fix: Properly collect Python dependencies during image build. Next attempt at build cache #214
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: main | |
on: | |
pull_request: | |
release: | |
types: [published] | |
push: | |
branches: | |
- main | |
- master | |
jobs: | |
tests: | |
name: Tests | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- os: ubuntu-latest | |
python: 3.8 | |
toxenv: py | |
- os: ubuntu-latest | |
python: 3.9 | |
toxenv: py | |
- os: ubuntu-latest | |
python: '3.10' | |
toxenv: py | |
- os: ubuntu-latest | |
python: '3.11' | |
toxenv: py | |
- os: ubuntu-latest | |
python: '3.12' | |
toxenv: py | |
runs-on: ${{ matrix.os }} | |
outputs: | |
version: ${{ steps.package-version.outputs.VALUE }} | |
steps: | |
- name: Checkout the code | |
uses: actions/checkout@v3 | |
with: | |
# Disable shallow clone for Sonar scanner, as it needs access to the | |
# history | |
fetch-depth: 0 | |
- name: Set Python up | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ matrix.python }} | |
- name: Install testing tools | |
run: >- | |
python -m pip install --upgrade setuptools pip tox virtualenv coverage | |
- name: Run the tests | |
run: tox -e ${{ matrix.toxenv }} | |
- name: Generage Coverage combined XML report | |
run: coverage xml | |
- name: Determine package version | |
id: package-version | |
run: | | |
package_version=`cat version.txt` | |
echo "VALUE=$package_version" >> $GITHUB_OUTPUT | |
- name: SonarCloud scanning | |
uses: sonarsource/sonarcloud-github-action@master | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
with: | |
# yamllint disable rule:line-length | |
args: >- | |
-Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }} | |
-Dsonar.organization=${{ github.repository_owner }} | |
-Dsonar.projectVersion=${{ steps.package-version.outputs.VALUE }} | |
# yamllint enable rule:line-length | |
pypi-publish: | |
name: Publish to PyPi | |
runs-on: ubuntu-latest | |
# PyPi disallows to publish packages with direct dependencies (GitHub | |
# sourced dependency in this case), so disable publishing for now | |
if: false | |
needs: [tests] | |
steps: | |
- name: Checkout the code | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 # `setuptools_scm` needs tags | |
- name: Set Python up | |
uses: actions/setup-python@v4 | |
with: | |
python-version: 3.9 | |
- name: Install the PEP517 package builder | |
run: python -m pip install --upgrade build | |
- name: Build the package | |
run: python -m build | |
- name: Publish the package to Test PyPi | |
# Skip publishing to test PyPI if we're performing release, there might | |
# be already the version of the package from the merge to master branch | |
if: github.event_name != 'release' | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
with: | |
password: ${{ secrets.TEST_PYPI_TOKEN }} | |
repository_url: https://test.pypi.org/legacy/ | |
- name: Publish the release to PyPi | |
# Publish to production PyPi only happens when a release published out | |
# of the main branch | |
if: >- | |
github.event_name == 'release' | |
&& github.event.action == 'published' | |
&& (github.event.release.target_commitish == 'main' | |
|| github.event.release.target_commitish == 'master') | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
with: | |
password: ${{ secrets.PYPI_TOKEN }} | |
docker-publish: | |
name: Build and publish Docker images | |
runs-on: ubuntu-latest | |
needs: [tests] | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout the code | |
uses: actions/checkout@v3 | |
- name: Set up QEMU for more platforms supported by Buildx | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Prepare Docker metadata | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ghcr.io/${{ github.repository }} | |
tags: | | |
type=pep440,pattern={{raw}},value=${{ needs.tests.outputs.version }} | |
type=raw,value=latest,enable=${{ | |
github.event_name == 'release' | |
&& github.event.action == 'published' | |
&& (github.event.release.target_commitish == 'main' | |
|| github.event.release.target_commitish == 'master') | |
}} | |
type=ref,event=pr | |
type=edge | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and push images | |
uses: docker/build-push-action@v6 | |
with: | |
platforms: linux/arm/v7,linux/arm/v6,linux/arm64 | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
annotations: ${{ steps.meta.outputs.annotations }} | |
build-args: | | |
VERSION=${{ needs.tests.outputs.version }} | |
# Cache the buildx cache between builds using GitHub registry | |
cache-from: | | |
type=registry,ref=ghcr.io/${{ github.repository }}/buildcache:latest | |
cache-to: | | |
type=registry,ref=ghcr.io/${{ github.repository }}/buildcache:latest,mode=max |