pythonkr · MU-Software · May 4, 2024 · May 4, 2024 · May 4, 2024 · May 4, 2024
diff --git a/.env.docker b/.env.docker
@@ -0,0 +1 @@
+DATABASE_HOST=host.docker.internal
diff --git a/.env.local b/.env.local
@@ -0,0 +1,9 @@
+DJANGO_STORAGE_BACKEND=django.core.files.storage.FileSystemStorage
+DATABASE_ENGINE=django.db.backends.mysql
+DATABASE_NAME=pyconkr-api-v3-db
+DATABASE_HOST=127.0.0.1
+DATABASE_PORT=43306
+DATABASE_USER=user
+DATABASE_PASSWORD=password
+DATABASE_ROOT_PASSWORD=root_password
+DEBUG=True
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
@@ -0,0 +1,37 @@
+name: Check lint
+
+on:
+  pull_request:
+  push:
+    branches:
+      - 'main'
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
+  cancel-in-progress: true
+
+jobs:
+  lint:
+    name: Run lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout source codes
+        uses: actions/checkout@v4
+
+      - uses: actions/setup-python@v4
+        with:
+          python-version: '3.11'
+
+      - name: Install dependencies
+        run: pip install 'pre-commit'
+
+      - name: cache pre-commit repo
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/pre-commit
+          key: ${{ runner.os }}-pre-commit-${{ hashFiles('.pre-commit-config.yaml') }}
+          restore-keys: ${{ runner.os }}-pre-commit-
+
+      - name: Run pre-commit
+        id: run-pre-commit
+        run: pre-commit run --all-files
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -0,0 +1,171 @@
+name: Release
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
+  cancel-in-progress: true
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - 'main'
+
+jobs:
+  BuildAndDeploy:
+    runs-on: ubuntu-latest
+
+    env:
+      API_STAGE: ${{ github.event_name == 'workflow_dispatch' && 'prod' || 'dev' }}
+      BUMP_RULE: ${{ github.event_name == 'workflow_dispatch' && 'patch' || 'prerelease' }}
+      AWS_ECR_REGISTRY: ${{ github.event_name == 'workflow_dispatch' && secrets.AWS_ECR_PROD_URL || secrets.AWS_ECR_DEV_URL }}
+
+    steps:
+      # Checkout source codes
+      - name: Checkout source codes
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      # Setup AWS Credentials, Python, Poetry, docker buildx, and login to ECR.
+      - name: Setup AWS Credentials
+        uses: aws-actions/configure-aws-credentials@master
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ vars.AWS_REGION }}
+
+      - run: pipx install poetry
+      - uses: actions/setup-python@v4
+        with:
+          python-version: '3.11'
+          cache: poetry
+      - run: poetry install --no-interaction --no-root --only=deployment
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Login to ECR
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.AWS_ECR_REGISTRY }}
+
+      - name: Get current date and repo name
+        id: info
+        run: |
+          echo "::set-output name=date::$(date +'%Y-%m-%d_%H:%M:%S')"
+          echo "::set-output name=repository_name::$(echo ${{ github.repository }} | sed -e 's/${{ github.repository_owner }}\///')"
+
+      # Create new version tag
+      - name: Create Release tag
+        id: get-new-version-tag
+        run: |
+          poetry version ${{ env.BUMP_RULE }}
+          echo "::set-output name=TAG::$(poetry version -s)"
+
+      # Build and Push Docker image to ECR
+      - name: Build and Push Docker image to ECR
+        uses: docker/build-push-action@v5
+        with:
+          push: true
+          tags: ${{ env.AWS_ECR_REGISTRY }}:${{ steps.get-new-version-tag.outputs.TAG }},${{ env.AWS_ECR_REGISTRY }}:latest
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          context: .
+          file: ./infra/Dockerfile
+          platforms: linux/amd64
+          provenance: false
+          build-args: |
+            GIT_HASH=${{ github.sha }}
+            IMAGE_BUILD_DATETIME=${{ steps.info.outputs.date }}
+
+      # Commit new deployment version
+      - uses: EndBug/add-and-commit@v9
+        with:
+          message: "${{ steps.get-new-version-tag.outputs.TAG }} 버전 Release"
+          tag: ${{ github.event_name == 'workflow_dispatch' && steps.get-new-version-tag.outputs.TAG || '' }}
+          add: "pyproject.toml"
+          pathspec_error_handling: exitImmediately
+
+      # Checkout and import zappa config from pyconkr-secrets repo
+      - name: Checkout secrets repo
+        uses: actions/checkout@v4
+        with:
+          repository: ${{ secrets.PYCONKR_SECRET_REPOSITORY }}
+          ssh-key: ${{ secrets.PYCONKR_SECRET_REPOSITORY_DEPLOY_KEY }}
+          path: secret_envs
+          clean: false
+          sparse-checkout-cone-mode: false
+          sparse-checkout: |
+            ${{ steps.info.outputs.repository_name }}/zappa_settings.json
+      - run: mv secret_envs/${{ steps.info.outputs.repository_name }}/zappa_settings.json ./zappa_settings.json && rm -rf secret_envs
+
+      # Zappa update
+      - name: Zappa Update
+        run: poetry run zappa update ${{ env.API_STAGE }} --docker-image-uri ${{ env.AWS_ECR_REGISTRY }}:${{ steps.get-new-version-tag.outputs.TAG }}
+
+      - name: Collect staticfiles
+        run: poetry run zappa manage ${{ env.API_STAGE }} "collectstatic --no-input"
+
+      # Notify to Slack (Success)
+      - name: Notify deployment to Slack
+        if: failure() || cancelled()
+        uses: slackapi/slack-github-action@v1.26.0
+        with:
+          channel-id: ${{ vars.SLACK_DEPLOYMENT_ALERT_CHANNEL }}
+          payload: |
+            {
+              "blocks": [
+                {
+                  "type": "header",
+                  "text": {
+                    "type": "plain_text",
+                    "text": "${{ steps.get-new-version-tag.outputs.TAG }} 버전 배포 실패 :rotating_light: (${{ job.status }})",
+                    "emoji": true
+                  }
+                },
+                {
+                  "type": "section",
+                  "text": {"type": "mrkdwn", "text": "GitHub Action 바로가기"},
+                  "accessory": {
+                    "type": "button",
+                    "text": {"type": "plain_text", "text": "${{ github.run_id }}"},
+                    "value": "github_action",
+                    "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}",
+                    "action_id": "button-action"
+                  }
+                }
+              ]
+            }
+        env:
+          SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
+
+      # Notify to Slack (Failure)
+      - name: Notify deployment to Slack
+        uses: slackapi/slack-github-action@v1.26.0
+        with:
+          channel-id: ${{ vars.SLACK_DEPLOYMENT_ALERT_CHANNEL }}
+          payload: |
+            {
+              "blocks": [
+                {
+                  "type": "header",
+                  "text": {
+                    "type": "plain_text",
+                    "text": "${{ steps.get-new-version-tag.outputs.TAG }} 버전 배포 성공 :tada:",
+                    "emoji": true
+                  }
+                },
+                {
+                  "type": "section",
+                  "text": {"type": "mrkdwn", "text": "GitHub Action 바로가기"},
+                  "accessory": {
+                    "type": "button",
+                    "text": {"type": "plain_text", "text": "${{ github.run_id }}"},
+                    "value": "github_action",
+                    "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}",
+                    "action_id": "button-action"
+                  }
+                }
+              ]
+            }
+        env:
+          SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
diff --git a/.gitignore b/.gitignore
@@ -159,3 +159,6 @@ cython_debug/
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
 .idea/
 /pyconkr/.idea/workspace.xml
+
+admin/
+ninja/
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -13,6 +13,8 @@ repos:
     - id: check-yaml
     - id: check-added-large-files
     - id: detect-aws-credentials
+      args:
+        - --allow-missing-credentials
     - id: detect-private-key
     - id: end-of-file-fixer
     - id: mixed-line-ending
@@ -57,6 +59,8 @@ repos:
           - --disallow-untyped-defs
           - --disallow-incomplete-defs
           - --disallow-untyped-calls
+        additional_dependencies:
+          - types-PyMySQL
 -   repo: https://github.com/dosisod/refurb
     rev: v2.0.0
     hooks:

diff --git a/Makefile b/Makefile
@@ -1,9 +1,71 @@
-# Setup development environment
-setup:
-	poetry install
+MKFILE_PATH := $(abspath $(lastword $(MAKEFILE_LIST)))
+PROJECT_DIR := $(dir $(MKFILE_PATH))
+
+# Set additional build args for docker image build using make arguments
+IMAGE_NAME := pyconkr_api_v3
+ifeq (docker-build,$(firstword $(MAKECMDGOALS)))
+  TAG_NAME := $(wordlist 2,$(words $(MAKECMDGOALS)),$(MAKECMDGOALS))
+  $(eval $(TAG_NAME):;@:)
+endif
+TAG_NAME := $(if $(TAG_NAME),$(TAG_NAME),local)
+CONTAINER_NAME = $(IMAGE_NAME)_$(TAG_NAME)_container
+
+ifeq ($(DOCKER_DEBUG),true)
+	DOCKER_MID_BUILD_OPTIONS = --progress=plain --no-cache
+	DOCKER_END_BUILD_OPTIONS = 2>&1 | tee docker-build.log
+else
+	DOCKER_MID_BUILD_OPTIONS =
+	DOCKER_END_BUILD_OPTIONS =
+endif
+
+AWS_LAMBDA_READYZ_PAYLOAD = '{\
+  "resource": "/readyz/",\
+  "path": "/readyz/",\
+  "httpMethod": "GET",\
+  "requestContext": {\
+    "resourcePath": "/readyz/",\
+    "httpMethod": "GET",\
+    "path": "/readyz/"\
+  },\
+  "headers": {"accept": "application/json"},\
+  "multiValueHeaders": {"accept": ["application/json"]},\
+  "queryStringParameters": null,\
+  "multiValueQueryStringParameters": null,\
+  "pathParameters": null,\
+  "stageVariables": null,\
+  "body": null,\
+  "isBase64Encoded": false\
+}'
+
+# =============================================================================
+# Local development commands
+
+# Setup local environments
+local-setup:
+	@poetry install --no-root --sync
+
+# Run local development server
+local-api: local-collectstatic
+	@ENV_PATH=.env.local poetry run python manage.py runserver 48000
+
+# Run django collectstatic
+local-collectstatic:
+	@ENV_PATH=.env.local poetry run python manage.py collectstatic --noinput
+
+# Run django shell
+local-shell:
+	@ENV_PATH=.env.local poetry run python manage.py shell
+
+# Run django migrations
+local-migrate:
+	@ENV_PATH=.env.local poetry run python manage.py migrate
+
+# For developers not using Poetry
+dep-export:
+	@poetry export --output requirements.txt --without-hashes
 
 # Devtools
-hooks-install: setup
+hooks-install: local-setup
 	poetry run pre-commit install
 
 hooks-upgrade:
@@ -14,7 +76,46 @@ hooks-lint:
 
 lint: hooks-lint  # alias
 
-hooks-mypy:
-	poetry run pre-commit run mypy --all-files
+# =============================================================================
+# Docker related commands
+
+# Docker image build
+# Usage: make docker-build <tag-name:=local>
+# if you want to build with debug mode, set DOCKER_DEBUG=true
+# ex) make docker-build or make docker-build some_TAG_NAME DOCKER_DEBUG=true
+docker-build:
+	@docker build \
+		-f ./infra/Dockerfile -t $(IMAGE_NAME):$(TAG_NAME) \
+		--build-arg GIT_HASH=$(shell git rev-parse HEAD) \
+		--build-arg IMAGE_BUILD_DATETIME=$(shell date +%Y-%m-%d_%H:%M:%S) \
+		$(DOCKER_MID_BUILD_OPTIONS) $(PROJECT_DIR) $(DOCKER_END_BUILD_OPTIONS)
+
+docker-run: docker-compose-up
+	@(docker stop $(CONTAINER_NAME) || true && docker rm $(CONTAINER_NAME) || true) > /dev/null 2>&1
+	@docker run -d --rm \
+		-p 48000:8080 \
+		--env-file .env.local --env-file .env.docker \
+		--name $(CONTAINER_NAME) \
+		$(IMAGE_NAME):$(TAG_NAME)
+
+docker-readyz:
+	@curl -X POST http://localhost:48000/2015-03-31/functions/function/invocations -d $(AWS_LAMBDA_READYZ_PAYLOAD) | jq '.body | fromjson'
+
+docker-test: docker-build docker-run docker-readyz
+
+docker-stop:
+	docker stop $(CONTAINER_NAME) || true
+
+docker-rm: docker-stop
+	docker rm $(CONTAINER_NAME) || true
+
+# Docker compose setup
+# Below commands are for local development only
+docker-compose-up:
+	docker-compose --env-file .env.local -f ./infra/docker-compose.dev.yaml up -d
+
+docker-compose-down:
+	docker-compose --env-file .env.local -f ./infra/docker-compose.dev.yaml down
 
-mypy: hooks-mypy  # alias
+docker-compose-rm: docker-compose-down
+	docker-compose --env-file .env.local -f ./infra/docker-compose.dev.yaml rm
-Original file line number
+Diff line change
@@ Expand Up / @@ -159,3 +159,6 @@ cython_debug/ @@
     #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
     .idea/
     /pyconkr/.idea/workspace.xml
+    admin/
+    ninja/