chore(deps-dev): bump validator from 13.12.0 to 13.15.20 #1786
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Image CI | |
| on: | |
| workflow_dispatch: | |
| push: | |
| paths-ignore: | |
| - 'docs/**' | |
| branches: | |
| - '**' | |
| tags: | |
| - v* | |
| env: | |
| DOCKER_BUILDKIT: 1 | |
| concurrency: | |
| group: ${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| services: | |
| postgres: | |
| image: kartoza/postgis:15-3.4 | |
| env: | |
| ALLOW_IP_RANGE: "0.0.0.0/0" # we need that to allow 'api' to connect | |
| POSTGRES_USER: docker | |
| POSTGRES_PASS: docker | |
| DB_NAME: gis | |
| options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 | |
| ports: | |
| - 5432:5432 | |
| runs-on: ubuntu-latest | |
| outputs: | |
| image: "agencebio/cartobio-api:${{ steps.publish.outputs.tag }}" | |
| version: ${{ steps.version.outputs.name }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-buildx-action@v3 | |
| - run: docker build -t agencebio/cartobio-api . | |
| - name: Get services bridge network name | |
| id: network | |
| run: echo "SERVICES_NETWORK=$(docker network ls --filter name=github --format '{{.Name}}')" >> "${GITHUB_ENV}" | |
| - name: Test the Docker image | |
| run: > | |
| docker run | |
| -e DATABASE_URL | |
| -e NOTIFICATIONS_AB_SSO_CLIENT_ID | |
| -e NOTIFICATIONS_AB_SSO_CLIENT_SECRET | |
| -e NOTIFICATIONS_AB_ENDPOINT | |
| -e CARTOBIO_JWT_SECRET | |
| -e GEOFOLIA_OAUTH_HOST | |
| -e GEOFOLIA_OAUTH_TENANT | |
| -e GEOFOLIA_OAUTH_CLIENT_ID | |
| -e GEOFOLIA_OAUTH_CLIENT_SECRET | |
| -e GEOFOLIA_API_HOST | |
| -e GEOFOLIA_API_SUBSCRIPTION_KEY | |
| -e CI | |
| --network ${{ env.SERVICES_NETWORK }} | |
| agencebio/cartobio-api npm test | |
| env: | |
| CI: true | |
| DATABASE_URL: postgresql://docker:docker@postgres:5432/gis | |
| NOTIFICATIONS_AB_ENDPOINT: https://preprod-notifications.agencebio.org:444 | |
| CARTOBIO_JWT_SECRET: zzzzz | |
| GEOFOLIA_OAUTH_HOST: https://login.microsoftonline.com | |
| GEOFOLIA_OAUTH_TENANT: "test" | |
| GEOFOLIA_OAUTH_CLIENT_ID: "test" | |
| GEOFOLIA_OAUTH_CLIENT_SECRET: "test" | |
| GEOFOLIA_API_HOST: "https://test-api.azure-api.net/" | |
| GEOFOLIA_API_SUBSCRIPTION_KEY: "test" | |
| NOTIFICATIONS_AB_SSO_CLIENT_ID: "test" | |
| NOTIFICATIONS_AB_SSO_CLIENT_SECRET: "test" | |
| - name: Login to Docker Hub | |
| if: ${{ github.ref == 'refs/heads/main' || github.ref == 'refs/heads/test' || startsWith(github.ref, 'refs/tags/') }} | |
| run: echo "${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}" | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin | |
| - name: Assign Docker ref | |
| id: publish | |
| run: | | |
| if [[ $GITHUB_REF == 'refs/heads/main' ]]; then | |
| echo "tag=latest" >> $GITHUB_OUTPUT | |
| else | |
| echo "tag=${GITHUB_REF_NAME#v*}" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Publish to Docker Hub | |
| if: ${{ github.ref == 'refs/heads/main' || github.ref == 'refs/heads/test' || startsWith(github.ref, 'refs/tags/') }} | |
| run: | | |
| docker tag agencebio/cartobio-api agencebio/cartobio-api:${{ steps.publish.outputs.tag }} | |
| docker push agencebio/cartobio-api:${{ steps.publish.outputs.tag }} | |
| - name: Get package.json version | |
| id: version | |
| run: echo name=$(node -p "require('./package.json').version") >> $GITHUB_OUTPUT | |
| deploy-staging: | |
| needs: [build] | |
| if: github.ref == 'refs/heads/main' | |
| environment: staging | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: garygrossgarten/github-action-ssh@0.7.0 | |
| with: | |
| host: ${{ secrets.AGENCEBIO_PREPROD_SSH_HOST }} | |
| username: ${{ secrets.AGENCEBIO_SSH_USERNAME }} | |
| privateKey: ${{ secrets.AGENCEBIO_SSH_PRIVATE_KEY }} | |
| command: | | |
| docker pull ${{ needs.build.outputs.image }} \ | |
| && docker stop cartobio-api-staging || true \ | |
| && docker container rm cartobio-api-staging || true \ | |
| && docker run -d --restart always \ | |
| -p 7500:8000 \ | |
| --env-file=.env.cartobio-api-staging \ | |
| --env SENTRY_RELEASE=${{ needs.build.outputs.version }}-dev-${{ github.sha }} \ | |
| --name cartobio-api-staging \ | |
| --init \ | |
| --volume /root/pdf:/usr/src/app/pdf \ | |
| ${{ needs.build.outputs.image }} | |
| deploy-test: | |
| needs: [build] | |
| if: github.ref == 'refs/heads/test' | |
| environment: test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: garygrossgarten/github-action-ssh@0.7.0 | |
| with: | |
| host: ${{ secrets.AGENCEBIO_PREPROD_SSH_HOST }} | |
| username: ${{ secrets.AGENCEBIO_SSH_USERNAME }} | |
| privateKey: ${{ secrets.AGENCEBIO_SSH_PRIVATE_KEY }} | |
| command: | | |
| docker pull ${{ needs.build.outputs.image }} \ | |
| && docker stop cartobio-api-test || true \ | |
| && docker container rm cartobio-api-test || true \ | |
| && docker run -d --restart always \ | |
| -p 7501:8000 \ | |
| --env-file=.env.cartobio-api-test \ | |
| --env SENTRY_RELEASE=${{ needs.build.outputs.version }}-test-${{ github.sha }} \ | |
| --name cartobio-api-test \ | |
| --init \ | |
| --volume /root/pdf_test:/usr/src/app/pdf \ | |
| ${{ needs.build.outputs.image }} | |
| deploy-production: | |
| needs: [build] | |
| if: startsWith(github.ref, 'refs/tags/') | |
| environment: production | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: garygrossgarten/github-action-ssh@0.7.0 | |
| with: | |
| host: ${{ secrets.AGENCEBIO_SSH_HOST }} | |
| username: ${{ secrets.AGENCEBIO_SSH_USERNAME }} | |
| privateKey: ${{ secrets.AGENCEBIO_SSH_PRIVATE_KEY }} | |
| command: | | |
| docker pull ${{ needs.build.outputs.image }} \ | |
| && docker stop cartobio-api-production \ | |
| && docker container rm cartobio-api-production \ | |
| && docker run -d --restart always \ | |
| -p 127.0.0.1:8000:8000 \ | |
| --env-file=.env.cartobio-api-production \ | |
| --name cartobio-api-production \ | |
| --init \ | |
| --volume /root/pdf:/usr/src/app/pdf \ | |
| ${{ needs.build.outputs.image }} |