From 3920b3687ce3716bcd1a4e8c2fe041f70ce484a1 Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Fri, 4 Oct 2024 15:18:20 +1000 Subject: [PATCH 01/15] Disable logging mail handler --- app/app/settings/log/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/app/settings/log/config.py b/app/app/settings/log/config.py index c2ab4f3..18a9b17 100644 --- a/app/app/settings/log/config.py +++ b/app/app/settings/log/config.py @@ -120,7 +120,7 @@ def configure_logging(log_root, levels): 'debug_file', 'main_file', 'error_file', - 'error_mail', + # 'error_mail', 'error_slack', 'console', ], From 436a8c9ea58227369286d9b7eae9727e4cbcf888 Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Tue, 8 Oct 2024 08:04:31 +1000 Subject: [PATCH 02/15] Catch all template rendering errors with HTTP response --- app/labs/views.py | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/app/labs/views.py b/app/labs/views.py index 6316eef..d75e177 100644 --- a/app/labs/views.py +++ b/app/labs/views.py @@ -27,7 +27,7 @@ def export_lab(request): if response := LabCache.get(request): return response - template = 'labs//exported.html' + template = 'labs/exported.html' try: if request.GET.get('content_root'): @@ -47,14 +47,20 @@ def export_lab(request): # Multiple rounds of templating to render recursive template tags from # remote data with embedded template tags - i = 0 - prev_template_str = '' - template_str = render_to_string(template, context, request) - while prev_template_str.strip('\n') != template_str.strip('\n') and i < 4: - prev_template_str = template_str - t = Template('{% load markdown %}\n\n' + template_str) - template_str = t.render(RequestContext(request, context)) - i += 1 + try: + i = 0 + prev_template_str = '' + template_str = render_to_string(template, context, request) + while ( + prev_template_str.strip('\n') != template_str.strip('\n') + and i < 4 + ): + prev_template_str = template_str + t = Template('{% load markdown %}\n\n' + template_str) + template_str = t.render(RequestContext(request, context)) + i += 1 + except Exception as exc: + return report_exception_response(request, exc) response = LabCache.put(request, template_str) @@ -65,8 +71,8 @@ def report_exception_response(request, exc, title=None): """Report an exception to the user.""" return render(request, 'generic.html', { 'message': str(exc), - 'title': title or "Sorry, an error has occurred", - }) + 'title': title or "Sorry, an error occurred rendering this page.", + }, status=400) def custom_400(request, exception, template_name="400.html"): From 68005fb4af898b3e638469dabe73da649d8b5710 Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Tue, 8 Oct 2024 08:42:38 +1000 Subject: [PATCH 03/15] Add test error url --- app/app/urls.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/app/app/urls.py b/app/app/urls.py index 7174ef5..0730fc4 100644 --- a/app/app/urls.py +++ b/app/app/urls.py @@ -20,6 +20,8 @@ urlpatterns = [ path('admin/', admin.site.urls), path('', include('labs.urls')), + # Add test error url + path('test-error-handlers/', lambda request: 1 / 0), ] handler400 = 'labs.views.custom_400' From 8651b76572a2a657f71b10930a79d3aa987db1ac Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Tue, 8 Oct 2024 12:51:16 +1000 Subject: [PATCH 04/15] Docker-build GitHub workflow --- .github/workflows/ansible-deploy-dev.yml | 3 ++ .github/workflows/ansible-deploy.yml | 3 ++ .github/workflows/docker-build.yml | 36 ++++++++++++++++++++++++ 3 files changed, 42 insertions(+) create mode 100644 .github/workflows/docker-build.yml diff --git a/.github/workflows/ansible-deploy-dev.yml b/.github/workflows/ansible-deploy-dev.yml index 6ad372a..9bb8899 100644 --- a/.github/workflows/ansible-deploy-dev.yml +++ b/.github/workflows/ansible-deploy-dev.yml @@ -13,6 +13,9 @@ jobs: runs-on: ubuntu-latest environment: deployment if: ${{ github.event.workflow_run.conclusion == 'success' }} + concurrency: + group: docker-build-group + cancel-in-progress: false steps: - name: Checkout Repository diff --git a/.github/workflows/ansible-deploy.yml b/.github/workflows/ansible-deploy.yml index 65225d2..9e4eb53 100644 --- a/.github/workflows/ansible-deploy.yml +++ b/.github/workflows/ansible-deploy.yml @@ -13,6 +13,9 @@ jobs: runs-on: ubuntu-latest environment: deployment if: ${{ github.event.workflow_run.conclusion == 'success' }} + concurrency: + group: docker-build-group + cancel-in-progress: false steps: - name: Checkout Repository diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml new file mode 100644 index 0000000..cf0b919 --- /dev/null +++ b/.github/workflows/docker-build.yml @@ -0,0 +1,36 @@ +name: Build and Push Docker Image + +on: + push: + branches: + - main + - dev + paths: + - Dockerfile + - requirements.txt + +jobs: + build: + runs-on: ubuntu-latest + concurrency: + group: docker-build-group + cancel-in-progress: false + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Log in to DockerHub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Build Docker image + run: docker build -t ${{ secrets.DOCKER_IMAGE }}:latest . + + - name: Push Docker image + run: docker push ${{ secrets.DOCKER_IMAGE }}:latest From 70a227bea52a9c1ae52ddd0cdf652086aa843110 Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Tue, 8 Oct 2024 12:57:55 +1000 Subject: [PATCH 05/15] Ansible task for docker pull --- ansible/roles/galaxy_labs_engine/tasks/main.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ansible/roles/galaxy_labs_engine/tasks/main.yml b/ansible/roles/galaxy_labs_engine/tasks/main.yml index 74d85d7..d15a85c 100644 --- a/ansible/roles/galaxy_labs_engine/tasks/main.yml +++ b/ansible/roles/galaxy_labs_engine/tasks/main.yml @@ -4,6 +4,12 @@ ansible.builtin.apt: update_cache: yes +- name: Docker pull labs-engine image + ansible.builtin.docker_image: + name: "{{ labs_engine_docker_image }}" + source: pull + tags: update + - name: clone git repository for galaxy-labs-engine ansible.builtin.git: repo: "{{ labs_engine_repo }}" From e5ad77a14831ddd2eb74cd604605f2008ea66224 Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Tue, 8 Oct 2024 13:36:00 +1000 Subject: [PATCH 06/15] Update docker image ref in build script --- docker-build-and-push.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-build-and-push.sh b/docker-build-and-push.sh index 0853343..e8cccc7 100755 --- a/docker-build-and-push.sh +++ b/docker-build-and-push.sh @@ -1,4 +1,4 @@ #!/usr/bin/env bash -docker build -t neoformit/labs-engine:latest . -docker push neoformit/labs-engine:latest +docker build -t neoformit/galaxy-labs-engine:latest . +docker push neoformit/galaxy-labs-engine:latest From 7c19a8b56d13cdda78a6896b03fac38164527b82 Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Tue, 8 Oct 2024 13:36:14 +1000 Subject: [PATCH 07/15] Remove test error url --- app/app/urls.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/app/app/urls.py b/app/app/urls.py index 0730fc4..7174ef5 100644 --- a/app/app/urls.py +++ b/app/app/urls.py @@ -20,8 +20,6 @@ urlpatterns = [ path('admin/', admin.site.urls), path('', include('labs.urls')), - # Add test error url - path('test-error-handlers/', lambda request: 1 / 0), ] handler400 = 'labs.views.custom_400' From d7917b11ec61bafb0bcd0965df01426974bb031f Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Tue, 8 Oct 2024 13:38:57 +1000 Subject: [PATCH 08/15] Sentry logging --- .env.sample | 3 ++ ansible/group_vars/VAULT | 54 ++++++++++--------- ansible/group_vars/webservers.yml | 2 + .../galaxy_labs_engine/defaults/main.yml | 4 +- .../galaxy_labs_engine/templates/.env.j2 | 4 ++ app/app/settings/prod.py | 10 ++++ requirements.txt | 1 + 7 files changed, 52 insertions(+), 26 deletions(-) diff --git a/.env.sample b/.env.sample index 8746558..74ea6dd 100644 --- a/.env.sample +++ b/.env.sample @@ -37,3 +37,6 @@ GITHUB_API_TOKEN= # Must be one of DEBUG, INFO, WARNING, ERROR, CRITICAL LOG_LEVEL_CONSOLE=INFO LOG_LEVEL_CACHE=INFO + +# Optional, DNS for Sentry error tracking +SENTRY_DNS= \ No newline at end of file diff --git a/ansible/group_vars/VAULT b/ansible/group_vars/VAULT index cc36df2..88da175 100644 --- a/ansible/group_vars/VAULT +++ b/ansible/group_vars/VAULT @@ -1,26 +1,30 @@ $ANSIBLE_VAULT;1.1;AES256 -34393838633839353435323732383233323232663631373631323830636164386632303032633864 -3237386135616363383839396266356364366262303138640a393365333730306139393665363532 -35633665666363396638366630316232393762343036643633316633313935373532323337383766 -6332316562383036640a353564303930343938303938623032633530633462633735616231326632 -61643033373461393430363537313435666635666436306639336233393339653062356561383436 -66316237613164306634396235663338623438653430613833353339353363623831656235343836 -34383333323232383731373932396331656234303262366562343532313334363038343564343162 -65396534623736643966663066373932326465353632373231663761633364356566393232353039 -62383266396139626231643561373037623739333738323238613663626337326638393966663732 -36333762306562343137303630343161323961353633616631626536313635396666613162396461 -64633938653037393966616131643163363163303063373036613837623365333164353735643639 -39633734373736326236663161366634626630386232346562656237323831373631343363303035 -37363533356265366132336463353764623261313936626131626665623933303437623432623362 -35643039666238353133366265346537616235313835303230323036656139323832383833303562 -66383032393063333432363638393038636132653437323331376262313362396461393031336137 -65623537616634636538336634643533303563316261326537636163366631373564623565333837 -38313633623334383739343431336638356432613665313566666235616439313961386464303031 -66363035373863623463386232643463303730363937373336653638303664386162396636326134 -30666663636337313035636366323861663436636362393638346430653465396336383138633132 -39653031333863376161383634643965636562666534623832646136316630353361633166303666 -39613261636464306665663639643435366461313766373366323631626330636365353661393363 -35333064313334393136356238633438656532373864646661623230623162373436303031343938 -38653265373933333030653062616335663332303539663134376338663263396166666638303238 -38663632663561616339663262353339343634396638323065373633653835316531633466626233 -31363766623730636666366232336461363861646237323164363165353832356565 +64613732623430643166386634356665303935643435333062663264313661663131303763323933 +3864353665373239646263663938383862373362343362350a393237363264643861396136356334 +38326165656236623161613961306534666333663663353230356634353365343830343630383731 +6337666631656461310a313435616639386330393630346435613131376632303234613639636631 +33633331613239623664343932313638343732653037303532666538653332386634393364663130 +37663931633264643565356165626635373864303433346536363435343664373161303630333434 +30376434623434353162323337643331383730613138353966356433303537343564313934613335 +64333265336433656461653064653163303339303566666537383462666235323438643661343930 +39306239633937613834646638666535616331663030373837383166613265373533356136396466 +64366130346336326537323661393231353562383138643732316232303864353932346134396265 +64353531626663316537336561633964393331363239326266316138663832363166393064303264 +36353866376235353666623936666237616161663165316266323431323762643064613765316330 +62643465313766656131313761373633373137353036393961643034363861393262343237336561 +36333437313836383063396164376465313462326537326437383366376366353661636362323134 +36303234636433623861376561376432323964663961313661333038616166623837383639373233 +39633334353664386132336133383838353366396362383834323361333333316466646130386361 +39653961333565646532383432396135316334363831663237383931386335323335323534313636 +39313331333135656630653834303263363138393262383132356233633338336262313032653838 +38653666653366356235363661316535316661663434646262636462396531343165663038343137 +33623361383363663038323834306139616138383363386138373361323132316366363430313736 +62656463316130643537633835613563353539376161653862613761636333646636643837353662 +35333632656431663364353431663134666262363030616335343236363833616436313463353036 +32656564363232363438626463666664343839393831366463663566313039303262653565643666 +39333034303838306338353064373335303732323962663035396664343634336231616137306330 +65623962623161346562633534393738396335656466613566643737353965636665303232623731 +36383136656232623961643731656236376335636135383336343839613131396462363464653633 +35393366376438353137636134613435636631336335383135636633663535313531646330643330 +32383936323463396561653533613066363361333133666336393734646261323765653039326538 +32653263356262363130393034656436656235326131336264353061346263616532 diff --git a/ansible/group_vars/webservers.yml b/ansible/group_vars/webservers.yml index 065ae68..0ebe567 100644 --- a/ansible/group_vars/webservers.yml +++ b/ansible/group_vars/webservers.yml @@ -69,3 +69,5 @@ github_api_token: "{{ vault_github_api_token }}" django_log_levels: console: INFO cache: DEBUG + +django_sentry_dns: "{{ vault_sentry_dns }}" diff --git a/ansible/roles/galaxy_labs_engine/defaults/main.yml b/ansible/roles/galaxy_labs_engine/defaults/main.yml index c338b0e..44a1c93 100644 --- a/ansible/roles/galaxy_labs_engine/defaults/main.yml +++ b/ansible/roles/galaxy_labs_engine/defaults/main.yml @@ -8,7 +8,6 @@ project_root: /home/ubuntu/labs-engine config_root: /home/ubuntu/config django_root: "{{ project_root }}/app" - labs_engine: templates: - src: "{{ role_path }}/templates/docker-compose.yml.j2" @@ -40,3 +39,6 @@ admin_user: null django_log_levels: console: INFO cache: INFO + +# Set this to enable logging to sentry +django_sentry_dns: null diff --git a/ansible/roles/galaxy_labs_engine/templates/.env.j2 b/ansible/roles/galaxy_labs_engine/templates/.env.j2 index 27b15a3..b4bc0ca 100644 --- a/ansible/roles/galaxy_labs_engine/templates/.env.j2 +++ b/ansible/roles/galaxy_labs_engine/templates/.env.j2 @@ -20,3 +20,7 @@ GITHUB_API_TOKEN={{ github_api_token }} # Must be one of DEBUG, INFO, WARNING, ERROR, CRITICAL LOG_LEVEL_CONSOLE={{ django_log_levels.console|upper }} LOG_LEVEL_CACHE={{ django_log_levels.cache|upper }} + +{% if django_sentry_dns %} +SENTRY_DNS={{ django_sentry_dns }} +{% endif %} diff --git a/app/app/settings/prod.py b/app/app/settings/prod.py index 8f2d3c4..2574ecf 100644 --- a/app/app/settings/prod.py +++ b/app/app/settings/prod.py @@ -6,6 +6,7 @@ # flake8: noqa import os +import sentry_sdk from .base import * from . import validate @@ -33,3 +34,12 @@ # Use manifest to manage static file versions for cache busting: STATICFILES_STORAGE = ('django.contrib.staticfiles.storage' '.ManifestStaticFilesStorage') + +SENTRY_DNS = os.getenv('SENTRY_DNS') +if SENTRY_DNS: + sentry_sdk.init( + dsn=SENTRY_DNS, + # Set traces_sample_rate to 1.0 to capture 100% + # of transactions for tracing. + traces_sample_rate=1.0, + ) diff --git a/requirements.txt b/requirements.txt index 8e2eb29..2d9a4b3 100644 --- a/requirements.txt +++ b/requirements.txt @@ -10,3 +10,4 @@ beautifulsoup4 django_light requests==2.* requests_mock==1.* +sentry-sdk==2.* From 18aee1f5c1e90dd36b3c39aef3744d87a32ec9f6 Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Tue, 8 Oct 2024 13:46:52 +1000 Subject: [PATCH 09/15] Playbook add bashrc role --- ansible/dev.yml | 5 ++++- ansible/prod.yml | 5 ++++- ansible/roles/bashrc/tasks/main.yml | 15 +++++++++++++++ 3 files changed, 23 insertions(+), 2 deletions(-) create mode 100644 ansible/roles/bashrc/tasks/main.yml diff --git a/ansible/dev.yml b/ansible/dev.yml index eaa735b..45eaacd 100644 --- a/ansible/dev.yml +++ b/ansible/dev.yml @@ -9,4 +9,7 @@ roles: - role: geerlingguy.docker tags: init - - galaxy_labs_engine + - role: bashrc + tags: init + - role: galaxy_labs_engine + tags: always diff --git a/ansible/prod.yml b/ansible/prod.yml index e7d4d2c..4062749 100644 --- a/ansible/prod.yml +++ b/ansible/prod.yml @@ -9,4 +9,7 @@ roles: - role: geerlingguy.docker tags: init - - galaxy_labs_engine + - role: bashrc + tags: init + - role: galaxy_labs_engine + tags: always diff --git a/ansible/roles/bashrc/tasks/main.yml b/ansible/roles/bashrc/tasks/main.yml new file mode 100644 index 0000000..85d5ea6 --- /dev/null +++ b/ansible/roles/bashrc/tasks/main.yml @@ -0,0 +1,15 @@ +--- + +- name: Add user .bash_aliases + ansible.builtin.copy: + content: | + alias sk='nano ~/.bash_aliases && . ~/.bash_aliases && echo "Sourced new .bash_aliases"' + alias l='ls -lh --group-directories-first' + alias la='ls -lhXa --group-directories-first' + alias c='clear' + alias ..='cd ..' + alias ...='cd ../..' + alias ....='cd ../../..' + alias path='echo $PATH | sed "s/:/\n/g"' + alias greps='ps aux | grep -v "grep" | grep' + dest: /home/{{ ansible_user }}/.bash_aliases From 9acbbf91e637f6fb0858d928750f53826c1d9eb8 Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Tue, 8 Oct 2024 13:52:23 +1000 Subject: [PATCH 10/15] Docker build workflow add environment --- .github/workflows/docker-build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index cf0b919..6b71c63 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -12,6 +12,7 @@ on: jobs: build: runs-on: ubuntu-latest + environment: build concurrency: group: docker-build-group cancel-in-progress: false From 26a0ed38f5818931ff9510654a45d0f4645d6579 Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Tue, 8 Oct 2024 13:54:06 +1000 Subject: [PATCH 11/15] Bump Docker build --- Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index f979681..4ff8cff 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,10 +1,9 @@ FROM python:3.12 RUN apt-get update - WORKDIR /srv/labs-engine/app COPY requirements.txt /tmp/requirements.txt RUN pip install -r /tmp/requirements.txt -EXPOSE 8000 CMD ["python", "manage.py", "runserver", "0.0.0.0:8000"] +EXPOSE 8000 From 30035fa8bfe656fe226465dad7ded71f72f66c86 Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Tue, 8 Oct 2024 13:58:17 +1000 Subject: [PATCH 12/15] Bump docker build --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 4ff8cff..6988d3d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,5 +5,5 @@ WORKDIR /srv/labs-engine/app COPY requirements.txt /tmp/requirements.txt RUN pip install -r /tmp/requirements.txt -CMD ["python", "manage.py", "runserver", "0.0.0.0:8000"] EXPOSE 8000 +CMD ["python", "manage.py", "runserver", "0.0.0.0:8000"] From 76af25c9cfdcae0875afd49888080e626777a9c8 Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Tue, 8 Oct 2024 14:47:40 +1000 Subject: [PATCH 13/15] Consolidate deployment workflows to run in series --- .github/workflows/ansible-deploy-dev.yml | 50 ------------------------ .github/workflows/ansible-deploy.yml | 17 +++++--- .github/workflows/docker-build.yml | 30 ++++++++++---- 3 files changed, 34 insertions(+), 63 deletions(-) delete mode 100644 .github/workflows/ansible-deploy-dev.yml diff --git a/.github/workflows/ansible-deploy-dev.yml b/.github/workflows/ansible-deploy-dev.yml deleted file mode 100644 index 9bb8899..0000000 --- a/.github/workflows/ansible-deploy-dev.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: Deploy to dev server with Ansible playbook - -on: - workflow_run: - workflows: ["Django tests"] - types: - - completed - branches: - - dev - -jobs: - deploy: - runs-on: ubuntu-latest - environment: deployment - if: ${{ github.event.workflow_run.conclusion == 'success' }} - concurrency: - group: docker-build-group - cancel-in-progress: false - - steps: - - name: Checkout Repository - uses: actions/checkout@v2 - with: - ref: dev - - - name: Set up Python - uses: actions/setup-python@v2 - with: - python-version: '3.11' - - - name: Install Ansible - run: | - python -m pip install --upgrade pip - pip install ansible - - - name: Install ssh keys - # For reference: https://stackoverflow.com/a/70447517 - run: | - install -m 600 -D /dev/null ~/.ssh/galaxy - echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/galaxy - echo "${{ secrets.SSH_KNOWN_HOSTS }}" > ~/.ssh/known_hosts - - - name: Run Ansible Playbook - run: | - cd ansible - ansible-playbook -i hosts dev.yml --tags update - env: - ANSIBLE_HOST_KEY_CHECKING: 'False' - ANSIBLE_REMOTE_USER: ${{ secrets.SSH_USER }} - ANSIBLE_PRIVATE_KEY_FILE: ~/.ssh/galaxy diff --git a/.github/workflows/ansible-deploy.yml b/.github/workflows/ansible-deploy.yml index 9e4eb53..73a8407 100644 --- a/.github/workflows/ansible-deploy.yml +++ b/.github/workflows/ansible-deploy.yml @@ -2,26 +2,26 @@ name: Deploy to prod server with Ansible playbook on: workflow_run: - workflows: ["Django tests"] + workflows: ["Build and Push Docker Image"] types: - completed branches: + - dev - main jobs: deploy: runs-on: ubuntu-latest environment: deployment - if: ${{ github.event.workflow_run.conclusion == 'success' }} concurrency: - group: docker-build-group - cancel-in-progress: false + group: deploy-group + cancel-in-progress: true steps: - name: Checkout Repository uses: actions/checkout@v2 with: - ref: main + ref: ${{ github.ref }} - name: Set up Python uses: actions/setup-python@v2 @@ -42,8 +42,13 @@ jobs: - name: Run Ansible Playbook run: | + if [ $GITHUB_REF == "refs/heads/dev" ]; then + PLAYBOOK=dev.yml + else + PLAYBOOK=prod.yml + fi cd ansible - ansible-playbook -i hosts prod.yml --tags update + ansible-playbook -i hosts $PLAYBOOK --tags update env: ANSIBLE_HOST_KEY_CHECKING: 'False' ANSIBLE_REMOTE_USER: ${{ secrets.SSH_USER }} diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index 6b71c63..bf7430b 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -1,37 +1,53 @@ name: Build and Push Docker Image on: - push: + workflow_run: + workflows: ["Django tests"] + types: + - completed branches: - - main - dev - paths: - - Dockerfile - - requirements.txt + - main jobs: build: runs-on: ubuntu-latest + if: ${{ github.event.workflow_run.conclusion == 'success' }} environment: build concurrency: - group: docker-build-group - cancel-in-progress: false + group: deploy-group + cancel-in-progress: true steps: - name: Checkout code uses: actions/checkout@v3 + - name: Check if Dockerfile or requirements.txt was changed + id: check_dependencies + run: | + if git diff --name-only HEAD^ HEAD | grep -q -e 'Dockerfile' -e 'requirements.txt'; then + echo "Dockerfile or requirements.txt changed" + echo "::set-output name=updated::true" + else + echo "Dockerfile or requirements.txt not changed" + echo "::set-output name=updated::false" + fi + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 + if: steps.check_dependencies.outputs.updated == 'true' - name: Log in to DockerHub uses: docker/login-action@v2 + if: steps.check_dependencies.outputs.updated == 'true' with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build Docker image + if: steps.check_dependencies.outputs.updated == 'true' run: docker build -t ${{ secrets.DOCKER_IMAGE }}:latest . - name: Push Docker image + if: steps.check_dependencies.outputs.updated == 'true' run: docker push ${{ secrets.DOCKER_IMAGE }}:latest From 81af9e1efd75bf02e20db493ee9ddd75e26da741 Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Wed, 9 Oct 2024 06:01:10 +1000 Subject: [PATCH 14/15] Set Sentry logging to ERROR level --- app/app/settings/prod.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/app/app/settings/prod.py b/app/app/settings/prod.py index 2574ecf..9f0107c 100644 --- a/app/app/settings/prod.py +++ b/app/app/settings/prod.py @@ -1,11 +1,12 @@ +# flake8: noqa + """Settings for production. See base.py for mail config read from .env file. """ -# flake8: noqa - import os +import logging import sentry_sdk from .base import * @@ -43,3 +44,4 @@ # of transactions for tracing. traces_sample_rate=1.0, ) +logging.getLogger('sentry_sdk').setLevel(logging.ERROR) From 40f3e887bf366f8d0d92b4fade6836f726b1089c Mon Sep 17 00:00:00 2001 From: Cameron Hyde Date: Wed, 9 Oct 2024 06:06:35 +1000 Subject: [PATCH 15/15] Update worklflow name --- .github/workflows/ansible-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ansible-deploy.yml b/.github/workflows/ansible-deploy.yml index 73a8407..cfeb555 100644 --- a/.github/workflows/ansible-deploy.yml +++ b/.github/workflows/ansible-deploy.yml @@ -1,4 +1,4 @@ -name: Deploy to prod server with Ansible playbook +name: Deploy with Ansible playbook on: workflow_run: