Upgrade to Django 4.2, add actions, integrate tycho and cleanup.

.env.sample

@@ -17,4 +17,5 @@ GITHUB_SECRET="<insert>"
 OAUTH_PROVIDERS="github"
 SECRET_KEY="<insert>"
 NAMESPACE="default"
-stdnfsPvc="stdnfs"
+stdnfsPvc="stdnfs"
+CSRF_DOMAINS="https://*.renci.org"

.github/workflows/build-push-dev-image.yml

@@ -1,10 +1,9 @@
 # Workflow responsible for the 
 # development release processes.
-#
 
 name: Build-Push-Dev-Image
 on:
-  push:
+   push:
     branches:
       - develop
     paths-ignore:
@@ -16,90 +15,12 @@ on:
       - .gitignore
       - .dockerignore
       - .githooks
-  # Do not build another image on a pull request.
-  # Any push to develop will trigger a new build however.
-  pull_request:
-    branches-ignore:
-      - '*'
-
+   # Do not build another image on a pull request.
+   # Any push to develop will trigger a new build however.
+   pull_request:
+     branches-ignore:
+       - '*'
 jobs:
-  build-push-dev-image:
-    runs-on: ubuntu-latest
-    steps:
-
-    - name: Checkout Code
-      uses: actions/checkout@v3
-      with:
-        ref: ${{ github.head_ref }} 
-        # fetch-depth: 0 means, get all branches and commits
-        fetch-depth: 0
-
-    - name: Set short git commit SHA
-      id: vars
-      run: |
-        echo "short_sha=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT
-    # https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
-
-    - name: Confirm git commit SHA output
-      run: echo ${{ steps.vars.outputs.short_sha }}
-
-    # https://github.com/marketplace/actions/git-semantic-version
-    # - name: Semver Check
-    #   uses: paulhatch/[email protected]
-    #   id: version
-    #   with:
-    #     # The prefix to use to identify tags
-    #     tag_prefix: "v"
-    #     # A string which, if present in a git commit, indicates that a change represents a
-    #     # major (breaking) change, supports regular expressions wrapped with '/'
-    #     major_pattern: "/(breaking)|(major)/"
-    #     # A string which indicates the flags used by the `major_pattern` regular expression. Supported flags: idgs
-    #     major_regexp_flags: "ig"
-    #     # Same as above except indicating a minor change, supports regular expressions wrapped with '/'
-    #     minor_pattern: "/(feat)|(feature)|(minor)/"
-    #     # A string which indicates the flags used by the `minor_pattern` regular expression. Supported flags: idgs
-    #     minor_regexp_flags: "ig"
-    #     # A string to determine the format of the version output
-    #     # version_format: "${major}.${minor}.${patch}-prerelease${increment}"
-    #     version_format: "${major}.${minor}.${patch}-prerelease${increment}"
-    #     search_commit_body: false
-
-    # Docker Buildx is important to caching in the Build And Push Container
-    # step
-    # https://github.com/marketplace/actions/build-and-push-docker-images
-
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
-
-    - name: Login to DockerHub
-      uses: docker/login-action@v3
-      with:
-        username: ${{ secrets.DOCKERHUB_USERNAME }}
-        password: ${{ secrets.DOCKERHUB_TOKEN }}
-        logout: true
-
-    - name: Login to Container Registry
-      uses: docker/login-action@v3
-      with:
-        registry: containers.renci.org
-        username: ${{ secrets.CONTAINERHUB_USERNAME }}
-        password: ${{ secrets.CONTAINERHUB_TOKEN }}
-        logout: true
-
-
-    # Notes on Cache: 
-    # https://docs.docker.com/build/ci/github-actions/examples/#inline-cache
-    - name: Build Push Container
-      uses: docker/build-push-action@v5
-      with:
-        context: .
-        push: true
-        # Push to renci-registry and dockerhub here.
-        # cache comes from dockerhub.
-        tags: |
-          ${{ github.repository }}:develop
-          ${{ github.repository }}:${{ steps.vars.outputs.short_sha }}
-          containers.renci.org/${{ github.repository }}:develop
-          containers.renci.org/${{ github.repository }}:${{ steps.vars.outputs.short_sha }}
-        cache-from: type=registry,ref=${{ github.repository }}:buildcache-dev
-        cache-to: type=registry,ref=${{ github.repository }}:buildcache-dev,mode=max
+   build-push-dev-image:
+    uses: helxplatform/helx-github-actions/.github/workflows/build-push-dev-image.yml@main
+    secrets: inherit

.github/workflows/build-push-release.yml

@@ -19,108 +19,8 @@ on:
       - .githooks
     tags-ignore:
       - 'v[0-9]+.[0-9]+.*'
+      - '*'
 jobs:
   build-push-release:
-    runs-on: ubuntu-latest
-    steps:
-    - name: Checkout Code
-      uses: actions/checkout@v3
-      with:
-        ref: ${{ github.head_ref }} 
-        fetch-depth: 0
-
-    - name: Set short git commit SHA
-      id: vars
-      run: |
-        echo "short_sha=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT
-    # https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
-
-    - name: Confirm git commit SHA output
-      run: echo ${{ steps.vars.outputs.short_sha }}
-
-    # https://github.com/marketplace/actions/git-semantic-version
-    - name: Semver Check
-      uses: paulhatch/[email protected]
-      id: version
-      with:
-        # The prefix to use to identify tags
-        tag_prefix: "v"
-        # A string which, if present in a git commit, indicates that a change represents a
-        # major (breaking) change, supports regular expressions wrapped with '/'
-        major_pattern: "/breaking|major/"
-        # A string which indicates the flags used by the `major_pattern` regular expression. Supported flags: idgs
-        major_regexp_flags: "ig"
-        # Same as above except indicating a minor change, supports regular expressions wrapped with '/'
-        minor_pattern: "/feat|feature|minor/"
-        # A string which indicates the flags used by the `minor_pattern` regular expression. Supported flags: idgs
-        minor_regexp_flags: "ig"
-        # A string to determine the format of the version output
-        # version_format: "${major}.${minor}.${patch}-prerelease${increment}"
-        version_format: "${major}.${minor}.${patch}"
-        search_commit_body: false
-
-    # Docker Buildx is important to caching in the Build And Push Container
-    # step
-    # https://github.com/marketplace/actions/build-and-push-docker-images
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
-
-    - name: Login to DockerHub
-      uses: docker/login-action@v3
-      with:
-        username: ${{ secrets.DOCKERHUB_USERNAME }}
-        password: ${{ secrets.DOCKERHUB_TOKEN }}
-        logout: true
-
-    - name: Login to Container Registry
-      uses: docker/login-action@v3
-      with:
-        registry: containers.renci.org
-        username: ${{ secrets.CONTAINERHUB_USERNAME }}
-        password: ${{ secrets.CONTAINERHUB_TOKEN }}
-        logout: true
-
-    # Notes on Cache: 
-    # https://docs.docker.com/build/ci/github-actions/examples/#inline-cache
-    - name: Build Push Container
-      uses: docker/build-push-action@v5
-      with:
-        push: true
-        # Push to renci-registry and dockerhub here.
-        # cache comes from dockerhub.
-        tags: |
-          containers.renci.org/${{ github.repository }}:v${{ steps.version.outputs.version }}
-          containers.renci.org/${{ github.repository }}:latest
-          containers.renci.org/${{ github.repository }}:${{ steps.vars.outputs.short_sha }}
-          ${{ github.repository }}:v${{ steps.version.outputs.version }}
-          ${{ github.repository }}:latest
-          ${{ github.repository }}:${{ steps.vars.outputs.short_sha }}
-        cache-from: type=registry,ref=${{ github.repository }}:buildcache-release
-        cache-to: type=registry,ref=${{ github.repository }}:buildcache-release,mode=max
-
-#==========================TAG & RELEASE W/ NOTES =========================
-
-    # Note: GITHUB_TOKEN is autogenerated feature of github app
-    # which is auto-enabled when using github actions.
-    # https://docs.github.com/en/actions/security-guides/automatic-token-authentication
-    # https://docs.github.com/en/rest/git/tags?apiVersion=2022-11-28#create-a-tag-object
-    # https://docs.github.com/en/rest/git/refs?apiVersion=2022-11-28#create-a-reference
-    # This creates a "lightweight" ref tag.
-    - name: Create Tag for Release
-      run: |
-        curl \
-        -s --fail -X POST \
-        -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
-        https://api.github.com/repos/${{ github.repository }}/git/refs \
-        -d '{"ref":"refs/tags/v${{ steps.version.outputs.version }}","sha":"${{ github.sha }}"}'
-
-#   https://cli.github.com/manual/gh_release_create
-    - name: Create Release
-      env:
-        RELEASE_VERSION: ${{ steps.version.outputs.version }}
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      run: |
-        gh release create ${{ env.RELEASE_VERSION }} \
-          -t "${{ env.RELEASE_VERSION }}" \
-          --generate-notes \
-          --latest
+    uses: helxplatform/helx-github-actions/.github/workflows/build-push-release.yml@main
+    secrets: inherit

.github/workflows/code-checks.yml

@@ -11,14 +11,14 @@
 #
 #
 
-name: Code-Checks
+name: Code-Checks-Remote
 on:
-  push:
-    branches-ignore:
+    push:
+     branches-ignore:
       - master
       - main
       - develop
-    paths-ignore:
+     paths-ignore:
       - README.md
       - .old_cicd/*
       - .github/*
@@ -27,90 +27,15 @@ on:
       - .gitignore
       - .dockerignore
       - .githooks
-  pull_request:
-    branches:
+    pull_request:
+     branches:
       - develop
       - master
       - main 
-    types: [ opened, synchronize ]
-
-
+     types: [ opened, synchronize ]
+
 jobs:
-############################## flake8-linter ##############################
-  flake8-linter:
-    runs-on: ubuntu-latest
-    # if: ${{ github.actor == 'dependabot[bot]' }}
-    steps:
-    - uses: actions/checkout@v3
-
-    - name: Set up Python
-      uses: actions/setup-python@v4
-      with:
-        python-version: '3.9'
-
-    # Currently actions/setup-python supports caching
-    # but the cache is not as robust as cache action.
-    # Here we cache the entire python env which speeds subsequent builds up alot. (alot being scientific term)
-    # Ref: https://blog.allenai.org/python-caching-in-github-actions-e9452698e98d
-    - uses: actions/cache@v3
-      name: Cache Python
-      with:
-        path: ${{ env.pythonLocation }}
-        key: ${{ env.pythonLocation }}-${{ hashFiles('setup.py') }}-${{ hashFiles('requirements.txt') }}
-
-    - name: Install Requirements
-      run: |
-        pip install -r requirements.txt
-
-    - name: Lint with flake8
-      run: |
-        pip install flake8
-        flake8 --ignore=E,W . 
-      # We continue on error here until the code is clean
-      # flake8 --ignore=E,W --exit-zero . 
-      continue-on-error: true
-
-############################## test-image-build ##############################
-  test-image-build:
-    runs-on: ubuntu-latest
-    # if: ${{ github.actor == 'dependabot[bot]' }}
-    steps:
-    - uses: actions/checkout@v3
-
-    - name: Set short git commit SHA
-      id: vars
-      run: |
-        echo "short_sha=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT
-    # https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
-
-    - name: Confirm git commit SHA output
-      run: echo ${{ steps.vars.outputs.short_sha }}
-
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
-
-    - name: Login to DockerHub
-      uses: docker/login-action@v3
-      with:
-        username: ${{ secrets.DOCKERHUB_USERNAME }}
-        password: ${{ secrets.DOCKERHUB_TOKEN }}
-        logout: true
-
-    - name: Parse Github Reference Name
-      id: branch
-      run: |
-        REF=${{ github.ref_name }}
-        echo "GHR=${REF%/*}" >> $GITHUB_OUTPUT
-
-
-    # Notes on Cache: 
-    # https://docs.docker.com/build/ci/github-actions/examples/#inline-cache
-    - name: Build Container
-      uses: docker/build-push-action@v5
-      with:
-        context: .
-        push: true
-        tags: |
-          ${{ github.repository }}:test_${{ steps.branch.outputs.GHR }}
-        cache-from: type=registry,ref=${{ github.repository }}:buildcache
-        cache-to: type=registry,ref=${{ github.repository }}:buildcache,mode=max
+
+  code-checks:
+    uses: helxplatform/helx-github-actions/.github/workflows/code-checks.yml@main
+    secrets: inherit