diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml
index 6d3ff42a34..b3cb305e46 100644
--- a/.github/workflows/continuous.yaml
+++ b/.github/workflows/continuous.yaml
@@ -1,12 +1,131 @@
----
-name: Continuous Suite
+name: Continuous
on:
- - pull_request
+ push:
+ branches:
+ - "*"
+ pull_request:
+ branches:
+ - "*"
jobs:
+ duplication-check:
+ runs-on: ubuntu-latest
+ outputs:
+ inPR: steps.check.outputs.number
+ steps:
+ - name: Check if push is in PR
+ id: check
+ uses: 8BitJonny/gh-get-current-pr@1.4.0
+ with:
+ filterOutClosed: true
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ build-generic:
+ runs-on: ubuntu-latest
+ needs: duplication-check
+ if: ${{ github.event_name == 'pull_request' || ( github.event_name == 'push' && ! needs.duplication-check.outputs.inPR ) }}
+ strategy:
+ matrix:
+ app: [ web, node ]
+ steps:
+ - uses: actions/checkout@v2
+ - name: Set up QEMU
+ uses: docker/setup-qemu-action@v1
+ - name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v1
+ - name: Login to GCR
+ uses: docker/login-action@v1
+ with:
+ registry: gcr.io
+ username: _json_key
+ password: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }}
+ - name: Get branch name
+ id: branch-name
+ uses: tj-actions/branch-names@v5.1
+ - name: Get current date
+ id: date
+ run: echo "::set-output name=date::$(date +'%Y%m%d%H%M')"
+ - name: Generate image metadata
+ id: meta
+ uses: docker/metadata-action@v3
+ with:
+ images: |
+ gcr.io/${{ secrets.DEV_PROJECT }}/sefaria-${{ matrix.app }}-${{ steps.branch-name.outputs.current_branch }}
+ # generate Docker tags based on the following events/attributes
+ tags: |
+ type=ref,event=branch
+ type=sha,enable=true,priority=100,prefix=sha-,suffix=-${{ steps.date.outputs.date }},format=short
+ type=sha
+ flavor: |
+ latest=true
+ - name: build and push
+ uses: docker/build-push-action@v2
+ with:
+ cache-from: type=registry, ref=sefaria-${{ matrix.app }}/cache
+ cache-to: type=registry, ref=sefaria-${{ matrix.app }}/cache, mode=max
+ context: .
+ push: true
+ file: ./build/${{ matrix.app }}/Dockerfile
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
+ build-asset:
+ runs-on: ubuntu-latest
+ needs:
+ - duplication-check
+ - build-generic
+ if: ${{ github.event_name == 'pull_request' || ( github.event_name == 'push' && ! needs.duplication-check.outputs.inPR ) }}
+ steps:
+ - uses: actions/checkout@v2
+ - name: Set up QEMU
+ uses: docker/setup-qemu-action@v1
+ - name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v1
+ - name: Login to GCR
+ uses: docker/login-action@v1
+ with:
+ registry: gcr.io
+ username: _json_key
+ password: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }}
+ - name: Get branch name
+ id: branch-name
+ uses: tj-actions/branch-names@v5.1
+ - name: Get current date
+ id: date
+ run: echo "::set-output name=date::$(date +'%Y%m%d%H%M')"
+ - name: Generate image metadata
+ id: meta
+ uses: docker/metadata-action@v3
+ with:
+ images: |
+ gcr.io/${{ secrets.DEV_PROJECT }}/sefaria-asset-${{ steps.branch-name.outputs.current_branch }}
+ # generate Docker tags based on the following events/attributes
+ tags: |
+ type=ref,event=branch
+ type=sha,enable=true,priority=100,prefix=sha-,suffix=-${{ steps.date.outputs.date }},format=short
+ type=sha
+ flavor: |
+ latest=true
+ - name: Set outputs
+ id: get-sha
+ run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
+ - name: build and push
+ uses: docker/build-push-action@v2
+ with:
+ cache-from: type=registry, ref=sefaria-asset/cache
+ cache-to: type=registry, ref=sefaria-asset/cache, mode=max
+ context: .
+ push: true
+ build-args: |
+ SRC_IMG=gcr.io/${{ secrets.DEV_PROJECT }}/sefaria-web-${{ steps.branch-name.outputs.current_branch }}:sha-${{ steps.get-sha.outputs.sha_short }}
+ file: ./build/nginx/Dockerfile
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
+#######
+# Below Tests only run on PR
+#######
jest-tests:
name: "Jest" # This name is referenced when slacking status
runs-on: ubuntu-latest
+ if: ${{ github.event_name == 'pull_request' }}
steps:
- name: Checkout Code
uses: actions/checkout@v2
@@ -21,56 +140,55 @@ jobs:
- name: Handle Jest Test Results
run: cat /home/runner/jestResults.json; STATUS=`jq ".numFailedTestSuites" /home/runner/jestResults.json`; exit $STATUS
if: ${{ always() }}
-
sandbox-deploy:
+ if: ${{ github.event_name == 'pull_request' }}
runs-on: ubuntu-latest
+ needs: build-asset
steps:
- name: Checkout Code
uses: actions/checkout@v2
-
- - name: Setup Python 3.7
- uses: actions/setup-python@v1
- with:
- python-version: '3.7'
-
- name: Authenticate GHA Runner to GCP
- uses: google-github-actions/setup-gcloud@master
+ uses: google-github-actions/setup-gcloud@v0
with:
service_account_key: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }}
project_id: ${{ secrets.DEV_PROJECT }}
-
- - name: Define GITHUB_SHA_SHORT
- run: echo "GITHUB_SHA_SHORT=${GITHUB_SHA:0:6}" >> $GITHUB_ENV
-
- - name: Submit Build Job to Cloud Build
- # This should use the 'arbitrary commit' build script
- run: ./build/ci/create-ci-sandbox.bash
+ - name: Get branch name
+ id: branch-name
+ uses: tj-actions/branch-names@v5.1
+ - name: Set outputs
+ id: get-sha
+ run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
+ - name: Set up yq
+ uses: frenck/action-setup-yq@v1
+ - name: setup helm
+ uses: azure/setup-helm@v1
+ - name: Authenticate GHA Runner To Target Cluster
+ run: gcloud container clusters get-credentials ${{secrets.DEV_GKE_CLUSTER}} --zone ${{secrets.DEV_GKE_REGION}} --project ${{secrets.DEV_GCP_PROJECT}}
+ - name: Deploy Sandbox
+ run: ./build/ci/helm-deploy.sh build/ci/values.yaml
env:
- GIT_COMMIT: "$GITHUB_SHA"
- GKE_CLUSTER: "${{secrets.DEV_GKE_CLUSTER}}"
- GKE_NAMESPACE: "${{secrets.DEV_SANDBOX_NAMESPACE}}"
- GKE_REGION: "${{secrets.DEV_GKE_REGION}}"
- MONGO_HOST: "${{secrets.DEV_MONGO_HOST}}"
- POSTGRES_HOST: "${{secrets.DEV_POSTGRES_HOST}}"
- SANDBOX_NAME: "${GITHUB_SHA}"
- SANDBOX_SUBDOMAIN: "${{secrets.DEV_SANDBOX_SUBDOMAIN}}"
- GCP_PROJECT: "${{secrets.DEV_GCP_PROJECT}}"
- CONTAINER_IMAGE_TAG: "${{env.GITHUB_SHA_SHORT}}"
-
+ GIT_COMMIT: "${{ steps.get-sha.outputs.sha_short }}"
+ BRANCH: "${{ steps.branch-name.outputs.current_branch }}"
+ PROJECT_ID: "${{ secrets.DEV_PROJECT }}"
+ NAMESPACE: "${{secrets.DEV_SANDBOX_NAMESPACE}}"
sandbox-ready:
+ if: ${{ github.event_name == 'pull_request' }}
needs: sandbox-deploy
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
-
+ - name: Set outputs
+ id: get-sha
+ run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
- name: Wait for test sandbox to become available
# https://gist.github.com/rgl/f90ff293d56dbb0a1e0f7e7e89a81f42
run: ./build/ci/waitForSandbox.bash
env:
WAIT_DURATION: "3000"
-
+ GIT_COMMIT: "${{ steps.get-sha.outputs.sha_short }}"
selenium-sauce:
+ if: ${{ github.event_name == 'pull_request' }}
name: "Selenium" # This name is referenced when slacking status
needs: sandbox-ready
runs-on: ubuntu-latest
@@ -82,49 +200,38 @@ jobs:
uses: actions/setup-python@v1
with:
python-version: '3.7'
-
# Set Up Connection to Dev Mongo
# 1. Auth to cluster
# 2. Open encrypted connection
- - uses: google-github-actions/setup-gcloud@master
+ - uses: google-github-actions/setup-gcloud@v0
with:
service_account_key: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }}
project_id: ${{ secrets.DEV_PROJECT }}
-
- name: Authenticate GHA Runner To Target Cluster
run: gcloud container clusters get-credentials ${{secrets.DEV_GKE_CLUSTER}} --zone ${{secrets.DEV_GKE_REGION}} --project ${{secrets.DEV_GCP_PROJECT}}
-
- name: Establish MongoDB Connection
run: kubectl port-forward svc/mongo 27017:27017 &
-
- name: Await MongoDB Connection
run: sleep 20
-
- name: Confirm MongoDB Connection
# The following command returns a success code if mongo is available,
# and a failure code if it is not
run: curl localhost:27017
-
- name: Establish PostgreSQL Connection
run: kubectl port-forward svc/postgres 5432:5432 &
-
- name: Await MongoDB Connection
run: sleep 20
-
- name: Confirm PostgreSQL Connection
# if the PostgreSQL server is available, curl will fail with a '52' exit code
# if it is NOT available, it will fail with a '7' exit code
# run: curl localhost:5432; if [ $? -eq "52" ]; then exit 0; else exit 1; fi
run: exitCode=$(curl localhost:5432; echo $?); if [ $exitCode -eq 52 ]; then exit 0; else exit 1; fi
-
- - name: Define GITHUB_SHA_SHORT
- run: echo "GITHUB_SHA_SHORT=${GITHUB_SHA:0:6}" >> $GITHUB_ENV
-
-
+ - name: Set outputs
+ id: get-sha
+ run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
# END SETUP
- name: Install Python Packages
run: pip3 install -r ./requirements.txt
-
- name: Run Test Suite
run: env && python3 ./reader/browsertest/run_tests_on_github.py # ; echo $?
shell: bash
@@ -132,21 +239,21 @@ jobs:
SAUCE_USERNAME: ${{ secrets.SAUCE_USERNAME }}
SAUCE_ACCESS_KEY: ${{ secrets.SAUCE_ACCESS_KEY }}
CI_RUN: "true"
- CI_URL: https://${{env.GITHUB_SHA_SHORT}}.cauldron.sefaria.org
+ CI_URL: https://sandbox-${{ steps.get-sha.outputs.sha_short }}.cauldron.sefaria.org
SEFARIA_TEST_PASS: ${{ secrets.SEFARIA_APP_PASS }}
SEFARIA_TEST_USER: ${{ secrets.SEFARIA_APP_USER }}
PYTHONPATH: "."
DJANGO_SETTINGS_MODULE: sefaria.settings
- MONGO_DB_NAME: sefaria-${{env.GITHUB_SHA_SHORT}}
-
+ MONGO_DB_NAME: sefaria-sandbox-${{ steps.get-sha.outputs.sha_short }}
+ GITHUB_SHA_SORT: ${{ steps.get-sha.outputs.sha_short }}
- name: Authenticate GHA Runner to GCP
- uses: google-github-actions/setup-gcloud@master
+ uses: google-github-actions/setup-gcloud@v0
with:
service_account_key: ${{ secrets.GCS_BUILD_UPLOAD_KEY }}
project_id: ${{ secrets.BUILD_UPLOAD_PROJECT }}
if: ${{ always() }}
-
pytest-job:
+ if: ${{ github.event_name == 'pull_request' }}
name: "PyTest" # This name is referenced when slacking status
needs:
- sandbox-ready
@@ -157,42 +264,40 @@ jobs:
# Set Up Connection to Dev Mongo
# 1. Auth to cluster
# 2. Open encrypted connection
- - uses: google-github-actions/setup-gcloud@master
+ - uses: google-github-actions/setup-gcloud@v0
with:
service_account_key: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }}
project_id: ${{ secrets.DEV_PROJECT }}
-
- name: Authenticate GHA Runner To Target Cluster
run: gcloud container clusters get-credentials ${{secrets.DEV_GKE_CLUSTER}} --zone ${{secrets.DEV_GKE_REGION}} --project ${{secrets.DEV_GCP_PROJECT}}
- - name: Define GITHUB_SHA_SHORT
- run: echo "GITHUB_SHA_SHORT=${GITHUB_SHA:0:6}" >> $GITHUB_ENV
+ - name: Set outputs
+ id: get-sha
+ run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
+ - name: Get branch name
+ id: branch-name
+ uses: tj-actions/branch-names@v5.1
- name: Start Job
run: envsubst '${GITHUB_RUN_ID},${DEPLOY_ENV},${WEB_IMAGE_NAME},${WEB_IMAGE_TAG},${TIMESTAMP}' < ./build/ci/pyTestPod.yaml | kubectl apply -f -
env:
# dependent on GITHUB_RUN_ID, which is implicitly passed in
- DEPLOY_ENV: ${{env.GITHUB_SHA_SHORT}}
- WEB_IMAGE_NAME: gcr.io/${{secrets.DEV_PROJECT}}/sefaria-web-dev
- WEB_IMAGE_TAG: ${{env.GITHUB_SHA_SHORT}}
-
+ DEPLOY_ENV: sandbox-${{ steps.get-sha.outputs.sha_short }}
+ WEB_IMAGE_NAME: gcr.io/${{secrets.DEV_PROJECT}}/sefaria-web-${{ steps.branch-name.outputs.current_branch }}
+ WEB_IMAGE_TAG: sha-${{ steps.get-sha.outputs.sha_short }}
- name: Wait For Job To Finish
run: ./build/ci/waitForCIJob.bash
- timeout-minutes: 30
+ timeout-minutes: 60
env:
# dependent on GITHUB_RUN_ID, which is implicitly passed in
TEST_NAME: pytest
-
- name: Get Logs From Cluster and propogate test result
run: "kubectl logs --tail=-1 -l ci-run=$GITHUB_RUN_ID,test-name=pytest; LASTLINE=`kubectl logs --tail=1 -l ci-run=$GITHUB_RUN_ID,test-name=pytest`; STAT=${LASTLINE: -1}; exit $STAT"
-
- name: Cleanup pyTest Pod
run: kubectl delete jobs -l ci-run=$GITHUB_RUN_ID,test-name=pytest
if: always()
-
ending-notification:
runs-on: ubuntu-latest
- if: ${{ always() }}
+ if: ${{ always() && github.event_name == 'pull_request' }}
needs:
-# - selenium-allsuites-local
- selenium-sauce
- pytest-job
steps:
@@ -209,120 +314,33 @@ jobs:
SLACK_TEST_FAILURE_WEBHOOK_URL: ${{secrets.SLACK_TEST_FAILURE_WEBHOOK_URL}}
GITUSER_SLACK_MAP: ${{secrets.GITUSER_SLACK_MAP}}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
sandbox-cleanup:
name: "Clean up CI Sandbox"
- if: ${{ always() }}
+ if: ${{ always() && github.event_name == 'pull_request' }}
needs:
-# - selenium-allsuites-local
- selenium-sauce
- pytest-job
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
-
- - uses: google-github-actions/setup-gcloud@master
+ - uses: google-github-actions/setup-gcloud@v0
with:
service_account_key: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }}
project_id: ${{ secrets.DEV_PROJECT }}
-
- - name: Delete sandbox after tests are finished
- run: ./build/ci/destroy-ci-sandbox.bash
+ - name: Set outputs
+ id: get-sha
+ run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
+ - name: setup helm
+ uses: azure/setup-helm@v1
+ - name: Authenticate GHA Runner To Target Cluster
+ run: gcloud container clusters get-credentials ${{secrets.DEV_GKE_CLUSTER}} --zone ${{secrets.DEV_GKE_REGION}} --project ${{secrets.DEV_GCP_PROJECT}}
+ - name: check helm
+ id: get-helm
+ run: echo "::set-output name=count::$(helm list -n $NAMESPACE | grep $NAME | wc -l)"
env:
- GKE_CLUSTER: "${{secrets.DEV_GKE_CLUSTER}}"
- GCP_PROJECT: "${{secrets.DEV_GCP_PROJECT}}"
- GKE_REGION: "${{secrets.DEV_GKE_REGION}}"
- SANDBOX_SUBDOMAIN: "${{secrets.DEV_SANDBOX_SUBDOMAIN}}"
- GKE_NAMESPACE: "${{secrets.DEV_SANDBOX_NAMESPACE}}"
- MONGO_HOST: "${{secrets.DEV_MONGO_HOST}}"
-
-...
-
-# selenium-allsuites-local:
-# # Start off with local firefox
-# name: "Selenium: Local" # This name is referenced when slacking status
-# needs: sandbox-ready
-# runs-on: ubuntu-latest
-# services:
-# selenium:
-# image: selenium/standalone-chrome:3.141.59
-# ports: [ "4444:4444" ]
-# volumes: ["/dev/shm:/dev/shm"]
-# steps:
-#
-# # BEGIN SETUP
-# - name: Checkout Code
-# uses: actions/checkout@v2
-# - name: Set Up Python 3
-# uses: actions/setup-python@v1
-# with:
-# python-version: '3.7'
-#
-# # Set Up Connection to Dev Mongo
-# # 1. Auth to cluster
-# # 2. Open encrypted connection
-# - uses: GoogleCloudPlatform/github-actions/setup-gcloud@master
-# with:
-# service_account_key: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }}
-# project_id: ${{ secrets.DEV_PROJECT }}
-#
-# - name: Authenticate GHA Runner To Target Cluster
-# run: gcloud container clusters get-credentials ${{secrets.DEV_GKE_CLUSTER}} --zone ${{secrets.DEV_GKE_REGION}} --project ${{secrets.DEV_GCP_PROJECT}}
-#
-# - name: Establish MongoDB Connection
-# run: kubectl port-forward svc/mongo 27017:27017 &
-#
-# - name: Await MongoDB Connection
-# run: sleep 20
-#
-# - name: Confirm MongoDB Connection
-# # The following command returns a success code if mongo is available,
-# # and a failure code if it is not
-# run: curl localhost:27017
-#
-# - name: Establish PostgreSQL Connection
-# run: kubectl port-forward svc/postgres 5432:5432 &
-#
-# - name: Await MongoDB Connection
-# run: sleep 20
-#
-# - name: Confirm PostgreSQL Connection
-# # if the PostgreSQL server is available, curl will fail with a '52' exit code
-# # if it is NOT available, it will fail with a '7' exit code
-# # run: curl localhost:5432; if [ $? -eq "52" ]; then exit 0; else exit 1; fi
-# run: exitCode=$(curl localhost:5432; echo $?); if [ $exitCode -eq 52 ]; then exit 0; else exit 1; fi
-#
-# - name: Define GITHUB_SHA_SHORT
-# run: echo "GITHUB_SHA_SHORT=${GITHUB_SHA:0:6}" >> $GITHUB_ENV
-#
-# # END SETUP
-# - name: Install Python Packages
-# run: pip3 install -r ./requirements.txt
-#
-# - name: Run PageLoad Suite
-# run: python3 ./reader/browsertest/run_local_sel.py | tee /home/runner/selenium-allsuites-local.txt # --parallel ; echo $?
-# shell: bash
-# env:
-# CI_RUN: "true"
-# CI_URL: https://${{env.GITHUB_SHA_SHORT}}.cauldron.sefaria.org
-# LOCAL_SELENIUM_URL: "http://localhost:4444/wd/hub"
-# SEFARIA_TEST_PASS: ${{ secrets.SEFARIA_APP_PASS }}
-# SEFARIA_TEST_USER: ${{ secrets.SEFARIA_APP_USER }}
-# PYTHONPATH: "."
-# DJANGO_SETTINGS_MODULE: sefaria.settings
-#
-# - name: Authenticate GHA Runner to GCP
-# uses: GoogleCloudPlatform/github-actions/setup-gcloud@master
-# with:
-# service_account_key: ${{ secrets.GCS_BUILD_UPLOAD_KEY }}
-# project_id: ${{ secrets.BUILD_UPLOAD_PROJECT }}
-# if: ${{ always() }}
-#
-# - name: Define BUILD_RESULT_SUBDIR
-# run: echo "BUILD_RESULT_SUBDIR=${GITHUB_SHA:0:8}" >> $GITHUB_ENV
-# if: ${{ always() }}
-#
-# - name: Upload Build Results
-# run: gsutil cp /home/runner/selenium-allsuites-local.txt gs://${{secrets.GCS_BUILD_UPLOAD_BUCKET}}/${{env.BUILD_RESULT_SUBDIR}}/selenium-allsuites-local.txt
-# if: ${{ always() }}
+ NAMESPACE: ${{ secrets.DEV_SANDBOX_NAMESPACE }}
+ NAME: sandbox-${{ steps.get-sha.outputs.sha_short }}
+ - name: Uninstall
+ run: helm delete sandbox-${{ steps.get-sha.outputs.sha_short }} -n ${{ secrets.DEV_SANDBOX_NAMESPACE }} --debug --timeout 10m0s
+ if: steps.get-helm.outputs.count > 0
diff --git a/.github/workflows/helm-tests.yaml b/.github/workflows/helm-tests.yaml
index 4ca336e9ff..7e41fbcdb9 100644
--- a/.github/workflows/helm-tests.yaml
+++ b/.github/workflows/helm-tests.yaml
@@ -13,7 +13,7 @@ jobs:
- name: Set up Helm
uses: azure/setup-helm@v1
with:
- version: v3.4.0
+ version: v3.5.0
- name: Set up Python
uses: actions/setup-python@v2
with:
diff --git a/.github/workflows/image-builder.yaml b/.github/workflows/image-builder.yaml
deleted file mode 100644
index 8250daba66..0000000000
--- a/.github/workflows/image-builder.yaml
+++ /dev/null
@@ -1,102 +0,0 @@
-name: Image builder
-on:
- push:
- branches:
- - "*"
-
-jobs:
- build-generic:
- runs-on: ubuntu-latest
- strategy:
- matrix:
- app: [ web, node ]
- steps:
- - uses: actions/checkout@v2
- - name: Set up QEMU
- uses: docker/setup-qemu-action@v1
- - name: Set up Docker Buildx
- uses: docker/setup-buildx-action@v1
- - name: Login to GCR
- uses: docker/login-action@v1
- with:
- registry: gcr.io
- username: _json_key
- password: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }}
- - name: Get branch name
- id: branch-name
- uses: tj-actions/branch-names@v5.1
- - name: Get current date
- id: date
- run: echo "::set-output name=date::$(date +'%Y%m%d%H%M')"
- - name: Generate image metadata
- id: meta
- uses: docker/metadata-action@v3
- with:
- images: |
- gcr.io/${{ secrets.DEV_PROJECT }}/sefaria-${{ matrix.app }}-${{ steps.branch-name.outputs.current_branch }}
- # generate Docker tags based on the following events/attributes
- tags: |
- type=ref,event=branch
- type=sha,enable=true,priority=100,prefix=sha-,suffix=-${{ steps.date.outputs.date }},format=short
- type=sha
- flavor: |
- latest=true
- - name: build and push
- uses: docker/build-push-action@v2
- with:
- cache-from: type=registry, ref=sefaria-${{ matrix.app }}/cache
- cache-to: type=registry, ref=sefaria-${{ matrix.app }}/cache, mode=max
- context: .
- push: true
- file: ./build/${{ matrix.app }}/Dockerfile
- tags: ${{ steps.meta.outputs.tags }}
- labels: ${{ steps.meta.outputs.labels }}
- build-asset:
- runs-on: ubuntu-latest
- needs: build-generic
- steps:
- - uses: actions/checkout@v2
- - name: Set up QEMU
- uses: docker/setup-qemu-action@v1
- - name: Set up Docker Buildx
- uses: docker/setup-buildx-action@v1
- - name: Login to GCR
- uses: docker/login-action@v1
- with:
- registry: gcr.io
- username: _json_key
- password: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }}
- - name: Get branch name
- id: branch-name
- uses: tj-actions/branch-names@v5.1
- - name: Get current date
- id: date
- run: echo "::set-output name=date::$(date +'%Y%m%d%H%M')"
- - name: Generate image metadata
- id: meta
- uses: docker/metadata-action@v3
- with:
- images: |
- gcr.io/${{ secrets.DEV_PROJECT }}/sefaria-asset-${{ steps.branch-name.outputs.current_branch }}
- # generate Docker tags based on the following events/attributes
- tags: |
- type=ref,event=branch
- type=sha,enable=true,priority=100,prefix=sha-,suffix=-${{ steps.date.outputs.date }},format=short
- type=sha
- flavor: |
- latest=true
- - name: Set outputs
- id: get-sha
- run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
- - name: build and push
- uses: docker/build-push-action@v2
- with:
- cache-from: type=registry, ref=sefaria-asset/cache
- cache-to: type=registry, ref=sefaria-asset/cache, mode=max
- context: .
- push: true
- build-args: |
- SRC_IMG=gcr.io/${{ secrets.DEV_PROJECT }}/sefaria-web-${{ steps.branch-name.outputs.current_branch }}:sha-${{ steps.get-sha.outputs.sha_short }}
- file: ./build/nginx/Dockerfile
- tags: ${{ steps.meta.outputs.tags }}
- labels: ${{ steps.meta.outputs.labels }}
diff --git a/build/ci/helm-deploy.sh b/build/ci/helm-deploy.sh
new file mode 100755
index 0000000000..76eae5577c
--- /dev/null
+++ b/build/ci/helm-deploy.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+set -x
+set -e
+
+export WEB_IMAGE="gcr.io/$PROJECT_ID/sefaria-web-$BRANCH"
+export NODE_IMAGE="gcr.io/$PROJECT_ID/sefaria-node-$BRANCH"
+export ASSET_IMAGE="gcr.io/$PROJECT_ID/sefaria-asset-$BRANCH"
+export TAG="sha-$GIT_COMMIT"
+export NAME="sandbox-$GIT_COMMIT"
+
+yq e -i '.web.containerImage.imageRegistry = strenv(WEB_IMAGE)' $1
+yq e -i '.nodejs.containerImage.imageRegistry = strenv(NODE_IMAGE)' $1
+yq e -i '.nginx.containerImage.imageRegistry = strenv(ASSET_IMAGE)' $1
+yq e -i '.monitor.containerImage.imageRegistry = strenv(WEB_IMAGE)' $1
+yq e -i '.web.containerImage.tag = strenv(TAG)' $1
+yq e -i '.nodejs.containerImage.tag = strenv(TAG)' $1
+yq e -i '.nginx.containerImage.tag = strenv(TAG)' $1
+yq e -i '.monitor.containerImage.tag = strenv(TAG)' $1
+yq e -i '.deployEnv = strenv(NAME)' $1
+yq e -i '.localSettings.FRONT_END_URL = "https://"+strenv(NAME)+".cauldron.sefarai.org"' $1
+
+helm upgrade -i $NAME ./helm-chart --namespace $NAMESPACE -f $1 --debug --timeout=30m0s
+
diff --git a/build/ci/pyTestPod.yaml b/build/ci/pyTestPod.yaml
index 5deaa6f1e3..529f452875 100644
--- a/build/ci/pyTestPod.yaml
+++ b/build/ci/pyTestPod.yaml
@@ -35,6 +35,12 @@ spec:
value: "node-${DEPLOY_ENV}"
- name: VARNISH_HOST
value: "varnish-${DEPLOY_ENV}"
+ envFrom:
+ - secretRef:
+ name: local-settings-secrets
+ optional: true
+ - configMapRef:
+ name: "local-settings-${DEPLOY_ENV}"
ports:
- containerPort: 80
protocol: TCP
@@ -45,50 +51,53 @@ spec:
limits:
memory: "3Gi"
cpu: "1000m"
-
volumeMounts:
- # https://stackoverflow.com/questions/53491603/kubernetes-volumemounts-a-file-not-a-directory
- - mountPath: /app/sefaria/local_settings.py
- name: local-settings
- subPath: local_settings.py
- readOnly: true
- - mountPath: /varnish-secret
- name: varnish-secret
- readOnly: true
- - mountPath: /school-lookup-data
- name: school-lookup-data
- readOnly: true
- - mountPath: /client-secret
- name: client-secret
- readOnly: true
- - mountPath: /google-cloud-secret
- name: backup-manager-secret
- readOnly: true
- - mountPath: /app/logging-secret.json
- name: logging-secret
- subPath: logging-secret.json
- readOnly: true
- - mountPath: /log
- name: logdir
+ - mountPath: /app/sefaria/local_settings.py
+ name: local-settings
+ subPath: local_settings.py
+ readOnly: true
+ - mountPath: /varnish-secret
+ name: varnish-secret
+ readOnly: true
+ - mountPath: /school-lookup-data
+ name: school-lookup-data
+ readOnly: true
+ - mountPath: /client-secret
+ name: client-secret
+ readOnly: true
+ - mountPath: /google-cloud-secret
+ name: backup-manager-secret
+ readOnly: true
+ - mountPath: /app/logging-secret.json
+ name: logging-secret
+ subPath: logging-secret.json
+ readOnly: true
+ - name: gunicorn-config
+ mountPath: /app/gunicorn.conf.py
+ subPath: gunicorn.conf.py
+ readOnly: true
volumes:
- name: local-settings
- secret:
- secretName: local-settings-${DEPLOY_ENV}
+ configMap:
+ name: "local-settings-${DEPLOY_ENV}"
+ items:
+ - key: local_settings.py
+ path: local_settings.py
- name: client-secret
secret:
- secretName: google-client-secret-${DEPLOY_ENV}
+ secretName: google-client-secret
- name: backup-manager-secret # used to access google cloud
secret:
- secretName: backup-manager-secret-${DEPLOY_ENV}
+ secretName: backup-manager
- name: logging-secret
secret:
- secretName: logging-secret-${DEPLOY_ENV}
+ secretName: logging-secret
- name: varnish-secret
secret:
- secretName: varnish-secret-${DEPLOY_ENV}
- - name: school-lookup-data
+ secretName: varnish-secret-helm
+ - name: school-lookup-data
secret:
- secretName: school-lookup-data-${DEPLOY_ENV}
- - name: logdir
- emptyDir: {}
-...
+ secretName: school-lookup-data
+ - name: gunicorn-config
+ configMap:
+ name: "gunicorn-config-${DEPLOY_ENV}"
diff --git a/build/ci/values.yaml b/build/ci/values.yaml
new file mode 100644
index 0000000000..b3ce9d763a
--- /dev/null
+++ b/build/ci/values.yaml
@@ -0,0 +1,69 @@
+sandbox: "true"
+contentSandbox: "true"
+deployEnv:
+previousServicesCount: "1"
+web:
+ containerImage:
+ imageRegistry: gcr.io/development-205018/sefaria-web-${BRANCH}
+ tag:
+ secrets:
+ googleClient:
+ ref: google-client-secret
+ logging:
+ ref: logging-secret
+ schoolLookup:
+ ref: school-lookup-data
+redis:
+ containerImage:
+ imageRegistry: redis
+ tag: latest
+nodejs:
+ containerImage:
+ imageRegistry: gcr.io/development-205018/sefaria-node-${BRANCH}
+ tag:
+varnish:
+ containerImage:
+ imageRegistry: gcr.io/production-deployment/sefaria-varnish
+ tag: v6
+ secrets:
+ varnish:
+ ref: varnish-secret-helm
+ingress:
+ hosts:
+ - host: "{{ .Values.deployEnv }}.cauldron.sefaria.org"
+ path: /*
+ serviceName: nginx
+ port: 80
+ secrets:
+ originTls:
+ ref: cauldron-wildcard-letsencrypt
+nginx:
+ containerImage:
+ imageRegistry: gcr.io/development-205018/sefaria-asset-${BRANCH}
+ tag:
+monitor:
+ containerImage:
+ imageRegistry: gcr.io/development-205018/sefaria-web-${BRANCH}
+ tag:
+secrets:
+ localSettings:
+ ref: local-settings-secrets
+ backupManager:
+ ref: backup-manager
+ slackWebhook:
+ ref: slack-webhook-helm
+localSettings:
+ DEBUG: false
+ DOMAIN_LANGUAGE: {}
+ MONGO_HOST: "mongo"
+ APSCHEDULER_NAME: "apscheduler-{{ .Values.deployEnv }}"
+ SEARCH_ADMIN: "http://elasticsearch-data:9200"
+ TURN_SERVER: ''
+ USE_CLOUDFLARE: false
+ FRONT_END_URL: "http://${NAME}.cauldron.sefaria.org"
+ OFFLINE: false
+ DOWN_FOR_MAINTENANCE: false
+ MAINTENANCE_MESSAGE: "Sefaria is down for scheduled maintenance. We expect to be back online within 15 minutes. Thank you for your patience."
+ GLOBAL_WARNING: false
+ GLOBAL_WARNING_MESSAGE: "Sefaria will be in Read-Only mode for scheduled maintenance from 4:45pm-6:45pm Pacific time. Edits will not be saved during that time."
+
diff --git a/build/ci/waitForCIJob.bash b/build/ci/waitForCIJob.bash
index a5efe0f338..8552e406cf 100755
--- a/build/ci/waitForCIJob.bash
+++ b/build/ci/waitForCIJob.bash
@@ -1,5 +1,6 @@
#!/bin/bash
set -e
+set -x
echo "Waiting for the test job to finish"
echo "GitHub Run ID $GITHUB_RUN_ID"
@@ -8,7 +9,10 @@ echo "GitHub Run ID $GITHUB_RUN_ID"
while [[ $(kubectl get job -l ci-run=$GITHUB_RUN_ID,test-name=${TEST_NAME:-pytest} -o json | jq -r '.items[0].status.succeeded') != 1 ]]
do
- sleep 5;
+ kubectl get job -l ci-run=$GITHUB_RUN_ID,test-name=${TEST_NAME:-pytest}
+ kubectl get pod -l ci-run=$GITHUB_RUN_ID,test-name=${TEST_NAME:-pytest} || true
+ kubectl logs -l ci-run=$GITHUB_RUN_ID,test-name=${TEST_NAME:-pytest} --tail 10 || true
+ sleep 30;
done
-echo "Job is complete"
\ No newline at end of file
+echo "Job is complete"
diff --git a/build/ci/waitForSandbox.bash b/build/ci/waitForSandbox.bash
index e68330eb21..5b7011b555 100755
--- a/build/ci/waitForSandbox.bash
+++ b/build/ci/waitForSandbox.bash
@@ -4,8 +4,8 @@
# GITHUB_HASH
waitDuration=${WAIT_DURATION:-900}
-echo "Waiting for https://${GITHUB_SHA:0:6}.cauldron.sefaria.org/health-check to load for $waitDuration seconds"
+echo "Waiting for https://sandbox-${GIT_COMMIT}.cauldron.sefaria.org/health-check to load for $waitDuration seconds"
-timeout $waitDuration bash -c 'while [[ "$(curl -s -k -o /dev/null -w ''%{http_code}'' https://${GITHUB_SHA:0:6}.cauldron.sefaria.org/health-check)" != "200" ]]; do sleep 5; done'
+timeout $waitDuration bash -c 'while [[ "$(curl -s -k -o /dev/null -w ''%{http_code}'' https://sandbox-${GIT_COMMIT}.cauldron.sefaria.org/health-check)" != "200" ]]; do sleep 5; done'
-echo "Reached server. Proceeding."
\ No newline at end of file
+echo "Reached server. Proceeding."
diff --git a/helm-chart/Chart.yaml b/helm-chart/Chart.yaml
index 41a06cd336..8547dac82a 100644
--- a/helm-chart/Chart.yaml
+++ b/helm-chart/Chart.yaml
@@ -1,7 +1,7 @@
---
apiVersion: v2
name: sefaria
-version: v0.0.4
+version: v0.0.5
description: Chart to deploy complete Sefaria environment
icon: https://raw.githubusercontent.com/Sefaria/Sefaria-Project/e757b59968adbc0d6845eaa1b420f934ad864d32/static/img/logo/icon.svg
home: https://sefaria.org
diff --git a/helm-chart/templates/configmap/mongo-destroy.yaml b/helm-chart/templates/configmap/mongo-destroy.yaml
index e6e7f95919..e0f8a81091 100644
--- a/helm-chart/templates/configmap/mongo-destroy.yaml
+++ b/helm-chart/templates/configmap/mongo-destroy.yaml
@@ -16,11 +16,11 @@ data:
set -e
set -x
- mongo --host MONGO_HOST sefaria-$SANDBOX_NAME <