try python 3.9.21 bookworm #444
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: nefarious ci/cd | |
| on: | |
| push: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| # https://github.com/docker/setup-qemu-action | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| # https://github.com/docker/setup-buildx-action | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_TOKEN }} | |
| - name: Set tag name | |
| id: tag_name | |
| shell: bash | |
| run: | | |
| # get and sanitize the branch name | |
| branch=${GITHUB_REF#refs/heads/} | |
| branch=${branch//\//-} | |
| # derive the docker image tag name from the git branch name | |
| if [[ $branch == 'master' ]]; then | |
| tag='latest' | |
| else | |
| tag="$branch" | |
| fi | |
| echo "TAG_NAME=$tag" >> $GITHUB_ENV | |
| - name: Build front-end image | |
| run: | | |
| set -e | |
| docker build -t lardbit/nefarious:frontend-$TAG_NAME -f Dockerfile-frontend . | |
| docker push lardbit/nefarious:frontend-$TAG_NAME | |
| - name: Build and Run tests | |
| run: | | |
| set -e | |
| # echo images | |
| docker images | |
| # build back-end app | |
| docker build --build-arg tag=$TAG_NAME -t lardbit/nefarious:$TAG_NAME . | |
| # create docker network to link containers | |
| docker network create tests | |
| # run redis | |
| docker run --network tests --name redis --rm -d redis | |
| # run unit tests | |
| docker run --network tests -e REDIS_HOST=redis --entrypoint /env/bin/python lardbit/nefarious:$TAG_NAME manage.py test | |
| - name: Build multi-arch images and push to registry | |
| run: | | |
| set -e | |
| # store git commit in image for version identification | |
| echo "$GITHUB_SHA" > src/.commit | |
| # build image (cache result) | |
| docker buildx build \ | |
| --platform linux/amd64,linux/arm64 \ | |
| --output "type=image,push=false" \ | |
| --cache-to "type=local,dest=/tmp/.buildx-cache" \ | |
| --build-arg tag=$TAG_NAME \ | |
| --tag lardbit/nefarious:${TAG_NAME} \ | |
| --file Dockerfile . | |
| # push image (from cached result) | |
| docker buildx build \ | |
| --platform linux/amd64,linux/arm64 \ | |
| --output "type=image,push=true" \ | |
| --cache-from "type=local,src=/tmp/.buildx-cache" \ | |
| --build-arg tag=$TAG_NAME \ | |
| --tag lardbit/nefarious:$TAG_NAME \ | |
| --file Dockerfile . |