Merge pull request #1022 from Open-Earth-Foundation/nina/bug/ON-2881/… #1663
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Push Web app to GHCR and deploy to EKS | |
on: | |
workflow_dispatch: | |
push: | |
branches: ["develop"] | |
paths: | |
- app/** | |
- k8s/cc-migrate.yml | |
- k8s/cc-web-deploy.yml | |
- k8s/cc-web.yml | |
- .github/workflows/web-develop.yml | |
pull_request: | |
paths: | |
- app/** | |
- k8s/cc-migrate.yml | |
- k8s/cc-web-deploy.yml | |
- k8s/cc-web.yml | |
- .github/workflows/web-develop.yml | |
jobs: | |
runTests: | |
runs-on: ubuntu-latest | |
env: | |
NODE_ENV: test | |
NEXTAUTH_SECRET: "diTMz/XLX4edSmmfzwJtmzKjCJGRt81Gf0PdjO3IPs8=" | |
NEXTAUTH_URL: "http://localhost:3000" | |
CDP_API_KEY: ${{ secrets.CDP_API_KEY_TEST }} | |
CDP_MODE: "test" | |
defaults: | |
run: | |
working-directory: ./app | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
cache: "npm" | |
cache-dependency-path: app/package-lock.json | |
- name: Install dependencies | |
run: npm ci | |
- name: Set up database | |
run: | | |
docker run --name github_action_postgresql -d -p 5432:5432 -e POSTGRES_HOST_AUTH_METHOD=trust -e POSTGRES_PASSWORD="" postgres | |
sleep 10 | |
createuser -w -h localhost -p 5432 -U postgres citycatalyst | |
createdb -w -h localhost -p 5432 -U postgres citycatalyst -O citycatalyst | |
cp env.example .env | |
npm run db:migrate | |
npm run db:seed | |
- uses: actions/cache@v4 | |
with: | |
# See here for caching with `yarn` https://github.com/actions/cache/blob/main/examples.md#node---yarn or you can leverage caching with actions/setup-node https://github.com/actions/setup-node | |
path: | | |
~/.npm | |
${{ github.workspace }}/.next/cache | |
# Generate a new cache whenever packages or source files change. | |
key: ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}-${{ hashFiles('**/*.js', '**/*.jsx', '**/*.ts', '**/*.tsx') }} | |
# If source files changed but packages didn't, rebuild from a prior cache. | |
restore-keys: | | |
${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}- | |
- name: Run NextJS build | |
run: npm run build | |
# - name: Run Cypress tests | |
# run: npm run cy:test | |
- name: Run tests and generate coverage file | |
run: npm run api:test | |
- name: Install Playwright Browsers | |
run: npx playwright install --with-deps | |
- name: Run Playwright tests | |
run: npx playwright test | |
- uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: playwright-report | |
path: playwright-report/ | |
retention-days: 30 | |
- name: Upload coverage reports to Codecov | |
continue-on-error: true | |
uses: codecov/[email protected] | |
with: | |
fail_ci_if_error: false | |
flags: unittests | |
name: citycatalyst-backend | |
token: ${{ secrets.CODECOV_TOKEN }} | |
slug: Open-Earth-Foundation/CityCatalyst | |
- name: Shut down database | |
run: docker stop github_action_postgresql | |
pushToGHCR: | |
needs: runTests | |
runs-on: ubuntu-latest | |
if: github.ref == 'refs/heads/develop' | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Log in to the Container registry | |
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Pushing CC Web to GHCR | |
env: | |
VERSION: ${{ github.sha }} | |
IMAGE: ghcr.io/open-earth-foundation/citycatalyst | |
run: | | |
docker build -t $IMAGE:$VERSION app | |
docker tag $IMAGE:$VERSION $IMAGE:latest | |
docker push $IMAGE:$VERSION | |
docker push $IMAGE:latest | |
deployToEKS: | |
needs: pushToGHCR | |
runs-on: ubuntu-latest | |
if: github.ref == 'refs/heads/develop' | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_EKS_DEV_USER }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_EKS_DEV_USER }} | |
EKS_DEV_NAME: ${{ secrets.EKS_DEV_NAME }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Creating kubeconfig file | |
run: aws eks update-kubeconfig --name ${{secrets.EKS_DEV_NAME}} --region us-east-1 | |
- name: Testing connection to EKS | |
run: kubectl get pods -n default | |
- name: Deploying service | |
run: | | |
kubectl create -f k8s/cc-migrate.yml -n default | |
kubectl create -f k8s/cc-seed.yml -n default | |
kubectl apply -f k8s/cc-web-deploy.yml -n default | |
kubectl set env deployment/cc-web-deploy \ | |
SMTP_USER=${{secrets.SMTP_USER}} \ | |
SMTP_PASSWORD=${{secrets.SMTP_PASSWORD}} \ | |
NEXTAUTH_SECRET=${{secrets.NEXTAUTH_SECRET}} \ | |
RESET_TOKEN_SECRET=${{secrets.RESET_TOKEN_SECRET}} \ | |
VERIFICATION_TOKEN_SECRET=${{secrets.VERIFICATION_TOKEN_SECRET}} \ | |
OPENAI_API_KEY=${{secrets.OPENAI_API_KEY_DEV}} \ | |
"OPENAI_ASSISTANT_ID=asst_saoKNCVqCX7adTMoLqPxPHvB" \ | |
HUGGINGFACE_API_KEY=${{secrets.HUGGINGFACE_API_KEY}} \ | |
"ADMIN_EMAILS=${{secrets.ADMIN_EMAILS}}" \ | |
"ADMIN_NAMES=${{secrets.ADMIN_NAMES}}" \ | |
"DEFAULT_ADMIN_EMAIL=${{secrets.DEFAULT_ADMIN_EMAIL}}" \ | |
"DEFAULT_ADMIN_PASSWORD=${{secrets.DEFAULT_ADMIN_PASSWORD}}" \ | |
"HOST=https://citycatalyst.openearth.dev" \ | |
"NEXTAUTH_URL=https://citycatalyst.openearth.dev" \ | |
"NEXT_PUBLIC_API_URL=https://citycatalyst.openearth.dev" \ | |
"GLOBAL_API_URL=https://ccglobal.openearth.dev" \ | |
"NEXT_PUBLIC_OPENCLIMATE_API_URL=https://openclimate.openearth.dev" \ | |
"OPENCLIMATE_API_URL=https://openclimate.openearth.dev" \ | |
CDP_API_KEY=${{secrets.CDP_API_KEY_TEST}} | |
kubectl apply -f k8s/cc-sync-catalogue.yml -n default # cronjob | |
kubectl create -f k8s/cc-sync-catalogue-manual.yml -n default # on deployment | |
# TODO this (running cronjob on deploy) doesn't work since it can't randomize names. Needs own randomness source | |
# once it works cc-sync-catalogue-manual.yml can be removed | |
# kubectl create job --from=cronjob/cc-sync-catalogue cc-sync-catalogue-manual -n default | |
kubectl create -f k8s/cc-create-admin.yml -n default | |
kubectl rollout restart deployment cc-web-deploy -n default |