Merge pull request #167 from shanejbrown/convert-to-python-on-whales-… #648
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
# Only run workflow when there is push to main or when there is a pull request to main | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
jobs: | |
test: | |
# When running with act (https://github.com/nektos/act), these lines need to be appended with the ACT variable | |
# to force each job to run | |
if: github.repository == 'adobe/buildrunner' #|| ${{ env.ACT }} | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
python-version: | |
- 3.8 | |
- 3.9 | |
- '3.10' | |
- '3.11' | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Set up Python ${{ matrix.python-version }} | |
uses: actions/setup-python@v2 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Install dependencies | |
run: | | |
python -m pip install --upgrade pip | |
pip install -r requirements.txt | |
pip install -r test_requirements.txt | |
- name: Pre-commit checks | |
run: pre-commit run --all-files | |
- name: Write SSH keys | |
env: | |
# These were generated with: | |
# ssh-keygen -t ecdsa -m PEM '' | |
# and then installed as a read-only deploy key on the buildrunner repository | |
# | |
# Since this is a public repository and the key provides the same rights that even anonymous users have, | |
# this key is rather worthless and can be stored safely in code here. This *could* be used as a secret, | |
# but since secrets are not available to forks, we cannot test SSH functionality in PRs which defeats | |
# the purpose somewhat. | |
# | |
# Please note that for the SSH unit tests to pass on a local machine, the private key needs to be placed in ~/.ssh/buildrunner-deploy-id_rsa | |
DEPLOY_SSH_KEY: "-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\nQyNTUxOQAAACBasvUoRzAAdHZ5nFWtDR/5DQU+FWtDYNXD0xPGSdjKtwAAAJiLXobki16G\n5AAAAAtzc2gtZWQyNTUxOQAAACBasvUoRzAAdHZ5nFWtDR/5DQU+FWtDYNXD0xPGSdjKtw\nAAAEBcRwB1PEnUHF5aK6q3JYyuOlT+adQ0mcRrIxsmJiiq1Vqy9ShHMAB0dnmcVa0NH/kN\nBT4Va0Ng1cPTE8ZJ2Mq3AAAAEWJ1aWxkcnVubmVyQGFkb2JlAQIDBA==\n-----END OPENSSH PRIVATE KEY-----" | |
DEPLOY_SSH_KEY_PUB: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFqy9ShHMAB0dnmcVa0NH/kNBT4Va0Ng1cPTE8ZJ2Mq3 buildrunner@adobe" | |
run: | | |
mkdir -p ~/.ssh | |
printf -- "$DEPLOY_SSH_KEY" > ~/.ssh/buildrunner-deploy-id_rsa | |
printf -- "$DEPLOY_SSH_KEY_PUB" > ~/.ssh/buildrunner-deploy-id_rsa.pub | |
chmod 700 ~/.ssh | |
chmod 600 ~/.ssh/buildrunner-deploy-* | |
- name: Test with pytest | |
run: | | |
pytest -v -m "not serial" --numprocesses=auto --junitxml=test-reports/non-serial-test-results.xml | |
pytest -v -m "serial" --junitxml=test-reports/serial-test-results.xml | |
python scripts/combine_xml.py test-reports/serial-test-results.xml test-reports/non-serial-test-results.xml > test-reports/test-result.xml | |
- name: Publish test results | |
uses: EnricoMi/publish-unit-test-result-action/linux@v2 | |
if: always() | |
with: | |
files: test-reports/test-results.xml | |
check_name: "Test Results ${{ matrix.python-version }}" | |
github_retries: 10 | |
secondary_rate_limit_wait_seconds: 60.0 | |
tag-commit: | |
if: github.repository == 'adobe/buildrunner' && github.event_name == 'push' && github.ref == 'refs/heads/main' | |
runs-on: ubuntu-latest | |
needs: test | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
# Fetch all history instead of the latest commit | |
fetch-depth: 0 | |
- name: Get and set version in env | |
run: echo "CURRENT_VERSION=$( python setup.py --version )" >> $GITHUB_ENV | |
- name: Print current version | |
run: echo CURRENT_VERSION ${{ env.CURRENT_VERSION }} | |
- name: Tag commit | |
run: git tag ${{ env.CURRENT_VERSION }} && git push --tags | |
publish-pypi: | |
if: github.repository == 'adobe/buildrunner' | |
runs-on: ubuntu-latest | |
needs: test | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
# Fetch all history instead of the latest commit | |
fetch-depth: 0 | |
- name: Set up Python | |
uses: actions/setup-python@v2 | |
with: | |
python-version: 3.8 | |
- name: Remove version file | |
# This is just in case something else created it, destroy it to get a fresh version | |
run: rm -f buildrunner/version.py | |
- name: Install wheel | |
run: pip install wheel build | |
- name: Build | |
run: python -m build | |
- name: Check upload | |
run: pip install twine && twine check dist/* | |
- name: Publish to PyPi | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
# Only publish on pushes to main | |
if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
with: | |
user: __token__ | |
password: ${{ secrets.ADOBE_BOT_PYPI_TOKEN }} | |
publish-docker: | |
if: github.repository == 'adobe/buildrunner' | |
runs-on: ubuntu-latest | |
needs: test | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
# Fetch all history instead of the latest commit | |
fetch-depth: 0 | |
- name: Get and set version in env | |
run: echo "CURRENT_VERSION=$( python setup.py --version )" >> $GITHUB_ENV | |
- name: Print current version | |
run: echo CURRENT_VERSION ${{ env.CURRENT_VERSION }} | |
- name: Docker Tags | |
id: docker_tags | |
uses: docker/metadata-action@v3 | |
with: | |
images: ghcr.io/adobe/buildrunner | |
tags: | | |
latest | |
${{ env.CURRENT_VERSION }} | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v1 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
# Buildx is used to build multi-platform images | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v1 | |
# Login to the docker registry | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v1 | |
# Only login if this a push to main | |
if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and Push Image | |
uses: docker/build-push-action@v2 | |
with: | |
context: . | |
# Only push images if this is a push to main | |
push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
platforms: linux/amd64,linux/arm64 | |
tags: ${{ steps.docker_tags.outputs.tags }} | |
labels: ${{ steps.docker_tags.outputs.labels }} |