BE: fix bonds pnl #1021
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Mainframe pipeline | |
| on: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| BACKEND_SERVICE: ${{ secrets.BACKEND_SERVICE }} | |
| FRONTEND_SERVICE: ${{ secrets.FRONTEND_SERVICE }} | |
| PROJECT_ID: ${{ secrets.PROJECT_ID }} | |
| RUN_REGION: ${{ secrets.REGION }} | |
| REACT_APP_NGROK_URL: ${{ secrets.REACT_APP_NGROK_URL }} | |
| REACT_APP_API_URL: ${{ secrets.REACT_APP_API_URL }} | |
| jobs: | |
| notify-telegram: | |
| name: Notify telegram | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: send telegram message | |
| uses: appleboy/telegram-action@master | |
| with: | |
| disable_notification: true | |
| disable_web_page_preview: true | |
| format: markdown | |
| message: | | |
| New changes: [${{ github.event.commits[0].message }}](https://github.com/${{ github.repository }}/commit/${{github.sha}}) | |
| Author: ${{ github.actor }} | |
| Repo: ${{ github.repository }} | |
| to: ${{ secrets.TELEGRAM_TO }} | |
| token: ${{ secrets.TELEGRAM_TOKEN }} | |
| changes: | |
| outputs: | |
| backend: ${{ steps.filter.outputs.backend }} | |
| deploy: ${{ steps.filter.outputs.deploy }} | |
| dockerfile: ${{ steps.filter.outputs.dockerfile }} | |
| frontend: ${{ steps.filter.outputs.frontend }} | |
| tests: ${{ steps.filter.outputs.tests }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - uses: dorny/paths-filter@v3 | |
| id: filter | |
| with: | |
| filters: | | |
| backend: | |
| - 'src/mainframe/**' | |
| deploy: | |
| - 'deploy/**' | |
| dockerfile: | |
| - 'Dockerfile' | |
| frontend: | |
| - 'frontend/**' | |
| tests: | |
| - 'tests/**' | |
| security: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@main | |
| - name: Run Safety CLI to check for vulnerabilities | |
| uses: pyupio/safety-action@v1 | |
| with: | |
| api-key: ${{ secrets.SAFETY_API_KEY }} | |
| args: --detailed-output | |
| pre-commit: | |
| name: pre-commit (w/o pytest) | |
| runs-on: ubuntu-latest | |
| needs: changes | |
| if: ${{ (needs.changes.outputs.backend == 'true') || (needs.changes.outputs.deploy == 'true') || (needs.changes.outputs.dockerfile == 'true') || (needs.changes.outputs.tests == 'true') }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Installing dev dependencies for migration check | |
| run: pip install -r requirements-dev.lock | |
| - uses: pre-commit/[email protected] | |
| env: | |
| ENV: ci | |
| SKIP: pytest | |
| tests: | |
| runs-on: ubuntu-latest | |
| needs: changes | |
| if: ${{ (needs.changes.outputs.backend == 'true') || (needs.changes.outputs.deploy == 'true') || (needs.changes.outputs.dockerfile == 'true') || (needs.changes.outputs.tests == 'true') }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: Harmon758/[email protected] | |
| with: | |
| postgresql version: 13 | |
| postgresql db: test_db | |
| postgresql user: test_user | |
| postgresql password: test_pass | |
| - name: Run a multi-line script | |
| run: | | |
| pip install -r requirements-dev.lock | |
| PYTHONPATH=src ENV=ci pytest tests --cov=. --ds mainframe.core.settings --nomigrations | |
| backend-deploy: | |
| name: BE - Deploy | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| needs: | |
| - pre-commit | |
| - security | |
| - tests | |
| steps: | |
| - name: Notify BE start deployment | |
| uses: appleboy/telegram-action@master | |
| with: | |
| disable_notification: true | |
| disable_web_page_preview: true | |
| format: markdown | |
| message: Mainframe - Starting BE deploy | |
| to: ${{ secrets.TELEGRAM_TO }} | |
| token: ${{ secrets.TELEGRAM_TOKEN }} | |
| - name: Checkout Repo | |
| uses: actions/checkout@v4 | |
| - name: Setup GCloud Auth | |
| id: auth | |
| uses: google-github-actions/[email protected] | |
| with: | |
| service_account: ${{ secrets.WIF_SERVICE_ACCOUNT }} | |
| token_format: 'access_token' | |
| workload_identity_provider: ${{ secrets.WIF_PROVIDER }} | |
| - name: Set up Cloud SDK | |
| uses: google-github-actions/[email protected] | |
| - name: Build & Push | |
| run: |- | |
| gcloud builds submit \ | |
| --quiet \ | |
| --tag="$RUN_REGION-docker.pkg.dev/$PROJECT_ID/mainframe-backend/$BACKEND_SERVICE:$GITHUB_SHA" \ | |
| --gcs-log-dir="gs://build-backend-logs" | |
| # Deploy image to Cloud Run | |
| - name: Deploy GCR | |
| run: |- | |
| gcloud run deploy "$BACKEND_SERVICE" \ | |
| --quiet \ | |
| --region "$RUN_REGION" \ | |
| --image "$RUN_REGION-docker.pkg.dev/$PROJECT_ID/mainframe-backend/$BACKEND_SERVICE:$GITHUB_SHA" \ | |
| --platform "managed" \ | |
| --allow-unauthenticated | |
| - name: Notify | |
| uses: appleboy/telegram-action@master | |
| with: | |
| disable_notification: true | |
| disable_web_page_preview: true | |
| format: markdown | |
| message: Mainframe - BE deployed successfully 🚀 | |
| to: ${{ secrets.TELEGRAM_TO }} | |
| token: ${{ secrets.TELEGRAM_TOKEN }} | |
| frontend-build: | |
| name: FE - Build | |
| runs-on: ubuntu-latest | |
| needs: | |
| - changes | |
| - security | |
| if: ${{ needs.changes.outputs.frontend == 'true' }} | |
| steps: | |
| - name: Notify FE start deployment | |
| uses: appleboy/telegram-action@master | |
| with: | |
| disable_notification: true | |
| disable_web_page_preview: true | |
| format: markdown | |
| message: | | |
| [Mainframe](${{ github.event.workflow_job.html_url }}) - Starting FE deploy | |
| to: ${{ secrets.TELEGRAM_TO }} | |
| token: ${{ secrets.TELEGRAM_TOKEN }} | |
| - name: Checkout Repo | |
| uses: actions/checkout@master | |
| - name: Setup Node.js (NPM) | |
| uses: actions/setup-node@master | |
| with: | |
| node-version: '14.x' | |
| - name: Use cached node_modules | |
| uses: actions/cache@master | |
| with: | |
| path: node_modules | |
| key: nodeModules-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| nodeModules- | |
| - name: Install dependencies | |
| working-directory: frontend | |
| run: npm install --frozen-lockfile | |
| env: | |
| CI: true | |
| - name: Build Development | |
| working-directory: frontend | |
| run: npm run build | |
| env: | |
| CI: false | |
| - name: Archive Production Artifact | |
| uses: actions/upload-artifact@main | |
| with: | |
| name: build | |
| path: frontend/build | |
| frontend-deploy: | |
| name: FE - Deploy | |
| needs: frontend-build | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@v3 | |
| - name: Download Artifact | |
| uses: actions/download-artifact@master | |
| with: | |
| name: build | |
| path: frontend/.docker/build | |
| - name: Setup GCloud Auth | |
| id: auth | |
| uses: google-github-actions/[email protected] | |
| with: | |
| service_account: ${{ secrets.WIF_SERVICE_ACCOUNT }} | |
| token_format: 'access_token' | |
| workload_identity_provider: ${{ secrets.WIF_PROVIDER }} | |
| - name: Set up Cloud SDK | |
| uses: google-github-actions/[email protected] | |
| # Build and push image to Google Container Registry | |
| - name: Build & Push | |
| run: |- | |
| gcloud builds submit \ | |
| --quiet \ | |
| --tag="$RUN_REGION-docker.pkg.dev/$PROJECT_ID/mainframe-frontend/$FRONTEND_SERVICE:$GITHUB_SHA" \ | |
| --gcs-log-dir="gs://build-frontend-logs" | |
| working-directory: frontend/.docker | |
| # Deploy image to Cloud Run | |
| - name: Deploy GCR | |
| run: |- | |
| gcloud run deploy "$FRONTEND_SERVICE" \ | |
| --quiet \ | |
| --region "$RUN_REGION" \ | |
| --image "$RUN_REGION-docker.pkg.dev/$PROJECT_ID/mainframe-frontend/$FRONTEND_SERVICE:$GITHUB_SHA" \ | |
| --platform "managed" \ | |
| --allow-unauthenticated \ | |
| --set-env-vars "REACT_APP_NGROK_URL=$REACT_APP_NGROK_URL,REACT_APP_API_URL=$REACT_APP_API_URL" | |
| - name: Notify | |
| uses: appleboy/telegram-action@master | |
| with: | |
| disable_notification: true | |
| disable_web_page_preview: true | |
| format: markdown | |
| message: Mainframe - FE deployed successfully 🚀 | |
| to: ${{ secrets.TELEGRAM_TO }} | |
| token: ${{ secrets.TELEGRAM_TOKEN }} |