diff --git a/.github/workflows/deployment.yaml b/.github/workflows/deploy.yml similarity index 99% rename from .github/workflows/deployment.yaml rename to .github/workflows/deploy.yml index 83508b8027..059d2312aa 100644 --- a/.github/workflows/deployment.yaml +++ b/.github/workflows/deploy.yml @@ -33,7 +33,7 @@ env: jobs: test: - uses: ./.github/workflows/test-base.yml + uses: ./.github/workflows/reusable-test.yml build: needs: test diff --git a/.github/workflows/deployment-branch.yaml b/.github/workflows/deployment-branch.yaml deleted file mode 100644 index 776646c1ed..0000000000 --- a/.github/workflows/deployment-branch.yaml +++ /dev/null @@ -1,77 +0,0 @@ -name: Branch based deploy - -on: - workflow_dispatch: - - push: - branches: - - abdm-m3 - - hcx_refactors - paths-ignore: - - "docs/**" - -jobs: - build-image: - name: Build & Push Staging to container registries - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - - name: Docker meta - id: meta - uses: docker/metadata-action@v4 - with: - images: | - ghcr.io/${{ github.repository }} - tags: | - type=raw,value=${{ github.ref_name}}-${{ github.run_number }} - type=raw,value=${{ github.ref_name}} - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Cache Docker layers - uses: actions/cache@v3 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ hashFiles('Pipfile.lock', 'docker/prod.Dockerfile') }} - restore-keys: | - ${{ runner.os }}-buildx- - - - name: Build image - uses: docker/build-push-action@v5 - with: - context: . - file: docker/prod.Dockerfile - push: true - provenance: false - platforms: linux/amd64,linux/arm64 - tags: ${{ steps.meta.outputs.tags }} - build-args: | - APP_VERSION=${{ github.sha }} - cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - - - name: Create Sentry release - uses: getsentry/action-release@v1 - env: - SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} - SENTRY_ORG: ${{ secrets.SENTRY_ORG }} - SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} - with: - version: ${{ github.sha }} - - - name: Move cache - run: | - rm -rf /tmp/.buildx-cache - mv /tmp/.buildx-cache-new /tmp/.buildx-cache diff --git a/.github/workflows/deployment-lambda.yaml b/.github/workflows/deployment-lambda.yaml deleted file mode 100644 index 372d99e877..0000000000 --- a/.github/workflows/deployment-lambda.yaml +++ /dev/null @@ -1,64 +0,0 @@ -name: Lambda Deployment - -on: - workflow_dispatch: - - pull_request: - branches: - - devops/lambda-changes - paths-ignore: - - "docs/**" - -jobs: - - build-image: - name: Build & Push Staging to container registries - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - - name: Docker meta - id: meta - uses: docker/metadata-action@v4 - with: - images: | - ghcr.io/${{ github.repository }} - tags: | - type=raw,value=${{ github.head_ref}}-${{ github.run_number }} - type=raw,value=${{ github.head_ref}} - - flavor: | - latest=true - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - - name: Cache Docker layers - uses: actions/cache@v3 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ hashFiles('r*/base.txt', 'r*/production.txt', 'Dockerfile') }} - restore-keys: | - ${{ runner.os }}-buildx- - - - name: Login to GitHub Container Registry - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build image - uses: docker/build-push-action@v3 - with: - context: . - file: lambda_Dockerfile - push: true - tags: ${{ steps.meta.outputs.tags }} - cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new - - - name: Move cache - run: | - rm -rf /tmp/.buildx-cache - mv /tmp/.buildx-cache-new /tmp/.buildx-cache diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index dfa5fb20de..e670e90fe2 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -19,14 +19,12 @@ jobs: name: Build docs runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - - uses: actions/setup-python@v3 + - uses: actions/setup-python@v5 with: python-version: "3.11" cache: 'pipenv' - cache-dependency-path: | - Pipfile.lock - name: Install pipenv run: curl https://raw.githubusercontent.com/pypa/pipenv/master/get-pipenv.py | python @@ -53,7 +51,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Download sphinx documentation uses: actions/download-artifact@v3 @@ -66,7 +64,7 @@ jobs: touch build/.nojekyll - name: Deploy docs - uses: JamesIves/github-pages-deploy-action@v4.4.3 + uses: JamesIves/github-pages-deploy-action@v4 with: branch: gh-pages folder: build diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index d0d5cc2f00..d17dd681a1 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -7,9 +7,10 @@ on: - staging merge_group: +permissions: { } + jobs: build: - if: github.repository == 'coronasafe/care' name: Lint Code Base runs-on: ubuntu-latest permissions: @@ -19,14 +20,13 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Lint Code Base - uses: github/super-linter/slim@v5 + uses: super-linter/super-linter/slim@v6 env: - DEFAULT_BRANCH: develop GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} VALIDATE_ALL_CODEBASE: false VALIDATE_PYTHON_BLACK: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1a418a889a..51da205f94 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,7 +13,7 @@ jobs: name: Release on Push runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 # Necessary to fetch all tags diff --git a/.github/workflows/test-base.yml b/.github/workflows/reusable-test.yml similarity index 93% rename from .github/workflows/test-base.yml rename to .github/workflows/reusable-test.yml index b58e829aa0..789624b72f 100644 --- a/.github/workflows/test-base.yml +++ b/.github/workflows/reusable-test.yml @@ -50,7 +50,9 @@ jobs: run: make test-coverage - name: Upload coverage report - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - name: Move cache run: | diff --git a/.github/workflows/test-merge-queue.yml b/.github/workflows/test-merge-queue.yml index 4dfad04541..66045ae4e3 100644 --- a/.github/workflows/test-merge-queue.yml +++ b/.github/workflows/test-merge-queue.yml @@ -5,4 +5,4 @@ on: jobs: test: - uses: ./.github/workflows/test-base.yml + uses: ./.github/workflows/reusable-test.yml diff --git a/.github/workflows/tests.yml b/.github/workflows/test-pull-request.yml similarity index 75% rename from .github/workflows/tests.yml rename to .github/workflows/test-pull-request.yml index e50648ab5a..acb394fedb 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/test-pull-request.yml @@ -9,4 +9,4 @@ concurrency: jobs: test: - uses: ./.github/workflows/test-base.yml + uses: ./.github/workflows/reusable-test.yml