2fa flow (#9) #65
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Main | |
on: | |
push: | |
paths-ignore: | |
- "README.md" | |
- "CHANGELOG.md" | |
- "LICENSE" | |
- ".gitignore" | |
- ".vscode" | |
workflow_dispatch: | |
env: | |
SERVICE: sso | |
PYTHON_VERSION: 3.8 | |
jobs: | |
test: | |
runs-on: ubuntu-latest | |
steps: | |
- name: π« Checkout | |
uses: actions/checkout@v3 | |
- name: π Set up Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ env.PYTHON_VERSION }} | |
- name: Install Python Packages | |
working-directory: ./backend | |
run: | | |
python -m pip install --upgrade pip | |
python -m pip install pipenv | |
pipenv install --dev | |
- name: Check Code Format | |
working-directory: ./backend | |
run: if ! pipenv run black --check .; then exit 1; fi | |
- name: Check Migrations | |
working-directory: ./backend | |
run: pipenv run python manage.py makemigrations --check --dry-run | |
# TODO: assert code coverage target. | |
- name: Test Code Units | |
working-directory: ./backend | |
run: pipenv run pytest | |
build-and-deploy: | |
runs-on: ubuntu-latest | |
needs: [test] | |
if: github.ref_name == 'production' || github.ref_name == 'development' || github.ref_name == 'staging' | |
environment: ${{ github.ref_name }} | |
steps: | |
- name: π« Checkout | |
uses: actions/checkout@v3 | |
- name: π Set up Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ env.PYTHON_VERSION }} | |
- name: π Authenticate with GCloud | |
uses: google-github-actions/auth@v1 | |
with: | |
credentials_json: ${{ secrets.GCP_CREDENTIALS }} | |
- name: π€ Set up GCloud SDK | |
uses: google-github-actions/setup-gcloud@v1 | |
- name: π Install Backend Dependencies | |
working-directory: ./backend | |
run: | | |
python -m pip install --upgrade pip | |
python -m pip install pipenv | |
pipenv install | |
- name: π Generate requirements.txt | |
working-directory: ./backend | |
run: pipenv requirements > requirements.txt | |
- name: βοΈ Set Service Name | |
run: | | |
echo "SERVICE_NAME=$( | |
if [ ${{ github.ref_name }} == 'production' ] | |
then echo ${{ env.SERVICE }} | |
else echo ${{ github.ref_name }}-${{ env.SERVICE }} | |
fi | |
)" >> $GITHUB_ENV | |
# https://mikefarah.gitbook.io/yq/ | |
- name: ποΈ Configure App Deployment | |
uses: mikefarah/yq@master | |
with: | |
cmd: | | |
yq -i ' | |
.service = "${{ github.ref_name }}-${{ env.SERVICE }}" | | |
.env_variables.SECRET_KEY = "${{ secrets.SECRET_KEY }}" | | |
.env_variables.SERVICE_NAME = "${{ env.SERVICE_NAME }}" | |
' backend/app.yaml | |
- name: π Deploy App on GCloud | |
working-directory: ./backend | |
run: gcloud app deploy |