Configure MongoDB Replica Set and implement example MongoDB transaction #1089
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will install Python dependencies, run tests and lint with a single version of Python | |
| # For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions | |
| name: Python application | |
| # Note: The following events will trigger this workflow: | |
| # 1. Someone pushes a commit to `main` that includes changes to any of the listed files. | |
| # 2. Someone opens a pull request that includes changes to any of the listed files. | |
| # 3. Someone clicks the "Run workflow" button on the "Actions" tab on GitHub. | |
| # | |
| # References: | |
| # - https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/triggering-a-workflow#example-including-paths | |
| # - https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet | |
| # | |
| on: | |
| push: | |
| branches: [ main ] | |
| paths: | |
| - '.github/workflows/python-app.yml' | |
| - 'Makefile' | |
| - '**/Dockerfile' | |
| - '**.py' | |
| - 'requirements/main.txt' | |
| # Every file in the `data` directory or in any of its subdirectories: | |
| - 'metadata-translation/notebooks/data/**' | |
| pull_request: | |
| paths: | |
| - '.github/workflows/python-app.yml' | |
| - 'Makefile' | |
| - '**/Dockerfile' | |
| - '**.py' | |
| - 'requirements/main.txt' | |
| - 'metadata-translation/notebooks/data/**' | |
| # Allow developers to trigger this workflow manually via the "Actions" page on GitHub. | |
| # Reference: https://docs.github.com/en/actions/managing-workflow-runs-and-deployments/managing-workflow-runs/manually-running-a-workflow | |
| workflow_dispatch: { } | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 # update version to maintain consistency across workflows | |
| # Prepare the MongoDB keyfile to be mounted by the `mongo` container. | |
| # | |
| # Note: This is to prevent MongoDB from reporting the error: | |
| # > "permissions on /path/to/keyfile are too open" | |
| # | |
| # Note: In containers using the `mongo` image, UID 999 refers to a user named `mongodb` | |
| # and GID 999 refers to a group named `mongodb`, which that user belongs to. | |
| # You can verify this by looking at the Dockerfile layers on Docker Hub. | |
| # Reference: https://hub.docker.com/layers/library/mongo/8.0.5/images/sha256-90bf5066fed8a3cd59345d963922bc5cb557d4b4b2a0e38dfd9ee299c405741b | |
| # | |
| # Note: Since the GHA Runner will not allow me to `chown` the file to `999:999`, I use | |
| # a Docker container to (effectively) to it. Since, after I use the Docker container | |
| # to `chown` the file, the GHA Runner will not allow me to then `chmod` it, I do | |
| # that within the Docker container as well. I still appreciate the fine folks at | |
| # GitHub, Inc. letting me use their computer for all this. | |
| # Reference: https://man7.org/linux/man-pages/man8/useradd.8.html | |
| # | |
| - name: Restrict access to MongoDB keyfile | |
| run: | | |
| stat ./mongoKeyFile | |
| mkdir -p _tmp | |
| docker run --rm \ | |
| -v $(pwd)/mongoKeyFile:/originalFile \ | |
| -v $(pwd)/_tmp:/out \ | |
| alpine \ | |
| sh -c 'cp /originalFile /out/mongoKeyFile && chmod 600 /out/mongoKeyFile && chown 999:999 /out/mongoKeyFile' | |
| mv _tmp/mongoKeyFile ./mongoKeyFile | |
| rmdir _tmp | |
| stat ./mongoKeyFile | |
| - name: Set up Python 3.10 | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.10' | |
| # deprecated: Consider merging python.app.yml and lint.yml | |
| # - name: Lint with flake8 | |
| # run: | | |
| # pip install flake8 | |
| # make lint | |
| - name: Remove volumes left over from previous workflow runs | |
| run: | | |
| docker volume ls | |
| make down-test | |
| docker volume ls | |
| - name: Build and run containers upon which test runner depends | |
| run: make up-test | |
| - name: Build test runner container image | |
| run: make test-build | |
| - name: Run tests | |
| run: make test-run |