.github/workflows/pipeline.yml
name: CI/CD Pipeline
on:
push:
branches:
- '**'
workflow_run:
workflows: ["Dependabot Listener"]
types:
- completed
jobs:
build:
environment:
name: build
name: Build & Test
runs-on: ubuntu-latest
env:
DB_USERNAME: postgres
DB_PASSWORD: password
DB_NAME: main
S3_ACTIONS_BUCKET: ${{ secrets.S3_ACTIONS_BUCKET }}
services:
postgres:
image: postgres:12.6-alpine
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: password
POSTGRES_DB: main
# Set health checks to wait until postgres has started
options: >-
--health-cmd pg_isready
--health-interval 5s
--health-timeout 2s
--health-retries 5
ports:
- 5432:5432
steps:
- name: Checkout Code
uses: actions/checkout@v2
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: eu-central-1
role-to-assume: ${{ secrets.AWS_ROLE_ACTIONS_S3 }}
role-duration-seconds: 900
role-session-name: GetCustomActionsFromS3
role-skip-session-tagging: true
# Pulling the github-action from S3
- name: Download Private Actions
run: aws s3 cp s3://${{env.S3_ACTIONS_BUCKET}}/action.yaml ./.github/actions/action.yaml
# Using the action
- name: Hello World
uses: ./.github/actions
with:
who-to-greet: 'Rafael'
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.7
- name: Install Pipenv
run: sudo pip install pipenv
- id: pipenv-cache
uses: actions/cache@v2
with:
path: ~/.local/share/virtualenvs
key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
restore-keys: |
${{ runner.os }}-pipenv-
- name: Install Python Dependencies
if: steps.pipenv-cache.outputs.cache-hit != 'true'
run: pipenv install --dev
- name: Check Linter
run: yarn run linter
- name: Database Setup
run: psql -h localhost -p 5432 main < .github/db_structure.sql -U postgres
env:
PGPASSWORD: password
- name: Test & Publish Code Coverage
uses: paambaati/codeclimate-action@v2.7.5
env:
CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
with:
coverageCommand: yarn run test:coverage-report
coverageLocations: ${{github.workspace}}/coverage.xml:coverage.py
debug: true
packing:
name: Packing Functions
needs: build
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.7
- name: Install Pipenv
run: sudo pip install pipenv
- name: Set up Node
uses: actions/setup-node@v2
with:
node-version: 12
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- name: Set yarn global bin path
run: yarn config set prefix $(yarn cache dir)
- name: Add yarn bin path to system path
run: echo $(yarn global bin) >> $GITHUB_PATH
- name: Set yarn global installation path
run: yarn config set global-folder $(yarn cache dir)
- uses: actions/cache@v2
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: |
${{ steps.yarn-cache-dir-path.outputs.dir }}
**/node_modules
key: ${{ runner.os }}-yarn-${{ env.cache-version }}-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-${{ env.cache-version }}-
${{ runner.os }}-yarn-
${{ runner.os }}-
- name: Install Dependencies
if: steps.yarn-cache.outputs.cache-hit != 'true'
run: yarn install
- name: Adding serverless globally
if: steps.yarn-cache.outputs.cache-hit != 'true'
run: yarn global add serverless
- name: Packing functions
run: yarn run package
- name: Upload Artifacts
uses: actions/upload-artifact@v2
with:
name: build
path: |
.serverless/lambda-functions-experiments.zip
.serverless/serverless-state.json
if-no-files-found: error
development-deployment:
name: Deploy to Development
needs: packing
runs-on: ubuntu-latest
environment:
name: Development
steps:
- name: Checkout Code
uses: actions/checkout@v2
- name: Download Artifacts
uses: actions/download-artifact@v2
with:
name: build
path: deployment-package
- name: Set up Node
uses: actions/setup-node@v2
with:
node-version: 12
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- name: Set yarn global bin path
run: yarn config set prefix $(yarn cache dir)
- name: Add yarn bin path to system path
run: echo $(yarn global bin) >> $GITHUB_PATH
- name: Set yarn global installation path
run: yarn config set global-folder $(yarn cache dir)
- uses: actions/cache@v2
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: |
${{ steps.yarn-cache-dir-path.outputs.dir }}
**/node_modules
key: ${{ runner.os }}-yarn-${{ env.cache-version }}-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-${{ env.cache-version }}-
${{ runner.os }}-yarn-
${{ runner.os }}-
- name: Install Dependencies
if: steps.yarn-cache.outputs.cache-hit != 'true'
run: yarn install
- name: Adding serverless globally
if: steps.yarn-cache.outputs.cache-hit != 'true'
run: yarn global add serverless
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: eu-central-1
role-to-assume: ${{ secrets.AWS_ROLE_LAMBDA_DEPLOYMENT }}
role-duration-seconds: 900
role-session-name: ServerlessDeploymentSession
role-skip-session-tagging: true
- name: Serverless Deployment
run: serverless deploy --stage development --package deployment-package
deployment-failed-notification:
name: Deployment Failed Notification
needs: [
build,
packing,
development-deployment
]
runs-on: ubuntu-latest
if: always() && contains(needs.*.result, 'failure')
steps:
- name: Notify Slack
uses: 8398a7/action-slack@v3
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
with:
status: failure
text: ':heavy_exclamation_mark: ${{ github.event.repository.name }} deployment has failed.'
author_name: 'Deployment details'
fields: repo,message,commit,workflow