Merge pull request #130 from manics/dependabot-pin-dockerfile #340
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is a GitHub workflow defining a set of jobs with a set of steps. | |
# ref: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions | |
# | |
name: Release | |
# Always tests wheel building, but only publish to PyPI on pushed tags. | |
on: | |
pull_request: | |
paths-ignore: | |
- "docs/**" | |
- ".github/workflows/*.yaml" | |
- "!.github/workflows/release.yaml" | |
push: | |
paths-ignore: | |
- "docs/**" | |
- ".github/workflows/*.yaml" | |
- "!.github/workflows/release.yaml" | |
branches-ignore: | |
- "dependabot/**" | |
- "pre-commit-ci-update-config" | |
tags: ["**"] | |
workflow_dispatch: | |
jobs: | |
build-release: | |
runs-on: ubuntu-22.04 | |
permissions: | |
# id-token=write is required for pypa/gh-action-pypi-publish, and the PyPI | |
# project needs to be configured to trust this workflow. | |
# | |
# ref: https://github.com/jupyterhub/team-compass/issues/648 | |
# | |
id-token: write | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: "3.11" | |
- name: install build package | |
run: | | |
pip install --upgrade pip | |
pip install build | |
pip freeze | |
- name: build release | |
run: | | |
python -m build --sdist --wheel . | |
ls -l dist | |
- name: test to see if built js file is in the package | |
run: | | |
tar -tvf dist/*.tar.gz | grep dist/viewer.js | |
unzip -l dist/*.whl | grep dist/viewer.js | |
- name: publish to pypi | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
if: startsWith(github.ref, 'refs/tags/') | |
publish-images: | |
runs-on: ubuntu-22.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- vncserver: tigervnc | |
- vncserver: turbovnc | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up QEMU (for docker buildx) | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx (for multi-arch builds) | |
uses: docker/setup-buildx-action@v3 | |
- name: Make decisions on pushing and suffix (based on vnc server chosen) | |
id: decisions | |
run: | | |
if [ "${{ startsWith(github.ref, 'refs/tags/') || (github.ref == 'refs/heads/main') }}" = "true" ]; then | |
echo "push=true" >> $GITHUB_OUTPUT | |
else | |
echo "push=false" >> $GITHUB_OUTPUT | |
fi | |
# We provide image tags with -tigervnc and -turbovnc suffixes to allow | |
# for an explicit choice, but also ship with a default choice of | |
# TigerVNC. | |
if [ "${{ matrix.vncserver == 'tigervnc' }}" == "true" ]; then | |
echo 'suffix="",-${{ matrix.vncserver }}' >> $GITHUB_OUTPUT | |
else | |
echo "suffix=-${{ matrix.vncserver }}" >> $GITHUB_OUTPUT | |
fi | |
# For builds triggered by a git tag 1.2.3, we calculate image tags like: | |
# [{prefix}:1.2.3, {prefix}:1.2, {prefix}:1, {prefix}:latest] | |
# | |
# More details at | |
# https://github.com/jupyterhub/action-major-minor-tag-calculator. | |
# | |
- name: Get image tags | |
id: tags | |
uses: jupyterhub/action-major-minor-tag-calculator@v3 | |
with: | |
githubToken: ${{ secrets.GITHUB_TOKEN }} | |
prefix: "quay.io/jupyterhub/jupyter-remote-desktop-proxy:" | |
suffix: ${{ steps.decisions.outputs.suffix }} | |
branchRegex: ^\w[\w-.]*$ | |
defaultTag: quay.io/jupyterhub/jupyter-remote-desktop-proxy:noref | |
- name: Login to container registry | |
# Credentials to Quay.io was setup by... | |
# 1. Creating a [Robot Account](https://quay.io/organization/jupyterhub?tab=robots) | |
# 2. Giving it push permissions to the image repository | |
# 3. Adding Robot Account credentials as workflow environment secrets | |
if: steps.decisions.outputs.push == 'true' | |
run: | | |
docker login -u "${{ secrets.QUAY_USERNAME }}" -p "${{ secrets.QUAY_PASSWORD }}" quay.io | |
- name: Build and push image | |
uses: docker/build-push-action@v6 | |
with: | |
build-args: | | |
vncserver=${{ matrix.vncserver }} | |
context: . | |
platforms: linux/amd64,linux/arm64 | |
push: ${{ steps.decisions.outputs.push }} | |
tags: ${{ join(fromJson(steps.tags.outputs.tags)) }} |