Skip to content

Commit 82a8beb

Browse files
jacobdadamsstdavis
jacobdadams
and
stdavis
committed
chore: initial setup pt 2
Co-authored-by: Scott Davis <[email protected]>
1 parent 183cb29 commit 82a8beb

File tree

9 files changed

+417
-0
lines changed

9 files changed

+417
-0
lines changed

.github/dependabot.yml

+33
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
version: 2
2+
updates:
3+
- package-ecosystem: pip
4+
directory: /
5+
schedule:
6+
interval: monthly
7+
groups:
8+
safe-dependencies:
9+
update-types: ["minor", "patch"]
10+
major-dependencies:
11+
update-types: ["major"]
12+
commit-message:
13+
prefix: deps
14+
prefix-development: deps(dev)
15+
- package-ecosystem: github-actions
16+
directory: /
17+
schedule:
18+
interval: monthly
19+
groups:
20+
ci-dependencies:
21+
dependency-type: "production"
22+
- package-ecosystem: npm
23+
directory: /
24+
schedule:
25+
interval: monthly
26+
groups:
27+
safe-dependencies:
28+
update-types: ["minor", "patch"]
29+
major-dependencies:
30+
update-types: ["major"]
31+
commit-message:
32+
prefix: deps
33+
prefix-development: deps(dev)

.github/workflows/push.yml

+255
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,255 @@
1+
name: Build and Test
2+
3+
on:
4+
push:
5+
branches:
6+
- main
7+
- dev
8+
pull_request:
9+
branches:
10+
- main
11+
- dev
12+
13+
concurrency:
14+
group: "${{ github.head_ref || github.ref }}"
15+
cancel-in-progress: true
16+
17+
jobs:
18+
test:
19+
name: Setup and Test
20+
runs-on: ubuntu-latest
21+
22+
steps:
23+
24+
- name: Checkout code
25+
uses: actions/checkout@v4
26+
with:
27+
show-progress: false
28+
29+
- name: Set up Python
30+
uses: actions/setup-python@v5
31+
with:
32+
python-version: "3.11"
33+
cache: pip
34+
cache-dependency-path: setup.py
35+
36+
- name: Install libkrb5 for Kerberos on Linux
37+
run: |
38+
sudo apt-get update
39+
sudo apt-get install -y libkrb5-dev
40+
41+
- name: Install module
42+
run: pip install .[tests]
43+
44+
- name: Test with pytest
45+
run: pytest
46+
47+
deploy-dev:
48+
name: Deploy to Cloud Run (dev)
49+
needs: test
50+
runs-on: ubuntu-latest
51+
if: github.ref == 'refs/heads/dev'
52+
environment:
53+
name: dev
54+
permissions:
55+
id-token: write
56+
contents: read
57+
58+
steps:
59+
- name: ⬇️ Checkout code
60+
uses: actions/checkout@v4
61+
with:
62+
show-progress: false
63+
64+
- name: 🗝️ Authenticate to Google Cloud
65+
id: auth
66+
uses: google-github-actions/auth@v2
67+
with:
68+
workload_identity_provider: ${{ secrets.IDENTITY_PROVIDER }}
69+
service_account: ${{ secrets.SERVICE_ACCOUNT_EMAIL }}
70+
token_format: "access_token"
71+
72+
- name: 🐳 Set up Docker Buildx
73+
id: builder
74+
uses: docker/setup-buildx-action@v3
75+
76+
- name: 🗝️ Authenticate Docker to Google Cloud
77+
uses: docker/login-action@v3
78+
with:
79+
registry: us-central1-docker.pkg.dev
80+
username: oauth2accesstoken
81+
password: ${{ steps.auth.outputs.access_token }}
82+
83+
- name: 🏷️ Extract tags from GitHub
84+
id: meta
85+
uses: docker/metadata-action@v5
86+
with:
87+
github-token: ${{ secrets.GITHUB_TOKEN }}
88+
images: us-central1-docker.pkg.dev/${{ secrets.PROJECT_ID }}/images/job
89+
tags: |
90+
type=ref,suffix=-{{sha}},event=branch
91+
type=ref,prefix=pr-,suffix=-{{sha}},event=pr
92+
type=semver,pattern={{version}}
93+
latest
94+
95+
- name: 📦 Build and push image
96+
uses: docker/build-push-action@v6
97+
with:
98+
builder: ${{ steps.builder.outputs.name }}
99+
tags: ${{ steps.meta.outputs.tags }}
100+
context: .
101+
file: ./Dockerfile
102+
push: true
103+
cache-from: type=gha
104+
cache-to: type=gha,mode=max
105+
provenance: false
106+
107+
- name: ☁️ Set up Cloud SDK
108+
uses: google-github-actions/setup-gcloud@v2
109+
110+
- name: 🚀 Deploy to Cloud Run Job
111+
uses: google-github-actions/deploy-cloudrun@v2
112+
with:
113+
project_id: secrets.PROJECT_ID
114+
region: us-central1
115+
image: us-central1-docker.pkg.dev/${{ secrets.PROJECT_ID }}/images/job:latest
116+
job: default
117+
secrets: /secrets/app/secrets.json=skid-secrets:latest
118+
timeout: 3h
119+
flags: >
120+
'--cpu=1
121+
--memory=3Gi
122+
--service-account=cloud-run-sa@${{ secrets.PROJECT_ID }}.iam.gserviceaccount.com
123+
--timeout=3h
124+
--max-instances=1
125+
--max-retries=0
126+
--parallelism=0'
127+
128+
- name: 🕰️ Create Cloud Scheduler
129+
run: |
130+
if [ ! "$(gcloud scheduler jobs list --location=us-central1 | grep saturday-evening)" ]; then
131+
gcloud scheduler jobs create http saturday-evening \
132+
--description="Trigger the nfhl-skid bot once a week on saturday evening" \
133+
--schedule="0 3 * * 6" \
134+
--time-zone=America/Denver \
135+
--location=us-central1 \
136+
--uri="https://us-central1-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/${{ secrets.PROJECT_ID }}/jobs/default:run" \
137+
--oauth-service-account-email=scheduler-sa@${{ secrets.PROJECT_ID }}.iam.gserviceaccount.com
138+
else
139+
gcloud scheduler jobs update http saturday-evening \
140+
--description="Trigger the nfhl-skid bot once a week on saturday evening" \
141+
--schedule="0 3 * * 6" \
142+
--time-zone=America/Denver \
143+
--location=us-central1 \
144+
--uri="https://us-central1-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/${{ secrets.PROJECT_ID }}/jobs/default:run" \
145+
--oauth-service-account-email=scheduler-sa@${{ secrets.PROJECT_ID }}.iam.gserviceaccount.com
146+
fi
147+
148+
deploy-prod:
149+
name: Deploy to Cloud Run (prod)
150+
needs: test
151+
runs-on: ubuntu-latest
152+
if: github.ref == 'refs/heads/main'
153+
environment:
154+
name: prod
155+
permissions:
156+
id-token: write
157+
contents: read
158+
159+
steps:
160+
- name: ⬇️ Checkout code
161+
uses: actions/checkout@v4
162+
with:
163+
show-progress: false
164+
165+
- name: 🗝️ Authenticate to Google Cloud
166+
id: auth
167+
uses: google-github-actions/auth@v2
168+
with:
169+
workload_identity_provider: ${{ secrets.IDENTITY_PROVIDER }}
170+
service_account: ${{ secrets.SERVICE_ACCOUNT_EMAIL }}
171+
token_format: "access_token"
172+
173+
- name: 🐳 Set up Docker Buildx
174+
id: builder
175+
uses: docker/setup-buildx-action@v3
176+
177+
- name: 🗝️ Authenticate Docker to Google Cloud
178+
uses: docker/login-action@v3
179+
with:
180+
registry: us-central1-docker.pkg.dev
181+
username: oauth2accesstoken
182+
password: ${{ steps.auth.outputs.access_token }}
183+
184+
- name: 🏷️ Extract tags from GitHub
185+
id: meta
186+
uses: docker/metadata-action@v5
187+
with:
188+
github-token: ${{ secrets.GITHUB_TOKEN }}
189+
images: us-central1-docker.pkg.dev/${{ secrets.PROJECT_ID }}/images/job
190+
tags: |
191+
type=ref,suffix=-{{sha}},event=branch
192+
type=ref,prefix=pr-,suffix=-{{sha}},event=pr
193+
type=semver,pattern={{version}}
194+
latest
195+
196+
- name: 📦 Build and push image
197+
uses: docker/build-push-action@v6
198+
with:
199+
builder: ${{ steps.builder.outputs.name }}
200+
tags: ${{ steps.meta.outputs.tags }}
201+
context: .
202+
file: ./Dockerfile
203+
push: true
204+
cache-from: type=gha
205+
cache-to: type=gha,mode=max
206+
provenance: false
207+
208+
- name: ☁️ Set up Cloud SDK
209+
uses: google-github-actions/setup-gcloud@v2
210+
211+
- name: 🚀 Deploy to Cloud Run Job
212+
run: |
213+
if [ ! "$(gcloud run jobs list | grep default)" ]; then
214+
gcloud run jobs create default \
215+
--region us-central1 \
216+
--image us-central1-docker.pkg.dev/${{ secrets.PROJECT_ID }}/images/job:latest \
217+
--service-account cloud-run-sa@${{ secrets.PROJECT_ID }}.iam.gserviceaccount.com \
218+
--memory=3Gi \
219+
--cpu=1 \
220+
--max-retries 0 \
221+
--parallelism 0 \
222+
--set-secrets=/secrets/app/secrets.json=skid-secrets:latest \
223+
--task-timeout 3h
224+
else
225+
gcloud run jobs update default \
226+
--region us-central1 \
227+
--image us-central1-docker.pkg.dev/${{ secrets.PROJECT_ID }}/images/job:latest \
228+
--service-account cloud-run-sa@${{ secrets.PROJECT_ID }}.iam.gserviceaccount.com \
229+
--memory=3Gi \
230+
--cpu=1 \
231+
--max-retries 0 \
232+
--parallelism 0 \
233+
--set-secrets=/secrets/app/secrets.json=skid-secrets:latest \
234+
--task-timeout 3h
235+
fi
236+
237+
- name: 🕰️ Create Cloud Scheduler
238+
run: |
239+
if [ ! "$(gcloud scheduler jobs list --location=us-central1 | grep saturday-evening)" ]; then
240+
gcloud scheduler jobs create http saturday-evening \
241+
--description="Trigger the nfhl-skid bot once a week on saturday evening" \
242+
--schedule="0 3 * * 6" \
243+
--time-zone=America/Denver \
244+
--location=us-central1 \
245+
--uri="https://us-central1-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/${{ secrets.PROJECT_ID }}/jobs/default:run" \
246+
--oauth-service-account-email=scheduler-sa@${{ secrets.PROJECT_ID }}.iam.gserviceaccount.com
247+
else
248+
gcloud scheduler jobs update http saturday-evening \
249+
--description="Trigger the nfhl-skid bot once a week on saturday evening" \
250+
--schedule="0 3 * * 6" \
251+
--time-zone=America/Denver \
252+
--location=us-central1 \
253+
--uri="https://us-central1-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/${{ secrets.PROJECT_ID }}/jobs/default:run" \
254+
--oauth-service-account-email=scheduler-sa@${{ secrets.PROJECT_ID }}.iam.gserviceaccount.com
255+
fi

src/backup/.gitignore packages/backup/.gitignore

File renamed without changes.

packages/backup/Dockerfile

+17
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
FROM python:3.11-slim
2+
3+
# Allow statements and log messages to immediately appear in the Knative logs
4+
ENV PYTHONUNBUFFERED=True
5+
6+
USER root
7+
RUN useradd -s /bin/bash dummy
8+
9+
# Set the locale
10+
RUN apt-get update && apt-get install -y locales && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 && apt-get install -y gcc && apt-get install -y libkrb5-dev && pip install requests-kerberos
11+
12+
COPY . /app
13+
WORKDIR /app
14+
RUN pip install .
15+
16+
USER dummy
17+
ENTRYPOINT ["backup"]

packages/backup/pyproject.toml

+11
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
[tool.ruff]
2+
line-length = 120
3+
ignore = ["E501"]
4+
[tool.black]
5+
line-length = 120
6+
[tool.pytest.ini_options]
7+
minversion = "6.0"
8+
testpaths = [ "tests", "src" ]
9+
norecursedirs = [".env", "data", "maps", ".github", ".vscode"]
10+
console_output_style = "count"
11+
addopts = "--cov-branch --cov=project-moonwalk --cov-report term --cov-report xml:cov.xml --instafail"

packages/backup/setup.py

+58
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
#!/usr/bin/env python
2+
# -*- encoding: utf-8 -*-
3+
"""
4+
setup.py
5+
A module that installs the backup process as a module
6+
"""
7+
from glob import glob
8+
from os.path import basename, splitext
9+
10+
from setuptools import find_packages, setup
11+
12+
setup(
13+
name="moonwalk-backup",
14+
version="1.0.0",
15+
license="MIT",
16+
description="Backup process for project moonwalk",
17+
author="UGRC Developers",
18+
author_email="[email protected]",
19+
url="https://github.com/agrc/project-moonwalk",
20+
packages=find_packages("src"),
21+
package_dir={"": "src"},
22+
py_modules=[splitext(basename(path))[0] for path in glob("src/*.py")],
23+
include_package_data=True,
24+
zip_safe=True,
25+
classifiers=[
26+
# complete classifier list: http://pypi.python.org/pypi?%3Aaction=list_classifiers
27+
"Development Status :: 5 - Production/Stable",
28+
"Intended Audience :: Developers",
29+
"Topic :: Utilities",
30+
],
31+
project_urls={
32+
"Issue Tracker": "https://github.com/agrc/project-moonwalk/issues",
33+
},
34+
keywords=["gis"],
35+
install_requires=[
36+
"arcgis>=2.3,<2.4",
37+
],
38+
extras_require={
39+
"tests": [
40+
"pytest-cov>=3,<6",
41+
"pytest-instafail==0.5.*",
42+
"pytest-mock==3.*",
43+
"pytest-ruff==0.*",
44+
"pytest-watch==4.*",
45+
"pytest>=6,<9",
46+
"black>=24.4.2,<24.5",
47+
"ruff==0.*",
48+
]
49+
},
50+
setup_requires=[
51+
"pytest-runner",
52+
],
53+
entry_points={
54+
"console_scripts": [
55+
"backup = backup.main:backup",
56+
]
57+
},
58+
)

0 commit comments

Comments
 (0)