diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 8b2606fbf0..823160b877 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -1,20 +1,10 @@ -name: "run-linting-checks" +name: "Lint and Style Checks" +# Checks that automate detection of basic errors (type declaration, spelling, linting, forgetting to update the lockfile, etc) on: pull_request: branches: [main, release] jobs: - check-docs: - name: runner / check docs - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Install uv - uses: astral-sh/setup-uv@v6 - - name: Ensure docs build cleanly - # Setting `O` to pass extra options to the sphinx-build command. - run: O="-a -E -n -W --keep-going" make docs - run-pylint: name: runner / pylint permissions: write-all @@ -51,3 +41,18 @@ jobs: uses: astral-sh/setup-uv@v6 - name: Ensure uv lockfile is up to date run: uv lock --check + + run-mypy: + name: runner / mypy + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: write + steps: + - uses: actions/checkout@v4 + - uses: tsuyoshicho/action-mypy@v4 + with: + github_token: ${{ secrets.github_token }} + reporter: github-pr-review + level: warning + execute_command: "uv run mypy" diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml new file mode 100644 index 0000000000..efc5919faf --- /dev/null +++ b/.github/workflows/docs.yml @@ -0,0 +1,20 @@ +name: "Docs build test" +# ensure the docs build still works +permissions: + contents: read + +on: + pull_request: + branches: [main, release] + +jobs: + check-docs: + name: runner / check docs + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Install uv + uses: astral-sh/setup-uv@v6 + - name: Ensure docs build cleanly + # Setting `O` to pass extra options to the sphinx-build command. + run: O="-a -E -n -W --keep-going" make docs diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml new file mode 100644 index 0000000000..3cf88119d8 --- /dev/null +++ b/.github/workflows/macos.yml @@ -0,0 +1,52 @@ +name: Test MacOS +# Unknown. MacOS functionality test i guess, probably incomplete +on: + push: + branches: + - main + - release + pull_request: + release: + types: + - published + workflow_dispatch: + +permissions: {} + +jobs: + test-macos: + name: Test on macOS + runs-on: macos-latest + env: + UV_LOCKED: true # Assert that uv.lock is up-to-date + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Install uv + uses: astral-sh/setup-uv@v6 + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version-file: ".python-version" + + - name: Install Go + uses: actions/setup-go@v5 + with: + go-version: "stable" + + # We don't use `make install` because it requires user input + # Instead, we manually sync and run a subset of commands + - name: Install dependencies + run: uv sync --all-groups + + - name: Install workers + run: uv run scripts/install/workers.sh dev + + - name: Install nltk + run: | + uv run python -m nltk.downloader stopwords + uv run python -m nltk.downloader punkt + uv run python -m nltk.downloader popular + uv run python -m nltk.downloader universal_tagset diff --git a/.github/workflows/publish_images.yml b/.github/workflows/publish_images.yml new file mode 100644 index 0000000000..86a3a00133 --- /dev/null +++ b/.github/workflows/publish_images.yml @@ -0,0 +1,80 @@ +name: Publish Docker Images +# Publish docker images to our registry +on: + push: + branches: + - main + - release + pull_request: + release: + types: + - published + workflow_dispatch: + +permissions: {} + +jobs: + push-image: + name: Push image + needs: test-e2e + # We don't push images on pull requests + if: github.event_name != 'pull_request' + permissions: + contents: read # to fetch code (actions/checkout) + packages: write # to push docker image + strategy: + matrix: + image: + - backend + - database + - keyman + - rabbitmq + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + id: setup-buildx + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Set container metadata + uses: docker/metadata-action@v5 + id: meta + env: + DOCKER_METADATA_ANNOTATIONS_LEVELS: index,manifest + with: + annotations: | + org.opencontainers.image.title=augur_${{ matrix.image }} + labels: | + org.opencontainers.image.title=augur_${{ matrix.image }} + images: ghcr.io/${{ github.repository_owner }}/augur_${{ matrix.image }} + # Pushes to the main branch update the *:devel-latest tag + # Releases update the *:latest tag and the *: tag + tags: | + type=raw,value=devel-latest,enable=${{ github.ref == 'refs/heads/main' }} + type=raw,value=latest,enable=${{ github.event_name == 'release' }} + type=raw,value=${{ github.event.release.tag_name }},enable=${{ github.event_name == 'release' }} + + - name: Build and push + id: push + uses: docker/build-push-action@v6 + with: + annotations: ${{ steps.meta.outputs.annotations }} + context: . + file: ./docker/${{ matrix.image }}/Dockerfile + labels: ${{ steps.meta.outputs.labels }} + platforms: linux/amd64 + # Only push if we've tagged the image in the metadata step + push: ${{ steps.meta.outputs.tags != '' }} + tags: ${{ steps.meta.outputs.tags }} + # Use the same cache as the build step + cache-from: type=gha,scope=container-${{ matrix.image }} + cache-to: type=gha,scope=container-${{ matrix.image }},mode=min diff --git a/.github/workflows/build_docker.yml b/.github/workflows/smoke_test.yml similarity index 92% rename from .github/workflows/build_docker.yml rename to .github/workflows/smoke_test.yml index 3a0e3f953a..4d81a4fdce 100644 --- a/.github/workflows/build_docker.yml +++ b/.github/workflows/smoke_test.yml @@ -1,4 +1,5 @@ -name: Build Docker images +name: End to end Smoke Tests +# perform an end to end smoke test on docker and podman to make sure things work as expected on: push: branches: @@ -13,44 +14,6 @@ on: permissions: {} jobs: - test-macos: - name: Test on macOS - runs-on: macos-latest - env: - UV_LOCKED: true # Assert that uv.lock is up-to-date - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Install uv - uses: astral-sh/setup-uv@v6 - - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version-file: ".python-version" - - - name: Install Go - uses: actions/setup-go@v5 - with: - go-version: "stable" - - # We don't use `make install` because it requires user input - # Instead, we manually sync and run a subset of commands - - name: Install dependencies - run: uv sync --all-groups - - - name: Install workers - run: uv run scripts/install/workers.sh dev - - - name: Install nltk - run: | - uv run python -m nltk.downloader stopwords - uv run python -m nltk.downloader punkt - uv run python -m nltk.downloader popular - uv run python -m nltk.downloader universal_tagset - - test-e2e: name: End-to-end test (Docker) runs-on: ubuntu-latest @@ -59,7 +22,7 @@ jobs: run: | sudo rm -rf /usr/share/dotnet sudo rm -rf "$AGENT_TOOLSDIRECTORY" - + - name: Checkout repository uses: actions/checkout@v4 @@ -299,8 +262,6 @@ jobs: # We use tail so that we can see the name of each file as it's printed run: "podman run -t --rm -v augur_logs:/logs bash -c 'find /logs -type f | xargs tail -n +0'" - - push-image: name: Push image needs: test-e2e @@ -339,9 +300,9 @@ jobs: DOCKER_METADATA_ANNOTATIONS_LEVELS: index,manifest with: annotations: | - org.opencontainers.image.title=augur_${{ matrix.image}} + org.opencontainers.image.title=augur_${{ matrix.image }} labels: | - org.opencontainers.image.title=augur_${{ matrix.image}} + org.opencontainers.image.title=augur_${{ matrix.image }} images: ghcr.io/${{ github.repository_owner }}/augur_${{ matrix.image }} # Pushes to the main branch update the *:devel-latest tag # Releases update the *:latest tag and the *: tag