Skip to content

Deploy metrics to dokku3 #32

Deploy metrics to dokku3

Deploy metrics to dokku3 #32

Workflow file for this run

---
name: CI
env:
IMAGE_NAME: metrics
PUBLIC_IMAGE_NAME: ghcr.io/ebmdatalab/metrics
REGISTRY: ghcr.io
SSH_AUTH_SOCK: /tmp/agent.sock
on:
push:
jobs:
check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: "opensafely-core/setup-action@v1"
with:
python-version: "3.11"
install-just: true
- name: Check formatting, linting and import sorting
run: just check
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: "opensafely-core/setup-action@v1"
with:
python-version: "3.11"
install-just: true
- name: Run tests
run: |
just test
lint-dockerfile:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: docker/Dockerfile
docker-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: "opensafely-core/setup-action@v1"
with:
install-just: true
- name: Build docker image for both prod and dev
run: |
just docker-build prod
just docker-build dev
- name: Run unit tests on docker dev image
run: |
# build docker and run test
just docker-test
- name: Run smoke test on prod
run: |
just docker-run prod python -m metrics
- name: Save docker image
run: |
docker save metrics | gzip > /tmp/metrics.tar.gz
- name: Upload docker image
uses: actions/upload-artifact@v3
with:
name: metrics-image
path: /tmp/metrics.tar.gz
deploy:
needs: [check, test, docker-test, lint-dockerfile]
runs-on: ubuntu-latest-4core
permissions:
contents: read
packages: write
if: github.ref == 'refs/heads/main'
concurrency: deploy-production
steps:
- uses: actions/checkout@v4
- uses: "opensafely-core/setup-action@v1"
with:
install-just: true
- name: Download docker image
uses: actions/download-artifact@v3
with:
name: metrics-image
path: /tmp/image
- name: Import docker image
run: gunzip -c /tmp/image/metrics.tar.gz | docker load
- name: Test image we imported from previous job works
run: |
SKIP_BUILD=1 just docker-run prod python -m metrics
- name: Publish image
run: |
echo ${{ secrets.GITHUB_TOKEN }} | docker login $REGISTRY -u ${{ github.actor }} --password-stdin
docker tag $IMAGE_NAME $PUBLIC_IMAGE_NAME:latest
docker push $PUBLIC_IMAGE_NAME:latest
- name: Deploy image
run: |
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
ssh-add - <<< "${{ secrets.DOKKU3_DEPLOY_SSH_KEY }}"
SHA=$(docker inspect --format='{{index .RepoDigests 0}}' $PUBLIC_IMAGE_NAME:latest)
ssh -o "UserKnownHostsFile=/dev/null" -o "StrictHostKeyChecking=no" [email protected] git:from-image metrics $SHA
required-checks:
if: always()
needs:
- check
- test
- docker-test
- lint-dockerfile
runs-on: Ubuntu-latest
steps:
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # v1.2.2
with:
jobs: ${{ toJSON(needs) }}