diff --git a/.github/workflows/build-and-deploy.yml b/.github/workflows/build-and-deploy.yml index 317a517..3d650fd 100644 --- a/.github/workflows/build-and-deploy.yml +++ b/.github/workflows/build-and-deploy.yml @@ -19,8 +19,40 @@ env: PORT: ${{ vars.PORT }} RUN_LIVE_PIPELINE_TEST: ${{ vars.RUN_LIVE_PIPELINE_TEST }} jobs: + validate: + runs-on: ubuntu-latest + env: + GOOGLE_DRIVE_FOLDER_ID: ${{ vars.PARENT_FOLDER_ID }} + GOOGLE_SETTINGS__PROJECT_ID: ${{ secrets.GOOGLE_SETTINGS__PROJECT_ID }} + GOOGLE_SETTINGS__PRIVATE_KEY: ${{ secrets.GOOGLE_SETTINGS__PRIVATE_KEY }} + GOOGLE_SETTINGS__CLIENT_EMAIL: ${{ secrets.GOOGLE_SETTINGS__CLIENT_EMAIL }} + GOOGLE_SETTINGS__PRIVATE_KEY_ID: ${{ secrets.GOOGLE_SETTINGS__PRIVATE_KEY_ID }} + GOOGLE_SETTINGS__CLIENT_ID: ${{ secrets.GOOGLE_SETTINGS__CLIENT_ID }} + GOOGLE_SETTINGS__CLIENT_X509_CERT_URL: ${{ secrets.GOOGLE_SETTINGS__CLIENT_X509_CERT_URL }} + steps: + - name: Checkout code + uses: actions/checkout@v6 + - name: Install Python + uses: actions/setup-python@v5 + with: + python-version: "3.13" + - name: Install uv + uses: astral-sh/setup-uv@v5 + with: + enable-cache: true + - name: Install dependencies + run: uv sync --frozen --all-groups + - name: Check Ruff formatting + run: uv run ruff format --check . + - name: Run Ruff lint + run: uv run ruff check --output-format=github . + - name: Run ty + run: uv run ty check src tests + - name: Run tests + run: uv run pytest -vv build: runs-on: ubuntu-latest + needs: validate steps: - name: Checkout code uses: actions/checkout@v6 @@ -50,6 +82,8 @@ jobs: ${{ secrets.DOCKERHUB_USERNAME }}/purchase-request-site:main-${{ github.sha }} ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max - name: Output image info run: | echo "Single deployment tag: ${{ secrets.DOCKERHUB_USERNAME }}/purchase-request-site:main-${{ github.sha }}" @@ -58,7 +92,7 @@ jobs: deploy: runs-on: ubuntu-latest needs: build - if: github.event_name == 'pull_request' || (github.ref == 'refs/heads/main' && (github.event_name == 'push' || inputs.deploy == true)) + if: github.ref == 'refs/heads/main' && (github.event_name == 'push' || inputs.deploy == true) steps: - name: Deploy to server uses: appleboy/ssh-action@v1.0.3 @@ -67,7 +101,7 @@ jobs: username: ${{ secrets.USERNAME }} key: ${{ secrets.SSH_KEY }} command_timeout: 20m - debug: true + debug: false script: | cd /home/raj/purchase-request-site echo "Starting deployment for commit: ${{ github.sha }}" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9687366..5e06cc6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,7 +6,7 @@ on: branches: [main, master] workflow_dispatch: permissions: - contents: write + contents: read jobs: build: runs-on: ubuntu-latest @@ -36,37 +36,21 @@ jobs: uses: actions/setup-python@v5 with: python-version: "3.13" - - name: Install dependencies - run: | - python -m pip install --upgrade pip - pip install . ruff pytest "ty>=0.0.29" - - name: Format code with Ruff (push only) - if: github.event_name == 'push' - run: ruff format . - - name: Format YAML with yamlfmt (push only) - if: github.event_name == 'push' - run: | - docker run --rm \ - -v "${{ github.workspace }}:/workspace" \ - ghcr.io/google/yamlfmt:latest \ - /workspace - - name: Commit formatting changes (push only) - if: github.event_name == 'push' - uses: stefanzweifel/git-auto-commit-action@v5 + - name: Install uv + uses: astral-sh/setup-uv@v5 with: - commit_message: "style: format code with ruff and yamlfmt" - - name: Check Ruff formatting (pull request only) - if: github.event_name == 'pull_request' - run: ruff format --check . + enable-cache: true + - name: Install dependencies + run: uv sync --frozen --all-groups + - name: Check Ruff formatting + run: uv run ruff format --check . - name: Run Ruff lint - run: ruff check --output-format=github . + run: uv run ruff check --output-format=github . - name: Run ty - run: ty check src tests + run: uv run ty check src tests - name: Run tests - run: pytest -vv - # Check YAML formatting (pull request only) - - name: Check YAML formatting (pull request only) - if: github.event_name == 'pull_request' + run: uv run pytest -vv + - name: Check YAML formatting run: | docker run --rm \ -v "${{ github.workspace }}:/workspace" \ diff --git a/.github/workflows/docker-build-check.yml b/.github/workflows/docker-build-check.yml index bd2611e..c6a7c01 100644 --- a/.github/workflows/docker-build-check.yml +++ b/.github/workflows/docker-build-check.yml @@ -8,5 +8,13 @@ jobs: steps: - name: Checkout Repo in .venv uses: actions/checkout@v4 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 - name: Build Docker image - run: docker build -t purchase-request-site:${{ github.sha }} . + uses: docker/build-push-action@v6 + with: + context: . + push: false + tags: purchase-request-site:${{ github.sha }} + cache-from: type=gha + cache-to: type=gha,mode=max diff --git a/Dockerfile b/Dockerfile index 1b6223a..b9e5491 100644 --- a/Dockerfile +++ b/Dockerfile @@ -28,9 +28,8 @@ COPY pyproject.toml uv.lock ./ RUN uv sync --frozen --no-dev # Copy Node.js dependencies and install -COPY package.json ./ -COPY package-lock.json* ./ -RUN npm install +COPY package.json package-lock.json ./ +RUN npm ci # Copy Files for Tailwind CSS Scan + Build COPY src/templates/ ./src/templates/