Allow Multiple Partner Addons #3906
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
# Runs when there is a push to the default branch | |
# This triggers tests and a pushed "latest" image | |
# That is deployed to the "dev" environment | |
push: | |
branches: | |
- master | |
# Runs on pull requests to verify changes and push | |
# PR image for local testing | |
pull_request: | |
# Manually dispatch run entire CI on a ref | |
workflow_dispatch: | |
# Runs when a release is published | |
# Pushes a tagged image | |
# That is deployed to the "staging/production" environments | |
release: | |
types: [published] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event_name}}-${{ github.ref}} | |
cancel-in-progress: true | |
env: | |
docs_artifact: docs | |
jobs: | |
context: | |
runs-on: ubuntu-latest | |
outputs: | |
is_fork: ${{ steps.context.outputs.is_fork }} | |
is_release_master: ${{ steps.context.outputs.is_release_master }} | |
is_dependabot: ${{ steps.context.outputs.is_dependabot }} | |
is_default_branch: ${{ steps.context.outputs.is_default_branch }} | |
is_release_tag: ${{ steps.context.outputs.is_release_tag }} | |
docker_version: ${{ steps.context.outputs.docker_version }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set context | |
id: context | |
uses: ./.github/actions/context | |
build: | |
name: ${{ needs.context.outputs.is_fork == 'true' && 'Skip' || 'Build' }} CI Image | |
runs-on: ubuntu-latest | |
needs: context | |
outputs: | |
# If build is skipped we should pass local version to build the image | |
version: ${{ steps.build.outputs.version || 'local' }} | |
digest: ${{ steps.build.outputs.digest || '' }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Login to Dockerhub | |
if: needs.context.outputs.is_fork == 'false' | |
id: docker_hub | |
uses: ./.github/actions/login-docker | |
with: | |
username: ${{ secrets.DOCKER_USER }} | |
password: ${{ secrets.DOCKER_PASS }} | |
- name: Build and Push Image | |
if: steps.docker_hub.outcome == 'success' | |
id: build | |
uses: ./.github/actions/build-docker | |
with: | |
registry: ${{ steps.docker_hub.outputs.registry }} | |
image: ${{ steps.docker_hub.outputs.image }} | |
version: ci-${{ needs.context.outputs.docker_version }} | |
target: development | |
push: true | |
test_make_docker_configuration: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v2 | |
- name: Install dependencies | |
shell: bash | |
run: npm ci | |
- name: Check make/docker configuration | |
shell: bash | |
run: | | |
docker compose version | |
make test_setup | |
test_run_docker_action: | |
runs-on: ubuntu-latest | |
needs: [build, context] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Create failure | |
id: failure | |
continue-on-error: true | |
uses: ./.github/actions/run-docker | |
with: | |
digest: ${{ needs.build.outputs.digest }} | |
version: ${{ needs.build.outputs.version }} | |
run: | | |
exit 1 | |
- name: Verify failure | |
if: always() | |
run: | | |
if [[ "${{ steps.failure.outcome }}" != "failure" ]]; then | |
echo "Expected failure" | |
exit 1 | |
fi | |
- name: Check (special characters in command) | |
uses: ./.github/actions/run-docker | |
with: | |
digest: ${{ needs.build.outputs.digest }} | |
version: ${{ needs.build.outputs.version }} | |
run: | | |
echo 'this is a question?' | |
echo 'a * is born' | |
echo 'wow an array []' | |
- name: Verify Build Metadata | |
uses: ./.github/actions/run-docker | |
if: needs.context.outputs.is_fork == 'false' | |
with: | |
digest: ${{ needs.build.outputs.digest }} | |
version: ${{ needs.build.outputs.version }} | |
run: | | |
expected_version="${{ needs.build.outputs.version }}" | |
expected_commit="${{ github.sha }}" | |
if [ "$DOCKER_COMMIT" != "$expected_commit" ]; then | |
echo "DOCKER_COMMIT: '$DOCKER_COMMIT' is not equal to '$expected_commit'" | |
exit 1 | |
fi | |
if [ "$DOCKER_VERSION" != "$expected_version" ]; then | |
echo "DOCKER_VERSION: '$DOCKER_VERSION' is not equal to '$expected_version'" | |
exit 1 | |
fi | |
- name: Check ignored files | |
uses: ./.github/actions/run-docker | |
with: | |
digest: ${{ needs.build.outputs.digest }} | |
version: ${{ needs.build.outputs.version }} | |
run: | | |
# Verify that .dockerignore is working and the | |
# Makefile-os is not in the production container | |
if [ -f Makefile-os ]; then | |
echo "Makefile-os exists" | |
exit 1 | |
fi | |
- name: Test setup | |
uses: ./.github/actions/run-docker | |
with: | |
digest: ${{ needs.build.outputs.digest }} | |
version: ${{ needs.build.outputs.version }} | |
run: | | |
pytest tests/make/ | |
docs_build: | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/configure-pages@v4 | |
- name: Build Docs | |
uses: ./.github/actions/run-docker | |
with: | |
digest: ${{ needs.build.outputs.digest }} | |
version: ${{ needs.build.outputs.version }} | |
compose_file: docker-compose.yml | |
run: | | |
make docs | |
- name: Upload artifact | |
uses: actions/upload-pages-artifact@v3 | |
with: | |
path: 'docs/_build/html' | |
name: ${{ env.docs_artifact }} | |
docs_deploy: | |
needs: [context, docs_build] | |
# Only deploy docs on a push event | |
# to the default branch | |
# that is not running on a fork | |
if: | | |
github.event_name == 'push' && | |
needs.context.outputs.is_default_branch == 'true' && | |
needs.context.outputs.is_fork == 'false' | |
permissions: | |
contents: read | |
pages: write | |
id-token: write | |
environment: | |
name: github-pages | |
url: ${{ steps.deployment.outputs.page_url }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Deploy to GitHub Pages | |
id: deployment | |
uses: actions/deploy-pages@v4 | |
with: | |
artifact_name: ${{ env.docs_artifact }} | |
locales: | |
runs-on: ubuntu-latest | |
needs: [build, context] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
ref: ${{ github.event.pull_request.head.ref }} | |
repository: ${{ github.event.pull_request.head.repo.full_name }} | |
- name: Extract Locales | |
uses: ./.github/actions/run-docker | |
with: | |
digest: ${{ needs.build.outputs.digest }} | |
version: ${{ needs.build.outputs.version }} | |
compose_file: docker-compose.yml | |
run: make extract_locales | |
- name: Push Locales | |
if: | | |
github.event_name == 'push' || | |
github.event_name == 'pull_request' | |
shell: bash | |
run: | | |
is_fork="${{ needs.context.outputs.is_fork }}" | |
is_default_branch="${{ needs.context.outputs.is_default_branch }}" | |
is_push="${{ github.event_name == 'push' }}" | |
if [[ "$is_fork" == 'true' ]]; then | |
cat <<'EOF' | |
Github actions are not authorized to push from workflows triggered by forks. | |
We cannot verify if the l10n extraction push will work or not. | |
Please submit a PR from the base repository if you are modifying l10n extraction scripts. | |
EOF | |
else | |
if [[ "$is_default_branch" == 'true' && "$is_push" == 'true' ]]; then | |
args="" | |
else | |
args="--dry-run" | |
fi | |
make push_locales ARGS="${args}" | |
fi | |
test: | |
needs: build | |
uses: ./.github/workflows/_test.yml | |
with: | |
version: ${{ needs.build.outputs.version }} | |
digest: ${{ needs.build.outputs.digest }} | |
test_main: | |
needs: [context, build] | |
uses: ./.github/workflows/_test_main.yml | |
with: | |
version: ${{ needs.build.outputs.version }} | |
digest: ${{ needs.build.outputs.digest }} | |
push_dockerhub: | |
name: Push Production Docker Image (Dockerhub) | |
runs-on: ubuntu-latest | |
if: | | |
needs.context.outputs.is_release_master == 'true' || | |
needs.context.outputs.is_release_tag == 'true' | |
needs: [context, build, docs_build, locales, test, test_main] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Login to Dockerhub | |
id: docker_hub | |
uses: ./.github/actions/login-docker | |
with: | |
username: ${{ secrets.DOCKER_USER }} | |
password: ${{ secrets.DOCKER_PASS }} | |
- name: Build and Push Image | |
id: build | |
uses: ./.github/actions/build-docker | |
with: | |
registry: ${{ steps.docker_hub.outputs.registry }} | |
image: ${{ steps.docker_hub.outputs.image }} | |
version: ${{ needs.context.outputs.docker_version }} | |
target: production | |
push: true | |
push_gar: | |
name: Push Production Docker Image (GAR) | |
runs-on: ubuntu-latest | |
if: | | |
needs.context.outputs.is_release_master == 'true' || | |
needs.context.outputs.is_release_tag == 'true' | |
needs: [context, build, docs_build, locales, test, test_main] | |
permissions: | |
contents: 'read' | |
id-token: 'write' | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Login to GAR | |
id: docker_gar | |
uses: ./.github/actions/login-gar | |
with: | |
service_account: ${{ secrets.GAR_PUSHER_SERVICE_ACCOUNT_EMAIL }} | |
workload_identity_provider: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }} | |
- name: Build and Push Image | |
id: build | |
uses: ./.github/actions/build-docker | |
with: | |
registry: ${{ steps.docker_gar.outputs.registry }} | |
image: ${{ steps.docker_gar.outputs.image }} | |
version: ${{ needs.context.outputs.docker_version }} | |
target: production | |
push: true |