[#13] make CI jobs more consistent with open-api-framework related projects

.github/workflows/check-oas.yml

@@ -0,0 +1,23 @@
+name: check-oas
+
+on:
+  push:
+    paths:
+      - "src/objecttypes/api/*/openapi.yaml"
+      - .github/workflows/oas-check.yml
+    branches:
+      - '**'
+  workflow_dispatch:
+
+jobs:
+  open-api-workflow-check-oas:
+    uses: maykinmedia/open-api-workflows/.github/workflows/oas-check.yml@v1
+    strategy:
+      matrix:
+        version:
+          - v2
+    with:
+      schema-path: 'src/objecttypes/api/${{ matrix.version }}/openapi.yaml'
+      python-version: '3.11'
+      django-settings-module: 'objecttypes.conf.ci'
+      apt-packages: 'libgdal-dev gdal-bin'

.github/workflows/ci.yml

@@ -13,9 +13,36 @@ env:
   IMAGE_NAME: maykinmedia/objecttypes-api
 
 jobs:
+  changed-files:
+    runs-on: ubuntu-latest
+    name: Determine changed files
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 2
+
+      - name: Get changed PY files
+        id: changed-py-files
+        uses: tj-actions/changed-files@v45
+        with:
+          files: src/{,**/}*.py
+
+      - name: Get changed requirements files
+        id: changed-requirements
+        uses: tj-actions/changed-files@v45
+        with:
+          files: requirements/*.txt
+
+    outputs:
+      changed-py-files: ${{ steps.changed-py-files.outputs.any_changed }}
+      changed-requirements: ${{ steps.changed-requirements.outputs.any_changed }}
+
   tests:
     name: Run the Django test suite
     runs-on: ubuntu-latest
+    needs:
+      - changed-files
+    if: ${{ needs.changed-files.outputs.changed-py-files == 'true'|| needs.changed-files.outputs.changed-requirements == 'true'|| github.event_name == 'push' }}
 
     services:
       postgres:
@@ -29,26 +56,12 @@ jobs:
 
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
+      - name: Set up backend environment
+        uses: maykinmedia/setup-django-backend@v1.3
         with:
+          apt-packages: 'libgdal-dev gdal-bin'
           python-version: '3.11'
-      - uses: actions/setup-node@v4
-        with:
-          node-version: '18'
-
-      - name: Install system packages
-        run: |
-          sudo apt-get update \
-          && sudo apt-get install -y --no-install-recommends \
-            libgdal-dev \
-            gdal-bin
-
-      - name: Install dependencies
-        run: pip install -r requirements/ci.txt
-      - name: Build frontend
-        run: |
-          npm ci
-          npm run build
+          setup-node: true
 
       - name: Run tests
         run: |
@@ -63,81 +76,35 @@ jobs:
       - name: Publish coverage report
         uses: codecov/codecov-action@v4
 
-  docker:
-    needs: tests
-
-    name: Build Docker image
+  store-reusable-workflow-vars:
+    name: create values which can be passed through a reusable workflow
     runs-on: ubuntu-latest
+    outputs:
+      image-name: ${{ steps.image-name.outputs.image-name }}
 
     steps:
-      - uses: actions/checkout@v4
-
-      - name: Set tag
-        id: vars
-        run: |
-          # Strip git ref prefix from version
-          VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
-
-          # Strip "v" prefix from tag name (if present at all)
-          [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
-
-          # Use Docker `latest` tag convention
-          [ "$VERSION" == "master" ] && VERSION=latest
-
-          echo ::set-output name=tag::${VERSION}
+      - run: echo "image-name=$IMAGE_NAME" >> $GITHUB_OUTPUT
+        name: 'Store the docker image name'
+        id: image-name
 
-      - name: Build the Docker image
-        env:
-          RELEASE_VERSION: ${{ steps.vars.outputs.tag }}
-        run: docker build . --tag $IMAGE_NAME:$RELEASE_VERSION
-
-      - run: docker image save -o image.tar $IMAGE_NAME:${{ steps.vars.outputs.tag }}
-
-      - name: Store image artifact
-        uses: actions/upload-artifact@v3
-        with:
-          name: docker-image
-          path: image.tar
-          retention-days: 1
-
-  publish:
+  open-api-ci:
+    uses: maykinmedia/open-api-workflows/.github/workflows/ci.yml@v1
+    needs:
+      - store-reusable-workflow-vars
+    with:
+      main-branch: 'master'
+      python-version: '3.11'
+      docker-image-name: ${{ needs.store-reusable-workflow-vars.outputs.image-name }}
+
+  open-api-publish:
+    uses: maykinmedia/open-api-workflows/.github/workflows/publish.yml@v1
     needs:
+      - store-reusable-workflow-vars
+      - open-api-ci
       - tests
-      - docker
-
-    name: Push Docker image
-    runs-on: ubuntu-latest
-    if: github.event_name == 'push'  # exclude PRs
-
-    steps:
-      - uses: actions/checkout@v4
-      - name: Download built image
-        uses: actions/download-artifact@v3
-        with:
-          name: docker-image
-
-      - name: Determine tag
-        id: vars
-        run: |
-          # Strip git ref prefix from version
-          VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
-
-          # Strip "v" prefix from tag name (if present at all)
-          [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
-
-          # Use Docker `latest` tag convention
-          [ "$VERSION" == "master" ] && VERSION=latest
-
-          echo ::set-output name=tag::${VERSION}
-
-      - name: Load image
-        run: |
-          docker image load -i image.tar
-
-      - name: Log into registry
-        run: echo "${{ secrets.DOCKER_TOKEN }}" | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
-
-      - name: Push the Docker image
-        env:
-          RELEASE_VERSION: ${{ steps.vars.outputs.tag }}
-        run: docker push $IMAGE_NAME:$RELEASE_VERSION
+    with:
+      docker-image-name: ${{ needs.store-reusable-workflow-vars.outputs.image-name }}
+      repository-owner: 'maykinmedia'
+    secrets:
+      docker-username: ${{ secrets.DOCKER_USERNAME }}
+      docker-token: ${{ secrets.DOCKER_TOKEN }}

.github/workflows/code-quality.yml

@@ -1,74 +1,28 @@
 name: code-quality
 
-on: [push]
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - '**.py'
+      - '**.yml'
+  pull_request:
+    paths:
+      - '**.py'
+      - '**.yml'
+  workflow_dispatch:
 
 jobs:
-  isort:
-    name: Check import sorting
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
-        with:
-          python-version: '3.11'
-      - uses: isort/isort-action@v1
-        with:
-          requirementsFiles: requirements/dev.txt
-          sortPaths: "src"
-          configuration: '--check-only --diff'
-
-  black:
-    name: Check code formatting with black
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
-        with:
-          python-version: '3.11'
-      - name: Install dependencies
-        run: |
-          pip install -r requirements/dev.txt
-      - name: Run black
-        run: |
-          black --check src
-
-  oas-up-to-date:
-    name: Check for unexpected OAS changes
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
-        with:
-          python-version: '3.11'
-      - uses: actions/setup-node@v4
-        with:
-          node-version: '18'
-
-      - name: Install system packages
-        run: |
-          sudo apt-get update \
-          && sudo apt-get install -y --no-install-recommends \
-            libgdal-dev \
-            gdal-bin
-
-      - name: Install dependencies
-        run: pip install -r requirements/ci.txt
-
-      - name: Generate OAS files
-        run: ./bin/generate_schema.sh openapi.yaml
-        env:
-          DJANGO_SETTINGS_MODULE: objecttypes.conf.ci
-
-      - name: Check for OAS changes
-        run: |
-          diff openapi.yaml src/objecttypes/api/v2/openapi.yaml
-      - name: Write failure markdown
-        if: ${{ failure() }}
-        run: |
-          echo 'Run the following command locally and commit the changes' >> $GITHUB_STEP_SUMMARY
-          echo '' >> $GITHUB_STEP_SUMMARY
-          echo '```bash' >> $GITHUB_STEP_SUMMARY
-          echo './bin/generate_schema.sh' >> $GITHUB_STEP_SUMMARY
-          echo '```' >> $GITHUB_STEP_SUMMARY
+  open-api-workflow-code-quality:
+    uses: maykinmedia/open-api-workflows/.github/workflows/code-quality.yml@v1
+    with:
+      apt-packages: 'libgdal-dev gdal-bin'
+      python-version: '3.11'
+      node-version: '18'
+      postgres-image: 'postgres:12'
+
+      black-src-pattern: 'src'
+
+      django-settings-module: 'objecttypes.conf.ci'
+      django-secret-key: dummy

.github/workflows/codeql-analysis.yml

@@ -4,11 +4,6 @@
 # You may wish to alter this file to override the set of languages analyzed,
 # or to provide custom queries or build logic.
 #
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
 name: "CodeQL"
 
 on:
@@ -21,52 +16,5 @@ on:
     - cron: '36 0 * * 0'
 
 jobs:
-  analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'javascript', 'python' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
-        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-
-        # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
-        # queries: security-extended,security-and-quality
-
-
-    # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v3
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
-
-    #   If the Autobuild fails above, remove it and uncomment the following three lines.
-    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
-
-    # - run: |
-    #     echo "Run, Build Application using script"
-    #     ./location_of_script_within_repo/buildscript.sh
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+  open-api-workflow-code-analysis:
+    uses: maykinmedia/open-api-workflows/.github/workflows/code-analysis.yml@v1

.github/workflows/generate-postman-collection.yml

@@ -10,19 +10,12 @@ on:
   workflow_dispatch:
 
 jobs:
-  run:
-    runs-on: ubuntu-latest
-    name: Generate Postman collection
-
-    steps:
-      - uses: actions/checkout@v4
-      - name: Use Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: '18'
-      - name: Install dependencies
-        run: npm install -g openapi-to-postmanv2
-      - name: Create tests folder
-        run: mkdir -p ./tests/postman
-      - name: Generate Postman collection
-        run: openapi2postmanv2 -s ./src/objecttypes/api/v2/openapi.yaml -o ./tests/postman/collection.json --pretty
+  open-api-workflow-generate-postman-collection:
+    uses: maykinmedia/open-api-workflows/.github/workflows/generate-postman-collection.yml@v1
+    strategy:
+      matrix:
+        version:
+          - v2
+    with:
+      node-version: '18'
+      schema-path: 'src/objecttypes/api/${{ matrix.version }}/openapi.yaml'