CI #21319
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| env: | |
| # Version of Argo CD to use for the installer. | |
| ARGO_CD_VERSION: "3.0.6" | |
| # Version of helm to use for linting. | |
| HELM_VERSION: "v3.19.2" | |
| # Version of helm-docs to use for linting. | |
| HELM_DOCS_VERSION: "1.14.2" | |
| # Version of the Helm unittest plugin for Helm tests. | |
| HELM_UNITTEST_VERSION: "v1.0.2" | |
| # Version of Vault client to use for the installer. | |
| VAULT_VERSION: "1.19.5" | |
| "on": | |
| merge_group: {} | |
| pull_request: {} | |
| push: | |
| branches: | |
| - "main" | |
| workflow_dispatch: {} | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-go@v6 | |
| with: | |
| go-version: '>=1.22' | |
| - name: Install helm-docs | |
| run: > | |
| go install github.com/norwoodj/helm-docs/cmd/helm-docs@v${{ env.HELM_DOCS_VERSION }} | |
| env: | |
| GOBIN: /usr/local/bin/ | |
| - uses: astral-sh/setup-uv@v7 | |
| - name: Run linters | |
| run: uv run --only-group=tox tox run -e lint | |
| test: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| strategy: | |
| matrix: | |
| python: | |
| - "3.13" | |
| - "3.14" | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: astral-sh/setup-uv@v7 | |
| with: | |
| python-version: ${{ matrix.python }} | |
| - name: Run Python tests | |
| run: uv run --only-group=tox tox run -e typing,py,coverage-report | |
| helm: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - uses: azure/setup-helm@v5 | |
| with: | |
| version: ${{ env.HELM_VERSION }} | |
| # Used to query GitHub for the latest Helm release. | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Install helm-unittest plugin | |
| run: helm plugin install https://github.com/helm-unittest/helm-unittest --version ${{ env.HELM_UNITTEST_VERSION }} | |
| - name: Run helm unittest | |
| run: helm unittest {applications,charts}/*/tests/.. | |
| - name: Run helm unittest for sub-charts | |
| run: helm unittest applications/*/charts/*/tests/.. | |
| - uses: astral-sh/setup-uv@v7 | |
| - name: Run Phalanx Helm linter | |
| run: uv run --only-group=tox tox run -e phalanx-lint-change | |
| changes: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| permissions: | |
| pull-requests: read | |
| outputs: | |
| docs: ${{ steps.filter.outputs.docs }} | |
| docs-specific: ${{ steps.filter.outputs.docs-specific }} | |
| minikube: ${{ steps.filter.outputs.minikube }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: dorny/paths-filter@v4 | |
| id: filter | |
| with: | |
| filters: | | |
| docs: | |
| - ".github/workflows/docs.yaml" | |
| - ".python-version" | |
| - "docs/**" | |
| - "applications/*/Chart.yaml" | |
| - "applications/*/values.yaml" | |
| - "applications/argocd/values-*.yaml" | |
| - "applications/gafaelfawr/values-*.yaml" | |
| - "environments/values-*.yaml" | |
| - "requirements/*.txt" | |
| - "src/phalanx/**" | |
| docs-specific: | |
| - "docs/**" | |
| minikube: | |
| - ".github/workflows/ci.yaml" | |
| - ".python-version" | |
| - "applications/{argocd,cert-manager,gafaelfawr,ingress-nginx,mobu,postgres,repertoire,vault-secrets-operator,sasquatch,strimzi,strimzi-access-operator,strimzi-registry-operator}/Chart.yaml" | |
| - "applications/{argocd,cert-manager,gafaelfawr,ingress-nginx,mobu,postgres,repertoire,vault-secrets-operator,sasquatch,strimzi,strimzi-access-operator,strimzi-registry-operator}/templates/**" | |
| - "applications/{argocd,cert-manager,gafaelfawr,ingress-nginx,mobu,postgres,repertoire,vault-secrets-operator,sasquatch,strimzi,strimzi-access-operator,strimzi-registry-operator}/values.yaml" | |
| - "applications/{argocd,cert-manager,gafaelfawr,ingress-nginx,mobu,postgres,repertoire,vault-secrets-operator,sasquatch,strimzi,strimzi-access-operator,strimzi-registry-operator}/values-minikube.yaml" | |
| - "environments/templates/applications/infrastructure/*" | |
| - "environments/values-minikube.yaml" | |
| - "src/phalanx/**" | |
| - "uv.lock" | |
| minikube: | |
| name: Test deploy | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| needs: [test, helm, changes] | |
| if: >- | |
| (github.event_name == 'workflow_dispatch') | |
| || (needs.changes.outputs.minikube == 'true' | |
| && github.event_name != 'push' | |
| && !startsWith(github.head_ref, 'dependabot/')) | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: astral-sh/setup-uv@v7 | |
| - name: Download installer dependencies | |
| run: | | |
| curl -sSL -o /tmp/vault.zip https://releases.hashicorp.com/vault/${{ env.VAULT_VERSION }}/vault_${{ env.VAULT_VERSION }}_linux_amd64.zip | |
| unzip /tmp/vault.zip | |
| sudo mv vault /usr/local/bin/vault | |
| sudo chmod +x /usr/local/bin/vault | |
| sudo curl -sSL -o /usr/local/bin/argocd https://github.com/argoproj/argo-cd/releases/download/v${{ env.ARGO_CD_VERSION }}/argocd-linux-amd64 | |
| sudo chmod +x /usr/local/bin/argocd | |
| sudo apt-get install socat | |
| - uses: medyagh/setup-minikube@latest | |
| with: | |
| cpus: max | |
| memory: 5500m # Linux virtual machines have 7GB of RAM | |
| - name: Test interaction with the cluster | |
| run: kubectl get nodes | |
| - name: Run Phalanx installer | |
| run: > | |
| uv run --only-group=tox tox run -e install -- | |
| --force-noninteractive | |
| --vault-role-id=${{ secrets.MINIKUBE_VAULT_ROLE_ID }} | |
| --vault-secret-id=${{ secrets.MINIKUBE_VAULT_SECRET_ID }} | |
| minikube | |
| - name: Get final list of resources | |
| run: | | |
| kubectl get all -A | |
| kubectl get ingress -A | |
| - name: Wait for all applications to be healthy | |
| timeout-minutes: 15 | |
| run: | | |
| argocd app wait -l "argocd.argoproj.io/instance=science-platform" \ | |
| --port-forward \ | |
| --port-forward-namespace argocd \ | |
| --timeout 300 | |
| docs: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| needs: changes | |
| if: >- | |
| (needs.changes.outputs.docs == 'true') | |
| || (github.event_name == 'workflow_dispatch') | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| # Ensure the documentation gets the right version. | |
| fetch-depth: 0 | |
| - uses: astral-sh/setup-uv@v7 | |
| - name: Install graphviz | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y graphviz | |
| - name: Build documentation | |
| run: uv run --only-group=tox tox run -e docs | |
| # Upload docs: | |
| # - on pushes to main if *any* documentation content might have changed | |
| # - on workflow dispatches if any documentation content might have changed | |
| # - on pushes to tickets/ branches if docs/ directory content changed | |
| - name: Upload to LSST the Docs | |
| uses: lsst-sqre/ltd-upload@v1 | |
| with: | |
| project: "phalanx" | |
| dir: "docs/_build/html" | |
| username: ${{ secrets.LTD_USERNAME }} | |
| password: ${{ secrets.LTD_PASSWORD }} | |
| if: >- | |
| (github.event_name == 'push' && github.ref_name == 'main') | |
| || (github.event_name == 'workflow_dispatch') | |
| || (github.event_name == 'pull_request' | |
| && (startsWith(github.head_ref, 'tickets/') | |
| || startsWith(github.head_ref, 't/')) | |
| && needs.changes.outputs.docs-specific == 'true') |