Whitelist proxied headers when proxing to learning services #7783
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: nucliadb Writer (py) | |
on: | |
pull_request: | |
branches: | |
- main | |
push: | |
branches: | |
- main | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} | |
cancel-in-progress: true | |
env: | |
CONTAINER_REGISTRY: europe-west4-docker.pkg.dev/nuclia-internal/nuclia | |
IMAGE_NAME: writer | |
jobs: | |
# Job to run pre-checks | |
pre-checks: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
python-version: ['3.9', '3.10', '3.11'] | |
steps: | |
- name: Checkout the repository | |
uses: actions/checkout@v3 | |
- name: Setup Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ matrix.python-version }} | |
cache: 'pip' | |
- name: Install package | |
run: make -C nucliadb/ install-dev | |
- name: Run pre-checks | |
run: make -C nucliadb/ lint-writer | |
# Job to run tests | |
tests: | |
runs-on: ubuntu-latest | |
strategy: | |
max-parallel: 2 | |
matrix: | |
python-version: ['3.11'] | |
storage_backend: ["gcs", "s3"] | |
steps: | |
- name: Checkout the repository | |
uses: actions/checkout@v3 | |
- name: Setup Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ matrix.python-version }} | |
cache: 'pip' | |
- name: Install the package | |
run: make -C nucliadb/ install-dev | |
- name: Run tests | |
env: | |
TESTING_STORAGE_BACKEND: ${{ matrix.storage_backend }} | |
run: | | |
make -C nucliadb/ test-cov-writer | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v3 | |
with: | |
file: ./coverage.xml | |
flags: writer | |
build: | |
name: Build image and push | |
needs: tests | |
uses: ./.github/workflows/_build-img-nucliadb.yml | |
with: | |
image-name: writer | |
cache-gha-mode: min | |
secrets: | |
inherit | |
if: github.event_name == 'push' | |
deploy: | |
name: Deploy Helm chart and trigger internal CI | |
runs-on: ubuntu-latest | |
needs: build | |
if: github.event_name == 'push' | |
steps: | |
- name: Generate a token | |
id: app-token | |
uses: actions/create-github-app-token@v1 | |
with: | |
app-id: ${{ secrets.GHAPP_ID_NUCLIABOT }} | |
private-key: ${{ secrets.PK_GHAPP_NUCLIABOT }} | |
owner: nuclia | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Calculate short sha | |
id: env-vars | |
run: |- | |
HASH=`git rev-parse --short HEAD` | |
echo "short_sha=$HASH" >> $GITHUB_OUTPUT | |
- name: Set helm package image | |
id: version_step | |
run: |- | |
sed -i.bak "s#IMAGE_TO_REPLACE#$IMAGE_NAME:${{ steps.env-vars.outputs.short_sha }}#" ./charts/nucliadb_writer/values.yaml | |
sed -i.bak "s#CONTAINER_REGISTRY_TO_REPLACE#$CONTAINER_REGISTRY#" ./charts/nucliadb_writer/values.yaml | |
VERSION=`cat VERSION` | |
VERSION_SHA=$VERSION+${{ steps.env-vars.outputs.short_sha }} | |
sed -i.bak "s#99999.99999.99999#$VERSION_SHA#" ./charts/nucliadb_writer/Chart.yaml | |
echo "version_number=$VERSION_SHA" >> $GITHUB_OUTPUT | |
- name: Configure Git | |
run: | | |
git config user.name "$GITHUB_ACTOR" | |
git config user.email "[email protected]" | |
- name: Install Helm | |
uses: azure/setup-helm@v3 | |
with: | |
version: v3.4.0 | |
- name: Push helm package | |
run: |- | |
helm lint charts/nucliadb_writer | |
helm package charts/nucliadb_writer | |
curl --data-binary "@nucliadb_writer-${{ steps.version_step.outputs.version_number }}.tgz" ${{ secrets.HELM_CHART_URL }}/api/charts | |
- name: Repository Dispatch | |
uses: peter-evans/repository-dispatch@v2 | |
with: | |
token: ${{ steps.app-token.outputs.token }} | |
repository: nuclia/nucliadb_deploy | |
event-type: promote | |
client-payload: '{"component": "nucliadb_writer", "chart-version": "${{ steps.version_step.outputs.version_number }}" }' |