Skip to content

Commit

Permalink
Merge pull request #140 from bbc/jamessa-gha
Browse files Browse the repository at this point in the history 
Move to Github Actions
  • Loading branch information
@j616
j616 authored Nov 1, 2023
2 parents 9e6e571 + 99b6e8a commit d2de33a
Show file tree
Hide file tree
Showing 6 changed files with 370 additions and 229 deletions.
53 changes: 53 additions & 0 deletions .github/workflows/ci-workflow.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
name: CI Workflow
run-name: ${{ format('{0} triggered by {1} on {2} {3}', github.workflow, (github.event_name == 'workflow_dispatch' && format('user {0}', github.actor) || format('{0} event', github.event_name) ), github.repository, github.ref_name) }}
on:
schedule:
- cron: '0 4 * * 1-5'

# Pull requests and pushes will not trigger a run if the only changes are on workflows other than this one
pull_request:
paths-ignore:
- '.github/workflows/**'
- '!.github/workflows/ci-workflow.yml'

push:
paths-ignore:
- '.github/workflows/**'
- '!.github/workflows/ci-workflow.yml'
branches:
- 'main'

workflow_dispatch:
# NOTE: Defaults here are only for the dispatch run dialogue box. See the shared workflow calls below for defaults for runs triggered by other means
inputs:
forceDocsUpload:
description: 'Force docs upload'
required: false
type: boolean
pythonVersion:
description: 'Python version to use'
required: true
default: '3.10'
type: string
commontoolingBranch:
description: 'Commontooling branch or tag to use'
required: true
default: 'main'
type: string

jobs:
SharedCIWorkflow:
name: Shared Workflow
permissions:
actions: read
contents: read
pages: write
id-token: write
uses: ./.github/workflows/shared-ext-ci-workflow.yml
with:
# workflow_dispatch inputs are always strings. Convert to boolean.
forceDocsUpload: ${{ inputs.forceDocsUpload == true }}
pythonVersion: ${{ inputs.pythonVersion || '3.10' }}
commontoolingBranch: ${{ inputs.commontoolingBranch || 'main' }}
enableUploadDocker: true
secrets: inherit
42 changes: 42 additions & 0 deletions .github/workflows/release-workflow.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
name: Release Workflow
run-name: ${{ format('{0} triggered by {1} on {2} {3}', github.workflow, (github.event_name == 'workflow_dispatch' && format('user {0}', github.actor) || format('{0} event', github.event_name) ), github.repository, github.ref_name) }}
on:
workflow_dispatch:
# Defaults here are only for the dispatch run dialogue box. See the shared workflow calls below for defaults for runs triggered by other means
inputs:
commontoolingBranch:
description: 'Commontooling branch or tag to use'
required: true
default: 'main'
type: string
pythonVersion:
description: 'Python version to use'
required: true
default: '3.10'
type: string

jobs:
SharedReleaseWorkflow:
name: Release
permissions:
contents: write
uses: ./.github/workflows/shared-ext-release-workflow.yml
with:
commontoolingBranch: ${{ inputs.commontoolingBranch || 'main' }}
secrets: inherit

SharedCIWorkflow:
name: CI
permissions:
actions: read
contents: read
pages: write
id-token: write
needs: SharedReleaseWorkflow
uses: ./.github/workflows/shared-ci-workflow.yml
with:
commontoolingBranch: ${{ inputs.commontoolingBranch || 'main' }}
pythonVersion: ${{ inputs.pythonVersion || '3.10' }}
enableUploadDocker: true
checkoutRef: ${{ needs.SharedReleaseWorkflow.outputs.releaseRef }}
secrets: inherit
181 changes: 181 additions & 0 deletions .github/workflows/shared-ext-ci-workflow.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,181 @@
# This workflow is manged centrally in CommonTooling

name: Shared CI Workflow
on:
workflow_call:
inputs:
forceDocsUpload:
description: 'Force upload of documentation'
required: false
type: boolean
pythonVersion:
description: 'Python version to use'
required: false
default: '3.10'
type: string
commontoolingBranch:
description: 'Commontooling branch or tag to use'
required: true
default: 'main'
type: string
checkoutRef:
description: 'Overrides the branch of the repo under test to checkout'
required: false
default: ''
type: string
ciEnvironment:
description: 'The Actions Environment to use when running CI'
required: false
default: ''
type: string
enableUploadDocker:
description: 'Enable docker upload step. NOTE: Docker images will only be uploaded if the build is on a tag.'
required: false
type: boolean
secrets:
COMMONTOOLING_DEPLOY_KEY:
description: 'A deploy key that may be used to fetch Commontooling'
required: true
AWS_ACCOUNT_ID:
description: 'An AWS Account ID'
required: true


env:
PYTHON_VERSION: ${{ inputs.pythonVersion == '' && '3.10' || inputs.pythonVersion }}
COMMONTOOLING_BRANCH: ${{ inputs.commontoolingBranch == '' && 'main' || inputs.commontoolingBranch }}
BUILD_TAG: ${{ github.run_id }} # This is currently used by commontooling to detect CI environments
CHECKOUT_REF: ${{ inputs.checkoutRef == '' && github.ref || inputs.checkoutRef }}

jobs:
CheckStaticFiles:
name: Check Static Files
permissions:
contents: read
runs-on: ubuntu-22.04
steps:
- name: Check out repository code
uses: actions/checkout@v3
with:
ref: ${{ env.CHECKOUT_REF }}

- name: Initialise commontooling
uses: actions/checkout@v3
with:
repository: bbc/rd-cloudfit-commontooling
ref: ${{ env.COMMONTOOLING_BRANCH }}
path: commontooling
fetch-depth: 1
ssh-key: ${{ secrets.COMMONTOOLING_DEPLOY_KEY }}

- name: Check static files
run: make check-static-files

CI:
name: CI
permissions:
actions: read
contents: read
pages: read
id-token: write
runs-on: ubuntu-22.04
needs: CheckStaticFiles
environment:
name: ${{ startsWith(inputs.checkoutRef == '' && github.ref || inputs.checkoutRef, 'refs/tags/') && 'publish-packages' || '' }}
steps:
####################
## Initialise run ##
####################

- name: Check out repository code
uses: actions/checkout@v3
with:
fetch-depth: 0 # check out entire repo for version calculation
ref: ${{ env.CHECKOUT_REF }}

- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ (((inputs.enableUploadDocker && startsWith(env.CHECKOUT_REF, 'refs/tags/')) && 'gha_ecr_public_write') || 'gha_ecr_public_read') }}
role-session-name: GitHub_to_AWS_via_FederatedOIDC
aws-region: us-east-1

- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
with:
registry-type: public
mask-password: true

- name: Create pip conf
run: touch ${{ github.workspace }}/.pip.conf

###############
## Run tests ##
###############

- name: Build artefacts
run: make artefacts

- name: Lint
run: make lint

- name: Typecheck
run: make typecheck

- name: Tests
run: make test

##########################################
## Build remaining deployable artefacts ##
##########################################

- name: Build docs
run: make docs

- name: Build wheels
run: make wheel

#################################
## Upload deployable artefacts ##
#################################
- name: Upload wheels
if: ${{ startsWith(env.CHECKOUT_REF, 'refs/tags/') }}
uses: pypa/gh-action-pypi-publish@b7f401de30cb6434a1e19f805ff006643653240e # v1.8.10
with:
skip-existing: true

- name: ${{ format('{0}Upload docker images', ((! inputs.enableUploadDocker) && 'NOT ENABLED | ' || '') ) }}
if: ${{ inputs.enableUploadDocker && startsWith(env.CHECKOUT_REF, 'refs/tags/') }}
run: make upload-docker

- name: Setup pages
if: ${{ inputs.forceDocsUpload || startsWith(env.CHECKOUT_REF, 'refs/tags/') }}
uses: actions/configure-pages@v3

- name: Upload documentation artifact
if: ${{ inputs.forceDocsUpload || startsWith(env.CHECKOUT_REF, 'refs/tags/') }}
uses: actions/upload-pages-artifact@v2
with:
path: './docs'

DeployPages:
name: Deploy Pages
# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
permissions:
contents: read
pages: write
id-token: write
runs-on: ubuntu-22.04
needs: CI
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
if: ${{ startsWith(inputs.checkoutRef == '' && github.ref || inputs.checkoutRef, 'refs/tags/') }}
steps:
- name: Deploy documentation to GitHub Pages
id: deployment
uses: actions/deploy-pages@v2
- name: Adding summary
run: |
echo "Documentation URL: ${{ steps.deployment.outputs.page_url }}" >> $GITHUB_STEP_SUMMARY
94 changes: 94 additions & 0 deletions .github/workflows/shared-ext-release-workflow.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
# This workflow is manged centrally in CommonTooling

name: Shared Release Workflow
on:
workflow_call:
inputs:
commontoolingBranch:
description: 'Commontooling branch or tag to use'
required: true
default: 'main'
type: string
outputs:
releaseRef:
description: "The tag ref of the created release"
value: ${{ jobs.Release.outputs.releaseRef }}
secrets:
COMMONTOOLING_DEPLOY_KEY:
description: 'A deploy key that may be used to fetch Commontooling'
required: true

env:
COMMONTOOLING_BRANCH: ${{ inputs.commontoolingBranch == '' && 'main' || inputs.commontoolingBranch }}
BUILD_TAG: ${{ github.run_id }} # This is currently used by commontooling to detect CI environments

jobs:
CheckStaticFiles:
name: Check Static Files
permissions:
contents: read
runs-on: ubuntu-22.04
steps:
- name: Check out repository code
uses: actions/checkout@v3

- name: Initialise commontooling
uses: actions/checkout@v3
with:
repository: bbc/rd-cloudfit-commontooling
ref: ${{ env.COMMONTOOLING_BRANCH }}
path: commontooling
fetch-depth: 1
ssh-key: ${{ secrets.COMMONTOOLING_DEPLOY_KEY }}

- name: Check static files
run: make check-static-files

Release:
permissions:
contents: write
runs-on: ubuntu-22.04
needs: CheckStaticFiles
environment:
name: releases
url: ${{ steps.release.outputs.url }}
outputs:
releaseRef: refs/tags/${{ steps.nextVersion.outputs.version }}
steps:
- name: Check out repository code
uses: actions/checkout@v3
with:
fetch-depth: 0 # check out entire repo for version calculation

- name: Get next version number
id: nextVersion
run: echo "version=$(make next-version)" >> $GITHUB_OUTPUT

- name: Create tag
run: |
git tag -a ${{ steps.nextVersion.outputs.version }} -m "v.${{ steps.nextVersion.outputs.version }}"
git push origin --tags
- name: Create release
id: release
uses: actions/github-script@v6
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
script: |
try {
const response = await github.rest.repos.createRelease({
generate_release_notes: true,
owner: context.repo.owner,
repo: context.repo.repo,
tag_name: '${{ steps.nextVersion.outputs.version }}'
});
core.setOutput('url', response.data.html_url);
} catch (error) {
core.setFailed(error.message);
}
- name: Adding summary
run: |
echo "Release Version: ${{ steps.nextVersion.outputs.version }}" >> $GITHUB_STEP_SUMMARY
echo "Release URL: ${{ steps.release.outputs.url }}" >> $GITHUB_STEP_SUMMARY
Loading

0 comments on commit d2de33a

Please sign in to comment.