From 1a10081050fd3f477cf40de9c4c2b13238ec3488 Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Tue, 2 May 2023 17:06:15 +0200 Subject: [PATCH 01/17] add admin creation task --- .github/workflows/ci_cd.yml | 1 + Gemfile | 1 + Gemfile.lock | 6 ++- lib/decidim/admin_creator.rb | 27 +++++++++++ lib/decidim/system_admin_creator.rb | 17 +++++++ lib/decidim/user_creator.rb | 15 +++++++ lib/tasks/decidim_app.rake | 17 +++++++ spec/lib/decidim/admin_creator_spec.rb | 45 +++++++++++++++++++ spec/lib/decidim/system_admin_creator_spec.rb | 23 ++++++++++ spec/lib/tasks/create_admin_task_spec.rb | 17 +++++++ .../tasks/create_system_admin_task_spec.rb | 17 +++++++ spec/spec_helper.rb | 5 +++ spec/support/environment_variables_helper.rb | 7 +++ 13 files changed, 196 insertions(+), 2 deletions(-) create mode 100644 lib/decidim/admin_creator.rb create mode 100644 lib/decidim/system_admin_creator.rb create mode 100644 lib/decidim/user_creator.rb create mode 100644 lib/tasks/decidim_app.rake create mode 100644 spec/lib/decidim/admin_creator_spec.rb create mode 100644 spec/lib/decidim/system_admin_creator_spec.rb create mode 100644 spec/lib/tasks/create_admin_task_spec.rb create mode 100644 spec/lib/tasks/create_system_admin_task_spec.rb create mode 100644 spec/support/environment_variables_helper.rb diff --git a/.github/workflows/ci_cd.yml b/.github/workflows/ci_cd.yml index aac4327f..c2660265 100644 --- a/.github/workflows/ci_cd.yml +++ b/.github/workflows/ci_cd.yml @@ -4,6 +4,7 @@ on: push env: CI: "true" SIMPLECOV: "true" + RSPEC_FORMAT: "documentation" RUBY_VERSION: 2.7.5 jobs: diff --git a/Gemfile b/Gemfile index ad611440..1dc10a36 100644 --- a/Gemfile +++ b/Gemfile @@ -37,6 +37,7 @@ gem "sys-filesystem" group :development, :test do gem "byebug", "~> 11.0", platform: :mri + gem "climate_control", "~> 1.2" gem "decidim-dev", DECIDIM_VERSION end diff --git a/Gemfile.lock b/Gemfile.lock index f365ba40..d7fc7705 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -339,6 +339,7 @@ GEM chef-utils (17.7.22) concurrent-ruby childprocess (3.0.0) + climate_control (1.2.0) coercible (1.0.0) descendants_tracker (~> 0.0.1) coffee-rails (5.0.0) @@ -936,6 +937,7 @@ DEPENDENCIES activejob-uniqueness bootsnap (~> 1.4) byebug (~> 11.0) + climate_control (~> 1.2) dalli decidim! decidim-anonymous_proposals! @@ -969,7 +971,7 @@ DEPENDENCIES web-console (~> 3.5) RUBY VERSION - ruby 2.7.5p203 + ruby 2.7.1p83 BUNDLED WITH - 2.4.9 + 2.3.26 diff --git a/lib/decidim/admin_creator.rb b/lib/decidim/admin_creator.rb new file mode 100644 index 00000000..81947bfb --- /dev/null +++ b/lib/decidim/admin_creator.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +require "decidim/user_creator" + +module Decidim + class AdminCreator < Decidim::UserCreator + def self.create!(env) + new({ organization: env_organization_or_first(env["organization_id"]), + name: env["name"], + nickname: env["nickname"], + email: env["email"], + password: env["password"] }).create! + end + + def create! + super + + Decidim::User.create!(@attributes.merge({ tos_agreement: "1", admin: true })) + end + + def self.env_organization_or_first(organization_id) + Decidim::Organization.find(organization_id) + rescue ActiveRecord::RecordNotFound + Decidim::Organization.first + end + end +end diff --git a/lib/decidim/system_admin_creator.rb b/lib/decidim/system_admin_creator.rb new file mode 100644 index 00000000..3e25c9a2 --- /dev/null +++ b/lib/decidim/system_admin_creator.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +require "decidim/user_creator" + +module Decidim + class SystemAdminCreator < Decidim::UserCreator + def self.create!(env) + new({ email: env["email"], password: env["password"] }).create! + end + + def create! + super + + Decidim::System::Admin.create!(@attributes) + end + end +end diff --git a/lib/decidim/user_creator.rb b/lib/decidim/user_creator.rb new file mode 100644 index 00000000..a5a7c587 --- /dev/null +++ b/lib/decidim/user_creator.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +module Decidim + class UserCreator + def initialize(attributes) + @attributes = attributes + end + + def create! + missing = @attributes.select { |_k, v| v.nil? }.keys + + raise "Missing parameters: #{missing.join(", ")}" unless missing.empty? + end + end +end diff --git a/lib/tasks/decidim_app.rake b/lib/tasks/decidim_app.rake new file mode 100644 index 00000000..8a62e597 --- /dev/null +++ b/lib/tasks/decidim_app.rake @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +require "decidim/admin_creator" +require "decidim/system_admin_creator" + +namespace :decidim_app do + desc "Create admin user with decidim_app:create_admin name='John Doe' nickname='johndoe' email='john@example.org', password='decidim123456' organization_id='1'" + task create_admin: :environment do + Decidim::AdminCreator.create!(ENV) ? puts("Admin created successfully") : puts("Admin creation failed") + end + + desc "Create system user with decidim_app:create_system_admin email='john@example.org', password='decidim123456'" + task create_system_admin: :environment do + Decidim::SystemAdminCreator.create!(ENV) ? puts("System admin created successfully") : puts("System admin creation failed") + end +end + diff --git a/spec/lib/decidim/admin_creator_spec.rb b/spec/lib/decidim/admin_creator_spec.rb new file mode 100644 index 00000000..714a5eef --- /dev/null +++ b/spec/lib/decidim/admin_creator_spec.rb @@ -0,0 +1,45 @@ +# frozen_string_literal: true + +require "spec_helper" +require "decidim/admin_creator" + +module Decidim + describe AdminCreator do + let!(:organization) { create(:organization) } + let(:name) { "John Doe" } + let(:nickname) { "JD" } + let(:email) { "john@example.org" } + let(:password) { "decidim123456" } + let(:organization_id) { organization.id.to_s } + + let(:environment) do + { + "organization_id" => organization_id, + "name" => name, + "nickname" => nickname, + "email" => email, + "password" => password + } + end + + it "creates admin" do + expect { described_class.create!(environment) }.to change(Decidim::User, :count).by(1) + expect(Decidim::User.last.admin).to eq(true) + expect(Decidim::User.last.nickname).to eq(nickname) + expect(Decidim::User.last.organization).to eq(organization) + expect(Decidim::User.last.email).to eq(email) + end + + context "when organization is missing" do + let(:organization_id) { nil } + + it "creates admins with first organization" do + expect { described_class.create!(environment) }.to change(Decidim::User, :count).by(1) + expect(Decidim::User.last.admin).to eq(true) + expect(Decidim::User.last.nickname).to eq(nickname) + expect(Decidim::User.last.organization).to eq(organization) + expect(Decidim::User.last.email).to eq(email) + end + end + end +end diff --git a/spec/lib/decidim/system_admin_creator_spec.rb b/spec/lib/decidim/system_admin_creator_spec.rb new file mode 100644 index 00000000..d1778077 --- /dev/null +++ b/spec/lib/decidim/system_admin_creator_spec.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +require "spec_helper" +require "decidim/system_admin_creator" + +module Decidim + describe SystemAdminCreator do + let(:email) { "john@example.org" } + let(:password) { "decidim123456" } + + let(:environment) do + { + "email" => email, + "password" => password + } + end + + it "creates admin" do + expect { described_class.create!(environment) }.to change(Decidim::System::Admin, :count).by(1) + expect(Decidim::System::Admin.last.email).to eq(email) + end + end +end diff --git a/spec/lib/tasks/create_admin_task_spec.rb b/spec/lib/tasks/create_admin_task_spec.rb new file mode 100644 index 00000000..3fe9812e --- /dev/null +++ b/spec/lib/tasks/create_admin_task_spec.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +require "spec_helper" + +describe "rake decidim_app:create_admin", type: :task do + let(:task_cmd) { "decidim_app:create_admin" } + + before do + allow(Decidim::AdminCreator).to receive(:create!).with(ENV).and_return(true) + + Rake::Task[task_cmd].reenable + end + + it "invokes the admin creator" do + expect { Rake::Task[task_cmd].invoke }.to output("Admin created successfully\n").to_stdout + end +end diff --git a/spec/lib/tasks/create_system_admin_task_spec.rb b/spec/lib/tasks/create_system_admin_task_spec.rb new file mode 100644 index 00000000..16f717fe --- /dev/null +++ b/spec/lib/tasks/create_system_admin_task_spec.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +require "spec_helper" + +describe "rake decidim_app:create_system_admin", type: :task do + let(:task_cmd) { "decidim_app:create_system_admin" } + + before do + allow(Decidim::SystemAdminCreator).to receive(:create!).with(ENV).and_return(true) + + Rake::Task[task_cmd].reenable + end + + it "invokes the admin creator" do + expect { Rake::Task[task_cmd].invoke }.to output("System admin created successfully\n").to_stdout + end +end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 981021a5..29835f0a 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -4,10 +4,15 @@ Decidim::Dev.dummy_app_path = File.expand_path(Rails.root.to_s) require "decidim/dev/test/base_spec_helper" +Dir.glob("./spec/support/**/*.rb").sort.each { |f| require f } + DEFAULT_LOCALE = :en AVAILABLE_LOCALES = [:en, :ca, :es, :fr].freeze RSpec.configure do |config| + config.formatter = ENV.fetch("RSPEC_FORMAT", "progress").to_sym + config.include EnvironmentVariablesHelper + config.before do # I18n configuration I18n.available_locales = AVAILABLE_LOCALES diff --git a/spec/support/environment_variables_helper.rb b/spec/support/environment_variables_helper.rb new file mode 100644 index 00000000..3d833d05 --- /dev/null +++ b/spec/support/environment_variables_helper.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +module EnvironmentVariablesHelper + def with_modified_env(options = {}, &block) + ClimateControl.modify(options, &block) + end +end From 41ed5bf2e5c6f0bd2068d3d5bfcb531e4ef9ea1d Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Tue, 2 May 2023 17:08:39 +0200 Subject: [PATCH 02/17] lint --- lib/tasks/decidim_app.rake | 1 - spec/lib/decidim/admin_creator_spec.rb | 4 ++-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/lib/tasks/decidim_app.rake b/lib/tasks/decidim_app.rake index 8a62e597..1920c71a 100644 --- a/lib/tasks/decidim_app.rake +++ b/lib/tasks/decidim_app.rake @@ -14,4 +14,3 @@ namespace :decidim_app do Decidim::SystemAdminCreator.create!(ENV) ? puts("System admin created successfully") : puts("System admin creation failed") end end - diff --git a/spec/lib/decidim/admin_creator_spec.rb b/spec/lib/decidim/admin_creator_spec.rb index 714a5eef..fa17a3b0 100644 --- a/spec/lib/decidim/admin_creator_spec.rb +++ b/spec/lib/decidim/admin_creator_spec.rb @@ -24,7 +24,7 @@ module Decidim it "creates admin" do expect { described_class.create!(environment) }.to change(Decidim::User, :count).by(1) - expect(Decidim::User.last.admin).to eq(true) + expect(Decidim::User.last.admin).to be(true) expect(Decidim::User.last.nickname).to eq(nickname) expect(Decidim::User.last.organization).to eq(organization) expect(Decidim::User.last.email).to eq(email) @@ -35,7 +35,7 @@ module Decidim it "creates admins with first organization" do expect { described_class.create!(environment) }.to change(Decidim::User, :count).by(1) - expect(Decidim::User.last.admin).to eq(true) + expect(Decidim::User.last.admin).to be(true) expect(Decidim::User.last.nickname).to eq(nickname) expect(Decidim::User.last.organization).to eq(organization) expect(Decidim::User.last.email).to eq(email) From 5593f11d6dbda1308d479efb5fb251b433bf65f8 Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Tue, 2 May 2023 17:25:39 +0200 Subject: [PATCH 03/17] update CI --- .github/ISSUE_TEMPLATE/bug_report.md | 34 ++++++++++ .github/PULL_REQUEST_TEMPLATE.md | 25 ++++++++ .github/workflows/{ci_cd.yml => tests.yml} | 74 ++++++++++++++-------- 3 files changed, 107 insertions(+), 26 deletions(-) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/PULL_REQUEST_TEMPLATE.md rename .github/workflows/{ci_cd.yml => tests.yml} (59%) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 00000000..603022c2 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,34 @@ +--- +name: Bug report +about: Create a report to help us improve + +--- + +**Describe the bug** +A clear and concise description of what the bug is. + +**To Reproduce** +Steps to reproduce the behavior: +1. Go to '...' +2. Click on '....' +3. Scroll down to '....' +4. See error + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Screenshots** +If applicable, add screenshots to help explain your problem. + +**Stacktrace** +If applicable, add the error stacktrace to help explain your problem. + +**Extra data (please complete the following information):** +- Device: [e.g. iPhone6, Desktop] +- Device OS: [e.g. iOS8.1, Windows 10] +- Browser: [e.g. Chrome, Firefox, Safari] +- Decidim Version: [e.g. 0.10] +- Decidim installation: [e.g. Metadecidim] + +**Additional context** +Add any other context about the problem here. For instance, add Metadecidim link. \ No newline at end of file diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 00000000..93d962cb --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,25 @@ +#### :tophat: Description +*Please describe your pull request.* + +#### :pushpin: Related Issues +*Link your PR to an issue* +- Related to #? +- Fixes #? +- [Notion card]() + +#### Testing +*Describe the best way to test or validate your PR.* + +Example: +* Log in as admin +* Access Backoffice +* Go to organization settings +* See ... + +#### Tasks +- [ ] Add specs +- [ ] Add note about overrides in OVERLOADS.md +- [ ] In case of new dependencies or version bump, update related documentation + +### :camera: Screenshots +*Please add screenshots of the changes you're proposing if related to the UI* diff --git a/.github/workflows/ci_cd.yml b/.github/workflows/tests.yml similarity index 59% rename from .github/workflows/ci_cd.yml rename to .github/workflows/tests.yml index c2660265..ed461102 100644 --- a/.github/workflows/ci_cd.yml +++ b/.github/workflows/tests.yml @@ -1,13 +1,25 @@ -name: "CI-CD" -on: push +name: "CI/CD" +on: [push] env: CI: "true" SIMPLECOV: "true" RSPEC_FORMAT: "documentation" RUBY_VERSION: 2.7.5 + RAILS_ENV: test + NODE_VERSION: 16.9.1 + RUBYOPT: '-W:no-deprecated' jobs: + todo: + name: TODO + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 1 + - name: "TODO to Issue" + uses: "alstr/todo-to-issue-action@v4" lint: name: Lint code runs-on: ubuntu-latest @@ -18,30 +30,10 @@ jobs: if: "github.ref != 'refs/heads/develop'" env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - - uses: actions/checkout@v2.0.0 - with: - fetch-depth: 1 - - uses: ruby/setup-ruby@v1 + - uses: OpenSourcePolitics/lint-action@master with: - ruby-version: ${{ env.RUBY_VERSION }} - bundler-cache: true - - uses: actions/setup-node@v1 - with: - node-version: ${{ env.NODE_VERSION }} - - name: Get npm cache directory path - id: npm-cache-dir-path - run: echo "::set-output name=dir::$(npm get cache)-lint" - - uses: actions/cache@v2 - id: npm-cache - with: - path: ${{ steps.npm-cache-dir-path.outputs.dir }} - key: npm-${{ hashFiles('**/package-lock.json') }} - restore-keys: | - npm- - - name: Install JS dependencies - run: npm ci - - run: bundle exec rubocop -P - name: Lint Ruby files + ruby_version: ${{ env.RUBY_VERSION }} + node_version: ${{ env.NODE_VERSION }} tests: name: Tests runs-on: ubuntu-latest @@ -49,7 +41,7 @@ jobs: services: postgres: image: postgres:11 - ports: ["5432:5432"] + ports: [ "5432:5432" ] options: >- --health-cmd pg_isready --health-interval 10s @@ -92,3 +84,33 @@ jobs: with: name: screenshots path: ./spec/decidim_dummy_app/tmp/screenshots + test_build: + name: Test build docker image + runs-on: ubuntu-latest + services: + postgres: + image: postgres:11 + ports: [ "5432:5432" ] + options: >- + --health-cmd pg_isready + --health-interval 10s + --health-timeout 5s + --health-retries 5 + env: + POSTGRES_PASSWORD: postgres + env: + DATABASE_USERNAME: postgres + DATABASE_PASSWORD: postgres + DATABASE_HOST: host.docker.internal + steps: + - uses: OpenSourcePolitics/build-and-test-images-action@master + with: + registry: ${{ vars.REGISTRY_ENDPOINT }} + namespace: ${{ vars.REGISTRY_NAMESPACE }} + image_name: ${{ vars.IMAGE_NAME }} + tag: ${{ github.ref }} + password: ${{ secrets.TOKEN }} + database_username: ${{ env.DATABASE_USERNAME }} + database_password: ${{ env.DATABASE_PASSWORD }} + database_host: ${{ env.DATABASE_HOST }} + From 717689996e6c9a8c9ce3f2d3a033647756a9027e Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Tue, 2 May 2023 17:32:46 +0200 Subject: [PATCH 04/17] remove todo --- .github/workflows/tests.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index ed461102..18a4fad4 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -11,15 +11,6 @@ env: RUBYOPT: '-W:no-deprecated' jobs: - todo: - name: TODO - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 1 - - name: "TODO to Issue" - uses: "alstr/todo-to-issue-action@v4" lint: name: Lint code runs-on: ubuntu-latest From c662b37a9ae75c0b65c331e9cc8b7c428f14533a Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Tue, 2 May 2023 17:35:21 +0200 Subject: [PATCH 05/17] add healtcheck --- Gemfile | 2 ++ Gemfile.lock | 9 +++++++++ config/initializers/health_check.rb | 29 ++++++++++++++++++++++++++++ config/initializers/sidekiq_alive.rb | 7 +++++++ 4 files changed, 47 insertions(+) create mode 100644 config/initializers/health_check.rb create mode 100644 config/initializers/sidekiq_alive.rb diff --git a/Gemfile b/Gemfile index 1dc10a36..e0a7e04f 100644 --- a/Gemfile +++ b/Gemfile @@ -51,6 +51,7 @@ end group :production do gem "dalli" + gem "health_check", "~> 3.1" gem "lograge" gem "newrelic_rpm" gem "passenger" @@ -59,5 +60,6 @@ group :production do gem "sentry-ruby" gem "sentry-sidekiq" gem "sidekiq" + gem "sidekiq_alive", "~> 2.2" gem "sidekiq-scheduler" end diff --git a/Gemfile.lock b/Gemfile.lock index d7fc7705..248f789c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -506,6 +506,8 @@ GEM graphql (1.12.17) hashdiff (1.0.1) hashie (4.1.0) + health_check (3.1.0) + railties (>= 5.0) highline (2.0.3) html_tokenizer (0.0.7) htmlentities (4.3.4) @@ -847,6 +849,10 @@ GEM sidekiq (>= 3) thwait tilt (>= 1.4.0) + sidekiq_alive (2.2.0) + rack (< 3) + sidekiq (>= 5, < 8) + webrick (>= 1, < 2) simplecov (0.19.1) docile (~> 1.1) simplecov-html (~> 0.11) @@ -919,6 +925,7 @@ GEM addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) + webrick (1.8.1) websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) @@ -949,6 +956,7 @@ DEPENDENCIES faker (~> 2.14) fog-aws globalid (~> 1.0) + health_check (~> 3.1) letter_opener_web (~> 1.3) listen (~> 3.1) lograge @@ -963,6 +971,7 @@ DEPENDENCIES sentry-sidekiq sidekiq sidekiq-scheduler + sidekiq_alive (~> 2.2) spring (~> 2.0) spring-watcher-listen (~> 2.0) sprockets (~> 3.7) diff --git a/config/initializers/health_check.rb b/config/initializers/health_check.rb new file mode 100644 index 00000000..7bd0f9ce --- /dev/null +++ b/config/initializers/health_check.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: true + +return unless Rails.env.production? + +HealthCheck.setup do |config| + # uri prefix (no leading slash) + config.uri = "health_check" + + # Text output upon success + config.success = "success" + + # Text output upon failure + config.failure = "health_check failed" + + # Disable the error message to prevent /health_check from leaking + # sensitive information + config.include_error_in_response_body = false + + # Log level (success or failure message with error details is sent to rails log unless this is set to nil) + config.log_level = "info" + + # Timeout in seconds used when checking smtp server + config.smtp_timeout = 30.0 + + config.http_status_for_error_object = 500 + + # You can customize which checks happen on a standard health check, eg to set an explicit list use: + config.standard_checks = %w(database migrations) +end diff --git a/config/initializers/sidekiq_alive.rb b/config/initializers/sidekiq_alive.rb new file mode 100644 index 00000000..944ae08e --- /dev/null +++ b/config/initializers/sidekiq_alive.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +return unless Rails.env.production? + +SidekiqAlive.setup do |config| + config.path = "/sidekiq_alive" +end From 37d32e1eb019e7dedaa811f323996a1dc440ff3f Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Tue, 2 May 2023 17:39:06 +0200 Subject: [PATCH 06/17] update dockerfile --- Dockerfile | 66 ++++++++++++++++++++++++++---------------------------- 1 file changed, 32 insertions(+), 34 deletions(-) diff --git a/Dockerfile b/Dockerfile index cd297800..da60f4d9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,39 +1,37 @@ -FROM ruby:2.6.3 - -ENV LANG C.UTF-8 -ENV LC_ALL C.UTF-8 -ENV RAILS_ENV=production -ENV RAILS_LOG_TO_STDOUT=true -ENV PORT=3000 -ENV SECRET_KEY_BASE=f97271c0788641d98a8a7feaa2b8b40fdc28f83285a4f23703abdaf3ac0641a4f047788fd15e4b698e026325ebda371573c370fd6a3bdb720d7e04a580b84882 -ENV RAILS_SERVE_STATIC_FILES=true - -# Installs bundler dependencies -ENV \ - BUNDLE_BIN=/usr/local/bundle/bin \ - BUNDLE_JOBS=10 \ - BUNDLE_PATH=/usr/local/bundle \ - BUNDLE_RETRY=3 \ - GEM_HOME=/bundle -ENV PATH="${BUNDLE_BIN}:${PATH}" - -RUN apt-get update -qq -RUN apt-get install -y git imagemagick wget \ - && apt-get clean -RUN curl -sL https://deb.nodesource.com/setup_10.x | bash - \ - && apt-get install -y nodejs \ - && apt-get clean -RUN npm install -g npm@6.3.0 +FROM ruby:2.7.5 + +ENV RAILS_ENV=production \ + SECRET_KEY_BASE=dummy WORKDIR /app -RUN mkdir -p /app -COPY docker-entrypoint.sh /app/ -RUN chmod +x /app/docker-entrypoint.sh +# Install NodeJS +RUN --mount=type=cache,target=/var/cache/apt \ + curl https://deb.nodesource.com/setup_16.x | bash && \ + apt install -y nodejs && \ + apt update && \ + npm install -g npm@8.19.2 && \ + npm install --global yarn && \ + apt install -y libicu-dev postgresql-client && \ + gem install bundler:2.2.17 && \ + rm -rf /var/lib/apt/lists/* + +COPY Gemfile* ./ +RUN bundle config set --local without 'development test' && bundle install + +COPY package* ./ +COPY yarn.lock . +COPY packages packages +RUN yarn install -COPY Gemfile* /app/ -RUN export BUNDLER_VERSION=$(cat Gemfile.lock | tail -1 | tr -d " ") -RUN gem install bundler -RUN bundle check || bundle install --system -COPY . /app/ +COPY . . + +RUN bundle exec bootsnap precompile --gemfile app/ lib/ config/ bin/ db/ && bundle exec rails assets:precompile + +# Configure endpoint. +COPY ./entrypoint.sh /usr/bin/ +RUN chmod +x /usr/bin/entrypoint.sh +ENTRYPOINT ["entrypoint.sh"] EXPOSE 3000 + +CMD ["bundle", "exec", "rails", "server", "-b", "0.0.0.0"] From 27f640b6b89824828ac1fbd63a1557a396252b13 Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Tue, 2 May 2023 17:44:17 +0200 Subject: [PATCH 07/17] update CI and CD --- .github/workflows/deploy_production.yml | 25 ++++++++++++++++++++ .github/workflows/release.yml | 20 ++++++++++++++++ .github/workflows/tests.yml | 31 +++++++++++++++++++++++++ 3 files changed, 76 insertions(+) create mode 100644 .github/workflows/deploy_production.yml create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/deploy_production.yml b/.github/workflows/deploy_production.yml new file mode 100644 index 00000000..1437709b --- /dev/null +++ b/.github/workflows/deploy_production.yml @@ -0,0 +1,25 @@ +name: "Deploy production" +on: [ workflow_dispatch ] + +env: + CI: "true" + SIMPLECOV: "true" + RUBY_VERSION: 2.7.5 + RAILS_ENV: test + NODE_VERSION: 16.9.1 + RUBYOPT: '-W:no-deprecated' + +jobs: + deploy_master: + if: "github.ref == 'refs/heads/master'" + name: Deploy master branch on production instance + runs-on: ubuntu-latest + steps: + - name: Run Ansible playbook + uses: appleboy/ssh-action@v0.1.4 + with: + host: ${{ secrets.ANSIBLE_HOST }} + username: ${{ secrets.ANSIBLE_USERNAME }} + key: ${{ secrets.ANSIBLE_KEY }} + port: ${{ secrets.SSH_PORT }} + script: ansible-playbook -u ${{ secrets.ANSIBLE_USERNAME }} --private-key="~/.ssh/ansible-deploy/ansible-deploy" -i /home/${{ secrets.ANSIBLE_USERNAME }}/ansible/decidim/inventories/production.yml /home/${{ secrets.ANSIBLE_USERNAME }}/ansible/decidim/playbooks/update_decidim_app.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..87739e66 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,20 @@ +name: "Release" + +on: + push: + tags: + - 'v*' + +jobs: + build_and_push_image_prod: + name: Build and push image to Registry + runs-on: ubuntu-latest + steps: + + - uses: OpenSourcePolitics/build-and-push-images-action@master + with: + registry: ${{ vars.REGISTRY_ENDPOINT }} + namespace: ${{ vars.REGISTRY_NAMESPACE }} + password: ${{ secrets.TOKEN }} + image_name: ${{ vars.IMAGE_NAME }} + tag: "${{github.ref_name}}" \ No newline at end of file diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 18a4fad4..3735478c 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -104,4 +104,35 @@ jobs: database_username: ${{ env.DATABASE_USERNAME }} database_password: ${{ env.DATABASE_PASSWORD }} database_host: ${{ env.DATABASE_HOST }} + build_and_push_image_dev: + name: Build and push image to Registry + if: "github.ref == 'refs/heads/develop'" + needs: [ lint, tests, system_tests, test_build ] + runs-on: ubuntu-latest + steps: + - uses: OpenSourcePolitics/build-and-push-images-action@master + with: + registry: ${{ vars.REGISTRY_ENDPOINT }} + namespace: ${{ vars.REGISTRY_NAMESPACE }} + password: ${{ secrets.TOKEN }} + image_name: ${{ vars.IMAGE_NAME }} + tag: "develop-${{ github.sha }}" + generate_release: + name: Generate release + needs: [ lint, tests, system_tests, test_build ] + if: "github.ref == 'refs/heads/master'" + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + name: Bump version and push tag + id: tag_version + - uses: mathieudutour/github-tag-action@v6.1 + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + - uses: ncipollo/release-action@v1 + name: Create a GitHub release + with: + tag: ${{ steps.tag_version.outputs.new_tag }} + name: Release ${{ steps.tag_version.outputs.new_tag }} + body: ${{ steps.tag_version.outputs.changelog }} From 85ca5b6ba48172bbb4d4dbb910ebd0402af32738 Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Tue, 2 May 2023 17:49:48 +0200 Subject: [PATCH 08/17] lint --- Gemfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Gemfile b/Gemfile index e0a7e04f..803ab8d6 100644 --- a/Gemfile +++ b/Gemfile @@ -38,7 +38,6 @@ gem "sys-filesystem" group :development, :test do gem "byebug", "~> 11.0", platform: :mri gem "climate_control", "~> 1.2" - gem "decidim-dev", DECIDIM_VERSION end From 4dafc11494aac44eb046351c400d0a477e771b36 Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Tue, 2 May 2023 17:51:10 +0200 Subject: [PATCH 09/17] relaunch ci --- Gemfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Gemfile b/Gemfile index 803ab8d6..e0a7e04f 100644 --- a/Gemfile +++ b/Gemfile @@ -38,6 +38,7 @@ gem "sys-filesystem" group :development, :test do gem "byebug", "~> 11.0", platform: :mri gem "climate_control", "~> 1.2" + gem "decidim-dev", DECIDIM_VERSION end From 02381e92cd9be3ae0314cfafa685a790962dfd96 Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Tue, 2 May 2023 17:55:11 +0200 Subject: [PATCH 10/17] remove system tests from needs --- .github/workflows/tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 3735478c..9d8714f5 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -107,7 +107,7 @@ jobs: build_and_push_image_dev: name: Build and push image to Registry if: "github.ref == 'refs/heads/develop'" - needs: [ lint, tests, system_tests, test_build ] + needs: [ lint, tests, test_build ] runs-on: ubuntu-latest steps: - uses: OpenSourcePolitics/build-and-push-images-action@master @@ -119,7 +119,7 @@ jobs: tag: "develop-${{ github.sha }}" generate_release: name: Generate release - needs: [ lint, tests, system_tests, test_build ] + needs: [ lint, tests, test_build ] if: "github.ref == 'refs/heads/master'" runs-on: ubuntu-latest steps: From 3a83449464b3fe0e028b174919dd50c4bbe13896 Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Tue, 2 May 2023 17:59:55 +0200 Subject: [PATCH 11/17] add entrypoints --- entrypoint.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100755 entrypoint.sh diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100755 index 00000000..0d6ada5e --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,10 @@ +#!/bin/bash +set -e + +# Remove a potentially pre-existing server.pid for Rails. +if [ -f /app/tmp/pids/server.pid ]; then + rm /app/tmp/pids/server.pid +fi + +# Then exec the container's main process (what's set as CMD in the Dockerfile). +exec "$@" From 22d877a7062b6a786be3e6fe26c12507d0af8a96 Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Wed, 3 May 2023 09:30:16 +0200 Subject: [PATCH 12/17] remove copy packages --- Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index da60f4d9..79e39ab0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -21,7 +21,6 @@ RUN bundle config set --local without 'development test' && bundle install COPY package* ./ COPY yarn.lock . -COPY packages packages RUN yarn install COPY . . From 6e511a6b63f4c43beeefd3b961814714d7c25386 Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Wed, 3 May 2023 09:44:32 +0200 Subject: [PATCH 13/17] split actions --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 79e39ab0..22feb524 100644 --- a/Dockerfile +++ b/Dockerfile @@ -25,7 +25,8 @@ RUN yarn install COPY . . -RUN bundle exec bootsnap precompile --gemfile app/ lib/ config/ bin/ db/ && bundle exec rails assets:precompile +RUN bundle exec bootsnap precompile --gemfile app/ lib/ config/ bin/ db/ \ +RUN bundle exec rake assets:precompile # Configure endpoint. COPY ./entrypoint.sh /usr/bin/ From b19a9300754c875de593391ccbe2b6bd8a69f1eb Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Fri, 5 May 2023 10:32:46 +0200 Subject: [PATCH 14/17] change inventory name --- .github/workflows/deploy_production.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy_production.yml b/.github/workflows/deploy_production.yml index 1437709b..22ac3144 100644 --- a/.github/workflows/deploy_production.yml +++ b/.github/workflows/deploy_production.yml @@ -22,4 +22,4 @@ jobs: username: ${{ secrets.ANSIBLE_USERNAME }} key: ${{ secrets.ANSIBLE_KEY }} port: ${{ secrets.SSH_PORT }} - script: ansible-playbook -u ${{ secrets.ANSIBLE_USERNAME }} --private-key="~/.ssh/ansible-deploy/ansible-deploy" -i /home/${{ secrets.ANSIBLE_USERNAME }}/ansible/decidim/inventories/production.yml /home/${{ secrets.ANSIBLE_USERNAME }}/ansible/decidim/playbooks/update_decidim_app.yml + script: ansible-playbook -u ${{ secrets.ANSIBLE_USERNAME }} --private-key="~/.ssh/ansible-deploy/ansible-deploy" -i /home/${{ secrets.ANSIBLE_USERNAME }}/ansible/decidim/inventories/cese.yml /home/${{ secrets.ANSIBLE_USERNAME }}/ansible/decidim/playbooks/update_decidim_app.yml From e723c002f5b3b9b1ded4874417c77ba34052622e Mon Sep 17 00:00:00 2001 From: quentinchampenois Date: Fri, 5 May 2023 10:54:06 +0200 Subject: [PATCH 15/17] Remove CD for production --- .github/workflows/deploy_production.yml | 25 ------------------------- .github/workflows/release.yml | 1 - 2 files changed, 26 deletions(-) delete mode 100644 .github/workflows/deploy_production.yml diff --git a/.github/workflows/deploy_production.yml b/.github/workflows/deploy_production.yml deleted file mode 100644 index 22ac3144..00000000 --- a/.github/workflows/deploy_production.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: "Deploy production" -on: [ workflow_dispatch ] - -env: - CI: "true" - SIMPLECOV: "true" - RUBY_VERSION: 2.7.5 - RAILS_ENV: test - NODE_VERSION: 16.9.1 - RUBYOPT: '-W:no-deprecated' - -jobs: - deploy_master: - if: "github.ref == 'refs/heads/master'" - name: Deploy master branch on production instance - runs-on: ubuntu-latest - steps: - - name: Run Ansible playbook - uses: appleboy/ssh-action@v0.1.4 - with: - host: ${{ secrets.ANSIBLE_HOST }} - username: ${{ secrets.ANSIBLE_USERNAME }} - key: ${{ secrets.ANSIBLE_KEY }} - port: ${{ secrets.SSH_PORT }} - script: ansible-playbook -u ${{ secrets.ANSIBLE_USERNAME }} --private-key="~/.ssh/ansible-deploy/ansible-deploy" -i /home/${{ secrets.ANSIBLE_USERNAME }}/ansible/decidim/inventories/cese.yml /home/${{ secrets.ANSIBLE_USERNAME }}/ansible/decidim/playbooks/update_decidim_app.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 87739e66..341e666e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,7 +10,6 @@ jobs: name: Build and push image to Registry runs-on: ubuntu-latest steps: - - uses: OpenSourcePolitics/build-and-push-images-action@master with: registry: ${{ vars.REGISTRY_ENDPOINT }} From 21decfc6b9edfbef0c804bee3de98609d1c72b4e Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Fri, 5 May 2023 13:10:11 +0200 Subject: [PATCH 16/17] update ci cd --- .github/workflows/{tests.yml => ci_cd.yml} | 10 +++++++++- .github/workflows/release.yml | 19 ------------------- 2 files changed, 9 insertions(+), 20 deletions(-) rename .github/workflows/{tests.yml => ci_cd.yml} (92%) diff --git a/.github/workflows/tests.yml b/.github/workflows/ci_cd.yml similarity index 92% rename from .github/workflows/tests.yml rename to .github/workflows/ci_cd.yml index 9d8714f5..b5801870 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/ci_cd.yml @@ -124,15 +124,23 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 + - uses: mathieudutour/github-tag-action@v6.1 name: Bump version and push tag id: tag_version - - uses: mathieudutour/github-tag-action@v6.1 with: github_token: ${{ secrets.GITHUB_TOKEN }} - uses: ncipollo/release-action@v1 name: Create a GitHub release with: + generateReleaseNotes: true tag: ${{ steps.tag_version.outputs.new_tag }} name: Release ${{ steps.tag_version.outputs.new_tag }} body: ${{ steps.tag_version.outputs.changelog }} + - uses: OpenSourcePolitics/build-and-push-images-action@master + with: + registry: ${{ vars.REGISTRY_ENDPOINT }} + namespace: ${{ vars.REGISTRY_NAMESPACE }} + password: ${{ secrets.TOKEN }} + image_name: ${{ vars.IMAGE_NAME }} + tag: ${{ steps.tag_version.outputs.new_tag }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 341e666e..e69de29b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,19 +0,0 @@ -name: "Release" - -on: - push: - tags: - - 'v*' - -jobs: - build_and_push_image_prod: - name: Build and push image to Registry - runs-on: ubuntu-latest - steps: - - uses: OpenSourcePolitics/build-and-push-images-action@master - with: - registry: ${{ vars.REGISTRY_ENDPOINT }} - namespace: ${{ vars.REGISTRY_NAMESPACE }} - password: ${{ secrets.TOKEN }} - image_name: ${{ vars.IMAGE_NAME }} - tag: "${{github.ref_name}}" \ No newline at end of file From 7b3a774cb390188e921ca3f7f828bae41bc0abaa Mon Sep 17 00:00:00 2001 From: Elie Gaboriau Date: Fri, 5 May 2023 13:11:48 +0200 Subject: [PATCH 17/17] remove release --- .github/workflows/release.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index e69de29b..00000000