Merge pull request #384 from felddy/dependabot/pip/pip-all-8301dc15d6 #2837
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Build | |
on: | |
push: | |
branches: | |
- '**' | |
pull_request: | |
release: | |
types: [edited, published] | |
schedule: | |
- cron: '0 10 * * *' # everyday at 10am | |
workflow_dispatch: | |
inputs: | |
dispatch-tag: | |
description: "Tag to apply to pushed images" | |
required: true | |
default: "dispatch" | |
permissions: | |
actions: read | |
contents: read | |
jobs: | |
diagnostics: | |
name: "Diagnostics" | |
uses: felddy/reusable-workflows/.github/workflows/diagnostics.yml@v2 | |
config: | |
name: "Config" | |
uses: ./.github/workflows/_config.yml | |
metadata: | |
name: "Metadata" | |
needs: [config] | |
uses: felddy/reusable-workflows/.github/workflows/docker-metadata.yml@v2 | |
with: | |
image_name: ${{ needs.config.outputs.image_name }} | |
docker-secrets: | |
name: "Docker secrets" | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check docker.com credentials | |
run: | | |
return_code=0 | |
if [ -z "${{ secrets.DOCKER_USERNAME }}" ]; then | |
echo "::warning::Set the DOCKER_USERNAME secret." | |
return_code=1 | |
fi | |
if [ -z "${{ secrets.DOCKER_PASSWORD }}" ]; then | |
echo "::warning::Set the DOCKER_PASSWORD secret." | |
return_code=1 | |
fi | |
exit $return_code | |
lint: | |
name: "Lint" | |
needs: [config] | |
uses: felddy/reusable-workflows/.github/workflows/common-lint.yml@v2 | |
build-test-image: | |
name: "Build test image" | |
needs: | |
- config | |
- lint | |
- metadata | |
uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@v2 | |
with: | |
artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ needs.config.outputs.test_platform }} | |
build_arg_1_name: VERSION | |
cache_from_scopes: ${{ needs.config.outputs.test_platform }} | |
cache_to_scope: ${{ needs.config.outputs.test_platform }} | |
image_archive_name_stem: ${{ needs.config.outputs.test_platform }} | |
image_labels: ${{ needs.metadata.outputs.image_labels }} | |
platforms: ${{ needs.config.outputs.test_platform }} | |
secrets: | |
build_arg_1_value: ${{ needs.metadata.outputs.source_version }} | |
test-normal-image: | |
name: "Test image" | |
needs: | |
- build-test-image | |
- config | |
uses: felddy/reusable-workflows/.github/workflows/docker-pytest-image.yml@v2 | |
with: | |
data_artifact_name: ${{ needs.config.outputs.data_artifact_name }} | |
data_artifact_path: ${{ needs.config.outputs.data_artifact_path }} | |
image_artifact_name: ${{ needs.build-test-image.outputs.artifact_name }} | |
image_archive_name: ${{ needs.build-test-image.outputs.image_archive_name }} | |
build-each-platform: | |
name: "Build platform" | |
needs: | |
- config | |
- lint | |
- metadata | |
- test-normal-image | |
if: github.event_name != 'pull_request' | |
strategy: | |
matrix: | |
platform: ${{ fromJson(needs.config.outputs.platforms_json) }} | |
exclude: | |
- platform: ${{ needs.config.outputs.test_platform }} | |
uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@v2 | |
with: | |
artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ matrix.platform }} | |
build_arg_1_name: VERSION | |
cache_from_scopes: ${{ matrix.platform }} | |
cache_to_scope: ${{ matrix.platform }} | |
image_labels: ${{ needs.metadata.outputs.image_labels }} | |
image_archive_name_stem: ${{ matrix.platform }} | |
platforms: ${{ matrix.platform }} | |
secrets: | |
build_arg_1_value: ${{ needs.metadata.outputs.source_version }} | |
generate-sboms: | |
name: "Bill of Materials" | |
needs: | |
- build-each-platform | |
- config | |
permissions: | |
contents: write | |
strategy: | |
matrix: | |
platform: ${{ fromJson(needs.config.outputs.platforms_json) }} | |
uses: felddy/reusable-workflows/.github/workflows/sbom-artifact.yml@v2 | |
with: | |
image_artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ matrix.platform }} | |
sbom_artifact_name: ${{ needs.config.outputs.sbom_artifact_name_stem }}-${{ matrix.platform }} | |
build-multi-arch-image: | |
name: "Publish image" | |
needs: | |
- build-each-platform | |
- config | |
- docker-secrets | |
- metadata | |
if: github.event_name != 'pull_request' | |
permissions: | |
packages: write | |
uses: felddy/reusable-workflows/.github/workflows/docker-multi-arch-push.yml@v2 | |
with: | |
artifact_name_pattern: ${{ needs.config.outputs.image_artifact_name_stem }}-* | |
image_tags: ${{ needs.metadata.outputs.image_tags }} | |
secrets: | |
docker_password: ${{ secrets.DOCKER_PASSWORD }} | |
docker_username: ${{ secrets.DOCKER_USERNAME }} | |
publish-readme: | |
name: "Publish docs" | |
needs: | |
- build-multi-arch-image | |
- config | |
- docker-secrets | |
- metadata | |
if: needs.metadata.outputs.latest == 'true' | |
uses: felddy/reusable-workflows/.github/workflows/docker-publish-description.yml@v2 | |
with: | |
image_name: ${{ needs.config.outputs.image_name }} | |
secrets: | |
docker_password: ${{ secrets.DOCKER_PASSWORD }} | |
docker_username: ${{ secrets.DOCKER_USERNAME }} |