SC-6899 prepare for ephemerides #7216

Workflow file for this run

	# This file was automatically generated by sbt-github-actions using the
	# githubWorkflowGenerate task. You should add and commit this file to
	# your git repository. It goes without saying that you shouldn't edit
	# this file by hand! Instead, if you wish to make changes, you should
	# change your sbt build configuration to revise the workflow description
	# to meet your needs, then regenerate this file.

	name: Continuous Integration

	on:
	pull_request:
	branches: ['', '!update/', '!pr/**']
	push:
	branches: ['', '!update/', '!pr/**']
	tags: [v*]

	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	HEROKU_API_KEY: ${{ secrets.HEROKU_API_KEY }}


	concurrency:
	group: ${{ github.workflow }} @ ${{ github.ref }}
	cancel-in-progress: true

	jobs:
	build:
	name: Test
	strategy:
	matrix:
	os: [ubuntu-22.04]
	scala: [3]
	java: [temurin@17]
	shard: [0, 1, 2, 3, 4, 5, 6, 7]
	runs-on: ${{ matrix.os }}
	timeout-minutes: 60
	steps:
	- name: Checkout current branch (full)
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	lfs: true

	- name: Setup sbt
	uses: sbt/setup-sbt@v1

	- name: Setup Java (temurin@17)
	id: setup-java-temurin-17
	if: matrix.java == 'temurin@17'
	uses: actions/setup-java@v4
	with:
	distribution: temurin
	java-version: 17
	cache: sbt

	- name: sbt update
	if: matrix.java == 'temurin@17' && steps.setup-java-temurin-17.outputs.cache-hit == 'false'
	run: sbt -v -J-Xmx6g +update

	- name: Set up cert permissions (1)
	run: chmod 600 test-cert/server.key

	- name: Set up cert permissions (2)
	run: sudo chown 999 test-cert/server.key

	- name: Docker compose up
	run: docker compose up -d

	- name: Validate Migrations
	if: github.event_name == 'pull_request' && matrix.shard == '1'
	uses: gemini-hlsw/migration-validator-action@main
	with:
	path: modules/service/src/main/resources/db/migration/

	- name: Validate ODB GraphQL schema changes
	if: github.event_name == 'pull_request' && matrix.shard == '1'
	uses: kamilkisiela/graphql-inspector@master
	with:
	name: Validate ODB Public API
	schema: 'main:modules/schema/src/main/resources/lucuma/odb/graphql/OdbSchema.graphql'
	approve-label: expected-breaking-change

	- name: Validate ITC GraphQL schema changes
	if: github.event_name == 'pull_request' && matrix.shard == '2'
	uses: kamilkisiela/graphql-inspector@master
	with:
	name: Validate ITC Public API
	schema: 'main:itc/service/src/main/resources/graphql/itc.graphql'
	approve-label: expected-breaking-change

	- name: Check that workflows are up to date
	run: sbt -v -J-Xmx6g githubWorkflowCheck

	- name: Check headers and formatting
	if: matrix.java == 'temurin@17' && matrix.os == 'ubuntu-22.04' && matrix.shard == '0'
	run: sbt -v -J-Xmx6g '++ ${{ matrix.scala }}' headerCheckAll scalafmtCheckAll 'project /' scalafmtSbtCheck lucumaScalafmtCheck lucumaScalafixCheck

	- name: Check scalafix lints
	if: matrix.java == 'temurin@17' && matrix.os == 'ubuntu-22.04' && matrix.shard == '0'
	run: sbt -v -J-Xmx6g '++ ${{ matrix.scala }}' 'scalafixAll --check'

	- name: Test
	env:
	TEST_SHARD_COUNT: 8
	TEST_SHARD: ${{ matrix.shard }}
	run: sbt -v -J-Xmx6g '++ ${{ matrix.scala }}' test

	- name: Check binary compatibility
	if: matrix.java == 'temurin@17' && matrix.os == 'ubuntu-22.04' && matrix.shard == '0'
	run: sbt -v -J-Xmx6g '++ ${{ matrix.scala }}' mimaReportBinaryIssues

	- name: Generate API documentation
	if: matrix.java == 'temurin@17' && matrix.os == 'ubuntu-22.04' && matrix.shard == '0'
	run: sbt -v -J-Xmx6g '++ ${{ matrix.scala }}' doc

	- name: Aggregate coverage reports
	run: sbt -v -J-Xmx6g '++ ${{ matrix.scala }}' coverageReport coverageAggregate

	- name: Upload code coverage data
	uses: codecov/codecov-action@v4

	- name: Docker compose down
	run: docker compose down

	publish:
	name: Publish Artifacts
	needs: [build]
	if: github.event_name != 'pull_request' && (startsWith(github.ref, 'refs/tags/v'))
	strategy:
	matrix:
	os: [ubuntu-22.04]
	java: [temurin@17]
	runs-on: ${{ matrix.os }}
	steps:
	- name: Checkout current branch (full)
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	lfs: true

	- name: Setup sbt
	uses: sbt/setup-sbt@v1

	- name: Setup Java (temurin@17)
	id: setup-java-temurin-17
	if: matrix.java == 'temurin@17'
	uses: actions/setup-java@v4
	with:
	distribution: temurin
	java-version: 17
	cache: sbt

	- name: sbt update
	if: matrix.java == 'temurin@17' && steps.setup-java-temurin-17.outputs.cache-hit == 'false'
	run: sbt -v -J-Xmx6g +update

	- name: Import signing key
	if: env.PGP_SECRET != '' && env.PGP_PASSPHRASE == ''
	env:
	PGP_SECRET: ${{ secrets.PGP_SECRET }}
	PGP_PASSPHRASE: ${{ secrets.PGP_PASSPHRASE }}
	run: echo $PGP_SECRET \| base64 -d -i - \| gpg --import

	- name: Import signing key and strip passphrase
	if: env.PGP_SECRET != '' && env.PGP_PASSPHRASE != ''
	env:
	PGP_SECRET: ${{ secrets.PGP_SECRET }}
	PGP_PASSPHRASE: ${{ secrets.PGP_PASSPHRASE }}
	run: \|
	echo "$PGP_SECRET" \| base64 -d -i - > /tmp/signing-key.gpg
	echo "$PGP_PASSPHRASE" \| gpg --pinentry-mode loopback --passphrase-fd 0 --import /tmp/signing-key.gpg
	(echo "$PGP_PASSPHRASE"; echo; echo) \| gpg --command-fd 0 --pinentry-mode loopback --change-passphrase $(gpg --list-secret-keys --with-colons 2> /dev/null \| grep '^sec:' \| cut --delimiter ':' --fields 5 \| tail -n 1)

	- name: Publish
	env:
	SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
	SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
	SONATYPE_CREDENTIAL_HOST: ${{ secrets.SONATYPE_CREDENTIAL_HOST }}
	run: sbt -v -J-Xmx6g tlCiRelease

	deploy:
	name: Build and publish Docker images / Deploy to Heroku
	if: (github.ref == 'refs/heads/main' && startsWith(github.repository, 'gemini'))
	strategy:
	matrix:
	os: [ubuntu-22.04]
	scala: [3.7.3]
	java: [temurin@17]
	runs-on: ${{ matrix.os }}
	steps:
	- name: Checkout current branch (full)
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	lfs: true

	- name: Setup sbt
	uses: sbt/setup-sbt@v1

	- name: Setup Java (temurin@17)
	id: setup-java-temurin-17
	if: matrix.java == 'temurin@17'
	uses: actions/setup-java@v4
	with:
	distribution: temurin
	java-version: 17
	cache: sbt

	- name: sbt update
	if: matrix.java == 'temurin@17' && steps.setup-java-temurin-17.outputs.cache-hit == 'false'
	run: sbt -v -J-Xmx6g +update

	- name: Build Docker images
	run: 'sbt -v -J-Xmx6g ''++ ${{ matrix.scala }}'' clean ssoService/docker:publishLocal itcService/docker:publishLocal service/docker:publishLocal obscalc/docker:publishLocal calibrations/docker:publishLocal'

	- name: Push Docker images to Heroku
	run: \|
	npm install -g heroku
	heroku container:login
	docker tag noirlab/lucuma-sso-service registry.heroku.com/${{ vars.HEROKU_SSO_APP_NAME \|\| 'lucuma-sso' }}-dev/web:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_SSO_APP_NAME \|\| 'lucuma-sso' }}-dev/web:${{ github.sha }}
	docker tag noirlab/lucuma-sso-service registry.heroku.com/${{ vars.HEROKU_SSO_APP_NAME \|\| 'lucuma-sso' }}-staging/web:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_SSO_APP_NAME \|\| 'lucuma-sso' }}-staging/web:${{ github.sha }}
	docker tag noirlab/lucuma-sso-service registry.heroku.com/${{ vars.HEROKU_SSO_APP_NAME \|\| 'lucuma-sso' }}-production/web:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_SSO_APP_NAME \|\| 'lucuma-sso' }}-production/web:${{ github.sha }}
	docker tag noirlab/lucuma-sso-service registry.heroku.com/${{ vars.HEROKU_SSO_APP_NAME \|\| 'lucuma-sso' }}-dev/web
	docker push registry.heroku.com/${{ vars.HEROKU_SSO_APP_NAME \|\| 'lucuma-sso' }}-dev/web
	docker tag noirlab/lucuma-itc-service registry.heroku.com/${{ vars.HEROKU_ITC_APP_NAME \|\| 'itc' }}-dev/web:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_ITC_APP_NAME \|\| 'itc' }}-dev/web:${{ github.sha }}
	docker tag noirlab/lucuma-itc-service registry.heroku.com/${{ vars.HEROKU_ITC_APP_NAME \|\| 'itc' }}-staging/web:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_ITC_APP_NAME \|\| 'itc' }}-staging/web:${{ github.sha }}
	docker tag noirlab/lucuma-itc-service registry.heroku.com/${{ vars.HEROKU_ITC_APP_NAME \|\| 'itc' }}-production/web:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_ITC_APP_NAME \|\| 'itc' }}-production/web:${{ github.sha }}
	docker tag noirlab/lucuma-itc-service registry.heroku.com/${{ vars.HEROKU_ITC_APP_NAME \|\| 'itc' }}-dev/web
	docker push registry.heroku.com/${{ vars.HEROKU_ITC_APP_NAME \|\| 'itc' }}-dev/web
	docker tag noirlab/lucuma-odb-service registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/web:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/web:${{ github.sha }}
	docker tag noirlab/lucuma-odb-service registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-staging/web:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-staging/web:${{ github.sha }}
	docker tag noirlab/lucuma-odb-service registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-production/web:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-production/web:${{ github.sha }}
	docker tag noirlab/lucuma-odb-service registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/web
	docker push registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/web
	docker tag noirlab/obscalc-service registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/obscalc:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/obscalc:${{ github.sha }}
	docker tag noirlab/obscalc-service registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-staging/obscalc:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-staging/obscalc:${{ github.sha }}
	docker tag noirlab/obscalc-service registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-production/obscalc:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-production/obscalc:${{ github.sha }}
	docker tag noirlab/obscalc-service registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/obscalc
	docker push registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/obscalc
	docker tag noirlab/calibrations-service registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/calibration:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/calibration:${{ github.sha }}
	docker tag noirlab/calibrations-service registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-staging/calibration:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-staging/calibration:${{ github.sha }}
	docker tag noirlab/calibrations-service registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-production/calibration:${{ github.sha }}
	docker push registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-production/calibration:${{ github.sha }}
	docker tag noirlab/calibrations-service registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/calibration
	docker push registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/calibration

	- name: Release dev app in Heroku
	run: \|
	heroku container:release web -a ${{ vars.HEROKU_SSO_APP_NAME \|\| 'lucuma-sso' }}-dev -v
	heroku container:release web -a ${{ vars.HEROKU_ITC_APP_NAME \|\| 'itc' }}-dev -v
	heroku container:release web obscalc calibration -a ${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev -v

	- name: Get Docker image SHA
	run: \|
	echo "DOCKER_IMAGE_SHA_SSO_WEB=$(docker inspect registry.heroku.com/${{ vars.HEROKU_SSO_APP_NAME \|\| 'lucuma-sso' }}-dev/web:${{ github.sha }} --format={{.Id}})" >> $GITHUB_ENV
	echo "DOCKER_IMAGE_SHA_ITC_WEB=$(docker inspect registry.heroku.com/${{ vars.HEROKU_ITC_APP_NAME \|\| 'itc' }}-dev/web:${{ github.sha }} --format={{.Id}})" >> $GITHUB_ENV
	echo "DOCKER_IMAGE_SHA_ODB_WEB=$(docker inspect registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/web:${{ github.sha }} --format={{.Id}})" >> $GITHUB_ENV
	echo "DOCKER_IMAGE_SHA_ODB_OBSCALC=$(docker inspect registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/obscalc:${{ github.sha }} --format={{.Id}})" >> $GITHUB_ENV
	echo "DOCKER_IMAGE_SHA_ODB_CALIBRATION=$(docker inspect registry.heroku.com/${{ vars.HEROKU_ODB_APP_NAME \|\| 'lucuma-postgres-odb' }}-dev/calibration:${{ github.sha }} --format={{.Id}})" >> $GITHUB_ENV

	- name: Record deployment in GHA
	run: \|
	echo "Recording deployment ${{ github.sha }} for SSO to ${{ github.repository }}"
	curl -s -X POST https://api.github.com/repos/${{ github.repository }}/deployments -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github+json" -d '{ "ref": "${{ github.sha }}", "environment": "development", "description": "SSO deployment to dev", "auto_merge": false, "required_contexts": [], "task": "deploy:SSO", "payload": { "docker_image_shas": { "web": "${{ env.DOCKER_IMAGE_SHA_SSO_WEB }}" } } }'
	echo "Recording deployment ${{ github.sha }} for ITC to ${{ github.repository }}"
	curl -s -X POST https://api.github.com/repos/${{ github.repository }}/deployments -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github+json" -d '{ "ref": "${{ github.sha }}", "environment": "development", "description": "ITC deployment to dev", "auto_merge": false, "required_contexts": [], "task": "deploy:ITC", "payload": { "docker_image_shas": { "web": "${{ env.DOCKER_IMAGE_SHA_ITC_WEB }}" } } }'
	echo "Recording deployment ${{ github.sha }} for ODB to ${{ github.repository }}"
	curl -s -X POST https://api.github.com/repos/${{ github.repository }}/deployments -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github+json" -d '{ "ref": "${{ github.sha }}", "environment": "development", "description": "ODB deployment to dev", "auto_merge": false, "required_contexts": [], "task": "deploy:ODB", "payload": { "docker_image_shas": { "web": "${{ env.DOCKER_IMAGE_SHA_ODB_WEB }}", "obscalc": "${{ env.DOCKER_IMAGE_SHA_ODB_OBSCALC }}", "calibration": "${{ env.DOCKER_IMAGE_SHA_ODB_CALIBRATION }}" } } }'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

SC-6899 prepare for ephemerides #7216

Workflow file

SC-6899 prepare for ephemerides #7216

Uh oh!

Jobs

Run details

Workflow file for this run