Skip to content
This repository has been archived by the owner on Oct 4, 2024. It is now read-only.

Bump actions/download-artifact from 2 to 4.1.7 in /.github/workflows #244

Bump actions/download-artifact from 2 to 4.1.7 in /.github/workflows

Bump actions/download-artifact from 2 to 4.1.7 in /.github/workflows #244

Workflow file for this run

name: Code CI
on:
push:
pull_request:
env:
# The target python version, which must match the Dockerfile version
CONTAINER_PYTHON: "3.12"
jobs:
lint:
# pull requests are a duplicate of a branch push if within the same repo.
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.repository
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install python packages
uses: ./.github/actions/install_requirements
with:
python_version: "3.12"
requirements_file: requirements-dev-3.x.txt
install_options: -e .[dev]
- name: Lint
run: tox -e pre-commit,mypy
test:
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.repository
strategy:
fail-fast: false
matrix:
os: ["ubuntu-latest"] # can add windows-latest, macos-latest
python: ["3.9", "3.10", "3.11", "3.12"]
install: ["-e .[dev]"]
# Make one version be non-editable to test both paths of version code
include:
- os: "ubuntu-latest"
python: "3.8"
install: ".[dev]"
runs-on: ${{ matrix.os }}
env:
# https://github.com/pytest-dev/pytest/issues/2042
PY_IGNORE_IMPORTMISMATCH: "1"
steps:
- name: Checkout
uses: actions/checkout@v4
with:
# Need this to get version number from last tag
fetch-depth: 0
- name: Install python packages
uses: ./.github/actions/install_requirements
with:
python_version: ${{ matrix.python }}
requirements_file: requirements-test-${{ matrix.os }}-${{ matrix.python }}.txt
install_options: ${{ matrix.install }}
- name: List dependency tree
run: pipdeptree
- name: Run tests
run: tox -e pytest
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
with:
name: ${{ matrix.python }}/${{ matrix.os }}
files: cov.xml
dist:
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.repository
runs-on: "ubuntu-latest"
steps:
- name: Checkout
uses: actions/checkout@v4
with:
# Need this to get version number from last tag
fetch-depth: 0
- name: Build sdist and wheel
run: |
export SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct) && \
pipx run build
- name: Upload sdist and wheel as artifacts
uses: actions/upload-artifact@v3
with:
name: dist
path: dist
- name: Check for packaging errors
run: pipx run twine check --strict dist/*
- name: Install python packages
uses: ./.github/actions/install_requirements
with:
python_version: ${{env.CONTAINER_PYTHON}}
requirements_file: requirements.txt
install_options: dist/*.whl
- name: Test module --version works using the installed wheel
# Check that the command line entry point works
run: gphotos-sync --version
release:
# upload to PyPI and make a release on every tag
needs: [lint, dist, test]
if: ${{ github.event_name == 'push' && github.ref_type == 'tag' }}
runs-on: ubuntu-latest
env:
HAS_PYPI_TOKEN: ${{ secrets.PYPI_TOKEN != '' }}
steps:
- uses: actions/[email protected]
- name: Fixup blank lockfiles
# Github release artifacts can't be blank
run: for f in lockfiles/*; do [ -s $f ] || echo '# No requirements' >> $f; done
- name: Github Release
# We pin to the SHA, not the tag, for security reasons.
# https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15
with:
prerelease: ${{ contains(github.ref_name, 'a') || contains(github.ref_name, 'b') || contains(github.ref_name, 'rc') }}
files: |
dist/*
lockfiles/*
generate_release_notes: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Publish to PyPI
if: ${{ env.HAS_PYPI_TOKEN }}
uses: pypa/gh-action-pypi-publish@release/v1
with:
password: ${{ secrets.PYPI_TOKEN }}
make-container:
needs: [lint, dist, test]
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: checkout
uses: actions/checkout@v2
- uses: actions/[email protected]
with:
name: dist
path: dist
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Log in to GitHub Docker Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: |
ghcr.io/${{ github.repository }}
# github repo and dockerhub tag must match for this to work
${{ github.repository }}
# all pull requests share a single tag 'pr'
tags: |
type=ref,event=branch
type=ref,event=tag
type=raw,value=latest,enable=${{ github.event_name != 'pull_request' }}
type=raw,value=pr
# required for multi-arch build
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
- name: Build runtime image
uses: docker/build-push-action@v3
with:
file: .devcontainer/Dockerfile
context: .
platforms: linux/amd64,linux/arm/v7,linux/arm64/v8
push: true
build-args: BASE=python:3.12-slim
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache