diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e2b8c069f..fde2d6bf2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,44 +7,63 @@ on: branches: - main +permissions: + actions: read + contents: write + pages: write + jobs: - test: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - with: - lfs: true - - uses: actions/setup-node@v3 - - uses: bahmutov/npm-install@v1 - - run: yarn build - - run: npx keycloakify - env: - XDG_CACHE_HOME: "/home/runner/.cache/yarn" - - run: npx build-storybook - check_if_version_upgraded: - name: Check if version upgrade - if: github.event_name == 'push' + test: runs-on: ubuntu-latest + if: github.actor != 'actions@github.com' + steps: + - run: echo "test" + + prepare_release: needs: test + runs-on: ubuntu-latest outputs: - from_version: ${{ steps.step1.outputs.from_version }} - to_version: ${{ steps.step1.outputs.to_version }} - is_upgraded_version: ${{ steps.step1.outputs.is_upgraded_version }} + new_chart_version: ${{steps._.outputs.new_chart_version}} + new_web_docker_image_tags: ${{steps._.outputs.new_web_docker_image_tags}} + release_target_git_commit_sha: ${{steps._.outputs.release_target_git_commit_sha}} + release_message: ${{steps._.outputs.release_message}} steps: - - uses: garronej/ts-ci@v2.1.0 - id: step1 - with: - action_name: is_package_json_version_upgraded - - create_github_release: + - uses: InseeFrLab/onyxia@gh-actions + id: _ + with: + action_name: prepare_release + automatic_commit_author_email: actions@github.com + + docker_build_push_onyxia_web: runs-on: ubuntu-latest - needs: check_if_version_upgraded - # We create a release only if the version have been upgraded and we are on a default branch - if: needs.check_if_version_upgraded.outputs.is_upgraded_version == 'true' && github.event_name == 'push' + needs: prepare_release + if: needs.prepare_release.outputs.new_web_docker_image_tags != '' + steps: + - uses: actions/checkout@v3 + with: + ref: ${{needs.prepare_release.outputs.release_target_git_commit_sha}} + lfs: true +# - uses: docker/setup-qemu-action@v1 +# - uses: docker/setup-buildx-action@v1 +# - uses: docker/login-action@v1 +# with: +# username: ${{ secrets.DOCKERHUB_USERNAME }} +# password: ${{ secrets.DOCKERHUB_TOKEN }} +# - uses: docker/build-push-action@v2 +# with: +# push: true +# context: . +# tags: ${{needs.prepare_release.outputs.new_web_docker_image_tags}} + + release: + runs-on: ubuntu-latest + needs: prepare_release + if: needs.prepare_release.outputs.new_chart_version != '' steps: - uses: actions/checkout@v3 with: + ref: ${{needs.prepare_release.outputs.release_target_git_commit_sha}} lfs: true - uses: actions/setup-node@v3 - uses: bahmutov/npm-install@v1 @@ -53,56 +72,25 @@ jobs: env: XDG_CACHE_HOME: "/home/runner/.cache/yarn" - run: mv build_keycloak/target/*.jar keycloak-theme.jar + - uses: yogeshlonkar/wait-for-jobs@v0 + with: + gh-token: ${{secrets.GITHUB_TOKEN}} + ignore-skipped: 'true' + jobs: docker_build_push_onyxia_web + ttl: '10' + - uses: InseeFrLab/onyxia@gh-actions + with: + action_name: release_helm_chart + sha: ${{needs.prepare_release.outputs.release_target_git_commit_sha}} - uses: softprops/action-gh-release@v1 with: - name: Release v${{ needs.check_if_version_upgraded.outputs.to_version }} - tag_name: v${{ needs.check_if_version_upgraded.outputs.to_version }} - target_commitish: ${{ github.head_ref || github.ref }} + name: Release v${{needs.prepare_release.outputs.new_chart_version}} + body: ${{needs.prepare_release.outputs.release_message}} + tag_name: v${{needs.prepare_release.outputs.new_chart_version}} + target_commitish: ${{needs.prepare_release.outputs.release_target_git_commit_sha}} generate_release_notes: true - files: keycloak-theme.jar - draft: false + files: | + keycloak-theme.jar + onyxia-${{needs.prepare_release.outputs.new_chart_version}}.tgz env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - docker: - runs-on: ubuntu-latest - needs: - - check_if_version_upgraded - - create_github_release - steps: - - uses: actions/checkout@v3 - with: - lfs: true - - uses: docker/setup-qemu-action@v1 - - uses: docker/setup-buildx-action@v1 - - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Computing Docker image tags - id: step1 - env: - IS_UPGRADED_VERSION: ${{ needs.check_if_version_upgraded.outputs.is_upgraded_version }} - TO_VERSION: ${{ needs.check_if_version_upgraded.outputs.to_version }} - run: | - DOCKERHUB_REPOSITORY=inseefrlab/onyxia-web - OUT=$GITHUB_REPOSITORY:$TO_VERSION,$GITHUB_REPOSITORY:latest - OUT=$(echo "$OUT" | awk '{print tolower($0)}') - echo "docker_tags=$OUT" >> "$GITHUB_OUTPUT" - - uses: docker/build-push-action@v2 - with: - push: true - context: . - tags: ${{ steps.step1.outputs.docker_tags }} - - poke_gitops: - runs-on: ubuntu-latest - needs: - - docker - - create_github_release - steps: - - uses: peter-evans/repository-dispatch@v1 - with: - token: ${{ secrets.PAT_PRIVATE_REPO_DISPATCH }} - event-type: update_onyxia_web - repository: InseeFrLab/paris-sspcloud \ No newline at end of file + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} diff --git a/README.md b/README.md index 63a17eb8e..00746547f 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ Onyxia is developed by the French National institute of statistics and economic image -**Core feature set**: +**Core feature set xx**: - [An interface for launching docker images](https://datalab.sspcloud.fr/catalog/inseefrlab-helm-charts-datascience) (e.g: [Jupyter](https://jupyter.org), [RStudio](https://www.rstudio.com)) on demand on a [Kubernetes](https://kubernetes.io) cluster. diff --git a/helm-chart/Chart.yaml b/helm-chart/Chart.yaml index 59c2be3d0..bc43ff8dd 100644 --- a/helm-chart/Chart.yaml +++ b/helm-chart/Chart.yaml @@ -14,5 +14,4 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 4.0.1 - +version: 4.0.3 diff --git a/helm-chart/README.md b/helm-chart/README.md index 7aeac9628..e9f3204d5 100644 --- a/helm-chart/README.md +++ b/helm-chart/README.md @@ -12,7 +12,7 @@ ingress: - host: datalab.yourdomain.com EOF -helm install onyxia onyxia/onyxia --version "4.0.1" -f onyxia-values.yaml +helm install onyxia onyxia/onyxia --version "4.0.3" -f onyxia-values.yaml ``` Complete installation guide: https://onyxia.sh diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml index c088d482b..efa8803eb 100644 --- a/helm-chart/values.yaml +++ b/helm-chart/values.yaml @@ -1,7 +1,3 @@ -# Default values for onyxia-bis. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - imagePullSecrets: [] hostAliases: [] @@ -15,6 +11,7 @@ serviceAccount: # If not set and create is true, a name is generated using the fullname template name: + ingress: enabled: false # The name of the Ingress Class associated with this ingress @@ -32,9 +29,7 @@ ingress: route: enabled: false - annotations: - {} - # route.openshift.io/termination: "reencrypt" + annotations: {} # route.openshift.io/termination: "reencrypt" host: chart-example.local tls: termination: edge @@ -49,12 +44,10 @@ web: replicaCount: 1 image: repository: inseefrlab/onyxia-web - tag: 2.28.0 + tag: 2.29.5 pullPolicy: IfNotPresent podLabels: {} - podSecurityContext: - {} - # fsGroup: 2000 + podSecurityContext: {} # fsGroup: 2000 securityContext: {} # capabilities: @@ -86,6 +79,7 @@ web: affinity: {} env: + api: name: api replicaCount: 1 @@ -95,9 +89,7 @@ api: pullPolicy: IfNotPresent contextPath: /api podLabels: {} - podSecurityContext: - {} - # fsGroup: 2000 + podSecurityContext: {} # fsGroup: 2000 securityContext: {} # capabilities: @@ -127,10 +119,11 @@ api: nodeSelector: {} tolerations: [] affinity: {} - env: - #authentication.mode: "openidconnect" - regions: #[ - # { + env: #authentication.mode: "openidconnect" + regions: + #[ + # { + # "regionId": "kub", # "type": "KUBERNETES", # "namespace-prefix": "user-", @@ -141,7 +134,8 @@ api: # } # } # ] - catalogs: # [ + catalogs: + # [ # { # "id": "inseefrlab-helm-charts-datascience", # "name": "Inseefrlab datascience", diff --git a/package.json b/package.json index df2e6c9c1..af9143188 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "homepage": "https://onyxia.sh", "name": "onyxia-web", - "version": "2.29.4", + "version": "2.29.6", "license": "MIT", "scripts": { "_comment": "Yes... We're still using CRA. We'll migrate to Vite as soon as Keycloakify gets support for it", @@ -19,15 +19,15 @@ }, "dependencies": { "onyxia-ui": "^1.0.0", - "keycloakify": "^8.0.0", - "tss-react": "^4.9.0", + "keycloakify": "^8.1.0", + "tss-react": "^4.9.2", "i18nifty": "^2.1.1", "tsafe": "^1.6.5", - "redux-clean-architecture": "^3.7.2", + "redux-clean-architecture": "^3.7.3", "screen-scaler": "^1.2.2", "evt": "^2.5.2", "cra-envs": "^1.2.8", - "powerhooks": "^1.0.1", + "powerhooks": "^1.0.2", "run-exclusive": "^2.2.19", "react": "^18.2.0", "react-dom": "^18.2.0", diff --git a/yarn.lock b/yarn.lock index f908f58d0..42ba5df32 100644 --- a/yarn.lock +++ b/yarn.lock @@ -10766,10 +10766,10 @@ keycloak-js@21.0.2: base64-js "^1.5.1" js-sha256 "^0.9.0" -keycloakify@^8.0.0: - version "8.0.0" - resolved "https://registry.yarnpkg.com/keycloakify/-/keycloakify-8.0.0.tgz#b0f6a0fda34e8601f735df25b24909433a6b5fd3" - integrity sha512-/A6Uh9SuVdTP7cix8yS15Vfr03BwVFP11s3YPmQ9dSJN1GrIqzRs6mjTEnogM/ZfhySJwyXSeqTtpCGlXmtxJQ== +keycloakify@^8.1.0: + version "8.1.0" + resolved "https://registry.yarnpkg.com/keycloakify/-/keycloakify-8.1.0.tgz#f2d1fb7144cda7bf5d8a539183e3e3a69405728c" + integrity sha512-BU6Y/2X+6iKUK12TvWMds9zgALxMtLOpFphZWrc6LLwqdieF6XE0QTPTN9UeTEXdgOLOcgNLuGx4csBjZ9WDPw== dependencies: "@babel/generator" "^7.22.9" "@babel/parser" "^7.22.7" @@ -13167,6 +13167,15 @@ powerhooks@^1.0.1: memoizee "^0.4.15" tsafe "^1.6.4" +powerhooks@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/powerhooks/-/powerhooks-1.0.2.tgz#cd4061c6f7b2288894f9d6c63a07f041f94eab97" + integrity sha512-fQZT8WaP8DSFFbSB8Z2xdMXpFBFNDgQo+qeF4yt23Qr154wYyF7u2j8MO8Jm6pmoQnQgeS2B4r8l1dIER9TMmQ== + dependencies: + evt "^2.5.2" + memoizee "^0.4.15" + tsafe "^1.6.5" + prelude-ls@^1.2.1: version "1.2.1" resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.2.1.tgz#debc6489d7a6e6b0e7611888cec880337d316396" @@ -13849,13 +13858,13 @@ redent@^1.0.0: indent-string "^2.1.0" strip-indent "^1.0.1" -redux-clean-architecture@^3.7.2: - version "3.7.2" - resolved "https://registry.yarnpkg.com/redux-clean-architecture/-/redux-clean-architecture-3.7.2.tgz#b153e940bc4d239483e9f1bb6c75cc78923365ff" - integrity sha512-QLbZwex8+m8dmqXeAekE9Uzern3YVV1KBLYoPSt+R6z9hoNRACHEMjQaemXiAzlezRfqxLFeot9byK5SGfGxjw== +redux-clean-architecture@^3.7.3: + version "3.7.3" + resolved "https://registry.yarnpkg.com/redux-clean-architecture/-/redux-clean-architecture-3.7.3.tgz#7da79025ac0e7660e631eddf123e82032e98b7cc" + integrity sha512-tuvoOOmfHtaq2Uf0qdbldHLOmj/D+xsyQSXYk934omK8j+poavWtx/VNpp+VkJvvsdhx9eToCwXHZ5jKxJilbQ== dependencies: minimal-polyfills "^2.2.3" - tsafe "^1.6.4" + tsafe "^1.6.5" redux-thunk@^2.4.2: version "2.4.2" @@ -15788,6 +15797,15 @@ tss-react@^4.9.0: "@emotion/serialize" "*" "@emotion/utils" "*" +tss-react@^4.9.2: + version "4.9.2" + resolved "https://registry.yarnpkg.com/tss-react/-/tss-react-4.9.2.tgz#6a03db1df7bbaa4b6e5236e0d5cf633ee5e22e4e" + integrity sha512-0qOuDpar3q3N59Jsl50oDd+Zu3wfXv2rdf4VlPzvuekH6mkAgUVobZV3j69NPH0nm3Vv5xDRACjVUqVWmaNW0g== + dependencies: + "@emotion/cache" "*" + "@emotion/serialize" "*" + "@emotion/utils" "*" + tsutils@^3.21.0: version "3.21.0" resolved "https://registry.yarnpkg.com/tsutils/-/tsutils-3.21.0.tgz#b48717d394cea6c1e096983eed58e9d61715b623"