From 1dd229a59114c998cce184c7261f250a3f21807d Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Fri, 24 Feb 2023 02:37:38 +0100 Subject: [PATCH 1/5] ci: merge publish workflow with build one --- .github/workflows/build.yml | 82 ++++++++++++++++++++++++-- .github/workflows/publish.yml | 105 ---------------------------------- 2 files changed, 78 insertions(+), 109 deletions(-) delete mode 100644 .github/workflows/publish.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 52b30da89..de5f442eb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,18 +20,23 @@ name: build on: - - push - - pull_request + push: + branches: + - master + pull_request: + release: + types: + - published env: NODE_VERSION: 14.x + PYTHON_VERSION: 3.x permissions: contents: read jobs: - build: - name: Build project + npm: runs-on: ubuntu-latest steps: @@ -61,3 +66,72 @@ jobs: run: | npm run build git diff --name-only + + pypi: + runs-on: ubuntu-latest + steps: + + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Set up Python runtime + uses: actions/setup-python@v4 + with: + python-version: ${{ env.PYTHON_VERSION }} + + - name: Set up Python dependencies + run: pip install --upgrade build twine + + - name: Build Python package + run: python -m build + + - name: Publish Python package + env: + PYPI_USERNAME: ${{ secrets.PYPI_USERNAME }} + PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }} + run: twine upload --disable-progress-bar -u ${PYPI_USERNAME} -p ${PYPI_PASSWORD} dist/* + + docker: + runs-on: ubuntu-latest + steps: + + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Login to DockerHub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Login to GitHub Container Registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GHCR_TOKEN }} + + - name: Build Docker image + uses: docker/build-push-action@v3 + with: + context: . + # platforms: linux/amd64,linux/arm64 + tags: | + ${{ github.event.repository.full_name }}:latest + ${{ github.event.repository.full_name }}:${{ github.event.release.tag_name }} + ghcr.io/${{ github.event.repository.full_name }}:latest + ghcr.io/${{ github.event.repository.full_name }}:${{ github.event.release.tag_name }} + + - name: Check Docker image + working-directory: /tmp + run: | + docker run --rm -i -v ${PWD}:/docs ${{ github.event.repository.full_name }} new . + docker run --rm -i -v ${PWD}:/docs ${{ github.event.repository.full_name }} build + + - name: Publish Docker image + env: + DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + run: | + docker push --all-tags ${{ github.event.repository.full_name }} + docker push --all-tags ghcr.io/${{ github.event.repository.full_name }} diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml deleted file mode 100644 index dab67447d..000000000 --- a/.github/workflows/publish.yml +++ /dev/null @@ -1,105 +0,0 @@ -# Copyright (c) 2016-2023 Martin Donath - -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to -# deal in the Software without restriction, including without limitation the -# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or -# sell copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: - -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. - -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING -# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS -# IN THE SOFTWARE. - -name: publish -on: - release: - types: - - published - -env: - PYTHON_VERSION: 3.x - -permissions: - contents: read - -jobs: - publish_pypi: - name: Build and push Python package - if: github.event.repository.fork == false - runs-on: ubuntu-latest - steps: - - - name: Checkout repository - uses: actions/checkout@v3 - - - name: Set up Python runtime - uses: actions/setup-python@v4 - with: - python-version: ${{ env.PYTHON_VERSION }} - - - name: Set up Python dependencies - run: pip install --upgrade build twine - - - name: Build Python package - run: python -m build - - - name: Publish Python package - env: - PYPI_USERNAME: ${{ secrets.PYPI_USERNAME }} - PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }} - run: twine upload --disable-progress-bar -u ${PYPI_USERNAME} -p ${PYPI_PASSWORD} dist/* - - publish_docker: - name: Build and push Docker image - if: github.event.repository.fork == false - runs-on: ubuntu-latest - steps: - - - name: Checkout repository - uses: actions/checkout@v3 - - - name: Login to DockerHub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Login to GitHub Container Registry - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GHCR_TOKEN }} - - - name: Build Docker image - uses: docker/build-push-action@v3 - with: - context: . - # platforms: linux/amd64,linux/arm64 - tags: | - ${{ github.event.repository.full_name }}:latest - ${{ github.event.repository.full_name }}:${{ github.event.release.tag_name }} - ghcr.io/${{ github.event.repository.full_name }}:latest - ghcr.io/${{ github.event.repository.full_name }}:${{ github.event.release.tag_name }} - - - name: Check Docker image - working-directory: /tmp - run: | - docker run --rm -i -v ${PWD}:/docs ${{ github.event.repository.full_name }} new . - docker run --rm -i -v ${PWD}:/docs ${{ github.event.repository.full_name }} build - - - name: Publish Docker image - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - docker push --all-tags ${{ github.event.repository.full_name }} - docker push --all-tags ghcr.io/${{ github.event.repository.full_name }} From c0c2aa2348bab93a90da39a4daff235474778bc9 Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Fri, 24 Feb 2023 02:57:16 +0100 Subject: [PATCH 2/5] ci: use docker metadata action for tags and labels Also do not set latest tag on prerelease for the Docker image. --- .github/workflows/build.yml | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index de5f442eb..623f1ff5a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -111,22 +111,33 @@ jobs: username: ${{ github.repository_owner }} password: ${{ secrets.GHCR_TOKEN }} + - name: Generate Docker tags and labels + id: meta + uses: docker/metadata-action@v4 + with: + images: | + ${{ github.event.repository.full_name }} + ghcr.io/${{ github.event.repository.full_name }} + tags: | + type=ref,event=branch + type=ref,event=tag + type=ref,event=pr + flavor: | + latest=${{ github.event.release.prerelease == false }} + - name: Build Docker image uses: docker/build-push-action@v3 with: context: . # platforms: linux/amd64,linux/arm64 - tags: | - ${{ github.event.repository.full_name }}:latest - ${{ github.event.repository.full_name }}:${{ github.event.release.tag_name }} - ghcr.io/${{ github.event.repository.full_name }}:latest - ghcr.io/${{ github.event.repository.full_name }}:${{ github.event.release.tag_name }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} - name: Check Docker image working-directory: /tmp run: | - docker run --rm -i -v ${PWD}:/docs ${{ github.event.repository.full_name }} new . - docker run --rm -i -v ${PWD}:/docs ${{ github.event.repository.full_name }} build + docker run --rm -i -v ${PWD}:/docs ${{ github.event.repository.full_name }}:${{ steps.meta.outputs.version }} new . + docker run --rm -i -v ${PWD}:/docs ${{ github.event.repository.full_name }}:${{ steps.meta.outputs.version }} build - name: Publish Docker image env: From f5c6191e294b29fbd1c083a555737d7aa0217cf3 Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Fri, 24 Feb 2023 03:00:51 +0100 Subject: [PATCH 3/5] ci: use build push action to publish docker image --- .github/workflows/build.yml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 623f1ff5a..e21487c3b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -98,6 +98,9 @@ jobs: - name: Checkout repository uses: actions/checkout@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Login to DockerHub uses: docker/login-action@v2 with: @@ -129,7 +132,7 @@ jobs: uses: docker/build-push-action@v3 with: context: . - # platforms: linux/amd64,linux/arm64 + load: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} @@ -140,9 +143,9 @@ jobs: docker run --rm -i -v ${PWD}:/docs ${{ github.event.repository.full_name }}:${{ steps.meta.outputs.version }} build - name: Publish Docker image - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - docker push --all-tags ${{ github.event.repository.full_name }} - docker push --all-tags ghcr.io/${{ github.event.repository.full_name }} + uses: docker/build-push-action@v3 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} From 54da076e6f86d83ebdccb5b1476e5eb0adf63b63 Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Fri, 24 Feb 2023 03:01:24 +0100 Subject: [PATCH 4/5] ci: only publish python package and docker image on release --- .github/workflows/build.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e21487c3b..8a2a72ab7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -86,6 +86,7 @@ jobs: run: python -m build - name: Publish Python package + if: github.event_name == 'release' env: PYPI_USERNAME: ${{ secrets.PYPI_USERNAME }} PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }} @@ -102,12 +103,14 @@ jobs: uses: docker/setup-buildx-action@v2 - name: Login to DockerHub + if: github.event_name == 'release' uses: docker/login-action@v2 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Login to GitHub Container Registry + if: github.event_name == 'release' uses: docker/login-action@v2 with: registry: ghcr.io @@ -146,6 +149,6 @@ jobs: uses: docker/build-push-action@v3 with: context: . - push: true + push: ${{ github.event_name == 'release' }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} From 01377d23e34d0509c1e1de7b68362a396012f666 Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Sun, 26 Feb 2023 11:44:39 +0100 Subject: [PATCH 5/5] ci: bump docker/build-push-action to v4 --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8a2a72ab7..7a003e293 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -132,7 +132,7 @@ jobs: latest=${{ github.event.release.prerelease == false }} - name: Build Docker image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: context: . load: true @@ -146,7 +146,7 @@ jobs: docker run --rm -i -v ${PWD}:/docs ${{ github.event.repository.full_name }}:${{ steps.meta.outputs.version }} build - name: Publish Docker image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: context: . push: ${{ github.event_name == 'release' }}