Configure MongoDB Replica Set and implement example MongoDB transaction #1090
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will install Python dependencies, run tests and lint with a single version of Python | |
| # For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions | |
| name: Python application | |
| # Note: The following events will trigger this workflow: | |
| # 1. Someone pushes a commit to `main` that includes changes to any of the listed files. | |
| # 2. Someone opens a pull request that includes changes to any of the listed files. | |
| # 3. Someone clicks the "Run workflow" button on the "Actions" tab on GitHub. | |
| # | |
| # References: | |
| # - https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/triggering-a-workflow#example-including-paths | |
| # - https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet | |
| # | |
| on: | |
| push: | |
| branches: [ main ] | |
| paths: | |
| - '.github/workflows/python-app.yml' | |
| - 'Makefile' | |
| - '**/Dockerfile' | |
| - '**.py' | |
| - 'requirements/main.txt' | |
| # Every file in the `data` directory or in any of its subdirectories: | |
| - 'metadata-translation/notebooks/data/**' | |
| pull_request: | |
| paths: | |
| - '.github/workflows/python-app.yml' | |
| - 'Makefile' | |
| - '**/Dockerfile' | |
| - '**.py' | |
| - 'requirements/main.txt' | |
| - 'metadata-translation/notebooks/data/**' | |
| # Allow developers to trigger this workflow manually via the "Actions" page on GitHub. | |
| # Reference: https://docs.github.com/en/actions/managing-workflow-runs-and-deployments/managing-workflow-runs/manually-running-a-workflow | |
| workflow_dispatch: { } | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 # update version to maintain consistency across workflows | |
| # Prepare the MongoDB keyfile to be mounted by the `mongo` container. | |
| # | |
| # Note: This is to prevent MongoDB from reporting the error: | |
| # > "permissions on /path/to/keyfile are too open" | |
| # | |
| # Note: In containers using the `mongo` image, UID `999` refers to a user named `mongodb` | |
| # and GID `999` refers to a group named `mongodb`, which that user belongs to. | |
| # You can verify this by looking at the Dockerfile layers on Docker Hub. | |
| # Reference: https://hub.docker.com/layers/library/mongo/8.0.5/images/sha256-90bf5066fed8a3cd59345d963922bc5cb557d4b4b2a0e38dfd9ee299c405741b | |
| # | |
| # Since the GHA Runner will not allow me to `chown` the file to `999:999` directly, | |
| # I use a Docker container to (effectively) accomplish that. Since—after I use the | |
| # Docker container change the file's owner—the GHA Runner will not allow me to then | |
| # `chmod` the file, I accomplish that within the Docker container as well. I still | |
| # appreciate the people of GitHub, Inc. letting me use their computer for all this. | |
| # Reference: https://man7.org/linux/man-pages/man8/useradd.8.html | |
| # | |
| # The reason—within the Docker container—I do not `chmod`/`chown` the original file | |
| # directly, is that I am under the impression that ownership/permission changes made | |
| # with a container to mounted files that already exist on the host will not be seen | |
| # by the host. I have not found official documentation supporting this yet. | |
| # TODO: Include a reference about changing mounted file's permission within container. | |
| # | |
| - name: Restrict access to MongoDB keyfile | |
| run: | | |
| mkdir _tmp | |
| docker run --rm \ | |
| -v ./mongoKeyFile:/mongoKeyFile \ | |
| -v ./_tmp:/out \ | |
| alpine \ | |
| sh -c 'cp /mongoKeyFile /out/mongoKeyFile && chmod 600 /out/mongoKeyFile && chown 999:999 /out/mongoKeyFile' | |
| mv _tmp/mongoKeyFile ./mongoKeyFile | |
| rmdir _tmp | |
| - name: Set up Python 3.10 | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.10' | |
| # deprecated: Consider merging python.app.yml and lint.yml | |
| # - name: Lint with flake8 | |
| # run: | | |
| # pip install flake8 | |
| # make lint | |
| - name: Build and run containers upon which test runner depends | |
| run: make up-test | |
| - name: Build container image for test runner | |
| run: make test-build | |
| - name: Run tests | |
| run: make test-run |