Skip to content

Demo: Keycloak RBAC #304

Demo: Keycloak RBAC

Demo: Keycloak RBAC #304

Workflow file for this run

name: CI
# On every pull request, but only on push to main
on:
push:
branches:
- main
tags:
- '*'
paths:
# Only rebuild website when docs have changed
- 'runtime/**'
- 'dockerfiles/**'
- 'docker-compose.*'
- '.github/workflows/ci.yml'
- '.isort.cfg'
- '.mypy.ini'
- 'ruff.toml'
- '.pre-commit-config.yaml'
pull_request:
jobs:
tests:
runs-on: ubuntu-20.04
strategy:
fail-fast: false
steps:
- uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.10'
- name: Run pre-commit
run: |
python -m pip install --upgrade pip
python -m pip install pre-commit
pre-commit run --all-files
- name: Launch services
run: docker compose -f docker-compose.custom.yml --profile gunicorn up -d
- name: install lib postgres
run: |
sudo apt update
wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O- | sudo apt-key add -
echo "deb [arch=amd64] http://apt.postgresql.org/pub/repos/apt/ focal-pgdg main" | sudo tee /etc/apt/sources.list.d/postgresql.list
sudo apt update
sudo apt-get install --yes libpq-dev postgis postgresql-14-postgis-3
- name: Install python dependencies
run: |
python -m pip install pytest pytest-asyncio httpx pypgstac==0.8.1 psycopg[pool] brotlipy boto3 pytest-pgsql psycopg2
- name: Test CDK DB Bootstrap
working-directory: ./infrastructure/aws
run: |
python -m pytest tests/test_bootstrap.py -v -ss
- name: Ingest Stac Items/Collection
run: |
pypgstac pgready --dsn postgresql://username:password@0.0.0.0:5439/postgis
pypgstac load collections .github/workflows/data/noaa-emergency-response.json --dsn postgresql://username:password@0.0.0.0:5439/postgis --method insert_ignore
pypgstac load items .github/workflows/data/noaa-eri-nashville2020.json --dsn postgresql://username:password@0.0.0.0:5439/postgis --method insert_ignore
psql postgresql://username:password@0.0.0.0:5439/postgis -f .github/workflows/data/my_data.sql
# see https://github.com/developmentseed/tipg/issues/37
- name: Restart the Vector service
run: |
docker compose -f docker-compose.custom.yml --profile gunicorn stop vector
docker compose -f docker-compose.custom.yml --profile gunicorn up -d vector
- name: Sleep for 10 seconds
run: sleep 10s
shell: bash
- name: Integrations tests
run: python -m pytest .github/workflows/tests/
- name: Stop services
run: docker compose -f docker-compose.custom.yml stop
publish-docker:
needs: [tests]
if: github.ref == 'refs/heads/main' || startsWith(github.event.ref, 'refs/tags') || github.event_name == 'release'
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to Github
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set tag version
id: tag
run: |
echo "version=${GITHUB_REF#refs/*/}"
echo "version=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
#############################################################################
# RASTER
- name: RASTER - Build and push latest
if: github.ref == 'refs/heads/main'
uses: docker/build-push-action@v2
with:
platforms: linux/amd64
context: .
file: dockerfiles/Dockerfile.raster-uvicorn
push: true
tags: |
ghcr.io/developmentseed/eoapi-raster:latest
- name: RASTER - Build and push tags
if: startsWith(github.event.ref, 'refs/tags') || github.event_name == 'release'
uses: docker/build-push-action@v2
with:
platforms: linux/amd64
context: .
file: dockerfiles/Dockerfile.raster-uvicorn
push: true
tags: |
ghcr.io/developmentseed/eoapi-raster:${{ steps.tag.outputs.tag }}
#############################################################################
# STAC
- name: STAC - Build and push latest
if: github.ref == 'refs/heads/main'
uses: docker/build-push-action@v2
with:
context: .
file: dockerfiles/Dockerfile.stac-uvicorn
push: true
tags: |
ghcr.io/developmentseed/eoapi-stac:latest
- name: STAC - Build and push tags
if: startsWith(github.event.ref, 'refs/tags') || github.event_name == 'release'
uses: docker/build-push-action@v2
with:
context: .
file: dockerfiles/Dockerfile.stac-uvicorn
push: true
tags: |
ghcr.io/developmentseed/eoapi-stac:${{ steps.tag.outputs.tag }}
#############################################################################
# VECTOR
- name: VECTOR - Build and push latest
if: github.ref == 'refs/heads/main'
uses: docker/build-push-action@v2
with:
context: .
file: dockerfiles/Dockerfile.vector-uvicorn
push: true
tags: |
ghcr.io/developmentseed/eoapi-vector:latest
- name: VECTOR - Build and push tags
if: startsWith(github.event.ref, 'refs/tags') || github.event_name == 'release'
uses: docker/build-push-action@v2
with:
context: .
file: dockerfiles/Dockerfile.vector-uvicorn
push: true
tags: |
ghcr.io/developmentseed/eoapi-vector:${{ steps.tag.outputs.tag }}