-
Notifications
You must be signed in to change notification settings - Fork 4
135 lines (125 loc) · 4.27 KB
/
wipac-cicd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
# For most recent version see:
# https://github.com/WIPACrepo/wipac-dev-tools/blob/main/.github/workflows/wipac-cicd.yml
# Copy any updates to wipac-dev-tools.
name: wipac ci/cd
on: [push]
jobs:
flake8:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
- uses: WIPACrepo/[email protected]
mypy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
- uses: WIPACrepo/[email protected]
py-setup:
runs-on: ubuntu-latest
steps:
# dependabot can't access normal secrets
# & don't run non-branch triggers (like tags)
# & we don't want to trigger an update on PR's merge to main/master/default (which is a branch)
# IOW: only for non-dependabot branches
- if: |
github.actor != 'dependabot[bot]' &&
github.ref_type == 'branch' &&
format('refs/heads/{0}', github.event.repository.default_branch) != github.ref
name: checkout (only for non-dependabot non-default branches)
uses: actions/checkout@v3
with:
token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
- if: |
github.actor != 'dependabot[bot]' &&
github.ref_type == 'branch' &&
format('refs/heads/{0}', github.event.repository.default_branch) != github.ref
name: wipac-dev-py-setup-action (only for non-dependabot non-default branches)
uses: WIPACrepo/[email protected]
with:
base-keywords: "WIPAC IceCube"
py-versions:
needs: [py-setup]
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.versions.outputs.matrix }}
steps:
- uses: actions/checkout@v3
- id: versions
uses: WIPACrepo/[email protected]
tests:
needs: [py-versions]
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
py3: ${{ fromJSON(needs.py-versions.outputs.matrix) }}
mongodb-version: [3.6, 4.0, 4.2, 4.4, 5.0, 6.0]
steps:
- uses: actions/checkout@v3
- name: Start MongoDB v${{ matrix.mongodb-version }}
uses: supercharge/[email protected]
with:
mongodb-version: ${{ matrix.mongodb-version }}
- uses: actions/setup-python@v4
with:
python-version: ${{ matrix.py3 }}
- name: Pytest
env:
CI_TEST_ENV: true
TEST_DATABASE_HOST: localhost
TEST_DATABASE_PORT: 27017
run: |
pip install --upgrade pip wheel setuptools pytest
pip install .[dev]
pytest -vvvv tests
release:
# only run on main/master/default
if: format('refs/heads/{0}', github.event.repository.default_branch) == github.ref
needs: [py-setup, tests]
runs-on: ubuntu-latest
concurrency: release
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
- name: Python Semantic Release
uses: relekang/[email protected]
with:
github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
repository_username: __token__
repository_password: ${{ secrets.PYPI_TOKEN }}
docker:
name: "Docker Image"
needs: [release]
runs-on: ubuntu-latest
steps:
- name: Checkout Project
uses: actions/checkout@v3
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v4
with:
images: |
ghcr.io/wipacrepo/file_catalog
tags: |
type=ref,event=branch
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}.{{minor}}.{{patch}}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
if: ${{ github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' }}
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push Docker Image
uses: docker/build-push-action@v2
with:
context: .
push: ${{ github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' }}
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}