Skip to content

Bump docker/login-action from 2 to 3 #770

Bump docker/login-action from 2 to 3

Bump docker/login-action from 2 to 3 #770

Workflow file for this run

name: CI
'on':
push:
branches-ignore:
# These should always correspond to pull requests, so ignore them for
# the push trigger and let them be triggered by the pull_request
# trigger, avoiding running the workflow twice. This is a minor
# optimization so there's no need to ensure this is comprehensive.
- 'dependabot/**'
- 'renovate/**'
- 'tickets/**'
- 'u/**'
tags:
- '*'
pull_request: {}
jobs:
test:
runs-on: ubuntu-latest
strategy:
matrix:
python:
- '3.9'
- '3.10'
steps:
- uses: actions/checkout@v3
- name: Set up Node
uses: actions/setup-node@v3
with:
cache: 'npm'
node-version-file: '.nvmrc'
- name: npm install and build
run: |
npm install
npm run build
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python }}
- name: Run pre-commit
uses: pre-commit/[email protected]
- name: Install tox
run: pip install tox
- name: Cache tox environments
id: cache-tox
uses: actions/cache@v3
with:
path: .tox
# requirements/*.txt and pyproject.toml have versioning info
# that would impact the tox environment.
key: tox-${{ matrix.python }}-${{ hashFiles('requirements/*.txt') }}-${{ hashFiles('pyproject.toml') }}
restore-keys: |
tox-${{ matrix.python }}-${{ hashFiles('requirements/*.txt') }}-
- name: Stash Google credentials
run: echo "$GOOGLE_CREDS" > /tmp/google_creds.json
shell: bash
env:
GOOGLE_CREDS: ${{ secrets.GOOGLE_CREDS }}
- name: Run tox
run: tox -e py,coverage-report,typing
env:
GOOGLE_APPLICATION_CREDENTIALS: '/tmp/google_creds.json'
build:
runs-on: ubuntu-latest
needs: [test]
# Only do Docker builds of tagged releases and pull requests from ticket
# branches. This will still trigger on pull requests from untrusted
# repositories whose branch names match our tickets/* branch convention,
# but in this case the build will fail with an error since the secret
# won't be set.
if: >
startsWith(github.ref, 'refs/tags/') || startsWith(github.head_ref, 'tickets/') || startsWith(github.ref, 'refs/heads/develop')
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: actions/setup-node@v3
with:
cache: 'npm'
node-version-file: '.nvmrc'
- name: npm install and build
run: |
npm install
npm run build
- name: Define the Docker tag
id: vars
run: echo "tag=$(scripts/docker-tag.sh)" >> $GITHUB_OUTPUT
- name: Print the tag
id: print
run: echo ${{ steps.vars.outputs.tag }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v4
with:
context: .
push: true
tags: |
lsstsqre/rubintv:${{ steps.vars.outputs.tag }}
ghcr.io/lsst-sqre/rubintv:${{ steps.vars.outputs.tag }}
cache-from: type=gha
cache-to: type=gha,mode=max