Skip to content

Merge pull request #671 from populationgenomics/dev #713

Merge pull request #671 from populationgenomics/dev

Merge pull request #671 from populationgenomics/dev #713

Workflow file for this run

name: Deploy
on:
# Building on manual dispatch, and pushes to dev / main. But restricting
workflow_dispatch:
push:
branches:
- main
- dev
permissions:
id-token: write
contents: read
jobs:
deploy:
runs-on: ubuntu-latest
env:
DOCKER_BUILDKIT: 1
BUILDKIT_PROGRESS: plain
CLOUDSDK_CORE_DISABLE_PROMPTS: 1
# used for generating API
SM_DOCKER: australia-southeast1-docker.pkg.dev/sample-metadata/images/server:${{ github.sha }}
defaults:
run:
shell: bash -eo pipefail -l {0}
steps:
- uses: actions/checkout@v3
- id: "google-cloud-auth"
name: "Authenticate to Google Cloud"
uses: "google-github-actions/auth@v1"
with:
workload_identity_provider: "projects/774248915715/locations/global/workloadIdentityPools/gh-deploy-pool/providers/gh-provider"
service_account: "[email protected]"
- id: "google-cloud-sdk-setup"
name: "Set up Cloud SDK"
uses: google-github-actions/setup-gcloud@v1
- name: "gcloud docker auth"
run: |
gcloud auth configure-docker australia-southeast1-docker.pkg.dev
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- uses: actions/setup-java@v3
with:
distribution: "temurin" # See 'Supported distributions' for available options
java-version: "17"
- name: Setup build env
run: |
pip install -r requirements-dev.txt
pip install -r requirements.txt
wget https://repo1.maven.org/maven2/org/openapitools/openapi-generator-cli/5.3.0/openapi-generator-cli-5.3.0.jar -O openapi-generator-cli.jar
- name: prepare-deployment
run: |
if [[ $GITHUB_REF == 'refs/heads/main' ]]; then
echo DEPLOYMENT_TYPE=prod >> $GITHUB_ENV
echo SM_ENVIRONMENT=production >> $GITHUB_ENV
else
echo DEPLOYMENT_TYPE=dev >> $GITHUB_ENV
echo SM_ENVIRONMENT=development >> $GITHUB_ENV
pip install bump2version
# add
bump2version patch \
--no-commit --allow-dirty \
--new-version $(cat deploy/python/version.txt)dev$(echo $(git rev-parse HEAD) | cut -c1-7)
fi
# we have to build the image first without the web files to
# generate the openapi file to then generate the documentation
- name: "build image"
run: |
docker build \
--build-arg SM_ENVIRONMENT=$SM_ENVIRONMENT \
--tag $SM_DOCKER \
-f deploy/api/Dockerfile \
.
- name: "build deployable API"
run: |
export OPENAPI_COMMAND="java -jar openapi-generator-cli.jar"
python regenerate_api.py
ls -lGh metamist
# also copies build artifacts to api/public
- name: "build web front-end"
run: |
set -eo pipefail
pushd web
# installs package-lock, not what it thinks it should be
npm ci
npm run build
popd
# rebuild docker image now that front-end files are in the right place
- name: "build image II"
run: |
docker build --tag $SM_DOCKER -f deploy/api/Dockerfile .
- name: Build python package
run: python setup.py sdist
- name: "push server image"
run: |
docker push $SM_DOCKER
- name: "deploy to Cloud Run"
run: |
if [[ $GITHUB_REF == 'refs/heads/main' ]]; then
gcloud_deploy_name=sample-metadata-api
else
gcloud_deploy_name=sample-metadata-api-dev
fi
gcloud run deploy \
$gcloud_deploy_name --image $SM_DOCKER \
--region australia-southeast1 --no-allow-unauthenticated \
--platform managed
- name: Publish package
if: github.ref == 'refs/heads/main'
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
packages-dir: dist/
skip-existing: true