 🏗️
uses: docker/build-push-action@v6
with:
push: false
load: true
file: bot/discord/Dockerfile
context: .
tags: spellbook-discord-bot:latest
outputs: type=docker,dest=/tmp/spellbook-discord-bot.tar
- name: Upload image artifact 📦
uses: actions/upload-artifact@v4
with:
name: spellbook-discord-bot
path: /tmp/spellbook-discord-bot.tar
bot-reddit:
runs-on: ubuntu-latest
needs: client-python
defaults:
run:
shell: bash
working-directory: bot/reddit
steps:
- name: Setup Docker Buildx 🐳
uses: docker/setup-buildx-action@v3
- name: Checkout 🛎️
uses: actions/checkout@v4
- name: Build and export image 🏗️
uses: docker/build-push-action@v6
with:
push: false
load: true
file: bot/reddit/Dockerfile
context: .
tags: spellbook-reddit-bot:latest
outputs: type=docker,dest=/tmp/spellbook-reddit-bot.tar
- name: Upload image artifact 📦
uses: actions/upload-artifact@v4
with:
name: spellbook-reddit-bot
path: /tmp/spellbook-reddit-bot.tar
bot-telegram:
runs-on: ubuntu-latest
needs: client-python
defaults:
run:
shell: bash
working-directory: bot/telegram
steps:
- name: Setup Docker Buildx 🐳
uses: docker/setup-buildx-action@v3
- name: Checkout 🛎️
uses: actions/checkout@v4
- name: Build and export image 🏗️
uses: docker/build-push-action@v6
with:
push: false
load: true
file: bot/telegram/Dockerfile
context: .
tags: spellbook-telegram-bot:latest
outputs: type=docker,dest=/tmp/spellbook-telegram-bot.tar
- name: Upload image artifact 📦
uses: actions/upload-artifact@v4
with:
name: spellbook-telegram-bot
path: /tmp/spellbook-telegram-bot.tar