fix: remove trixie and sid from debian builds #99
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build release artifacts | |
on: | |
# we build on all pushes to master to (hopefully) get early warning | |
# of things breaking (but only build one set of debs) | |
push: | |
branches: [ "master" ] | |
# we do the full build on tags. | |
tags: [ "v*" ] | |
env: | |
DOCKER_IMAGE_NAME_API: api | |
DOCKER_IMAGE_NAME_FRONTEND: frontend | |
DOCKER_IMAGE_TAGS: latest ${{ github.sha }} ${{github.ref_name}} | |
jobs: | |
build-and-publish-sdist: | |
name: Build and publish Python distributions to PyPI and TestPyPI | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@master | |
- name: Set up Python 3.9 | |
uses: actions/setup-python@v1 | |
with: | |
python-version: 3.9 | |
- name: Install pypa/flit | |
run: pip install flit | |
- name: Build a binary wheel and a source tarball | |
run: flit build | |
- uses: actions/upload-artifact@v2 | |
with: | |
name: python-dist | |
path: dist/* | |
#- name: Publish distribution 📦 to Test PyPI | |
# if: startsWith(github.ref, 'refs/tags') | |
# uses: pypa/gh-action-pypi-publish@master | |
# with: | |
# password: ${{ secrets.TEST_PYPI_API_TOKEN }} | |
# repository_url: https://test.pypi.org/legacy/ | |
#- name: Publish distribution 📦 to PyPI | |
# if: startsWith(github.ref, 'refs/tags') | |
# uses: pypa/gh-action-pypi-publish@master | |
# with: | |
# password: ${{ secrets.PYPI_API_TOKEN }} | |
get-distros: | |
name: "Calculate list of debian distros and docker image tags" | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: actions/setup-python@v2 | |
- id: set-distros | |
run: | | |
# if we're running from a tag, get the full list of distros; otherwise just use debian:sid | |
dists='["debian:bookworm"]' | |
tags="latest $GITHUB_SHA" | |
if [[ $GITHUB_REF == refs/tags/* ]]; then | |
dists=$(tools/build_debian_packages.py --show-dists-json) | |
tags="latest $GITHUB_SHA latest-release $GITHUB_REF_NAME" | |
fi | |
echo "::set-output name=distros::$dists" | |
echo "::set-output name=tags::$tags" | |
# map the step outputs to job outputs | |
outputs: | |
distros: ${{ steps.set-distros.outputs.distros }} | |
tags: ${{ steps.set-distros.outputs.tags }} | |
build-and-publish-docker: | |
name: Build and publish ready made docker containers | |
runs-on: ubuntu-latest | |
needs: get-distros | |
steps: | |
- uses: actions/checkout@master | |
- name: Build API Image | |
id: build-api-image | |
uses: redhat-actions/buildah-build@v2 | |
with: | |
image: ${{ env.DOCKER_IMAGE_NAME_API }} | |
tags: ${{ needs.get-distros.outputs.tags }} | |
containerfiles: | | |
./docker/Dockerfile-api | |
- name: Push API Image To quay.io | |
id: push-to-quay-api | |
uses: redhat-actions/push-to-registry@v2 | |
with: | |
image: ${{ steps.build-api-image.outputs.image }} | |
tags: ${{ steps.build-api-image.outputs.tags }} | |
registry: quay.io/abrechnung | |
username: ${{ secrets.DOCKERHUB_REGISTRY_USER }} | |
password: ${{ secrets.DOCKERHUB_REGISTRY_PASSWORD }} | |
- name: Build Frontend Image | |
id: build-frontend-image | |
uses: redhat-actions/buildah-build@v2 | |
with: | |
image: ${{ env.DOCKER_IMAGE_NAME_FRONTEND }} | |
tags: ${{ needs.get-distros.outputs.tags }} | |
containerfiles: | | |
./docker/Dockerfile-frontend | |
- name: Push Frontend Image To quay.io | |
id: push-to-quay-frontend | |
uses: redhat-actions/push-to-registry@v2 | |
with: | |
image: ${{ steps.build-frontend-image.outputs.image }} | |
tags: ${{ steps.build-frontend-image.outputs.tags }} | |
registry: quay.io/abrechnung | |
username: ${{ secrets.DOCKERHUB_REGISTRY_USER }} | |
password: ${{ secrets.DOCKERHUB_REGISTRY_PASSWORD }} | |
# now build the packages with an abrechnung build. | |
build-debs: | |
needs: get-distros | |
name: "Build .deb packages" | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
distro: ${{ fromJson(needs.get-distros.outputs.distros) }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
path: src | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v1 | |
with: | |
install: true | |
- name: Set up docker layer caching | |
uses: actions/cache@v2 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
- name: Set up python | |
uses: actions/setup-python@v2 | |
- name: Build the packages | |
# see https://github.com/docker/build-push-action/issues/252 | |
# for the cache magic here | |
run: | | |
./src/tools/build_debian_packages.py \ | |
--docker-build-arg=--cache-from=type=local,src=/tmp/.buildx-cache \ | |
--docker-build-arg=--cache-to=type=local,mode=max,dest=/tmp/.buildx-cache-new \ | |
--docker-build-arg=--progress=plain \ | |
--docker-build-arg=--load \ | |
"${{ matrix.distro }}" | |
rm -rf /tmp/.buildx-cache | |
mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
- name: Upload debs as artifacts | |
uses: actions/upload-artifact@v2 | |
with: | |
name: debs | |
path: debs/* | |
deploy-demo: | |
name: "Deploy demo application" | |
environment: demo | |
if: ${{ !failure() && !cancelled() && startsWith(github.ref, 'refs/heads/master')}} | |
needs: | |
- build-debs | |
runs-on: ubuntu-latest | |
steps: | |
- name: Download all workflow run artifacts | |
uses: actions/download-artifact@v2 | |
- name: Trigger demo deployment via webhook | |
run: curl ${{ secrets.DEMO_DEPLOY_WEBHOOK_URL }} -F "archive=@$(find -name 'abrechnung_*bookworm*_amd64.deb')" --fail | |
# if it's a tag, create a release and attach the artifacts to it | |
attach-assets: | |
name: "Attach assets to release" | |
if: ${{ !failure() && !cancelled() && startsWith(github.ref, 'refs/tags/') }} | |
needs: | |
- build-debs | |
- build-and-publish-sdist | |
runs-on: ubuntu-latest | |
steps: | |
- name: Download all workflow run artifacts | |
uses: actions/download-artifact@v2 | |
- name: Build a tarball for the debs | |
run: tar -cvJf debs.tar.xz debs | |
- name: Attach to release | |
uses: softprops/action-gh-release@a929a66f232c1b11af63782948aa2210f981808a # PR#109 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
files: | | |
python-dist/* | |
debs/*.deb | |
debs.tar.xz | |
# if it's not already published, keep the release as a draft. | |
draft: true | |
# mark it as a prerelease if the tag contains 'rc'. | |
prerelease: ${{ contains(github.ref, 'rc') }} |