107 lines (97 loc) · 3.87 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
name: Semantic Release
on:
push:
branches:
- master
jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Semantic Release
uses: buildlyio/semantic-release-action@v2
id: semantic
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/setup-python@v2
with:
python-version: 3.7
- name: Start OpenLDAP Server
run: |
docker run -p 389:389 -p 636:636 --name openldap_server -d osixia/openldap:1.3.0
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install libsasl2-dev libldap2-dev libssl-dev
sudo touch /var/log/buildly.log
sudo chown runner:docker /var/log/buildly.log
cat requirements/base.txt | grep "^Django==\|^psycopg2" | xargs pip install
pip install -r requirements/ci.txt
- name: Lint & Vulnerability check
run: |
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
bandit -r . -ll
- name: Test with pytest
run: |
pytest
env:
ALLOWED_HOSTS: "*"
CORS_ORIGIN_WHITELIST: "*"
DATABASE_ENGINE: "postgresql"
DATABASE_NAME: "buildly_api"
DATABASE_USER: "root"
DATABASE_PASSWORD: "root"
DATABASE_HOST: "localhost"
DATABASE_PORT: "5432"
DEFAULT_ORG: "Default Organization"
DJANGO_SETTINGS_MODULE: "buildly.settings.production"
SOCIAL_AUTH_GITHUB_REDIRECT_URL: "/complete/github"
SOCIAL_AUTH_GOOGLE_OAUTH2_REDIRECT_URL: "/complete/google-oauth2"
SOCIAL_AUTH_MICROSOFT_GRAPH_REDIRECT_URL: "/complete/microsoft-graph"
JWT_ISSUER: "buildly"
JWT_PRIVATE_KEY_RSA_BUILDLY: |-
-----BEGIN RSA PRIVATE KEY-----
MIIBOwIBAAJBALFc9NFZaOaSwUMPNektbtJqEjYZ6IRBqhqvJu1hKPYn9HYd75c0
gIDYHJ9lb7QwQvg44aO27104rDK0xSstzL0CAwEAAQJAe5z5096oyeqGX6J+RGGx
11yuDJ7J+0N4tthUHSWWUtgkd19NvmTM/mVLmPCzZHgNUT+aWUKsQ84+jhru/NQD
0QIhAOHOzFmjxjTAR1jspn6YtJBKQB40tvT6WEvm2mKm0aD7AiEAyRPwXyZf3JT+
M6Ui0Mubs7Qb/E4g1d/kVL+o/XoZC6cCIQC+nKzPtnooKW+Q1yOslgdGDgeV9/XB
Ulqap+MNh7hJZQIgZNaM+wqhlFtbx8aO2SrioJI4XqVHrjojpaSgOM3cdY0CIQDB
Q6ckOaDV937acmWuiZhxuG2euNLwNbMldtCV5ADo/g==
-----END RSA PRIVATE KEY-----
JWT_PUBLIC_KEY_RSA_BUILDLY: |-
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALFc9NFZaOaSwUMPNektbtJqEjYZ6IRB
qhqvJu1hKPYn9HYd75c0gIDYHJ9lb7QwQvg44aO27104rDK0xSstzL0CAwEAAQ==
-----END PUBLIC KEY-----
SECRET_KEY: "nothing"
OAUTH_CLIENT_ID: "vBn4KsOCthm7TWzMH0kVV0dXkUPJEtOQwaLu0eoC"
OAUTH_CLIENT_SECRET: "0aYDOHUNAxK4MjbnYOHhfrKx8EzjKqN6GbB6IGyCgpT6pmQ5pEVJmH7mIEUJ"
DOCKER_REPO: "buildly/buildly"
LDAP_ENABLE: "True"
LDAP_HOST: "ldap://localhost:389"
LDAP_USERNAME: "cn=admin,dc=example,dc=org"
LDAP_PASSWORD: "admin"
LDAP_BASE_DN: "dc=example,dc=org"
- name: Docker Build & Release
if: steps.semantic.outputs.new_release_published == 'true'
run: |
echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
docker build --tag ${BUILDLY_IMAGE} .
docker push ${BUILDLY_IMAGE}
env:
BUILDLY_IMAGE: buildly/buildly:v${{ steps.semantic.outputs.new_release_version }}
# postgres
services:
postgres:
image: postgres:9.6
env:
POSTGRES_USER: root
POSTGRES_PASSWORD: root
POSTGRES_DB: buildly_api
ports:
- 5432:5432
# needed because the postgres container does not provide a healthcheck
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5