Skip to content

Update dependency fastapi to v0.109.1 [SECURITY] #3119

Update dependency fastapi to v0.109.1 [SECURITY]

Update dependency fastapi to v0.109.1 [SECURITY] #3119

Workflow file for this run

name: CI/CD
on: [push]
env:
BASE_URL_PREVIEW: mailer-romainclement.vercel.app
PYTHON_VERSION: '3.11.4'
jobs:
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Cache Python modules
uses: actions/cache@v3
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('**/Pipfile.lock') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install --upgrade pipenv
pipenv install --dev --deploy
- name: Run QA
run: |
pipenv run inv qa
pipenv run coverage xml
- name: Publish code coverage to Codecov
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
file: ./coverage.xml
build-docker:
name: Docker build
runs-on: ubuntu-latest
needs: test
env:
IMAGE_NAME: ${{ secrets.DOCKER_USERNAME }}/mailer
IMAGE_TAG: latest
steps:
- uses: actions/checkout@v4
- name: Select Docker image tag (production only)
if: contains(github.ref, 'tags')
run: echo "IMAGE_TAG=${GITHUB_REF##*/}" >> $GITHUB_ENV
- name: Pull latest Docker image
run: docker pull $IMAGE_NAME:latest || true
- name: Build Docker image (${{ env.IMAGE_TAG }})
run: docker build -t $IMAGE_NAME:$IMAGE_TAG --cache-from $IMAGE_NAME:latest .
- name: Log into Docker Registry
if: contains(github.ref, 'master') || contains(github.ref, 'tags')
run: echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
- name: Push Docker image
if: contains(github.ref, 'master') || contains(github.ref, 'tags')
run: |
docker push $IMAGE_NAME:$IMAGE_TAG
build-docs:
name: Build Documentation
runs-on: ubuntu-latest
needs: test
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Cache Python modules
uses: actions/cache@v3
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('**/Pipfile.lock') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install --upgrade pipenv
pipenv install --dev --deploy
- name: Build documentation
run: |
pipenv run mkdocs build
- name: Upload build artifacts
uses: actions/upload-artifact@v3
with:
name: build-docs
path: site
deploy-docs:
name: Deploy Documentation
runs-on: ubuntu-latest
needs: build-docs
if: contains(github.ref, 'master')
steps:
- uses: actions/checkout@v4
- name: Download build artifacts
uses: actions/download-artifact@v3
with:
name: build-docs
path: site
- name: Deploy to GitHub Pages
uses: peaceiris/actions-gh-pages@v3
with:
personal_token: ${{ secrets.GH_PERSONAL_TOKEN }}
publish_dir: ./site
publish_branch: gh-pages
deploy-vercel-setup:
name: Deployment setup
runs-on: ubuntu-latest
needs: build-docker
outputs:
github_ref_slug: ${{ steps.output_step.outputs.github_ref_slug }}
deployment_url: ${{ steps.output_step.outputs.deployment_url }}
steps:
- name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4
- name: Set preview deployment url variable
if: ${{ !contains(github.ref, 'tags') }}
run: echo "DEPLOYMENT_URL=https://${GITHUB_REF_SLUG_URL}-${BASE_URL_PREVIEW}" >> $GITHUB_ENV
- name: Set production deployment url variable
if: ${{ contains(github.ref, 'tags') }}
run: echo "DEPLOYMENT_URL=${{ secrets.MAILER_URL }}" >> $GITHUB_ENV
- id: output_step
run: |
echo "::set-output name=github_ref_slug::${GITHUB_REF_SLUG_URL}"
echo "::set-output name=deployment_url::${DEPLOYMENT_URL}"
deploy-vercel-preview:
name: Vercel preview deployment
runs-on: ubuntu-latest
needs: deploy-vercel-setup
if: ${{ !contains(github.ref, 'tags') }}
environment:
name: preview/${{ needs.deploy-vercel-setup.outputs.github_ref_slug }}
url: ${{ needs.deploy-vercel-setup.outputs.deployment_url }}
env:
VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }}
VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }}
VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }}
steps:
- uses: actions/checkout@v4
- name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4
- name: Deploy to Vercel
run: |
VERCEL_ALIAS=${GITHUB_REF_SLUG_URL}-${BASE_URL_PREVIEW}
VERCEL_URL=$(vercel deploy --confirm --token $VERCEL_TOKEN)
vercel alias --token $VERCEL_TOKEN set $VERCEL_URL $VERCEL_ALIAS
deploy-vercel-production:
name: Vercel production deployment
runs-on: ubuntu-latest
needs: deploy-vercel-setup
if: contains(github.ref, 'tags')
environment:
name: production
url: ${{ needs.deploy-vercel-setup.outputs.deployment_url }}
env:
VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }}
VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }}
VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }}
steps:
- uses: actions/checkout@v4
- name: Deploy to Vercel
run: |
vercel deploy --confirm --token $VERCEL_TOKEN --prod