191 lines (162 loc) · 5.95 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
name: sorg CI
on:
pull_request:
push:
schedule:
# once an hour
- cron: "0 * * * *"
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 10
env:
CLOUDFRONT_ID: E2D97SPIHRBCUA
GOOGLE_ANALYTICS_ID: UA-47798518-1
services:
postgres:
image: postgres:12.0
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: postgres
ports:
# will assign a random free host port
- 5432/tcp
# needed because the postgres container does not provide a healthcheck
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
steps:
- name: Install Go
uses: actions/setup-go@v1
with:
go-version: 1.13.x
- name: Install Golint
run: go get -u golang.org/x/lint/golint
- name: Install tooling from Apt
# Postgres runs in a container, but we also need the client-side
# tooling.
run: sudo apt-get install awscli postgresql-client
- name: Cache ImageMagick
id: cache-imagemagick
uses: actions/cache@v1
with:
path: ${{ env.HOME }}/imagemagick
key: ${{ runner.os }}-imagemagick
# The copy of ImageMagick we could get from apt-get is ancient and
# doesn't handle niceties like `.heic` files, so here we get the binary
# release directly. When Ubuntu is upgraded at some point in the
# probably-distant future, we can probably get rid of this.
- name: Install ImageMagick
if: steps.cache-imagemagick.outputs.cache-hit != 'true'
run: |
mkdir -p $HOME/imagemagick/bin/
curl -L -o $HOME/imagemagick/bin/magick https://imagemagick.org/download/binaries/magick
chmod +x $HOME/imagemagick/bin/magick
# Uses an artifact built by: https://github.com/brandur/mozjpeg-builder
- name: Install MozJPEG
run: |
aws s3 cp s3://mozjpeg-brandur/mozjpeg_master_amd64.deb .
sudo dpkg -i mozjpeg_master_amd64.deb
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWSAccessKeyID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWSSecretAccessKey }}
- uses: actions/checkout@v1
with:
fetch-depth: 1
path: go/src/github.com/brandur/sorg
- name: Debug
run: |
echo "github.ref=${{ github.ref }}"
echo "go env GOPATH=$(go env GOPATH)"
echo "pwd=$(pwd)"
echo "GITHUB_WORKSPACE=${GITHUB_WORKSPACE}"
echo "HOME=${HOME}"
- name: Clean
run: make clean
- name: "Go: Install"
run: make install
- name: "Create database: sorg-test"
run: createdb sorg-test
env:
PGHOST: localhost
PGPORT: ${{ job.services.postgres.ports[5432] }}
PGUSER: postgres
PGPASSWORD: postgres
PGDATABASE: postgres
- name: "Go: Test"
run: make test
env:
# GitHub basically makes it fucking impossible to use any kind of
# $HOME variable here for reasons that are far beyond me. Eventually
# just gave up and hard-coded `/home/runner`.
MAGICK_BIN: /home/runner/imagemagick/bin/magick
MOZJPEG_BIN: /opt/mozjpeg/bin/cjpeg
PGHOST: localhost
PGPORT: ${{ job.services.postgres.ports[5432] }}
PGUSER: postgres
PGPASSWORD: postgres
PGDATABASE: postgres
- name: "Go: Vet"
run: make vet
- name: "Check: Dropbox image ?dl=0"
run: make check-dl0
- name: "Check: Gofmt"
run: make check-gofmt
# Unfortunately there's some oddity in GitHub's environment that causes
# this to fail:
#
# /home/runner/work/_temp/3939b8a1-56f2-4fd9-8434-1950a338feb7.sh: line 1: unexpected EOF while looking for matching `"'
#
# Action is probably to try converting to Go modules first and see if
# that resolves it.
#
# - name: "Check: Golint"
# run: make lint"
#
- name: "Check: Markdown headers"
run: make check-headers
- name: "Check: Retina assets"
run: make check-retina
# Download any markers that have not yet been committed to Git to save
# redoing download/resize work.
- name: "Download photo markers"
run: make photographs-download-markers
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWSAccessKeyID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWSSecretAccessKey }}
if: github.ref == 'refs/heads/master'
- name: "Build: Development"
run: make build
env:
BLACK_SWAN_DATABASE_URL: ${{ secrets.BlackSwanDatabaseURL }}
DRAFTS: true
MAGICK_BIN: /home/runner/imagemagick/bin/magick
MOZJPEG_BIN: /opt/mozjpeg/bin/cjpeg
TARGET_DIR: ./public-dev
- name: "Build: Production"
run: make build
env:
BLACK_SWAN_DATABASE_URL: ${{ secrets.BlackSwanDatabaseURL }}
MAGICK_BIN: /home/runner/imagemagick/bin/magick
MOZJPEG_BIN: /opt/mozjpeg/bin/cjpeg
- name: "Deploy: Development"
run: make deploy
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWSAccessKeyID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWSSecretAccessKey }}
S3_BUCKET: brandur.org-dev
TARGET_DIR: ./public-dev
if: github.ref == 'refs/heads/master'
- name: "Deploy: Production"
run: make deploy
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWSAccessKeyID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWSSecretAccessKey }}
S3_BUCKET: brandur.org
TARGET_DIR: ./public
if: github.ref == 'refs/heads/master'
- name: Upload photos
run: make photographs-upload
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWSAccessKeyID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWSSecretAccessKey }}
if: github.ref == 'refs/heads/master'