ci: set up gh actions (#1) #13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- main | |
- develop | |
paths-ignore: | |
- "**/CHANGELOG.md" | |
- "**/package*.json" | |
- "**/Cargo.lock" | |
- "**/Cargo.toml" | |
pull_request: | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }} | |
cancel-in-progress: true | |
jobs: | |
api-lint: | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./api | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Use Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: 'api/.nvmrc' | |
- name: Cache node modules | |
uses: actions/cache@v4 | |
env: | |
cache-name: cache-node-modules | |
with: | |
path: | | |
~/.npm | |
**/node_modules | |
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-build-${{ env.cache-name }}- | |
${{ runner.os }}-build- | |
${{ runner.os }}- | |
- name: Install deps | |
run: npm ci --audit=false | |
- name: Lint ESLint | |
run: npm run lint:eslint | |
- name: Lint Prettier | |
run: npm run lint:prettier | |
- name: Lint Unused Exports | |
run: npm run lint:unused-exports | |
api-test: | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./api | |
env: | |
PGHOST: 127.0.0.1 | |
PGPORT: 5432 | |
PGUSER: postgres | |
PGPASSWORD: postgres | |
PGDATABASE: postgres | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Use Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: 'api/.nvmrc' | |
- name: Cache node modules | |
uses: actions/cache@v4 | |
env: | |
cache-name: cache-node-modules | |
with: | |
path: | | |
~/.npm | |
**/node_modules | |
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-build-${{ env.cache-name }}- | |
${{ runner.os }}-build- | |
${{ runner.os }}- | |
- name: Install deps | |
run: npm ci --audit=false | |
- name: Setup integration environment | |
run: | | |
sudo ufw disable | |
docker-compose -f ../docker/docker-compose.dev.postgres.yml up -d | |
docker-compose -f ../docker/docker-compose.dev.postgres.yml logs -t -f --no-color &> docker-compose-logs.txt & | |
- name: Run tests | |
run: npm run test -- --coverage | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v4 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
- name: Print integration environment logs | |
run: cat docker-compose-logs.txt | |
if: failure() | |
- name: Teardown integration environment | |
run: docker-compose -f ../docker/docker-compose.dev.postgres.yml down -v -t 0 | |
if: always() | |
runehook-test: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Cache cargo | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/bin/ | |
~/.cargo/registry/index/ | |
~/.cargo/registry/cache/ | |
~/.cargo/git/db/ | |
target/ | |
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} | |
- name: Setup integration environment | |
run: | | |
sudo ufw disable | |
docker-compose -f docker/docker-compose.dev.postgres.yml up -d | |
docker-compose -f docker/docker-compose.dev.postgres.yml logs -t -f --no-color &> docker-compose-logs.txt & | |
- name: Cargo test | |
run: | | |
rustup update | |
RUST_BACKTRACE=1 cargo test --all -- --test-threads=1 | |
- name: Upload coverage reports to Codecov | |
uses: codecov/codecov-action@v4 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
slug: hirosystems/ordhook | |
- name: Print integration environment logs | |
run: cat docker-compose-logs.txt | |
if: failure() | |
- name: Teardown integration environment | |
run: docker-compose -f docker/docker-compose.dev.postgres.yml down -v -t 0 | |
if: always() | |
semantic-release: | |
runs-on: ubuntu-latest | |
needs: [api-lint, api-test, runehook-test] | |
outputs: | |
new_release_version: ${{ steps.semantic.outputs.new_release_version }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Semantic Release | |
uses: cycjimmy/semantic-release-action@v4 | |
id: semantic | |
# Only run on non-PR events or only PRs that aren't from forks | |
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SEMANTIC_RELEASE_PACKAGE: ${{ github.event.repository.name }} | |
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_CRATES_IO_API_KEY }} | |
with: | |
semantic_version: 19 | |
extra_plugins: | | |
@semantic-release/[email protected] | |
@semantic-release/[email protected] | |
[email protected] | |
@semantic-release-cargo/semantic-release-cargo | |
runehook-build-publish: | |
runs-on: ubuntu-latest | |
needs: semantic-release | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Checkout tag | |
if: needs.semantic-release.outputs.new_release_version != '' | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
ref: v${{ needs.semantic-release.outputs.new_release_version }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Docker Meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
hirosystems/runehook | |
tags: | | |
type=ref,event=branch | |
type=ref,event=pr | |
type=semver,pattern={{version}},value=${{ needs.semantic-release.outputs.new_release_version }},enable=${{ needs.semantic-release.outputs.new_release_version != '' }} | |
type=semver,pattern={{major}}.{{minor}},value=${{ needs.semantic-release.outputs.new_release_version }},enable=${{ needs.semantic-release.outputs.new_release_version != '' }} | |
type=raw,value=latest,enable={{is_default_branch}} | |
- name: Log in to DockerHub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
- name: Build/Push Image | |
uses: docker/build-push-action@v5 | |
id: docker_push | |
with: | |
context: . | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
file: ./docker/runehook.dockerfile | |
# build-args: | | |
# GIT_COMMIT=${{ env.GITHUB_SHA_SHORT }} | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
# Only push if (there's a new release on main branch, or if building a non-main branch) and (Only run on non-PR events or only PRs that aren't from forks) | |
push: ${{ (github.ref != 'refs/heads/main' || needs.semantic-release.outputs.new_release_version != '') && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) }} | |
api-build-publish: | |
runs-on: ubuntu-latest | |
needs: semantic-release | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
token: ${{ secrets.GH_TOKEN || secrets.GITHUB_TOKEN }} | |
fetch-depth: 0 | |
persist-credentials: false | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Docker Meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
hirosystems/runes-api | |
tags: | | |
type=ref,event=branch | |
type=ref,event=pr | |
type=semver,pattern={{version}},value=${{ needs.semantic-release.outputs.new_release_version }},enable=${{ needs.semantic-release.outputs.new_release_version != '' }} | |
type=semver,pattern={{major}}.{{minor}},value=${{ needs.semantic-release.outputs.new_release_version }},enable=${{ needs.semantic-release.outputs.new_release_version != '' }} | |
- name: Login to DockerHub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
- name: Build/Tag/Push Image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: ./docker/runes-api.dockerfile | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
# Only push if (there's a new release on main branch, or if building a non-main branch) and (Only run on non-PR events or only PRs that aren't from forks) | |
push: ${{ (github.ref != 'refs/heads/master' || needs.semantic-release.outputs.new_release_version != '') && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) }} |