From 2a550c0e4d8e6fd972010330f6739cb5de7ec24a Mon Sep 17 00:00:00 2001 From: Robbi Bishop-Taylor Date: Thu, 29 Feb 2024 12:36:29 +1100 Subject: [PATCH 01/12] Update worklow --- .github/workflows/dea-intertidal-image.yml | 241 +++++++++++---------- 1 file changed, 125 insertions(+), 116 deletions(-) diff --git a/.github/workflows/dea-intertidal-image.yml b/.github/workflows/dea-intertidal-image.yml index 8934bd8..6b75a27 100644 --- a/.github/workflows/dea-intertidal-image.yml +++ b/.github/workflows/dea-intertidal-image.yml @@ -47,121 +47,130 @@ jobs: with: fetch-depth: 0 - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: arn:aws:iam::060378307146:role/github-actions-dea-notebooks--sandbox - aws-region: ap-southeast-2 - role-duration-seconds: 7200 # 2 hours - - - name: Get database credentials - run: | - username_password=$(aws ssm get-parameter --name /dea-sandbox-eks/sandbox_reader/db.creds --with-decryption --query Parameter.Value --output text) - echo DATACUBE_DB_URL=postgresql://${username_password}@localhost:5432/odc >> $GITHUB_ENV - - - name: Open port forward to RDS - run: | - npx basti connect \ - --custom-target-vpc vpc-086904199e505c1f6 \ - --custom-target-host db-aurora-dea-sandbox-eks-1.cos5zfpkso9m.ap-southeast-2.rds.amazonaws.com \ - --custom-target-port 5432 \ - --local-port 5432 & - # Wait until the connection comes up, but, if it doesn't, don't hang forever. - npx wait-on --timeout 120000 --interval 1000 tcp:127.0.0.1:5432 - echo "PGPORT=5432" >> $GITHUB_ENV - echo "PGHOST=localhost" >> $GITHUB_ENV - - - name: Build DEA Intertidal docker image - timeout-minutes: 20 - shell: bash - run: | - docker build -t dea_intertidal . - - - name: Run integration tests - run: | - # Download tide modelling files and unzip - # TODO: Replace with S3 sync from dea-non-public-data - wget --no-verbose https://www.dropbox.com/s/uemd8ib2vfw5nad/tide_models.zip?dl=1 -O tide_models.zip - unzip -q tide_models.zip - - # Run integration tests using Docker, setting up datacube access, AWS configuration and - # adding volumes that provide access to tide model data and allow us to export artifacts - # from the run - docker run \ - --net=host \ - --env DATACUBE_DB_URL \ - --env AWS_SESSION_TOKEN \ - --env AWS_REGION \ - --env AWS_ACCESS_KEY_ID \ - --env AWS_SECRET_ACCESS_KEY \ - --env AWS_SESSION_TOKEN \ - --volume ${GITHUB_WORKSPACE}:/code \ - --volume ${GITHUB_WORKSPACE}/tide_models:/var/share/tide_models \ - --volume ${GITHUB_WORKSPACE}/artifacts:/mnt/artifacts \ - dea_intertidal pytest -v --cov=intertidal --cov-report=xml tests - - # Copy out validation outputs produced by the integration tests and place them - # in correct output locations so they can be committed back into the repository - cp ./artifacts/validation.jpg ./tests/validation.jpg - cp ./artifacts/validation.csv ./tests/validation.csv - cp ./artifacts/README.md ./tests/README.md - - # - name: Setup upterm session - # uses: lhotari/action-upterm@v1 - - # Commit validation results produced by integration tests back into repo - - name: Commit validation results into repository - uses: stefanzweifel/git-auto-commit-action@v4 - if: github.event_name != 'release' - with: - commit_message: Automatically update integration test validation results - file_pattern: 'tests/validation.jpg tests/validation.csv tests/README.md' - - - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v3 - env: - CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - - push_ecr: - needs: [test] - runs-on: ubuntu-latest - - # Only run on a push to the main branch OR a release - if: (github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'release') - - steps: - - name: Checkout code - uses: actions/checkout@v3 - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: arn:aws:iam::538673716275:role/github-actions-role - aws-region: ap-southeast-2 - - - name: Get tag for this build if it exists - if: github.event_name == 'release' - run: | - echo "RELEASE=${GITHUB_REF/refs\/tags\/}" >> $GITHUB_ENV - - - name: Push release image to ECR - uses: whoan/docker-build-with-cache-action@master - if: github.event_name == 'release' - with: - registry: 538673716275.dkr.ecr.ap-southeast-2.amazonaws.com - image_name: ${{ env.IMAGE_NAME }} - image_tag: ${{ env.RELEASE }} - - - name: Get git commit hash for push to main - if: github.event_name != 'release' - run: | - echo "TAG=dev$(git rev-parse --short HEAD)" \ - >> $GITHUB_ENV - - - name: Push unstable image to ECR - uses: whoan/docker-build-with-cache-action@master + # Create link to validation results image + - name: Post validation results as comment + uses: mshick/add-pr-comment@v2 if: github.event_name != 'release' with: - registry: 538673716275.dkr.ecr.ap-southeast-2.amazonaws.com - image_name: ${{ env.IMAGE_NAME }} - image_tag: latest,${{ env.TAG }} + message: | + **Latest validation results:** + Validation results + + # - name: Configure AWS credentials + # uses: aws-actions/configure-aws-credentials@v4 + # with: + # role-to-assume: arn:aws:iam::060378307146:role/github-actions-dea-notebooks--sandbox + # aws-region: ap-southeast-2 + # role-duration-seconds: 7200 # 2 hours + + # - name: Get database credentials + # run: | + # username_password=$(aws ssm get-parameter --name /dea-sandbox-eks/sandbox_reader/db.creds --with-decryption --query Parameter.Value --output text) + # echo DATACUBE_DB_URL=postgresql://${username_password}@localhost:5432/odc >> $GITHUB_ENV + + # - name: Open port forward to RDS + # run: | + # npx basti connect \ + # --custom-target-vpc vpc-086904199e505c1f6 \ + # --custom-target-host db-aurora-dea-sandbox-eks-1.cos5zfpkso9m.ap-southeast-2.rds.amazonaws.com \ + # --custom-target-port 5432 \ + # --local-port 5432 & + # # Wait until the connection comes up, but, if it doesn't, don't hang forever. + # npx wait-on --timeout 120000 --interval 1000 tcp:127.0.0.1:5432 + # echo "PGPORT=5432" >> $GITHUB_ENV + # echo "PGHOST=localhost" >> $GITHUB_ENV + + # - name: Build DEA Intertidal docker image + # timeout-minutes: 20 + # shell: bash + # run: | + # docker build -t dea_intertidal . + + # - name: Run integration tests + # run: | + # # Download tide modelling files and unzip + # # TODO: Replace with S3 sync from dea-non-public-data + # wget --no-verbose https://www.dropbox.com/s/uemd8ib2vfw5nad/tide_models.zip?dl=1 -O tide_models.zip + # unzip -q tide_models.zip + + # # Run integration tests using Docker, setting up datacube access, AWS configuration and + # # adding volumes that provide access to tide model data and allow us to export artifacts + # # from the run + # docker run \ + # --net=host \ + # --env DATACUBE_DB_URL \ + # --env AWS_SESSION_TOKEN \ + # --env AWS_REGION \ + # --env AWS_ACCESS_KEY_ID \ + # --env AWS_SECRET_ACCESS_KEY \ + # --env AWS_SESSION_TOKEN \ + # --volume ${GITHUB_WORKSPACE}:/code \ + # --volume ${GITHUB_WORKSPACE}/tide_models:/var/share/tide_models \ + # --volume ${GITHUB_WORKSPACE}/artifacts:/mnt/artifacts \ + # dea_intertidal pytest -v --cov=intertidal --cov-report=xml tests + + # # Copy out validation outputs produced by the integration tests and place them + # # in correct output locations so they can be committed back into the repository + # cp ./artifacts/validation.jpg ./tests/validation.jpg + # cp ./artifacts/validation.csv ./tests/validation.csv + # cp ./artifacts/README.md ./tests/README.md + + # # - name: Setup upterm session + # # uses: lhotari/action-upterm@v1 + + # # Commit validation results produced by integration tests back into repo + # - name: Commit validation results into repository + # uses: stefanzweifel/git-auto-commit-action@v4 + # if: github.event_name != 'release' + # with: + # commit_message: Automatically update integration test validation results + # file_pattern: 'tests/validation.jpg tests/validation.csv tests/README.md' + + # - name: Upload coverage reports to Codecov + # uses: codecov/codecov-action@v3 + # env: + # CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} + + # push_ecr: + # needs: [test] + # runs-on: ubuntu-latest + + # # Only run on a push to the main branch OR a release + # if: (github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'release') + + # steps: + # - name: Checkout code + # uses: actions/checkout@v3 + + # - name: Configure AWS credentials + # uses: aws-actions/configure-aws-credentials@v1 + # with: + # role-to-assume: arn:aws:iam::538673716275:role/github-actions-role + # aws-region: ap-southeast-2 + + # - name: Get tag for this build if it exists + # if: github.event_name == 'release' + # run: | + # echo "RELEASE=${GITHUB_REF/refs\/tags\/}" >> $GITHUB_ENV + + # - name: Push release image to ECR + # uses: whoan/docker-build-with-cache-action@master + # if: github.event_name == 'release' + # with: + # registry: 538673716275.dkr.ecr.ap-southeast-2.amazonaws.com + # image_name: ${{ env.IMAGE_NAME }} + # image_tag: ${{ env.RELEASE }} + + # - name: Get git commit hash for push to main + # if: github.event_name != 'release' + # run: | + # echo "TAG=dev$(git rev-parse --short HEAD)" \ + # >> $GITHUB_ENV + + # - name: Push unstable image to ECR + # uses: whoan/docker-build-with-cache-action@master + # if: github.event_name != 'release' + # with: + # registry: 538673716275.dkr.ecr.ap-southeast-2.amazonaws.com + # image_name: ${{ env.IMAGE_NAME }} + # image_tag: latest,${{ env.TAG }} From 6d4afa30fb75500d2e125738cba8697e6370e943 Mon Sep 17 00:00:00 2001 From: Robbi Bishop-Taylor Date: Thu, 29 Feb 2024 12:38:42 +1100 Subject: [PATCH 02/12] Update dea-intertidal-image.yml --- .github/workflows/dea-intertidal-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dea-intertidal-image.yml b/.github/workflows/dea-intertidal-image.yml index 6b75a27..df3f85e 100644 --- a/.github/workflows/dea-intertidal-image.yml +++ b/.github/workflows/dea-intertidal-image.yml @@ -54,7 +54,7 @@ jobs: with: message: | **Latest validation results:** - Validation results + Validation results # - name: Configure AWS credentials # uses: aws-actions/configure-aws-credentials@v4 From 21ac5483241260b904284dd7972b0b63f4c2e461 Mon Sep 17 00:00:00 2001 From: Robbi Bishop-Taylor Date: Thu, 29 Feb 2024 12:42:34 +1100 Subject: [PATCH 03/12] Update dea-intertidal-image.yml --- .github/workflows/dea-intertidal-image.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dea-intertidal-image.yml b/.github/workflows/dea-intertidal-image.yml index df3f85e..28b2bc1 100644 --- a/.github/workflows/dea-intertidal-image.yml +++ b/.github/workflows/dea-intertidal-image.yml @@ -37,6 +37,7 @@ on: permissions: id-token: write # This is required for requesting the JWT contents: write # This is required for actions/checkout + pull-requests: write jobs: test: @@ -54,7 +55,7 @@ jobs: with: message: | **Latest validation results:** - Validation results + Validation results # - name: Configure AWS credentials # uses: aws-actions/configure-aws-credentials@v4 From 48e63c9d7069b826e669cbf01d37f9e3f6da8a5b Mon Sep 17 00:00:00 2001 From: Robbi Bishop-Taylor Date: Thu, 29 Feb 2024 12:44:16 +1100 Subject: [PATCH 04/12] Update dea-intertidal-image.yml --- .github/workflows/dea-intertidal-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dea-intertidal-image.yml b/.github/workflows/dea-intertidal-image.yml index 28b2bc1..14d2bee 100644 --- a/.github/workflows/dea-intertidal-image.yml +++ b/.github/workflows/dea-intertidal-image.yml @@ -55,7 +55,7 @@ jobs: with: message: | **Latest validation results:** - Validation results + Validation results # - name: Configure AWS credentials # uses: aws-actions/configure-aws-credentials@v4 From f28800d6fba5470592d33b16677bf1b10205f75f Mon Sep 17 00:00:00 2001 From: Robbi Bishop-Taylor Date: Thu, 29 Feb 2024 12:47:24 +1100 Subject: [PATCH 05/12] Update dea-intertidal-image.yml --- .github/workflows/dea-intertidal-image.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dea-intertidal-image.yml b/.github/workflows/dea-intertidal-image.yml index 14d2bee..aa0ab9a 100644 --- a/.github/workflows/dea-intertidal-image.yml +++ b/.github/workflows/dea-intertidal-image.yml @@ -54,8 +54,9 @@ jobs: if: github.event_name != 'release' with: message: | - **Latest validation results:** Validation results +
+ For full results, refer to the [Tests directory README](https://github.com/GeoscienceAustralia/dea-intertidal/${{ github.head_ref }}/main/tests). # - name: Configure AWS credentials # uses: aws-actions/configure-aws-credentials@v4 From fea8482df9ddbad73fe49e6dac7df67f7200c370 Mon Sep 17 00:00:00 2001 From: Robbi Bishop-Taylor Date: Thu, 29 Feb 2024 12:48:41 +1100 Subject: [PATCH 06/12] Update dea-intertidal-image.yml --- .github/workflows/dea-intertidal-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dea-intertidal-image.yml b/.github/workflows/dea-intertidal-image.yml index aa0ab9a..9734887 100644 --- a/.github/workflows/dea-intertidal-image.yml +++ b/.github/workflows/dea-intertidal-image.yml @@ -56,7 +56,7 @@ jobs: message: | Validation results
- For full results, refer to the [Tests directory README](https://github.com/GeoscienceAustralia/dea-intertidal/${{ github.head_ref }}/main/tests). + For full results, refer to the [Tests directory README](https://github.com/GeoscienceAustralia/dea-intertidal/tree/${{ github.head_ref }}/tests). # - name: Configure AWS credentials # uses: aws-actions/configure-aws-credentials@v4 From 9acff49531f0a711531ef40b6bbd90791e0db251 Mon Sep 17 00:00:00 2001 From: Robbi Bishop-Taylor Date: Thu, 29 Feb 2024 12:54:06 +1100 Subject: [PATCH 07/12] Update dea-intertidal-image.yml --- .github/workflows/dea-intertidal-image.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dea-intertidal-image.yml b/.github/workflows/dea-intertidal-image.yml index 9734887..043f199 100644 --- a/.github/workflows/dea-intertidal-image.yml +++ b/.github/workflows/dea-intertidal-image.yml @@ -55,8 +55,9 @@ jobs: with: message: | Validation results -
- For full results, refer to the [Tests directory README](https://github.com/GeoscienceAustralia/dea-intertidal/tree/${{ github.head_ref }}/tests). + + + For full integration test results, refer to the [Tests directory README](https://github.com/GeoscienceAustralia/dea-intertidal/tree/${{ github.head_ref }}/tests). # - name: Configure AWS credentials # uses: aws-actions/configure-aws-credentials@v4 From 640f2f014b7c03944a8b62a48cb86bac262f02f0 Mon Sep 17 00:00:00 2001 From: Robbi Bishop-Taylor Date: Thu, 29 Feb 2024 12:54:56 +1100 Subject: [PATCH 08/12] Update dea-intertidal-image.yml --- .github/workflows/dea-intertidal-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dea-intertidal-image.yml b/.github/workflows/dea-intertidal-image.yml index 043f199..c67ba62 100644 --- a/.github/workflows/dea-intertidal-image.yml +++ b/.github/workflows/dea-intertidal-image.yml @@ -54,7 +54,7 @@ jobs: if: github.event_name != 'release' with: message: | - Validation results + ![](https://github.com/GeoscienceAustralia/dea-intertidal/blob/${{ github.head_ref }}/tests/validation.jpg?raw=true") For full integration test results, refer to the [Tests directory README](https://github.com/GeoscienceAustralia/dea-intertidal/tree/${{ github.head_ref }}/tests). From c292233e817ccc24456bae7071c29440eebb094a Mon Sep 17 00:00:00 2001 From: Robbi Bishop-Taylor Date: Thu, 29 Feb 2024 13:06:27 +1100 Subject: [PATCH 09/12] Integrate with full workflow --- .github/workflows/dea-intertidal-image.yml | 236 ++++++++++----------- 1 file changed, 118 insertions(+), 118 deletions(-) diff --git a/.github/workflows/dea-intertidal-image.yml b/.github/workflows/dea-intertidal-image.yml index c67ba62..ae8f1fd 100644 --- a/.github/workflows/dea-intertidal-image.yml +++ b/.github/workflows/dea-intertidal-image.yml @@ -48,7 +48,77 @@ jobs: with: fetch-depth: 0 - # Create link to validation results image + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::060378307146:role/github-actions-dea-notebooks--sandbox + aws-region: ap-southeast-2 + role-duration-seconds: 7200 # 2 hours + + - name: Get database credentials + run: | + username_password=$(aws ssm get-parameter --name /dea-sandbox-eks/sandbox_reader/db.creds --with-decryption --query Parameter.Value --output text) + echo DATACUBE_DB_URL=postgresql://${username_password}@localhost:5432/odc >> $GITHUB_ENV + + - name: Open port forward to RDS + run: | + npx basti connect \ + --custom-target-vpc vpc-086904199e505c1f6 \ + --custom-target-host db-aurora-dea-sandbox-eks-1.cos5zfpkso9m.ap-southeast-2.rds.amazonaws.com \ + --custom-target-port 5432 \ + --local-port 5432 & + # Wait until the connection comes up, but, if it doesn't, don't hang forever. + npx wait-on --timeout 120000 --interval 1000 tcp:127.0.0.1:5432 + echo "PGPORT=5432" >> $GITHUB_ENV + echo "PGHOST=localhost" >> $GITHUB_ENV + + - name: Build DEA Intertidal docker image + timeout-minutes: 20 + shell: bash + run: | + docker build -t dea_intertidal . + + - name: Run integration tests + run: | + # Download tide modelling files and unzip + # TODO: Replace with S3 sync from dea-non-public-data + wget --no-verbose https://www.dropbox.com/s/uemd8ib2vfw5nad/tide_models.zip?dl=1 -O tide_models.zip + unzip -q tide_models.zip + + # Run integration tests using Docker, setting up datacube access, AWS configuration and + # adding volumes that provide access to tide model data and allow us to export artifacts + # from the run + docker run \ + --net=host \ + --env DATACUBE_DB_URL \ + --env AWS_SESSION_TOKEN \ + --env AWS_REGION \ + --env AWS_ACCESS_KEY_ID \ + --env AWS_SECRET_ACCESS_KEY \ + --env AWS_SESSION_TOKEN \ + --volume ${GITHUB_WORKSPACE}:/code \ + --volume ${GITHUB_WORKSPACE}/tide_models:/var/share/tide_models \ + --volume ${GITHUB_WORKSPACE}/artifacts:/mnt/artifacts \ + dea_intertidal pytest -v --cov=intertidal --cov-report=xml tests + + # Copy out validation outputs produced by the integration tests and place them + # in correct output locations so they can be committed back into the repository + cp ./artifacts/validation.jpg ./tests/validation.jpg + cp ./artifacts/validation.csv ./tests/validation.csv + cp ./artifacts/README.md ./tests/README.md + + # - name: Setup upterm session + # uses: lhotari/action-upterm@v1 + + # Commit validation results produced by integration tests back into repo + - name: Commit validation results into repository + uses: stefanzweifel/git-auto-commit-action@v4 + if: github.event_name != 'release' + with: + commit_message: Automatically update integration test validation results + file_pattern: 'tests/validation.jpg tests/validation.csv tests/README.md' + + # Post validaiton tesults as comment - name: Post validation results as comment uses: mshick/add-pr-comment@v2 if: github.event_name != 'release' @@ -59,121 +129,51 @@ jobs: For full integration test results, refer to the [Tests directory README](https://github.com/GeoscienceAustralia/dea-intertidal/tree/${{ github.head_ref }}/tests). - # - name: Configure AWS credentials - # uses: aws-actions/configure-aws-credentials@v4 - # with: - # role-to-assume: arn:aws:iam::060378307146:role/github-actions-dea-notebooks--sandbox - # aws-region: ap-southeast-2 - # role-duration-seconds: 7200 # 2 hours - - # - name: Get database credentials - # run: | - # username_password=$(aws ssm get-parameter --name /dea-sandbox-eks/sandbox_reader/db.creds --with-decryption --query Parameter.Value --output text) - # echo DATACUBE_DB_URL=postgresql://${username_password}@localhost:5432/odc >> $GITHUB_ENV - - # - name: Open port forward to RDS - # run: | - # npx basti connect \ - # --custom-target-vpc vpc-086904199e505c1f6 \ - # --custom-target-host db-aurora-dea-sandbox-eks-1.cos5zfpkso9m.ap-southeast-2.rds.amazonaws.com \ - # --custom-target-port 5432 \ - # --local-port 5432 & - # # Wait until the connection comes up, but, if it doesn't, don't hang forever. - # npx wait-on --timeout 120000 --interval 1000 tcp:127.0.0.1:5432 - # echo "PGPORT=5432" >> $GITHUB_ENV - # echo "PGHOST=localhost" >> $GITHUB_ENV - - # - name: Build DEA Intertidal docker image - # timeout-minutes: 20 - # shell: bash - # run: | - # docker build -t dea_intertidal . - - # - name: Run integration tests - # run: | - # # Download tide modelling files and unzip - # # TODO: Replace with S3 sync from dea-non-public-data - # wget --no-verbose https://www.dropbox.com/s/uemd8ib2vfw5nad/tide_models.zip?dl=1 -O tide_models.zip - # unzip -q tide_models.zip - - # # Run integration tests using Docker, setting up datacube access, AWS configuration and - # # adding volumes that provide access to tide model data and allow us to export artifacts - # # from the run - # docker run \ - # --net=host \ - # --env DATACUBE_DB_URL \ - # --env AWS_SESSION_TOKEN \ - # --env AWS_REGION \ - # --env AWS_ACCESS_KEY_ID \ - # --env AWS_SECRET_ACCESS_KEY \ - # --env AWS_SESSION_TOKEN \ - # --volume ${GITHUB_WORKSPACE}:/code \ - # --volume ${GITHUB_WORKSPACE}/tide_models:/var/share/tide_models \ - # --volume ${GITHUB_WORKSPACE}/artifacts:/mnt/artifacts \ - # dea_intertidal pytest -v --cov=intertidal --cov-report=xml tests - - # # Copy out validation outputs produced by the integration tests and place them - # # in correct output locations so they can be committed back into the repository - # cp ./artifacts/validation.jpg ./tests/validation.jpg - # cp ./artifacts/validation.csv ./tests/validation.csv - # cp ./artifacts/README.md ./tests/README.md - - # # - name: Setup upterm session - # # uses: lhotari/action-upterm@v1 - - # # Commit validation results produced by integration tests back into repo - # - name: Commit validation results into repository - # uses: stefanzweifel/git-auto-commit-action@v4 - # if: github.event_name != 'release' - # with: - # commit_message: Automatically update integration test validation results - # file_pattern: 'tests/validation.jpg tests/validation.csv tests/README.md' - - # - name: Upload coverage reports to Codecov - # uses: codecov/codecov-action@v3 - # env: - # CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - - # push_ecr: - # needs: [test] - # runs-on: ubuntu-latest - - # # Only run on a push to the main branch OR a release - # if: (github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'release') - - # steps: - # - name: Checkout code - # uses: actions/checkout@v3 - - # - name: Configure AWS credentials - # uses: aws-actions/configure-aws-credentials@v1 - # with: - # role-to-assume: arn:aws:iam::538673716275:role/github-actions-role - # aws-region: ap-southeast-2 - - # - name: Get tag for this build if it exists - # if: github.event_name == 'release' - # run: | - # echo "RELEASE=${GITHUB_REF/refs\/tags\/}" >> $GITHUB_ENV - - # - name: Push release image to ECR - # uses: whoan/docker-build-with-cache-action@master - # if: github.event_name == 'release' - # with: - # registry: 538673716275.dkr.ecr.ap-southeast-2.amazonaws.com - # image_name: ${{ env.IMAGE_NAME }} - # image_tag: ${{ env.RELEASE }} - - # - name: Get git commit hash for push to main - # if: github.event_name != 'release' - # run: | - # echo "TAG=dev$(git rev-parse --short HEAD)" \ - # >> $GITHUB_ENV - - # - name: Push unstable image to ECR - # uses: whoan/docker-build-with-cache-action@master - # if: github.event_name != 'release' - # with: - # registry: 538673716275.dkr.ecr.ap-southeast-2.amazonaws.com - # image_name: ${{ env.IMAGE_NAME }} + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v3 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} + + push_ecr: + needs: [test] + runs-on: ubuntu-latest + + # Only run on a push to the main branch OR a release + if: (github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'release') + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: arn:aws:iam::538673716275:role/github-actions-role + aws-region: ap-southeast-2 + + - name: Get tag for this build if it exists + if: github.event_name == 'release' + run: | + echo "RELEASE=${GITHUB_REF/refs\/tags\/}" >> $GITHUB_ENV + + - name: Push release image to ECR + uses: whoan/docker-build-with-cache-action@master + if: github.event_name == 'release' + with: + registry: 538673716275.dkr.ecr.ap-southeast-2.amazonaws.com + image_name: ${{ env.IMAGE_NAME }} + image_tag: ${{ env.RELEASE }} + + - name: Get git commit hash for push to main + if: github.event_name != 'release' + run: | + echo "TAG=dev$(git rev-parse --short HEAD)" \ + >> $GITHUB_ENV + + - name: Push unstable image to ECR + uses: whoan/docker-build-with-cache-action@master + if: github.event_name != 'release' + with: + registry: 538673716275.dkr.ecr.ap-southeast-2.amazonaws.com + image_name: ${{ env.IMAGE_NAME }} # image_tag: latest,${{ env.TAG }} From 1f886efa346a5ac6d005a54a4c537e58ac2a799d Mon Sep 17 00:00:00 2001 From: Robbi Bishop-Taylor Date: Thu, 29 Feb 2024 13:06:44 +1100 Subject: [PATCH 10/12] Fix typo --- .github/workflows/dea-intertidal-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dea-intertidal-image.yml b/.github/workflows/dea-intertidal-image.yml index ae8f1fd..0550049 100644 --- a/.github/workflows/dea-intertidal-image.yml +++ b/.github/workflows/dea-intertidal-image.yml @@ -176,4 +176,4 @@ jobs: with: registry: 538673716275.dkr.ecr.ap-southeast-2.amazonaws.com image_name: ${{ env.IMAGE_NAME }} - # image_tag: latest,${{ env.TAG }} + image_tag: latest,${{ env.TAG }} From 01102e6ba9e63720d6389ee0ef40262e5d9c13ac Mon Sep 17 00:00:00 2001 From: Robbi Bishop-Taylor Date: Thu, 29 Feb 2024 13:08:06 +1100 Subject: [PATCH 11/12] Update dea-intertidal-image.yml --- .github/workflows/dea-intertidal-image.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/dea-intertidal-image.yml b/.github/workflows/dea-intertidal-image.yml index 0550049..739b88f 100644 --- a/.github/workflows/dea-intertidal-image.yml +++ b/.github/workflows/dea-intertidal-image.yml @@ -35,9 +35,9 @@ on: types: [created, edited, published] permissions: - id-token: write # This is required for requesting the JWT - contents: write # This is required for actions/checkout - pull-requests: write + id-token: write # Required for requesting Json web token + contents: write # Required for actions/checkout + pull-requests: write # Required for validation results comment bot jobs: test: From 2d85497282fff5744253f2f16b3b5805b1111a85 Mon Sep 17 00:00:00 2001 From: Robbi Bishop-Taylor Date: Thu, 29 Feb 2024 13:45:52 +1100 Subject: [PATCH 12/12] Update dea-intertidal-image.yml --- .github/workflows/dea-intertidal-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dea-intertidal-image.yml b/.github/workflows/dea-intertidal-image.yml index 739b88f..0000b5e 100644 --- a/.github/workflows/dea-intertidal-image.yml +++ b/.github/workflows/dea-intertidal-image.yml @@ -118,7 +118,7 @@ jobs: commit_message: Automatically update integration test validation results file_pattern: 'tests/validation.jpg tests/validation.csv tests/README.md' - # Post validaiton tesults as comment + # Post validaiton tesults as comment on PR - name: Post validation results as comment uses: mshick/add-pr-comment@v2 if: github.event_name != 'release'