diff --git a/.github/workflows/check.yaml b/.github/workflows/check.yaml new file mode 100644 index 000000000..d037d1cac --- /dev/null +++ b/.github/workflows/check.yaml @@ -0,0 +1,79 @@ +name: check + +on: + push: + branches: + - '*' + pull_request: + branches: + - '*' + +jobs: + packaging: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Install Poetry + uses: snok/install-poetry@v1 + - name: build package + run: poetry build + + documentation: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Install Poetry + uses: snok/install-poetry@v1 + - name: Install dependencies + run: poetry install --no-interaction --all-extras + - name: build documentation + run: poetry run make html --directory docs + + # use https://github.com/medmunds/tox-gh-matrix to export tox envlist to GH actions + get-tox-envlist: + runs-on: ubuntu-latest + outputs: + envlist: ${{ steps.generate-envlist.outputs.envlist }} + steps: + - name: Check out repository + uses: actions/checkout@v4 + - name: Install Poetry + uses: snok/install-poetry@v1 + - name: Install dependencies + run: poetry install --no-interaction --all-extras + - id: generate-envlist + run: poetry run tox --gh-matrix + + unit-tests: + needs: get-tox-envlist + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + tox: ${{ fromJSON(needs.get-tox-envlist.outputs.envlist) }} + steps: + - name: Check out repository + uses: actions/checkout@v4 + - name: Setup Python + id: setup-python + uses: actions/setup-python@v5 + with: + python-version: ${{ matrix.tox.python.spec }} + - name: Install Poetry + uses: snok/install-poetry@v1 + - name: Install dependencies + run: poetry install --no-interaction --all-extras + - name: run python tests + run: poetry run tox -e ${{ matrix.tox.name }} + - name: run python test report + run: poetry run tox -e report + + docker-build: + runs-on: ubuntu-latest + steps: + - name: Check out repository + uses: actions/checkout@v4 + - name: Build Docker Image + uses: docker/build-push-action@v5 + with: + context: . diff --git a/.github/workflows/gate.yaml b/.github/workflows/gate.yaml new file mode 100644 index 000000000..7574c785d --- /dev/null +++ b/.github/workflows/gate.yaml @@ -0,0 +1,73 @@ +name: gate + +env: + AWS_REGION: us-east-1 + AWS_ROLE_DURATION: 3600 + # role generated from https://github.com/Sceptre/sceptre-aws/blob/master/config/prod/gh-oidc-sceptre-tests.yaml + AWS_ROLE: arn:aws:iam::743644221192:role/gh-oidc-sceptre-tests + +on: + workflow_run: + workflows: + - check + types: + - completed + branches: + - master + +jobs: + integration-tests: + if: ${{ github.event.workflow_run.conclusion == 'success' }} + runs-on: ubuntu-latest + permissions: + id-token: write + steps: + - uses: actions/checkout@v4 + - name: Install Poetry + uses: snok/install-poetry@v1 + - name: Install dependencies + run: poetry install --no-interaction --all-extras + # Update poetry for https://github.com/python-poetry/poetry/issues/7184 + - name: update poetry + run: poetry self update --no-ansi + - name: Setup Python + id: setup-python + uses: actions/setup-python@v5 + with: + python-version: '3.10' + cache: 'poetry' + - name: Assume AWS role + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: ${{ env.AWS_REGION }} + role-to-assume: ${{ env.AWS_ROLE }} + role-session-name: GHA-${{ github.repository_owner }}-${{ github.event.repository.name }}-${{ github.run_id }} + role-duration-seconds: ${{ env.AWS_ROLE_DURATION }} + - name: run tests + run: poetry run behave integration-tests/features --junit --junit-directory build/behave + env: + AWS_DEFAULT_REGION: eu-west-1 + + docker-build-push: + needs: + - integration-tests + if: ${{ github.ref == 'refs/heads/master' }} + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + # docker convention: edge tag refers to the very latest code + - name: Build and push Docker image to sceptreorg/sceptre:${{ steps.meta.outputs.tags }} + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: sceptreorg/sceptre:edge + labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml deleted file mode 100644 index b42786073..000000000 --- a/.github/workflows/main.yaml +++ /dev/null @@ -1,187 +0,0 @@ -name: main - -env: - AWS_REGION: us-east-1 - AWS_ROLE_DURATION: 3600 - # role generated from https://github.com/Sceptre/sceptre-aws/blob/master/config/prod/gh-oidc-sceptre-tests.yaml - AWS_ROLE: arn:aws:iam::743644221192:role/gh-oidc-sceptre-tests - -on: - push: - branches: - - '*' - tags: - - 'v[0-9]+.[0-9]+.[0-9]+([0-9]+)' - pull_request: - branches: - - '*' - -jobs: - packaging: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Install Poetry - uses: snok/install-poetry@v1 - - name: build package - run: poetry build - - documentation: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Install Poetry - uses: snok/install-poetry@v1 - - name: Install dependencies - run: poetry install --no-interaction --all-extras - - name: build documentation - run: poetry run make html --directory docs - - # use https://github.com/medmunds/tox-gh-matrix to export tox envlist to GH actions - get-tox-envlist: - runs-on: ubuntu-latest - outputs: - envlist: ${{ steps.generate-envlist.outputs.envlist }} - steps: - - name: Check out repository - uses: actions/checkout@v4 - - name: Install Poetry - uses: snok/install-poetry@v1 - - name: Install dependencies - run: poetry install --no-interaction --all-extras - - id: generate-envlist - run: poetry run tox --gh-matrix - - unit-tests: - needs: get-tox-envlist - runs-on: ubuntu-latest - strategy: - fail-fast: true - matrix: - tox: ${{ fromJSON(needs.get-tox-envlist.outputs.envlist) }} - steps: - - name: Check out repository - uses: actions/checkout@v4 - - name: Setup Python - id: setup-python - uses: actions/setup-python@v5 - with: - python-version: ${{ matrix.tox.python.spec }} - - name: Install Poetry - uses: snok/install-poetry@v1 - - name: Install dependencies - run: poetry install --no-interaction --all-extras - - name: run python tests - run: poetry run tox -e ${{ matrix.tox.name }} - - name: run python test report - run: poetry run tox -e report - - docker-build: - runs-on: ubuntu-latest - steps: - - name: Check out repository - uses: actions/checkout@v4 - - name: Build Docker Image - uses: docker/build-push-action@v5 - with: - context: . - - integration-tests: - needs: - - packaging - - documentation - - unit-tests - - docker-build - if: ${{ github.event_name == 'push' }} - runs-on: ubuntu-latest - permissions: - id-token: write - steps: - - uses: actions/checkout@v4 - - name: Install Poetry - uses: snok/install-poetry@v1 - - name: Install dependencies - run: poetry install --no-interaction --all-extras - # Update poetry for https://github.com/python-poetry/poetry/issues/7184 - - name: update poetry - run: poetry self update --no-ansi - - name: Setup Python - id: setup-python - uses: actions/setup-python@v5 - with: - python-version: '3.10' - cache: 'poetry' - - name: Assume AWS role - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-region: ${{ env.AWS_REGION }} - role-to-assume: ${{ env.AWS_ROLE }} - role-session-name: GHA-${{ github.repository_owner }}-${{ github.event.repository.name }}-${{ github.run_id }} - role-duration-seconds: ${{ env.AWS_ROLE_DURATION }} - - name: run tests - run: poetry run behave integration-tests/features --junit --junit-directory build/behave - env: - AWS_DEFAULT_REGION: eu-west-1 - - docker-build-push: - needs: - - integration-tests - if: ${{ (github.event_name == 'push') && (github.ref == 'refs/heads/master') }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Log in to the Container registry - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v5 - # docker convention: edge tag refers to the very latest code - - name: Build and push Docker image to sceptreorg/sceptre:${{ steps.meta.outputs.tags }} - uses: docker/build-push-action@v5 - with: - context: . - push: true - tags: sceptreorg/sceptre:edge - labels: ${{ steps.meta.outputs.labels }} - - docker-build-release: - if: ${{ github.event_name == 'tag' }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Log in to the Container registry - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v5 - # docker convention: latest tag refers to the last stable release - - name: Build and push Docker image to sceptreorg/sceptre:latest - uses: docker/build-push-action@v5 - with: - context: . - push: true - tags: sceptreorg/sceptre:latest - labels: ${{ steps.meta.outputs.labels }} - - name: Build and push Docker image to sceptreorg/sceptre:${{ steps.meta.outputs.tags }} - uses: docker/build-push-action@v5 - with: - context: . - push: true - tags: sceptreorg/sceptre:${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - pypi-release: - if: ${{ github.event_name == 'tag' }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Install Poetry - uses: snok/install-poetry@v1 - - name: Publish to pypi - run: poetry publish --build -u __token__ -p ${{ secrets.PYPI_API_TOKEN }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 000000000..01f454231 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,44 @@ +name: release + +on: + push: + tags: + - 'v[0-9]+.[0-9]+.[0-9]+([0-9]+)' + +jobs: + docker-build-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + # docker convention: latest tag refers to the last stable release + - name: Build and push Docker image to sceptreorg/sceptre:latest + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: sceptreorg/sceptre:latest + labels: ${{ steps.meta.outputs.labels }} + - name: Build and push Docker image to sceptreorg/sceptre:${{ steps.meta.outputs.tags }} + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: sceptreorg/sceptre:${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + + pypi-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Install Poetry + uses: snok/install-poetry@v1 + - name: Publish to pypi + run: poetry publish --build -u __token__ -p ${{ secrets.PYPI_API_TOKEN }}