-
-
Notifications
You must be signed in to change notification settings - Fork 3
186 lines (177 loc) · 5.42 KB
/
django_cicd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
name: Django CICD
on:
workflow_dispatch:
push:
branches:
- master
paths:
- "alteredbuilder/**"
- ".github/workflows/django_cicd.yml"
- "!alteredbuilder/config/__init__.py"
env:
DEBUG: False
USE_GCS_STATICS: False
defaults:
run:
working-directory: ./alteredbuilder
jobs:
changes:
name: Parse the changed files
runs-on: ubuntu-22.04
outputs:
statics: ${{ steps.filter.outputs.statics }}
migrations: ${{ steps.filter.outputs.migrations }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Filter changed files
uses: dorny/paths-filter@v3
id: filter
with:
filters: |
statics:
- "**/static/**"
- "**/statics/**"
- "alteredbuilder/requirements.txt"
migrations:
- "**/migrations/**"
- "alteredbuilder/requirements.txt"
unittests:
name: Run unittests
runs-on: ubuntu-22.04
services:
db:
image: postgres:15.4
ports:
- 5432:5432
env:
POSTGRES_DB: ${{ secrets.POSTGRES_DB }}
POSTGRES_USER: ${{ secrets.POSTGRES_USER }}
POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Python 3.12
uses: actions/setup-python@v5
with:
python-version: 3.12
- name: Install Dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Run Tests
run: python manage.py test
env:
SECRET_KEY: ${{ secrets.SECRET_KEY }}
DATABASE_URL: ${{ secrets.TEST_DATABASE_URL }}
build_and_push_image:
name: Build and push the image
needs: unittests
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Authenticate into GCP
id: auth
uses: google-github-actions/auth@v2
with:
credentials_json: ${{ secrets.GCP_GITHUB_SA_JSON }}
- name: Set up gcloud
uses: google-github-actions/setup-gcloud@v2
- name: Set up docker
run: gcloud auth configure-docker ${{ vars.REGION }}-docker.pkg.dev --quiet
- name: Build image
run: docker build . --tag ${{ secrets.AR_REPOSITORY }}/${{ vars.CLOUD_RUN_SERVICE_NAME }}
- name: Push image
run: docker push ${{ secrets.AR_REPOSITORY }}/${{ vars.CLOUD_RUN_SERVICE_NAME }}
migrate_db:
name: Perform db migrations
needs: [changes, build_and_push_image]
if: needs.changes.outputs.migrations == 'true'
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Python 3.12
uses: actions/setup-python@v5
with:
python-version: 3.12
- name: Install Dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Configure Google Cloud SQL Auth Proxy
uses: mattes/gce-cloudsql-proxy-action@v1
with:
creds: ${{ secrets.GCP_GITHUB_SA_JSON }}
instance: ${{ secrets.CLOUD_SQL_INSTANCE }}
port: 5432
- name: Run migrations
run: python manage.py migrate --no-input
env:
SECRET_KEY: ${{ secrets.SECRET_KEY }}
DATABASE_URL: ${{ secrets.MIGRATION_DATABASE_URL }}
collect_statics:
name: Collect static files into GCS
needs: [changes, unittests]
if: needs.changes.outputs.statics == 'true'
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Python 3.12
uses: actions/setup-python@v5
with:
python-version: 3.12
- name: Install Dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Collect static files to GCS
run: python manage.py collectstatic --no-input
env:
SECRET_KEY: ${{ secrets.SECRET_KEY }}
DATABASE_URL: ${{ secrets.MIGRATION_DATABASE_URL }}
USE_GCS_STATICS: True
GCS_BUCKET_STATICS: ${{ vars.GCS_BUCKET_STATICS }}
GCP_GITHUB_SA: ${{ secrets.GCP_GITHUB_SA_JSON }}
deploy:
name: Deploy to Cloud Run
needs: [build_and_push_image, migrate_db, collect_statics]
if: |
always() &&
!contains(needs.*.result, 'failure') &&
!contains(needs.*.result, 'cancelled')
runs-on: ubuntu-22.04
permissions:
contents: 'read'
id-token: 'write'
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Authenticate into GCP
id: auth
uses: google-github-actions/auth@v2
with:
credentials_json: ${{ secrets.GCP_GITHUB_SA_JSON }}
- name: Create SHORT_SHA variable
id: vars
run: echo "sha_short=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT
- name: Deploy to Cloud Run
uses: google-github-actions/deploy-cloudrun@v2
with:
project_id: ${{ vars.GCP_PROJECT }}
region: ${{ vars.REGION }}
service: ${{ vars.CLOUD_RUN_SERVICE_NAME }}
image: ${{ secrets.AR_REPOSITORY }}/${{ vars.CLOUD_RUN_SERVICE_NAME }}
env_vars: |
COMMIT_ID=${{ steps.vars.outputs.sha_short }}
env_vars_update_strategy: merge
flags: |
--platform=managed
--port=8000
--add-cloudsql-instances=${{ secrets.CLOUD_SQL_INSTANCE }}
--allow-unauthenticated
--service-account=${{ secrets.CLOUD_RUN_SA_NAME }}
--cpu=1000m
--memory=256Mi