Merge pull request #11 from broadinstitute/fk-check-post-migrate #19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Build breadbox | |
on: | |
pull_request: | |
paths: | |
- "breadbox/**" | |
- "breadbox-client/**" | |
- ".github/workflows/build_breadbox.yml" | |
types: | |
- opened | |
- reopened | |
- edited | |
- synchronize | |
workflow_dispatch: | |
push: | |
branches: | |
- "master" | |
- "internal" | |
- "qa" | |
- "peddep*" | |
- "dmc*" | |
- "external*" | |
permissions: | |
contents: write | |
env: | |
DOCKER_REPO: us.gcr.io/broad-achilles/depmap-breadbox | |
DOCKER_TAG: ga2-build-${{ github.run_number }} | |
jobs: | |
check-pr-title: | |
runs-on: ubuntu-latest | |
if: ${{ github.event_name == 'pull_request' && github.base_ref == 'master' }} | |
defaults: | |
run: | |
working-directory: ./breadbox | |
steps: | |
- name: Check out | |
uses: actions/checkout@v3 | |
with: | |
token: "${{ secrets.GITHUB_TOKEN }}" | |
fetch-depth: 0 | |
- name: Install and configure Poetry | |
uses: snok/install-poetry@v1 | |
with: | |
version: 1.7.1 | |
virtualenvs-create: true | |
virtualenvs-in-project: true | |
- name: Set up cache | |
uses: actions/cache@v2 | |
id: cached-poetry-dependencies | |
with: | |
path: .venv | |
key: venv-${{ runner.os }}-${{ steps.full-python-version.outputs.version }}-${{ hashFiles('**/poetry.lock') }} | |
- name: Install dependencies from project | |
run: poetry install | |
# if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true' | |
# We want to use the rules defined in breadbox/pyproject.toml | |
- name: Check PR title | |
run: poetry run cz check -m "${{ github.event.pull_request.title }}" | |
build-docker: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Update build id | |
run: | | |
echo "SHA=\"${{ github.sha }}\"" > breadbox/build.py | |
- name: Login to GCR | |
uses: docker/login-action@v1 | |
with: | |
registry: us.gcr.io | |
username: _json_key | |
password: ${{ secrets.DEPMAP_DEPLOY_SVC_ACCT }} | |
- name: Build Elara | |
run: | | |
yarn --cwd frontend install | |
yarn --cwd frontend test | |
yarn --cwd frontend "build:elara" | |
- name: build docker image | |
run: bash breadbox/build-docker-image.sh ${{ env.DOCKER_REPO }}:${{ env.DOCKER_TAG }} | |
- name: check that the breadbox client is in sync with the latest API spec | |
run: | | |
docker run -v $PWD/breadbox-client/latest-breadbox-api.json:/latest-breadbox-api.json ${{ env.DOCKER_REPO }}:${{ env.DOCKER_TAG }} poetry run ./bb check-api /latest-breadbox-api.json | |
- name: Run pyright-ratchet | |
run: | | |
docker run -v $PWD/breadbox/pyright-ratchet-errors.txt:/install/breadbox/pyright-ratchet-errors.txt ${{ env.DOCKER_REPO }}:${{ env.DOCKER_TAG }} poetry run pyright-ratchet | |
- name: Push Docker image | |
run: docker push ${{ env.DOCKER_REPO }}:${{ env.DOCKER_TAG }} | |
run-pytest: | |
runs-on: ubuntu-latest | |
needs: build-docker | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Login to GCR | |
uses: docker/login-action@v1 | |
with: | |
registry: us.gcr.io | |
username: _json_key | |
password: ${{ secrets.DEPMAP_DEPLOY_SVC_ACCT }} | |
- name: Pull Docker image | |
run: docker pull ${{ env.DOCKER_REPO }}:${{ env.DOCKER_TAG }} | |
- name: Run pytest | |
run: | | |
cd breadbox | |
docker run -e PYTHONWARNINGS="ignore::DeprecationWarning" -v $PWD/mypy.ini:/install/breadbox/mypy.ini -v $PWD/.env.dev:/install/breadbox/.env -v $PWD/tests:/install/breadbox/tests ${{ env.DOCKER_REPO }}:${{ env.DOCKER_TAG }} poetry run pytest | |
push-docker-tag: | |
runs-on: ubuntu-latest | |
needs: | |
- build-docker | |
- run-pytest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Login to GCR | |
uses: docker/login-action@v1 | |
with: | |
registry: us.gcr.io | |
username: _json_key | |
password: ${{ secrets.DEPMAP_DEPLOY_SVC_ACCT }} | |
- name: Pull Docker image | |
run: docker pull ${{ env.DOCKER_REPO }}:${{ env.DOCKER_TAG }} | |
- name: Push Docker tags | |
run: | | |
chmod +x ./.github/push_docker.py | |
# GITHUB_REF##*/ is github actions magic which expands to the branch name | |
./.github/push_docker.py ${{ env.DOCKER_REPO }} ${{ env.DOCKER_REPO }}:${{ env.DOCKER_TAG }} ${GITHUB_REF##*/} | |
bump-versions: | |
if: ${{ !startsWith(github.event.head_commit.message, 'bump:') && (!startsWith(github.actor, 'github-actions') || !startsWith(github.event.pusher.name, 'github-actions')) && (github.ref_name == 'master') && (github.event_name == 'push') }} | |
needs: push-docker-tag | |
runs-on: ubuntu-latest | |
name: "Bump breadbox and breadbox-client version and create changelog with commitizen" | |
outputs: | |
# Map the step outputs to job outputs | |
current_version: ${{ steps.current-version.outputs.current_version }} | |
bumped_version: ${{ steps.bumped-version.outputs.bumped_version }} | |
defaults: | |
run: | |
working-directory: ./breadbox | |
steps: | |
- name: Check out | |
uses: actions/checkout@v3 | |
with: | |
token: "${{ secrets.GITHUB_TOKEN }}" | |
fetch-depth: 0 | |
- name: Install and configure Poetry | |
uses: snok/install-poetry@v1 | |
with: | |
version: 1.7.1 | |
virtualenvs-create: true | |
virtualenvs-in-project: true | |
- name: Install dependencies | |
run: poetry install | |
- name: Store current version | |
id: current-version | |
run: echo "current_version=$(poetry run cz version -p)" >> $GITHUB_OUTPUT | |
- name: Get current version | |
run: echo "${{ steps.current-version.outputs.current_version}}" | |
- name: Bump version and tag | |
run: | | |
git config user.name github-actions | |
git config user.email [email protected] | |
git pull origin HEAD:master | |
poetry run ./bb bump-version | |
git push origin HEAD:master | |
git push origin HEAD:master --tags | |
- name: Store bumped version | |
id: bumped-version | |
run: echo "bumped_version=$(poetry run cz version -p)" >> $GITHUB_OUTPUT | |
- name: Get bumped version | |
run: echo "${{ steps.current-version.outputs.bumped_version}}" | |
publish-breadbox-and-client: | |
needs: bump-versions | |
if: ${{ (needs.bump-versions.outputs.current_version != needs.bump-versions.outputs.bumped_version) && (github.ref_name == 'master') }} | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./breadbox | |
steps: | |
- name: Check out | |
uses: actions/checkout@v3 | |
with: | |
token: "${{ secrets.GITHUB_TOKEN }}" | |
fetch-depth: 0 | |
- run: | | |
git pull origin HEAD:master | |
- name: Authenticate to Google Cloud | |
uses: google-github-actions/auth@v2 | |
with: | |
# See instructions here: https://github.com/google-github-actions/auth?tab=readme-ov-file#service-account-key-json | |
credentials_json: ${{ secrets.DEPMAP_ARTIFACTS_SVC_ACCT }} | |
- name: Install and configure Poetry | |
uses: snok/install-poetry@v1 | |
with: | |
version: 1.7.1 | |
virtualenvs-create: true | |
virtualenvs-in-project: true | |
- name: Set up cache | |
uses: actions/cache@v2 | |
id: cached-poetry-dependencies | |
with: | |
path: .venv | |
key: venv-${{ runner.os }}-${{ steps.full-python-version.outputs.version }}-${{ hashFiles('**/poetry.lock') }} | |
- name: Install dependencies | |
run: poetry install | |
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true' | |
- name: Set up for publishing breadbox | |
working-directory: ./breadbox | |
run: | | |
poetry self add keyrings.google-artifactregistry-auth | |
poetry config repositories.public-python https://us-central1-python.pkg.dev/cds-artifacts/public-python/ | |
- name: Publish new breadbox version to Artifact Registry | |
working-directory: ./breadbox | |
run: poetry publish --build --repository public-python | |
- name: Set up for publishing breadbox client | |
working-directory: ./breadbox-client | |
run: | | |
poetry self add keyrings.google-artifactregistry-auth | |
poetry config repositories.public-python https://us-central1-python.pkg.dev/cds-artifacts/public-python/ | |
- name: Publish new breadbox client version to Artifact Registry | |
working-directory: ./breadbox-client | |
run: poetry publish --build --repository public-python |