From 42582f21cf94f5e22f46b95a9d6f44fb4481498d Mon Sep 17 00:00:00 2001 From: eli Date: Mon, 22 Jul 2024 16:46:15 -0700 Subject: [PATCH 01/26] added pypi release --- .github/workflows/on_release.yml | 60 ++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 736a64f0..61b0fc79 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -29,6 +29,13 @@ jobs: # - Pushes images (built at BUILD PHASE) to docker hub. docker_build_and_publish: runs-on: ubuntu-latest + environment: + name: pypi + url: https://pypi.org/p/permit + permissions: + id-token: write + contents: write # 'write' access to repository contents + pull-requests: write # 'write' access to pull requests steps: # BUILD PHASE - name: Checkout @@ -167,3 +174,56 @@ jobs: tags: | permitio/opal-server:latest permitio/opal-server:${{ env.opal_version_tag }} + + - name: Python setup + uses: actions/setup-python@v5 + with: + python-version: '3.11.8' + + # This is the root file representing the package for all the sub-packages. + - name: Bump version - packaging__.py + if: github.event_name == 'release' && github.event.action == 'created' + run: | + version_tag=${{ github.event.release.tag_name }} + sed -i "s/__version__ = \".*\"/__version__ = \"${version_tag}\"/" packages/opal-client/__packaging__.py + git config --local user.email "eli@permit.io" + git config --local user.name "elimoshkovich" + git add packages/opal-client/__packaging__.py + git commit -m "Bump version to ${version_tag}" + + - name: Cleanup setup.py and Build every sub-packages + run: | + pip install wheel + cd packages/opal-common/ ; rm -rf *.egg-info build/ dist/ + python setup.py sdist bdist_wheel + cd ../.. + cd packages/opal-client/ ; rm -rf *.egg-info build/ dist/ + python setup.py sdist bdist_wheel + cd ../.. + cd packages/opal-server/ ; rm -rf *.egg-info build/ dist/ + python setup.py sdist bdist_wheel + cd ../.. + + - name: Publish package distributions to PyPI - Opal-Common + uses: pypa/gh-action-pypi-publish@release/v1 + with: + password: ${{ secrets.PYPI_TOKEN }} + packages-dir: packages/opal-common/ + + - name: Publish package distributions to PyPI - Opal-Client + uses: pypa/gh-action-pypi-publish@release/v1 + with: + password: ${{ secrets.PYPI_TOKEN }} + packages-dir: packages/opal-client/ + + - name: Publish package distributions to PyPI - Opal-Server + uses: pypa/gh-action-pypi-publish@release/v1 + with: + password: ${{ secrets.PYPI_TOKEN }} + packages-dir: packages/opal-server/ + + - name: Push changes of __packaging__.py to GitHub + uses: ad-m/github-push-action@master + with: + github_token: ${{ secrets.TOKEN_GITHUB }} + branch: main \ No newline at end of file From d860040da5798cf793a6629f37144333646ed0f9 Mon Sep 17 00:00:00 2001 From: eli Date: Mon, 22 Jul 2024 16:48:07 -0700 Subject: [PATCH 02/26] push to master --- .github/workflows/on_release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 61b0fc79..ba508db9 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -226,4 +226,4 @@ jobs: uses: ad-m/github-push-action@master with: github_token: ${{ secrets.TOKEN_GITHUB }} - branch: main \ No newline at end of file + branch: master \ No newline at end of file From 0b601ad7ae6d2babefeba700339e6d477ba7daa0 Mon Sep 17 00:00:00 2001 From: eli Date: Mon, 22 Jul 2024 16:49:33 -0700 Subject: [PATCH 03/26] pre commit --- .github/workflows/on_release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index ba508db9..8035ac46 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -203,7 +203,7 @@ jobs: cd packages/opal-server/ ; rm -rf *.egg-info build/ dist/ python setup.py sdist bdist_wheel cd ../.. - + - name: Publish package distributions to PyPI - Opal-Common uses: pypa/gh-action-pypi-publish@release/v1 with: @@ -226,4 +226,4 @@ jobs: uses: ad-m/github-push-action@master with: github_token: ${{ secrets.TOKEN_GITHUB }} - branch: master \ No newline at end of file + branch: master From 7d0119947d186d76754a5223b59122f5c0352a7b Mon Sep 17 00:00:00 2001 From: eli Date: Mon, 22 Jul 2024 16:51:38 -0700 Subject: [PATCH 04/26] if condition added --- .github/workflows/on_release.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 8035ac46..49083a41 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -176,6 +176,7 @@ jobs: permitio/opal-server:${{ env.opal_version_tag }} - name: Python setup + if: github.event_name == 'release' && github.event.action == 'created' uses: actions/setup-python@v5 with: python-version: '3.11.8' @@ -192,6 +193,7 @@ jobs: git commit -m "Bump version to ${version_tag}" - name: Cleanup setup.py and Build every sub-packages + if: github.event_name == 'release' && github.event.action == 'created' run: | pip install wheel cd packages/opal-common/ ; rm -rf *.egg-info build/ dist/ @@ -205,24 +207,28 @@ jobs: cd ../.. - name: Publish package distributions to PyPI - Opal-Common + if: github.event_name == 'release' && github.event.action == 'created' uses: pypa/gh-action-pypi-publish@release/v1 with: password: ${{ secrets.PYPI_TOKEN }} packages-dir: packages/opal-common/ - name: Publish package distributions to PyPI - Opal-Client + if: github.event_name == 'release' && github.event.action == 'created' uses: pypa/gh-action-pypi-publish@release/v1 with: password: ${{ secrets.PYPI_TOKEN }} packages-dir: packages/opal-client/ - name: Publish package distributions to PyPI - Opal-Server + if: github.event_name == 'release' && github.event.action == 'created' uses: pypa/gh-action-pypi-publish@release/v1 with: password: ${{ secrets.PYPI_TOKEN }} packages-dir: packages/opal-server/ - name: Push changes of __packaging__.py to GitHub + if: github.event_name == 'release' && github.event.action == 'created' uses: ad-m/github-push-action@master with: github_token: ${{ secrets.TOKEN_GITHUB }} From b79c29c1ec4482707a9f35213c49a9e35a0961a0 Mon Sep 17 00:00:00 2001 From: eli Date: Tue, 23 Jul 2024 11:51:29 -0700 Subject: [PATCH 05/26] wip1 --- .github/workflows/on_release.yml | 342 ++++++++++++++++--------------- 1 file changed, 172 insertions(+), 170 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 49083a41..7fc63146 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -1,8 +1,8 @@ name: Build and publish to Docker Hub -on: - release: - # job will automatically run after a new "release" is create on github. - types: [created] +on: push + # release: + # # job will automatically run after a new "release" is create on github. + # types: [created] # Allows you to run this workflow manually from the Actions tab workflow_dispatch: @@ -43,157 +43,159 @@ jobs: with: fetch-depth: 0 - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - - name: Login to DockerHub - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Get version tag from github release - if: github.event_name == 'release' && github.event.action == 'created' - run: | - echo "opal_version_tag=${{ github.event.release.tag_name }}" >> $GITHUB_ENV - - - name: Get version tag from git history - if: ${{ !(github.event_name == 'release' && github.event.action == 'created') }} - run: | - echo "opal_version_tag=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV - - - name: Echo version tag - run: | - echo "The version tag that will be published to docker hub is: ${{ env.opal_version_tag }}" - - - name: Build client for testing - id: build_client - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - push: false - target: client - cache-from: type=registry,ref=permitio/opal-client:latest - cache-to: type=inline - load: true - tags: | - permitio/opal-client:test - - - name: Build server for testing - id: build_server - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - push: false - target: server - cache-from: type=registry,ref=permitio/opal-server:latest - cache-to: type=inline - load: true - tags: | - permitio/opal-server:test - - # TEST PHASE - - name: Create modified docker compose file - run: sed 's/:latest/:test/g' docker/docker-compose-example.yml > docker/docker-compose-test.yml - - - name: Bring up stack - run: docker-compose -f docker/docker-compose-test.yml up -d - - - name: Check if OPA is healthy - run: ./scripts/wait-for.sh -t 60 http://localhost:8181/v1/data/users -- sleep 10 && curl -s "http://localhost:8181/v1/data/users" | jq '.result.bob.location.country == "US"' - - - name: Output container logs - run: docker-compose -f docker/docker-compose-test.yml logs - - # PUSH PHASE - - name: Output local docker images - run: docker image ls --digests | grep opal - - # pushes the *same* docker images that were previously tested as part of e2e sanity test. - # each image is pushed with the versioned tag first, if it succeeds the image is pushed with the latest tag as well. - - name: Build & Push client - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - id: build_push_client - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - platforms: linux/amd64,linux/arm64 - push: true - target: client - cache-from: type=registry,ref=permitio/opal-client:latest - cache-to: type=inline - tags: | - permitio/opal-client:latest - permitio/opal-client:${{ env.opal_version_tag }} - -# - name: Build & Push client cedar -# if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} -# id: build_push_client_cedar -# uses: docker/build-push-action@v4 -# with: -# file: docker/Dockerfile -# platforms: linux/amd64,linux/arm64 -# push: true -# target: client-cedar -# cache-from: type=registry,ref=permitio/opal-client-cedar:latest -# cache-to: type=inline -# tags: | -# permitio/opal-client-cedar:latest -# permitio/opal-client-cedar:${{ env.opal_version_tag }} - - - name: Build client-standalone - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - id: build_push_client_standalone - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - platforms: linux/amd64,linux/arm64 - push: true - target: client-standalone - cache-from: type=registry,ref=permitio/opal-client-standalone:latest - cache-to: type=inline - tags: | - permitio/opal-client-standalone:latest - permitio/opal-client-standalone:${{ env.opal_version_tag }} - - - name: Build server - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - id: build_push_server - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - platforms: linux/amd64,linux/arm64 - push: true - target: server - cache-from: type=registry,ref=permitio/opal-server:latest - cache-to: type=inline - tags: | - permitio/opal-server:latest - permitio/opal-server:${{ env.opal_version_tag }} +# - name: Set up QEMU +# uses: docker/setup-qemu-action@v2 + +# - name: Set up Docker Buildx +# uses: docker/setup-buildx-action@v2 + +# - name: Login to DockerHub +# if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} +# uses: docker/login-action@v2 +# with: +# username: ${{ secrets.DOCKERHUB_USERNAME }} +# password: ${{ secrets.DOCKERHUB_TOKEN }} + +# - name: Get version tag from github release +# if: github.event_name == 'release' && github.event.action == 'created' +# run: | +# echo "opal_version_tag=${{ github.event.release.tag_name }}" >> $GITHUB_ENV + +# - name: Get version tag from git history +# if: ${{ !(github.event_name == 'release' && github.event.action == 'created') }} +# run: | +# echo "opal_version_tag=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV + +# - name: Echo version tag +# run: | +# echo "The version tag that will be published to docker hub is: ${{ env.opal_version_tag }}" + +# - name: Build client for testing +# id: build_client +# uses: docker/build-push-action@v4 +# with: +# file: docker/Dockerfile +# push: false +# target: client +# cache-from: type=registry,ref=permitio/opal-client:latest +# cache-to: type=inline +# load: true +# tags: | +# permitio/opal-client:test + +# - name: Build server for testing +# id: build_server +# uses: docker/build-push-action@v4 +# with: +# file: docker/Dockerfile +# push: false +# target: server +# cache-from: type=registry,ref=permitio/opal-server:latest +# cache-to: type=inline +# load: true +# tags: | +# permitio/opal-server:test + +# # TEST PHASE +# - name: Create modified docker compose file +# run: sed 's/:latest/:test/g' docker/docker-compose-example.yml > docker/docker-compose-test.yml + +# - name: Bring up stack +# run: docker-compose -f docker/docker-compose-test.yml up -d + +# - name: Check if OPA is healthy +# run: ./scripts/wait-for.sh -t 60 http://localhost:8181/v1/data/users -- sleep 10 && curl -s "http://localhost:8181/v1/data/users" | jq '.result.bob.location.country == "US"' + +# - name: Output container logs +# run: docker-compose -f docker/docker-compose-test.yml logs + +# # PUSH PHASE +# - name: Output local docker images +# run: docker image ls --digests | grep opal + +# # pushes the *same* docker images that were previously tested as part of e2e sanity test. +# # each image is pushed with the versioned tag first, if it succeeds the image is pushed with the latest tag as well. +# - name: Build & Push client +# if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} +# id: build_push_client +# uses: docker/build-push-action@v4 +# with: +# file: docker/Dockerfile +# platforms: linux/amd64,linux/arm64 +# push: true +# target: client +# cache-from: type=registry,ref=permitio/opal-client:latest +# cache-to: type=inline +# tags: | +# permitio/opal-client:latest +# permitio/opal-client:${{ env.opal_version_tag }} + +# # - name: Build & Push client cedar +# # if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} +# # id: build_push_client_cedar +# # uses: docker/build-push-action@v4 +# # with: +# # file: docker/Dockerfile +# # platforms: linux/amd64,linux/arm64 +# # push: true +# # target: client-cedar +# # cache-from: type=registry,ref=permitio/opal-client-cedar:latest +# # cache-to: type=inline +# # tags: | +# # permitio/opal-client-cedar:latest +# # permitio/opal-client-cedar:${{ env.opal_version_tag }} + +# - name: Build client-standalone +# if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} +# id: build_push_client_standalone +# uses: docker/build-push-action@v4 +# with: +# file: docker/Dockerfile +# platforms: linux/amd64,linux/arm64 +# push: true +# target: client-standalone +# cache-from: type=registry,ref=permitio/opal-client-standalone:latest +# cache-to: type=inline +# tags: | +# permitio/opal-client-standalone:latest +# permitio/opal-client-standalone:${{ env.opal_version_tag }} + +# - name: Build server +# if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} +# id: build_push_server +# uses: docker/build-push-action@v4 +# with: +# file: docker/Dockerfile +# platforms: linux/amd64,linux/arm64 +# push: true +# target: server +# cache-from: type=registry,ref=permitio/opal-server:latest +# cache-to: type=inline +# tags: | +# permitio/opal-server:latest +# permitio/opal-server:${{ env.opal_version_tag }} - name: Python setup - if: github.event_name == 'release' && github.event.action == 'created' + #if: github.event_name == 'release' && github.event.action == 'created' uses: actions/setup-python@v5 with: python-version: '3.11.8' # This is the root file representing the package for all the sub-packages. - name: Bump version - packaging__.py - if: github.event_name == 'release' && github.event.action == 'created' + #if: github.event_name == 'release' && github.event.action == 'created' run: | - version_tag=${{ github.event.release.tag_name }} + #version_tag=${{ github.event.release.tag_name }} + version_tag=3.5.1 sed -i "s/__version__ = \".*\"/__version__ = \"${version_tag}\"/" packages/opal-client/__packaging__.py - git config --local user.email "eli@permit.io" - git config --local user.name "elimoshkovich" - git add packages/opal-client/__packaging__.py - git commit -m "Bump version to ${version_tag}" + cat packages/opal-client/__packaging__.py + # git config --local user.email "eli@permit.io" + # git config --local user.name "elimoshkovich" + # git add packages/opal-client/__packaging__.py + # git commit -m "Bump version to ${version_tag}" - name: Cleanup setup.py and Build every sub-packages - if: github.event_name == 'release' && github.event.action == 'created' + #if: github.event_name == 'release' && github.event.action == 'created' run: | pip install wheel cd packages/opal-common/ ; rm -rf *.egg-info build/ dist/ @@ -206,30 +208,30 @@ jobs: python setup.py sdist bdist_wheel cd ../.. - - name: Publish package distributions to PyPI - Opal-Common - if: github.event_name == 'release' && github.event.action == 'created' - uses: pypa/gh-action-pypi-publish@release/v1 - with: - password: ${{ secrets.PYPI_TOKEN }} - packages-dir: packages/opal-common/ - - - name: Publish package distributions to PyPI - Opal-Client - if: github.event_name == 'release' && github.event.action == 'created' - uses: pypa/gh-action-pypi-publish@release/v1 - with: - password: ${{ secrets.PYPI_TOKEN }} - packages-dir: packages/opal-client/ - - - name: Publish package distributions to PyPI - Opal-Server - if: github.event_name == 'release' && github.event.action == 'created' - uses: pypa/gh-action-pypi-publish@release/v1 - with: - password: ${{ secrets.PYPI_TOKEN }} - packages-dir: packages/opal-server/ - - - name: Push changes of __packaging__.py to GitHub - if: github.event_name == 'release' && github.event.action == 'created' - uses: ad-m/github-push-action@master - with: - github_token: ${{ secrets.TOKEN_GITHUB }} - branch: master + # - name: Publish package distributions to PyPI - Opal-Common + # if: github.event_name == 'release' && github.event.action == 'created' + # uses: pypa/gh-action-pypi-publish@release/v1 + # with: + # password: ${{ secrets.PYPI_TOKEN }} + # packages-dir: packages/opal-common/ + + # - name: Publish package distributions to PyPI - Opal-Client + # if: github.event_name == 'release' && github.event.action == 'created' + # uses: pypa/gh-action-pypi-publish@release/v1 + # with: + # password: ${{ secrets.PYPI_TOKEN }} + # packages-dir: packages/opal-client/ + + # - name: Publish package distributions to PyPI - Opal-Server + # if: github.event_name == 'release' && github.event.action == 'created' + # uses: pypa/gh-action-pypi-publish@release/v1 + # with: + # password: ${{ secrets.PYPI_TOKEN }} + # packages-dir: packages/opal-server/ + + # - name: Push changes of __packaging__.py to GitHub + # if: github.event_name == 'release' && github.event.action == 'created' + # uses: ad-m/github-push-action@master + # with: + # github_token: ${{ secrets.TOKEN_GITHUB }} + # branch: master From b4e6f9c6faf77179583ce4dd3d39e301d004b2d2 Mon Sep 17 00:00:00 2001 From: eli Date: Tue, 23 Jul 2024 11:52:32 -0700 Subject: [PATCH 06/26] wip2 --- .github/workflows/on_release.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 7fc63146..72abba6a 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -5,12 +5,12 @@ on: push # types: [created] # Allows you to run this workflow manually from the Actions tab - workflow_dispatch: - inputs: - dry_run: - description: 'If true, will not push the built images to docker hub.' - required: false - default: 'false' + # workflow_dispatch: + # inputs: + # dry_run: + # description: 'If true, will not push the built images to docker hub.' + # required: false + # default: 'false' jobs: # this job will build, test and (potentially) push the docker images to docker hub From e9f596811e825c13e42a36072af759690c6e89c8 Mon Sep 17 00:00:00 2001 From: eli Date: Tue, 23 Jul 2024 11:55:55 -0700 Subject: [PATCH 07/26] wip3 --- .github/workflows/on_release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 72abba6a..5bff4e1d 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -187,7 +187,7 @@ jobs: run: | #version_tag=${{ github.event.release.tag_name }} version_tag=3.5.1 - sed -i "s/__version__ = \".*\"/__version__ = \"${version_tag}\"/" packages/opal-client/__packaging__.py + sed -i "s/__version__ = \".*\"/__version__ = \"${version_tag}\"/" packages/__packaging__.py cat packages/opal-client/__packaging__.py # git config --local user.email "eli@permit.io" # git config --local user.name "elimoshkovich" From 9de40e4b6ad55faa08720a3ed968ea9fc21bfaac Mon Sep 17 00:00:00 2001 From: eli Date: Tue, 23 Jul 2024 11:56:58 -0700 Subject: [PATCH 08/26] wip4 --- .github/workflows/on_release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 5bff4e1d..dbb62e5a 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -188,10 +188,10 @@ jobs: #version_tag=${{ github.event.release.tag_name }} version_tag=3.5.1 sed -i "s/__version__ = \".*\"/__version__ = \"${version_tag}\"/" packages/__packaging__.py - cat packages/opal-client/__packaging__.py + cat packages/__packaging__.py # git config --local user.email "eli@permit.io" # git config --local user.name "elimoshkovich" - # git add packages/opal-client/__packaging__.py + # git add packages/__packaging__.py # git commit -m "Bump version to ${version_tag}" - name: Cleanup setup.py and Build every sub-packages From bc0b9a29e4b10055d22c80245e035899ff43411d Mon Sep 17 00:00:00 2001 From: eli Date: Tue, 23 Jul 2024 12:10:22 -0700 Subject: [PATCH 09/26] wip5 --- .github/workflows/on_release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index dbb62e5a..7590f3a6 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -187,7 +187,7 @@ jobs: run: | #version_tag=${{ github.event.release.tag_name }} version_tag=3.5.1 - sed -i "s/__version__ = \".*\"/__version__ = \"${version_tag}\"/" packages/__packaging__.py + sed -i "s/__version__ = VERSION_STRING/__version__ = \"${version_tag}\"/" packages/__packaging__.py cat packages/__packaging__.py # git config --local user.email "eli@permit.io" # git config --local user.name "elimoshkovich" From 0f50ffca8a620be667c23ab4f8ae5988e5a4874a Mon Sep 17 00:00:00 2001 From: eli Date: Tue, 23 Jul 2024 12:15:09 -0700 Subject: [PATCH 10/26] wip6 --- .github/workflows/on_release.yml | 339 +++++++++++++++---------------- 1 file changed, 166 insertions(+), 173 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 7590f3a6..65b7ff13 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -1,16 +1,16 @@ name: Build and publish to Docker Hub -on: push - # release: - # # job will automatically run after a new "release" is create on github. - # types: [created] - - # Allows you to run this workflow manually from the Actions tab - # workflow_dispatch: - # inputs: - # dry_run: - # description: 'If true, will not push the built images to docker hub.' - # required: false - # default: 'false' +on: + release: + # job will automatically run after a new "release" is create on github. + types: [created] + + #Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + inputs: + dry_run: + description: 'If true, will not push the built images to docker hub.' + required: false + default: 'false' jobs: # this job will build, test and (potentially) push the docker images to docker hub @@ -43,147 +43,147 @@ jobs: with: fetch-depth: 0 -# - name: Set up QEMU -# uses: docker/setup-qemu-action@v2 - -# - name: Set up Docker Buildx -# uses: docker/setup-buildx-action@v2 - -# - name: Login to DockerHub -# if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} -# uses: docker/login-action@v2 -# with: -# username: ${{ secrets.DOCKERHUB_USERNAME }} -# password: ${{ secrets.DOCKERHUB_TOKEN }} - -# - name: Get version tag from github release -# if: github.event_name == 'release' && github.event.action == 'created' -# run: | -# echo "opal_version_tag=${{ github.event.release.tag_name }}" >> $GITHUB_ENV - -# - name: Get version tag from git history -# if: ${{ !(github.event_name == 'release' && github.event.action == 'created') }} -# run: | -# echo "opal_version_tag=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV - -# - name: Echo version tag -# run: | -# echo "The version tag that will be published to docker hub is: ${{ env.opal_version_tag }}" - -# - name: Build client for testing -# id: build_client -# uses: docker/build-push-action@v4 -# with: -# file: docker/Dockerfile -# push: false -# target: client -# cache-from: type=registry,ref=permitio/opal-client:latest -# cache-to: type=inline -# load: true -# tags: | -# permitio/opal-client:test - -# - name: Build server for testing -# id: build_server -# uses: docker/build-push-action@v4 -# with: -# file: docker/Dockerfile -# push: false -# target: server -# cache-from: type=registry,ref=permitio/opal-server:latest -# cache-to: type=inline -# load: true -# tags: | -# permitio/opal-server:test - -# # TEST PHASE -# - name: Create modified docker compose file -# run: sed 's/:latest/:test/g' docker/docker-compose-example.yml > docker/docker-compose-test.yml - -# - name: Bring up stack -# run: docker-compose -f docker/docker-compose-test.yml up -d - -# - name: Check if OPA is healthy -# run: ./scripts/wait-for.sh -t 60 http://localhost:8181/v1/data/users -- sleep 10 && curl -s "http://localhost:8181/v1/data/users" | jq '.result.bob.location.country == "US"' - -# - name: Output container logs -# run: docker-compose -f docker/docker-compose-test.yml logs - -# # PUSH PHASE -# - name: Output local docker images -# run: docker image ls --digests | grep opal - -# # pushes the *same* docker images that were previously tested as part of e2e sanity test. -# # each image is pushed with the versioned tag first, if it succeeds the image is pushed with the latest tag as well. -# - name: Build & Push client -# if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} -# id: build_push_client -# uses: docker/build-push-action@v4 -# with: -# file: docker/Dockerfile -# platforms: linux/amd64,linux/arm64 -# push: true -# target: client -# cache-from: type=registry,ref=permitio/opal-client:latest -# cache-to: type=inline -# tags: | -# permitio/opal-client:latest -# permitio/opal-client:${{ env.opal_version_tag }} - -# # - name: Build & Push client cedar -# # if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} -# # id: build_push_client_cedar -# # uses: docker/build-push-action@v4 -# # with: -# # file: docker/Dockerfile -# # platforms: linux/amd64,linux/arm64 -# # push: true -# # target: client-cedar -# # cache-from: type=registry,ref=permitio/opal-client-cedar:latest -# # cache-to: type=inline -# # tags: | -# # permitio/opal-client-cedar:latest -# # permitio/opal-client-cedar:${{ env.opal_version_tag }} - -# - name: Build client-standalone -# if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} -# id: build_push_client_standalone -# uses: docker/build-push-action@v4 -# with: -# file: docker/Dockerfile -# platforms: linux/amd64,linux/arm64 -# push: true -# target: client-standalone -# cache-from: type=registry,ref=permitio/opal-client-standalone:latest -# cache-to: type=inline -# tags: | -# permitio/opal-client-standalone:latest -# permitio/opal-client-standalone:${{ env.opal_version_tag }} - -# - name: Build server -# if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} -# id: build_push_server -# uses: docker/build-push-action@v4 -# with: -# file: docker/Dockerfile -# platforms: linux/amd64,linux/arm64 -# push: true -# target: server -# cache-from: type=registry,ref=permitio/opal-server:latest -# cache-to: type=inline -# tags: | -# permitio/opal-server:latest -# permitio/opal-server:${{ env.opal_version_tag }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to DockerHub + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Get version tag from github release + if: github.event_name == 'release' && github.event.action == 'created' + run: | + echo "opal_version_tag=${{ github.event.release.tag_name }}" >> $GITHUB_ENV + + - name: Get version tag from git history + if: ${{ !(github.event_name == 'release' && github.event.action == 'created') }} + run: | + echo "opal_version_tag=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV + + - name: Echo version tag + run: | + echo "The version tag that will be published to docker hub is: ${{ env.opal_version_tag }}" + + - name: Build client for testing + id: build_client + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + push: false + target: client + cache-from: type=registry,ref=permitio/opal-client:latest + cache-to: type=inline + load: true + tags: | + permitio/opal-client:test + + - name: Build server for testing + id: build_server + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + push: false + target: server + cache-from: type=registry,ref=permitio/opal-server:latest + cache-to: type=inline + load: true + tags: | + permitio/opal-server:test + + # TEST PHASE + - name: Create modified docker compose file + run: sed 's/:latest/:test/g' docker/docker-compose-example.yml > docker/docker-compose-test.yml + + - name: Bring up stack + run: docker-compose -f docker/docker-compose-test.yml up -d + + - name: Check if OPA is healthy + run: ./scripts/wait-for.sh -t 60 http://localhost:8181/v1/data/users -- sleep 10 && curl -s "http://localhost:8181/v1/data/users" | jq '.result.bob.location.country == "US"' + + - name: Output container logs + run: docker-compose -f docker/docker-compose-test.yml logs + + # PUSH PHASE + - name: Output local docker images + run: docker image ls --digests | grep opal + + # pushes the *same* docker images that were previously tested as part of e2e sanity test. + # each image is pushed with the versioned tag first, if it succeeds the image is pushed with the latest tag as well. + - name: Build & Push client + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + id: build_push_client + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + platforms: linux/amd64,linux/arm64 + push: true + target: client + cache-from: type=registry,ref=permitio/opal-client:latest + cache-to: type=inline + tags: | + permitio/opal-client:latest + permitio/opal-client:${{ env.opal_version_tag }} + +# - name: Build & Push client cedar +# if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} +# id: build_push_client_cedar +# uses: docker/build-push-action@v4 +# with: +# file: docker/Dockerfile +# platforms: linux/amd64,linux/arm64 +# push: true +# target: client-cedar +# cache-from: type=registry,ref=permitio/opal-client-cedar:latest +# cache-to: type=inline +# tags: | +# permitio/opal-client-cedar:latest +# permitio/opal-client-cedar:${{ env.opal_version_tag }} + + - name: Build client-standalone + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + id: build_push_client_standalone + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + platforms: linux/amd64,linux/arm64 + push: true + target: client-standalone + cache-from: type=registry,ref=permitio/opal-client-standalone:latest + cache-to: type=inline + tags: | + permitio/opal-client-standalone:latest + permitio/opal-client-standalone:${{ env.opal_version_tag }} + + - name: Build server + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + id: build_push_server + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + platforms: linux/amd64,linux/arm64 + push: true + target: server + cache-from: type=registry,ref=permitio/opal-server:latest + cache-to: type=inline + tags: | + permitio/opal-server:latest + permitio/opal-server:${{ env.opal_version_tag }} - name: Python setup - #if: github.event_name == 'release' && github.event.action == 'created' + if: github.event_name == 'release' && github.event.action == 'created' uses: actions/setup-python@v5 with: python-version: '3.11.8' # This is the root file representing the package for all the sub-packages. - name: Bump version - packaging__.py - #if: github.event_name == 'release' && github.event.action == 'created' + if: github.event_name == 'release' && github.event.action == 'created' run: | #version_tag=${{ github.event.release.tag_name }} version_tag=3.5.1 @@ -195,7 +195,7 @@ jobs: # git commit -m "Bump version to ${version_tag}" - name: Cleanup setup.py and Build every sub-packages - #if: github.event_name == 'release' && github.event.action == 'created' + if: github.event_name == 'release' && github.event.action == 'created' run: | pip install wheel cd packages/opal-common/ ; rm -rf *.egg-info build/ dist/ @@ -208,30 +208,23 @@ jobs: python setup.py sdist bdist_wheel cd ../.. - # - name: Publish package distributions to PyPI - Opal-Common - # if: github.event_name == 'release' && github.event.action == 'created' - # uses: pypa/gh-action-pypi-publish@release/v1 - # with: - # password: ${{ secrets.PYPI_TOKEN }} - # packages-dir: packages/opal-common/ - - # - name: Publish package distributions to PyPI - Opal-Client - # if: github.event_name == 'release' && github.event.action == 'created' - # uses: pypa/gh-action-pypi-publish@release/v1 - # with: - # password: ${{ secrets.PYPI_TOKEN }} - # packages-dir: packages/opal-client/ - - # - name: Publish package distributions to PyPI - Opal-Server - # if: github.event_name == 'release' && github.event.action == 'created' - # uses: pypa/gh-action-pypi-publish@release/v1 - # with: - # password: ${{ secrets.PYPI_TOKEN }} - # packages-dir: packages/opal-server/ - - # - name: Push changes of __packaging__.py to GitHub - # if: github.event_name == 'release' && github.event.action == 'created' - # uses: ad-m/github-push-action@master - # with: - # github_token: ${{ secrets.TOKEN_GITHUB }} - # branch: master + - name: Publish package distributions to PyPI - Opal-Common + if: github.event_name == 'release' && github.event.action == 'created' + uses: pypa/gh-action-pypi-publish@release/v1 + with: + password: ${{ secrets.PYPI_TOKEN }} + packages-dir: packages/opal-common/ + + - name: Publish package distributions to PyPI - Opal-Client + if: github.event_name == 'release' && github.event.action == 'created' + uses: pypa/gh-action-pypi-publish@release/v1 + with: + password: ${{ secrets.PYPI_TOKEN }} + packages-dir: packages/opal-client/ + + - name: Publish package distributions to PyPI - Opal-Server + if: github.event_name == 'release' && github.event.action == 'created' + uses: pypa/gh-action-pypi-publish@release/v1 + with: + password: ${{ secrets.PYPI_TOKEN }} + packages-dir: packages/opal-server/ From 84f3c905a98757d4a6bf6a7da94faf7834cee49a Mon Sep 17 00:00:00 2001 From: eli Date: Tue, 23 Jul 2024 12:16:30 -0700 Subject: [PATCH 11/26] wip7 --- .github/workflows/on_release.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 65b7ff13..6bbd6ee0 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -185,14 +185,9 @@ jobs: - name: Bump version - packaging__.py if: github.event_name == 'release' && github.event.action == 'created' run: | - #version_tag=${{ github.event.release.tag_name }} - version_tag=3.5.1 + version_tag=${{ github.event.release.tag_name }} sed -i "s/__version__ = VERSION_STRING/__version__ = \"${version_tag}\"/" packages/__packaging__.py cat packages/__packaging__.py - # git config --local user.email "eli@permit.io" - # git config --local user.name "elimoshkovich" - # git add packages/__packaging__.py - # git commit -m "Bump version to ${version_tag}" - name: Cleanup setup.py and Build every sub-packages if: github.event_name == 'release' && github.event.action == 'created' From 88b2456946f4809aa17896fe927d32ae968546d5 Mon Sep 17 00:00:00 2001 From: eli Date: Tue, 23 Jul 2024 12:30:57 -0700 Subject: [PATCH 12/26] wip7 --- .github/workflows/on_release.yml | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 6bbd6ee0..26b1eaaf 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -29,13 +29,10 @@ jobs: # - Pushes images (built at BUILD PHASE) to docker hub. docker_build_and_publish: runs-on: ubuntu-latest - environment: - name: pypi - url: https://pypi.org/p/permit permissions: id-token: write contents: write # 'write' access to repository contents - pull-requests: write # 'write' access to pull requests + # pull-requests: write # 'write' access to pull requests steps: # BUILD PHASE - name: Checkout @@ -209,6 +206,9 @@ jobs: with: password: ${{ secrets.PYPI_TOKEN }} packages-dir: packages/opal-common/ + env: + name: pypi + url: https://pypi.org/p/opal-common - name: Publish package distributions to PyPI - Opal-Client if: github.event_name == 'release' && github.event.action == 'created' @@ -216,6 +216,9 @@ jobs: with: password: ${{ secrets.PYPI_TOKEN }} packages-dir: packages/opal-client/ + env: + name: pypi + url: https://pypi.org/p/opal-client - name: Publish package distributions to PyPI - Opal-Server if: github.event_name == 'release' && github.event.action == 'created' @@ -223,3 +226,6 @@ jobs: with: password: ${{ secrets.PYPI_TOKEN }} packages-dir: packages/opal-server/ + env: + name: pypi + url: https://pypi.org/p/opal-server From 4cea5c2bac1a8e667b18d4b4d5ff75a568acb7ab Mon Sep 17 00:00:00 2001 From: eli Date: Wed, 24 Jul 2024 13:49:44 -0700 Subject: [PATCH 13/26] check bump version --- .github/workflows/on_release.yml | 415 +++++++++++++++++-------------- 1 file changed, 229 insertions(+), 186 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index dda82778..c2f0e6a2 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -1,16 +1,16 @@ name: Build and publish to Docker Hub -on: - release: - # job will automatically run after a new "release" is create on github. - types: [created] - - #Allows you to run this workflow manually from the Actions tab - workflow_dispatch: - inputs: - dry_run: - description: 'If true, will not push the built images to docker hub.' - required: false - default: 'false' +on: push + # release: + # # job will automatically run after a new "release" is create on github. + # types: [created] + + # #Allows you to run this workflow manually from the Actions tab + # workflow_dispatch: + # inputs: + # dry_run: + # description: 'If true, will not push the built images to docker hub.' + # required: false + # default: 'false' jobs: # this job will build, test and (potentially) push the docker images to docker hub @@ -29,10 +29,12 @@ jobs: # - Pushes images (built at BUILD PHASE) to docker hub. docker_build_and_publish: runs-on: ubuntu-latest + env: + GITHUB_TOKEN: ${{ secrets.TOKEN_GITHUB }} permissions: id-token: write contents: write # 'write' access to repository contents - # pull-requests: write # 'write' access to pull requests + pull-requests: write # 'write' access to pull requests steps: # BUILD PHASE - name: Checkout @@ -40,188 +42,229 @@ jobs: with: fetch-depth: 0 - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + # - name: Set up QEMU + # uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + # - name: Set up Docker Buildx + # uses: docker/setup-buildx-action@v2 - - name: Login to DockerHub - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + # - name: Login to DockerHub + # if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + # uses: docker/login-action@v2 + # with: + # username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Get version tag from github release - if: github.event_name == 'release' && github.event.action == 'created' - run: | - echo "opal_version_tag=${{ github.event.release.tag_name }}" >> $GITHUB_ENV + # - name: Get version tag from github release + # if: github.event_name == 'release' && github.event.action == 'created' + # run: | + # echo "opal_version_tag=${{ github.event.release.tag_name }}" >> $GITHUB_ENV - - name: Get version tag from git history - if: ${{ !(github.event_name == 'release' && github.event.action == 'created') }} - run: | - echo "opal_version_tag=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV + # - name: Get version tag from git history + # if: ${{ !(github.event_name == 'release' && github.event.action == 'created') }} + # run: | + # echo "opal_version_tag=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV - - name: Echo version tag - run: | - echo "The version tag that will be published to docker hub is: ${{ env.opal_version_tag }}" + # - name: Echo version tag + # run: | + # echo "The version tag that will be published to docker hub is: ${{ env.opal_version_tag }}" - - name: Build client for testing - id: build_client - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - push: false - target: client - cache-from: type=registry,ref=permitio/opal-client:latest - cache-to: type=inline - load: true - tags: | - permitio/opal-client:test - - - name: Build server for testing - id: build_server - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - push: false - target: server - cache-from: type=registry,ref=permitio/opal-server:latest - cache-to: type=inline - load: true - tags: | - permitio/opal-server:test - - # TEST PHASE - - name: Create modified docker compose file - run: sed 's/:latest/:test/g' docker/docker-compose-example.yml > docker/docker-compose-test.yml - - - name: Bring up stack - run: docker-compose -f docker/docker-compose-test.yml up -d - - - name: Check if OPA is healthy - run: ./scripts/wait-for.sh -t 60 http://localhost:8181/v1/data/users -- sleep 10 && curl -s "http://localhost:8181/v1/data/users" | jq '.result.bob.location.country == "US"' - - - name: Output container logs - run: docker-compose -f docker/docker-compose-test.yml logs - - # PUSH PHASE - - name: Output local docker images - run: docker image ls --digests | grep opal - - # pushes the *same* docker images that were previously tested as part of e2e sanity test. - # each image is pushed with the versioned tag first, if it succeeds the image is pushed with the latest tag as well. - - name: Build & Push client - id: build_push_client - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - target: client - cache-from: type=registry,ref=permitio/opal-client:latest - cache-to: type=inline - tags: | - permitio/opal-client:latest - permitio/opal-client:${{ env.opal_version_tag }} - - - name: Build client-standalone - id: build_push_client_standalone - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - target: client-standalone - cache-from: type=registry,ref=permitio/opal-client-standalone:latest - cache-to: type=inline - tags: | - permitio/opal-client-standalone:latest - permitio/opal-client-standalone:${{ env.opal_version_tag }} - - - name: Build server - id: build_push_server - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - target: server - cache-from: type=registry,ref=permitio/opal-server:latest - cache-to: type=inline - tags: | - permitio/opal-server:latest - permitio/opal-server:${{ env.opal_version_tag }} - - - name: Build & Push client cedar - id: build_push_client_cedar - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - target: client-cedar - cache-from: type=registry,ref=permitio/opal-client-cedar:latest - cache-to: type=inline - tags: | - permitio/opal-client-cedar:latest - permitio/opal-client-cedar:${{ env.opal_version_tag }} - - - name: Python setup - if: github.event_name == 'release' && github.event.action == 'created' - uses: actions/setup-python@v5 - with: - python-version: '3.11.8' + # - name: Build client for testing + # id: build_client + # uses: docker/build-push-action@v4 + # with: + # file: docker/Dockerfile + # push: false + # target: client + # cache-from: type=registry,ref=permitio/opal-client:latest + # cache-to: type=inline + # load: true + # tags: | + # permitio/opal-client:test + + # - name: Build server for testing + # id: build_server + # uses: docker/build-push-action@v4 + # with: + # file: docker/Dockerfile + # push: false + # target: server + # cache-from: type=registry,ref=permitio/opal-server:latest + # cache-to: type=inline + # load: true + # tags: | + # permitio/opal-server:test + + # # TEST PHASE + # - name: Create modified docker compose file + # run: sed 's/:latest/:test/g' docker/docker-compose-example.yml > docker/docker-compose-test.yml + + # - name: Bring up stack + # run: docker-compose -f docker/docker-compose-test.yml up -d + + # - name: Check if OPA is healthy + # run: ./scripts/wait-for.sh -t 60 http://localhost:8181/v1/data/users -- sleep 10 && curl -s "http://localhost:8181/v1/data/users" | jq '.result.bob.location.country == "US"' + + # - name: Output container logs + # run: docker-compose -f docker/docker-compose-test.yml logs + + # # PUSH PHASE + # - name: Output local docker images + # run: docker image ls --digests | grep opal + + # # pushes the *same* docker images that were previously tested as part of e2e sanity test. + # # each image is pushed with the versioned tag first, if it succeeds the image is pushed with the latest tag as well. + # - name: Build & Push client + # id: build_push_client + # uses: docker/build-push-action@v4 + # with: + # file: docker/Dockerfile + # platforms: linux/amd64,linux/arm64 + # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + # target: client + # cache-from: type=registry,ref=permitio/opal-client:latest + # cache-to: type=inline + # tags: | + # permitio/opal-client:latest + # permitio/opal-client:${{ env.opal_version_tag }} + + # - name: Build client-standalone + # id: build_push_client_standalone + # uses: docker/build-push-action@v4 + # with: + # file: docker/Dockerfile + # platforms: linux/amd64,linux/arm64 + # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + # target: client-standalone + # cache-from: type=registry,ref=permitio/opal-client-standalone:latest + # cache-to: type=inline + # tags: | + # permitio/opal-client-standalone:latest + # permitio/opal-client-standalone:${{ env.opal_version_tag }} + + # - name: Build server + # id: build_push_server + # uses: docker/build-push-action@v4 + # with: + # file: docker/Dockerfile + # platforms: linux/amd64,linux/arm64 + # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + # target: server + # cache-from: type=registry,ref=permitio/opal-server:latest + # cache-to: type=inline + # tags: | + # permitio/opal-server:latest + # permitio/opal-server:${{ env.opal_version_tag }} + + # - name: Build & Push client cedar + # id: build_push_client_cedar + # uses: docker/build-push-action@v4 + # with: + # file: docker/Dockerfile + # platforms: linux/amd64,linux/arm64 + # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + # target: client-cedar + # cache-from: type=registry,ref=permitio/opal-client-cedar:latest + # cache-to: type=inline + # tags: | + # permitio/opal-client-cedar:latest + # permitio/opal-client-cedar:${{ env.opal_version_tag }} + + # - name: Python setup + # if: github.event_name == 'release' && github.event.action == 'created' + # uses: actions/setup-python@v5 + # with: + # python-version: '3.11.8' # This is the root file representing the package for all the sub-packages. - name: Bump version - packaging__.py - if: github.event_name == 'release' && github.event.action == 'created' + #if: github.event_name == 'release' && github.event.action == 'created' run: | - version_tag=${{ github.event.release.tag_name }} - sed -i "s/__version__ = VERSION_STRING/__version__ = \"${version_tag}\"/" packages/__packaging__.py + #version_tag=${{ github.event.release.tag_name }} + version_tag="0.7.11" + version_tuple=$(echo $version_tag | sed 's/\./, /g') + sed -i "s/VERSION = (.*/VERSION = (${version_tuple})/" packages/__packaging__.py cat packages/__packaging__.py + #git config --local user.email "eli@permit.io" + #git config --local user.name "elimoshkovich" + #git add packages/__packaging__.py + #git commit -m "Bump version to ${version_tag}" - - name: Cleanup setup.py and Build every sub-packages - if: github.event_name == 'release' && github.event.action == 'created' - run: | - pip install wheel - cd packages/opal-common/ ; rm -rf *.egg-info build/ dist/ - python setup.py sdist bdist_wheel - cd ../.. - cd packages/opal-client/ ; rm -rf *.egg-info build/ dist/ - python setup.py sdist bdist_wheel - cd ../.. - cd packages/opal-server/ ; rm -rf *.egg-info build/ dist/ - python setup.py sdist bdist_wheel - cd ../.. - - - name: Publish package distributions to PyPI - Opal-Common - if: github.event_name == 'release' && github.event.action == 'created' - uses: pypa/gh-action-pypi-publish@release/v1 - with: - password: ${{ secrets.PYPI_TOKEN }} - packages-dir: packages/opal-common/ - env: - name: pypi - url: https://pypi.org/p/opal-common - - - name: Publish package distributions to PyPI - Opal-Client - if: github.event_name == 'release' && github.event.action == 'created' - uses: pypa/gh-action-pypi-publish@release/v1 - with: - password: ${{ secrets.PYPI_TOKEN }} - packages-dir: packages/opal-client/ - env: - name: pypi - url: https://pypi.org/p/opal-client - - - name: Publish package distributions to PyPI - Opal-Server - if: github.event_name == 'release' && github.event.action == 'created' - uses: pypa/gh-action-pypi-publish@release/v1 - with: - password: ${{ secrets.PYPI_TOKEN }} - packages-dir: packages/opal-server/ - env: - name: pypi - url: https://pypi.org/p/opal-server + # - name: Cleanup setup.py and Build every sub-packages + # if: github.event_name == 'release' && github.event.action == 'created' + # run: | + # pip install wheel + # cd packages/opal-common/ ; rm -rf *.egg-info build/ dist/ + # python setup.py sdist bdist_wheel + # cd ../.. + # cd packages/opal-client/ ; rm -rf *.egg-info build/ dist/ + # python setup.py sdist bdist_wheel + # cd ../.. + # cd packages/opal-server/ ; rm -rf *.egg-info build/ dist/ + # python setup.py sdist bdist_wheel + # cd ../.. + + # # Upload package distributions to the release - Assets + # - name: Upload assets to release - Opal-Common + # if: github.event_name == 'release' && github.event.action == 'created' + # uses: actions/upload-release-asset@v1 + # with: + # upload_url: ${{ github.event.release.upload_url }} + # asset_path: packages/opal-common/dist/* + # asset_name: opal-common-${{ github.event.release.tag_name }}.zip + # asset_content_type: application/zip + + # - name: Upload assets to release - Opal-Client + # if: github.event_name == 'release' && github.event.action == 'created' + # uses: actions/upload-release-asset@v1 + # with: + # upload_url: ${{ github.event.release.upload_url }} + # asset_path: packages/opal-client/dist/* + # asset_name: opal-client-${{ github.event.release.tag_name }}.zip + # asset_content_type: application/zip + + # - name: Upload assets to release - Opal-Server + # if: github.event_name == 'release' && github.event.action == 'created' + # uses: actions/upload-release-asset@v1 + # with: + # upload_url: ${{ github.event.release.upload_url }} + # asset_path: packages/opal-server/dist/* + # asset_name: opal-server-${{ github.event.release.tag_name }}.zip + # asset_content_type: application/zip + + # # Publish package distributions to PyPI + # - name: Publish package distributions to PyPI - Opal-Common + # if: github.event_name == 'release' && github.event.action == 'created' + # uses: pypa/gh-action-pypi-publish@release/v1 + # with: + # password: ${{ secrets.PYPI_TOKEN }} + # packages-dir: packages/opal-common/ + # env: + # name: pypi + # url: https://pypi.org/p/opal-common + + # - name: Publish package distributions to PyPI - Opal-Client + # if: github.event_name == 'release' && github.event.action == 'created' + # uses: pypa/gh-action-pypi-publish@release/v1 + # with: + # password: ${{ secrets.PYPI_TOKEN }} + # packages-dir: packages/opal-client/ + # env: + # name: pypi + # url: https://pypi.org/p/opal-client + + # - name: Publish package distributions to PyPI - Opal-Server + # if: github.event_name == 'release' && github.event.action == 'created' + # uses: pypa/gh-action-pypi-publish@release/v1 + # with: + # password: ${{ secrets.PYPI_TOKEN }} + # packages-dir: packages/opal-server/ + # env: + # name: pypi + # url: https://pypi.org/p/opal-server + + # - name: Push changes of setup.py to GitHub + # uses: ad-m/github-push-action@master + # with: + # github_token: ${{ secrets.TOKEN_GITHUB }} + # branch: master From b8ec2370f151b833b256e42768f13004cfa6f6ad Mon Sep 17 00:00:00 2001 From: eli Date: Wed, 24 Jul 2024 13:50:56 -0700 Subject: [PATCH 14/26] another version check --- .github/workflows/on_release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index c2f0e6a2..906aa574 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -181,7 +181,7 @@ jobs: #if: github.event_name == 'release' && github.event.action == 'created' run: | #version_tag=${{ github.event.release.tag_name }} - version_tag="0.7.11" + version_tag=0.7.11 version_tuple=$(echo $version_tag | sed 's/\./, /g') sed -i "s/VERSION = (.*/VERSION = (${version_tuple})/" packages/__packaging__.py cat packages/__packaging__.py From 2487ab10d2a41ec4eff4fd5a15873eba8af95e78 Mon Sep 17 00:00:00 2001 From: eli Date: Wed, 24 Jul 2024 13:52:04 -0700 Subject: [PATCH 15/26] another version check with build --- .github/workflows/on_release.yml | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 906aa574..e7077482 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -190,19 +190,19 @@ jobs: #git add packages/__packaging__.py #git commit -m "Bump version to ${version_tag}" - # - name: Cleanup setup.py and Build every sub-packages - # if: github.event_name == 'release' && github.event.action == 'created' - # run: | - # pip install wheel - # cd packages/opal-common/ ; rm -rf *.egg-info build/ dist/ - # python setup.py sdist bdist_wheel - # cd ../.. - # cd packages/opal-client/ ; rm -rf *.egg-info build/ dist/ - # python setup.py sdist bdist_wheel - # cd ../.. - # cd packages/opal-server/ ; rm -rf *.egg-info build/ dist/ - # python setup.py sdist bdist_wheel - # cd ../.. + - name: Cleanup setup.py and Build every sub-packages + #if: github.event_name == 'release' && github.event.action == 'created' + run: | + pip install wheel + cd packages/opal-common/ ; rm -rf *.egg-info build/ dist/ + python setup.py sdist bdist_wheel + cd ../.. + cd packages/opal-client/ ; rm -rf *.egg-info build/ dist/ + python setup.py sdist bdist_wheel + cd ../.. + cd packages/opal-server/ ; rm -rf *.egg-info build/ dist/ + python setup.py sdist bdist_wheel + cd ../.. # # Upload package distributions to the release - Assets # - name: Upload assets to release - Opal-Common From c902e75b866db3161bb025a638bcd5c64dedc3c3 Mon Sep 17 00:00:00 2001 From: eli Date: Wed, 24 Jul 2024 13:59:42 -0700 Subject: [PATCH 16/26] fixed with version push --- .github/workflows/on_release.yml | 385 +++++++++++++++---------------- 1 file changed, 192 insertions(+), 193 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index e7077482..5ffdc7c3 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -1,16 +1,16 @@ name: Build and publish to Docker Hub -on: push - # release: - # # job will automatically run after a new "release" is create on github. - # types: [created] +on: + release: + # job will automatically run after a new "release" is create on github. + types: [created] - # #Allows you to run this workflow manually from the Actions tab - # workflow_dispatch: - # inputs: - # dry_run: - # description: 'If true, will not push the built images to docker hub.' - # required: false - # default: 'false' + #Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + inputs: + dry_run: + description: 'If true, will not push the built images to docker hub.' + required: false + default: 'false' jobs: # this job will build, test and (potentially) push the docker images to docker hub @@ -42,156 +42,155 @@ jobs: with: fetch-depth: 0 - # - name: Set up QEMU - # uses: docker/setup-qemu-action@v2 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 - # - name: Set up Docker Buildx - # uses: docker/setup-buildx-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 - # - name: Login to DockerHub - # if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - # uses: docker/login-action@v2 - # with: - # username: ${{ secrets.DOCKERHUB_USERNAME }} - # password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to DockerHub + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} - # - name: Get version tag from github release - # if: github.event_name == 'release' && github.event.action == 'created' - # run: | - # echo "opal_version_tag=${{ github.event.release.tag_name }}" >> $GITHUB_ENV + - name: Get version tag from github release + if: github.event_name == 'release' && github.event.action == 'created' + run: | + echo "opal_version_tag=${{ github.event.release.tag_name }}" >> $GITHUB_ENV - # - name: Get version tag from git history - # if: ${{ !(github.event_name == 'release' && github.event.action == 'created') }} - # run: | - # echo "opal_version_tag=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV + - name: Get version tag from git history + if: ${{ !(github.event_name == 'release' && github.event.action == 'created') }} + run: | + echo "opal_version_tag=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV - # - name: Echo version tag - # run: | - # echo "The version tag that will be published to docker hub is: ${{ env.opal_version_tag }}" + - name: Echo version tag + run: | + echo "The version tag that will be published to docker hub is: ${{ env.opal_version_tag }}" - # - name: Build client for testing - # id: build_client - # uses: docker/build-push-action@v4 - # with: - # file: docker/Dockerfile - # push: false - # target: client - # cache-from: type=registry,ref=permitio/opal-client:latest - # cache-to: type=inline - # load: true - # tags: | - # permitio/opal-client:test + - name: Build client for testing + id: build_client + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + push: false + target: client + cache-from: type=registry,ref=permitio/opal-client:latest + cache-to: type=inline + load: true + tags: | + permitio/opal-client:test - # - name: Build server for testing - # id: build_server - # uses: docker/build-push-action@v4 - # with: - # file: docker/Dockerfile - # push: false - # target: server - # cache-from: type=registry,ref=permitio/opal-server:latest - # cache-to: type=inline - # load: true - # tags: | - # permitio/opal-server:test + - name: Build server for testing + id: build_server + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + push: false + target: server + cache-from: type=registry,ref=permitio/opal-server:latest + cache-to: type=inline + load: true + tags: | + permitio/opal-server:test - # # TEST PHASE - # - name: Create modified docker compose file - # run: sed 's/:latest/:test/g' docker/docker-compose-example.yml > docker/docker-compose-test.yml + # TEST PHASE + - name: Create modified docker compose file + run: sed 's/:latest/:test/g' docker/docker-compose-example.yml > docker/docker-compose-test.yml - # - name: Bring up stack - # run: docker-compose -f docker/docker-compose-test.yml up -d + - name: Bring up stack + run: docker-compose -f docker/docker-compose-test.yml up -d - # - name: Check if OPA is healthy - # run: ./scripts/wait-for.sh -t 60 http://localhost:8181/v1/data/users -- sleep 10 && curl -s "http://localhost:8181/v1/data/users" | jq '.result.bob.location.country == "US"' + - name: Check if OPA is healthy + run: ./scripts/wait-for.sh -t 60 http://localhost:8181/v1/data/users -- sleep 10 && curl -s "http://localhost:8181/v1/data/users" | jq '.result.bob.location.country == "US"' - # - name: Output container logs - # run: docker-compose -f docker/docker-compose-test.yml logs + - name: Output container logs + run: docker-compose -f docker/docker-compose-test.yml logs - # # PUSH PHASE - # - name: Output local docker images - # run: docker image ls --digests | grep opal + # PUSH PHASE + - name: Output local docker images + run: docker image ls --digests | grep opal - # # pushes the *same* docker images that were previously tested as part of e2e sanity test. - # # each image is pushed with the versioned tag first, if it succeeds the image is pushed with the latest tag as well. - # - name: Build & Push client - # id: build_push_client - # uses: docker/build-push-action@v4 - # with: - # file: docker/Dockerfile - # platforms: linux/amd64,linux/arm64 - # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - # target: client - # cache-from: type=registry,ref=permitio/opal-client:latest - # cache-to: type=inline - # tags: | - # permitio/opal-client:latest - # permitio/opal-client:${{ env.opal_version_tag }} + # pushes the *same* docker images that were previously tested as part of e2e sanity test. + # each image is pushed with the versioned tag first, if it succeeds the image is pushed with the latest tag as well. + - name: Build & Push client + id: build_push_client + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + platforms: linux/amd64,linux/arm64 + push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + target: client + cache-from: type=registry,ref=permitio/opal-client:latest + cache-to: type=inline + tags: | + permitio/opal-client:latest + permitio/opal-client:${{ env.opal_version_tag }} - # - name: Build client-standalone - # id: build_push_client_standalone - # uses: docker/build-push-action@v4 - # with: - # file: docker/Dockerfile - # platforms: linux/amd64,linux/arm64 - # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - # target: client-standalone - # cache-from: type=registry,ref=permitio/opal-client-standalone:latest - # cache-to: type=inline - # tags: | - # permitio/opal-client-standalone:latest - # permitio/opal-client-standalone:${{ env.opal_version_tag }} + - name: Build client-standalone + id: build_push_client_standalone + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + platforms: linux/amd64,linux/arm64 + push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + target: client-standalone + cache-from: type=registry,ref=permitio/opal-client-standalone:latest + cache-to: type=inline + tags: | + permitio/opal-client-standalone:latest + permitio/opal-client-standalone:${{ env.opal_version_tag }} - # - name: Build server - # id: build_push_server - # uses: docker/build-push-action@v4 - # with: - # file: docker/Dockerfile - # platforms: linux/amd64,linux/arm64 - # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - # target: server - # cache-from: type=registry,ref=permitio/opal-server:latest - # cache-to: type=inline - # tags: | - # permitio/opal-server:latest - # permitio/opal-server:${{ env.opal_version_tag }} + - name: Build server + id: build_push_server + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + platforms: linux/amd64,linux/arm64 + push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + target: server + cache-from: type=registry,ref=permitio/opal-server:latest + cache-to: type=inline + tags: | + permitio/opal-server:latest + permitio/opal-server:${{ env.opal_version_tag }} - # - name: Build & Push client cedar - # id: build_push_client_cedar - # uses: docker/build-push-action@v4 - # with: - # file: docker/Dockerfile - # platforms: linux/amd64,linux/arm64 - # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - # target: client-cedar - # cache-from: type=registry,ref=permitio/opal-client-cedar:latest - # cache-to: type=inline - # tags: | - # permitio/opal-client-cedar:latest - # permitio/opal-client-cedar:${{ env.opal_version_tag }} + - name: Build & Push client cedar + id: build_push_client_cedar + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + platforms: linux/amd64,linux/arm64 + push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + target: client-cedar + cache-from: type=registry,ref=permitio/opal-client-cedar:latest + cache-to: type=inline + tags: | + permitio/opal-client-cedar:latest + permitio/opal-client-cedar:${{ env.opal_version_tag }} - # - name: Python setup - # if: github.event_name == 'release' && github.event.action == 'created' - # uses: actions/setup-python@v5 - # with: - # python-version: '3.11.8' + - name: Python setup + if: github.event_name == 'release' && github.event.action == 'created' + uses: actions/setup-python@v5 + with: + python-version: '3.11.8' # This is the root file representing the package for all the sub-packages. - name: Bump version - packaging__.py - #if: github.event_name == 'release' && github.event.action == 'created' + if: github.event_name == 'release' && github.event.action == 'created' run: | - #version_tag=${{ github.event.release.tag_name }} - version_tag=0.7.11 + version_tag=${{ github.event.release.tag_name }} version_tuple=$(echo $version_tag | sed 's/\./, /g') sed -i "s/VERSION = (.*/VERSION = (${version_tuple})/" packages/__packaging__.py cat packages/__packaging__.py - #git config --local user.email "eli@permit.io" - #git config --local user.name "elimoshkovich" - #git add packages/__packaging__.py - #git commit -m "Bump version to ${version_tag}" + git config --local user.email "eli@permit.io" + git config --local user.name "elimoshkovich" + git add packages/__packaging__.py + git commit -m "Bump version to ${version_tag}" - name: Cleanup setup.py and Build every sub-packages - #if: github.event_name == 'release' && github.event.action == 'created' + if: github.event_name == 'release' && github.event.action == 'created' run: | pip install wheel cd packages/opal-common/ ; rm -rf *.egg-info build/ dist/ @@ -204,67 +203,67 @@ jobs: python setup.py sdist bdist_wheel cd ../.. - # # Upload package distributions to the release - Assets - # - name: Upload assets to release - Opal-Common - # if: github.event_name == 'release' && github.event.action == 'created' - # uses: actions/upload-release-asset@v1 - # with: - # upload_url: ${{ github.event.release.upload_url }} - # asset_path: packages/opal-common/dist/* - # asset_name: opal-common-${{ github.event.release.tag_name }}.zip - # asset_content_type: application/zip + # Upload package distributions to the release - Assets + - name: Upload assets to release - Opal-Common + if: github.event_name == 'release' && github.event.action == 'created' + uses: actions/upload-release-asset@v1 + with: + upload_url: ${{ github.event.release.upload_url }} + asset_path: packages/opal-common/dist/* + asset_name: opal-common-${{ github.event.release.tag_name }}.zip + asset_content_type: application/zip - # - name: Upload assets to release - Opal-Client - # if: github.event_name == 'release' && github.event.action == 'created' - # uses: actions/upload-release-asset@v1 - # with: - # upload_url: ${{ github.event.release.upload_url }} - # asset_path: packages/opal-client/dist/* - # asset_name: opal-client-${{ github.event.release.tag_name }}.zip - # asset_content_type: application/zip + - name: Upload assets to release - Opal-Client + if: github.event_name == 'release' && github.event.action == 'created' + uses: actions/upload-release-asset@v1 + with: + upload_url: ${{ github.event.release.upload_url }} + asset_path: packages/opal-client/dist/* + asset_name: opal-client-${{ github.event.release.tag_name }}.zip + asset_content_type: application/zip - # - name: Upload assets to release - Opal-Server - # if: github.event_name == 'release' && github.event.action == 'created' - # uses: actions/upload-release-asset@v1 - # with: - # upload_url: ${{ github.event.release.upload_url }} - # asset_path: packages/opal-server/dist/* - # asset_name: opal-server-${{ github.event.release.tag_name }}.zip - # asset_content_type: application/zip + - name: Upload assets to release - Opal-Server + if: github.event_name == 'release' && github.event.action == 'created' + uses: actions/upload-release-asset@v1 + with: + upload_url: ${{ github.event.release.upload_url }} + asset_path: packages/opal-server/dist/* + asset_name: opal-server-${{ github.event.release.tag_name }}.zip + asset_content_type: application/zip - # # Publish package distributions to PyPI - # - name: Publish package distributions to PyPI - Opal-Common - # if: github.event_name == 'release' && github.event.action == 'created' - # uses: pypa/gh-action-pypi-publish@release/v1 - # with: - # password: ${{ secrets.PYPI_TOKEN }} - # packages-dir: packages/opal-common/ - # env: - # name: pypi - # url: https://pypi.org/p/opal-common + # Publish package distributions to PyPI + - name: Publish package distributions to PyPI - Opal-Common + if: github.event_name == 'release' && github.event.action == 'created' + uses: pypa/gh-action-pypi-publish@release/v1 + with: + password: ${{ secrets.PYPI_TOKEN }} + packages-dir: packages/opal-common/ + env: + name: pypi + url: https://pypi.org/p/opal-common - # - name: Publish package distributions to PyPI - Opal-Client - # if: github.event_name == 'release' && github.event.action == 'created' - # uses: pypa/gh-action-pypi-publish@release/v1 - # with: - # password: ${{ secrets.PYPI_TOKEN }} - # packages-dir: packages/opal-client/ - # env: - # name: pypi - # url: https://pypi.org/p/opal-client + - name: Publish package distributions to PyPI - Opal-Client + if: github.event_name == 'release' && github.event.action == 'created' + uses: pypa/gh-action-pypi-publish@release/v1 + with: + password: ${{ secrets.PYPI_TOKEN }} + packages-dir: packages/opal-client/ + env: + name: pypi + url: https://pypi.org/p/opal-client - # - name: Publish package distributions to PyPI - Opal-Server - # if: github.event_name == 'release' && github.event.action == 'created' - # uses: pypa/gh-action-pypi-publish@release/v1 - # with: - # password: ${{ secrets.PYPI_TOKEN }} - # packages-dir: packages/opal-server/ - # env: - # name: pypi - # url: https://pypi.org/p/opal-server + - name: Publish package distributions to PyPI - Opal-Server + if: github.event_name == 'release' && github.event.action == 'created' + uses: pypa/gh-action-pypi-publish@release/v1 + with: + password: ${{ secrets.PYPI_TOKEN }} + packages-dir: packages/opal-server/ + env: + name: pypi + url: https://pypi.org/p/opal-server - # - name: Push changes of setup.py to GitHub - # uses: ad-m/github-push-action@master - # with: - # github_token: ${{ secrets.TOKEN_GITHUB }} - # branch: master + - name: Push changes of packages/__packaging__.py to GitHub + uses: ad-m/github-push-action@master + with: + github_token: ${{ secrets.TOKEN_GITHUB }} + branch: master From 65e643802f3d65dfed9ab3f4564711528d1f8a06 Mon Sep 17 00:00:00 2001 From: eli Date: Wed, 24 Jul 2024 14:20:18 -0700 Subject: [PATCH 17/26] test pypi --- .github/workflows/on_release.yml | 345 ++++++++++++++++--------------- 1 file changed, 176 insertions(+), 169 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 5ffdc7c3..a4c2ba1b 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -1,16 +1,16 @@ name: Build and publish to Docker Hub -on: - release: - # job will automatically run after a new "release" is create on github. - types: [created] +on: push + # release: + # # job will automatically run after a new "release" is create on github. + # types: [created] - #Allows you to run this workflow manually from the Actions tab - workflow_dispatch: - inputs: - dry_run: - description: 'If true, will not push the built images to docker hub.' - required: false - default: 'false' + # #Allows you to run this workflow manually from the Actions tab + # workflow_dispatch: + # inputs: + # dry_run: + # description: 'If true, will not push the built images to docker hub.' + # required: false + # default: 'false' jobs: # this job will build, test and (potentially) push the docker images to docker hub @@ -42,133 +42,133 @@ jobs: with: fetch-depth: 0 - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + # - name: Set up QEMU + # uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + # - name: Set up Docker Buildx + # uses: docker/setup-buildx-action@v2 - - name: Login to DockerHub - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + # - name: Login to DockerHub + # if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + # uses: docker/login-action@v2 + # with: + # username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Get version tag from github release - if: github.event_name == 'release' && github.event.action == 'created' - run: | - echo "opal_version_tag=${{ github.event.release.tag_name }}" >> $GITHUB_ENV + # - name: Get version tag from github release + # if: github.event_name == 'release' && github.event.action == 'created' + # run: | + # echo "opal_version_tag=${{ github.event.release.tag_name }}" >> $GITHUB_ENV - - name: Get version tag from git history - if: ${{ !(github.event_name == 'release' && github.event.action == 'created') }} - run: | - echo "opal_version_tag=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV + # - name: Get version tag from git history + # if: ${{ !(github.event_name == 'release' && github.event.action == 'created') }} + # run: | + # echo "opal_version_tag=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV - - name: Echo version tag - run: | - echo "The version tag that will be published to docker hub is: ${{ env.opal_version_tag }}" + # - name: Echo version tag + # run: | + # echo "The version tag that will be published to docker hub is: ${{ env.opal_version_tag }}" - - name: Build client for testing - id: build_client - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - push: false - target: client - cache-from: type=registry,ref=permitio/opal-client:latest - cache-to: type=inline - load: true - tags: | - permitio/opal-client:test + # - name: Build client for testing + # id: build_client + # uses: docker/build-push-action@v4 + # with: + # file: docker/Dockerfile + # push: false + # target: client + # cache-from: type=registry,ref=permitio/opal-client:latest + # cache-to: type=inline + # load: true + # tags: | + # permitio/opal-client:test - - name: Build server for testing - id: build_server - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - push: false - target: server - cache-from: type=registry,ref=permitio/opal-server:latest - cache-to: type=inline - load: true - tags: | - permitio/opal-server:test + # - name: Build server for testing + # id: build_server + # uses: docker/build-push-action@v4 + # with: + # file: docker/Dockerfile + # push: false + # target: server + # cache-from: type=registry,ref=permitio/opal-server:latest + # cache-to: type=inline + # load: true + # tags: | + # permitio/opal-server:test - # TEST PHASE - - name: Create modified docker compose file - run: sed 's/:latest/:test/g' docker/docker-compose-example.yml > docker/docker-compose-test.yml + # # TEST PHASE + # - name: Create modified docker compose file + # run: sed 's/:latest/:test/g' docker/docker-compose-example.yml > docker/docker-compose-test.yml - - name: Bring up stack - run: docker-compose -f docker/docker-compose-test.yml up -d + # - name: Bring up stack + # run: docker-compose -f docker/docker-compose-test.yml up -d - - name: Check if OPA is healthy - run: ./scripts/wait-for.sh -t 60 http://localhost:8181/v1/data/users -- sleep 10 && curl -s "http://localhost:8181/v1/data/users" | jq '.result.bob.location.country == "US"' + # - name: Check if OPA is healthy + # run: ./scripts/wait-for.sh -t 60 http://localhost:8181/v1/data/users -- sleep 10 && curl -s "http://localhost:8181/v1/data/users" | jq '.result.bob.location.country == "US"' - - name: Output container logs - run: docker-compose -f docker/docker-compose-test.yml logs + # - name: Output container logs + # run: docker-compose -f docker/docker-compose-test.yml logs - # PUSH PHASE - - name: Output local docker images - run: docker image ls --digests | grep opal + # # PUSH PHASE + # - name: Output local docker images + # run: docker image ls --digests | grep opal - # pushes the *same* docker images that were previously tested as part of e2e sanity test. - # each image is pushed with the versioned tag first, if it succeeds the image is pushed with the latest tag as well. - - name: Build & Push client - id: build_push_client - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - target: client - cache-from: type=registry,ref=permitio/opal-client:latest - cache-to: type=inline - tags: | - permitio/opal-client:latest - permitio/opal-client:${{ env.opal_version_tag }} + # # pushes the *same* docker images that were previously tested as part of e2e sanity test. + # # each image is pushed with the versioned tag first, if it succeeds the image is pushed with the latest tag as well. + # - name: Build & Push client + # id: build_push_client + # uses: docker/build-push-action@v4 + # with: + # file: docker/Dockerfile + # platforms: linux/amd64,linux/arm64 + # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + # target: client + # cache-from: type=registry,ref=permitio/opal-client:latest + # cache-to: type=inline + # tags: | + # permitio/opal-client:latest + # permitio/opal-client:${{ env.opal_version_tag }} - - name: Build client-standalone - id: build_push_client_standalone - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - target: client-standalone - cache-from: type=registry,ref=permitio/opal-client-standalone:latest - cache-to: type=inline - tags: | - permitio/opal-client-standalone:latest - permitio/opal-client-standalone:${{ env.opal_version_tag }} + # - name: Build client-standalone + # id: build_push_client_standalone + # uses: docker/build-push-action@v4 + # with: + # file: docker/Dockerfile + # platforms: linux/amd64,linux/arm64 + # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + # target: client-standalone + # cache-from: type=registry,ref=permitio/opal-client-standalone:latest + # cache-to: type=inline + # tags: | + # permitio/opal-client-standalone:latest + # permitio/opal-client-standalone:${{ env.opal_version_tag }} - - name: Build server - id: build_push_server - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - target: server - cache-from: type=registry,ref=permitio/opal-server:latest - cache-to: type=inline - tags: | - permitio/opal-server:latest - permitio/opal-server:${{ env.opal_version_tag }} + # - name: Build server + # id: build_push_server + # uses: docker/build-push-action@v4 + # with: + # file: docker/Dockerfile + # platforms: linux/amd64,linux/arm64 + # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + # target: server + # cache-from: type=registry,ref=permitio/opal-server:latest + # cache-to: type=inline + # tags: | + # permitio/opal-server:latest + # permitio/opal-server:${{ env.opal_version_tag }} - - name: Build & Push client cedar - id: build_push_client_cedar - uses: docker/build-push-action@v4 - with: - file: docker/Dockerfile - platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - target: client-cedar - cache-from: type=registry,ref=permitio/opal-client-cedar:latest - cache-to: type=inline - tags: | - permitio/opal-client-cedar:latest - permitio/opal-client-cedar:${{ env.opal_version_tag }} + # - name: Build & Push client cedar + # id: build_push_client_cedar + # uses: docker/build-push-action@v4 + # with: + # file: docker/Dockerfile + # platforms: linux/amd64,linux/arm64 + # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + # target: client-cedar + # cache-from: type=registry,ref=permitio/opal-client-cedar:latest + # cache-to: type=inline + # tags: | + # permitio/opal-client-cedar:latest + # permitio/opal-client-cedar:${{ env.opal_version_tag }} - name: Python setup if: github.event_name == 'release' && github.event.action == 'created' @@ -180,14 +180,15 @@ jobs: - name: Bump version - packaging__.py if: github.event_name == 'release' && github.event.action == 'created' run: | - version_tag=${{ github.event.release.tag_name }} + #version_tag=${{ github.event.release.tag_name }} + version_tag=1.2.3 version_tuple=$(echo $version_tag | sed 's/\./, /g') sed -i "s/VERSION = (.*/VERSION = (${version_tuple})/" packages/__packaging__.py cat packages/__packaging__.py - git config --local user.email "eli@permit.io" - git config --local user.name "elimoshkovich" - git add packages/__packaging__.py - git commit -m "Bump version to ${version_tag}" + # git config --local user.email "eli@permit.io" + # git config --local user.name "elimoshkovich" + # git add packages/__packaging__.py + # git commit -m "Bump version to ${version_tag}" - name: Cleanup setup.py and Build every sub-packages if: github.event_name == 'release' && github.event.action == 'created' @@ -203,67 +204,73 @@ jobs: python setup.py sdist bdist_wheel cd ../.. - # Upload package distributions to the release - Assets - - name: Upload assets to release - Opal-Common - if: github.event_name == 'release' && github.event.action == 'created' - uses: actions/upload-release-asset@v1 - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: packages/opal-common/dist/* - asset_name: opal-common-${{ github.event.release.tag_name }}.zip - asset_content_type: application/zip + # # Upload package distributions to the release - Assets + # - name: Upload assets to release - Opal-Common + # if: github.event_name == 'release' && github.event.action == 'created' + # uses: actions/upload-release-asset@v1 + # with: + # upload_url: ${{ github.event.release.upload_url }} + # asset_path: packages/opal-common/dist/* + # asset_name: opal-common-${{ github.event.release.tag_name }}.zip + # asset_content_type: application/zip - - name: Upload assets to release - Opal-Client - if: github.event_name == 'release' && github.event.action == 'created' - uses: actions/upload-release-asset@v1 - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: packages/opal-client/dist/* - asset_name: opal-client-${{ github.event.release.tag_name }}.zip - asset_content_type: application/zip + # - name: Upload assets to release - Opal-Client + # if: github.event_name == 'release' && github.event.action == 'created' + # uses: actions/upload-release-asset@v1 + # with: + # upload_url: ${{ github.event.release.upload_url }} + # asset_path: packages/opal-client/dist/* + # asset_name: opal-client-${{ github.event.release.tag_name }}.zip + # asset_content_type: application/zip - - name: Upload assets to release - Opal-Server - if: github.event_name == 'release' && github.event.action == 'created' - uses: actions/upload-release-asset@v1 - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: packages/opal-server/dist/* - asset_name: opal-server-${{ github.event.release.tag_name }}.zip - asset_content_type: application/zip + # - name: Upload assets to release - Opal-Server + # if: github.event_name == 'release' && github.event.action == 'created' + # uses: actions/upload-release-asset@v1 + # with: + # upload_url: ${{ github.event.release.upload_url }} + # asset_path: packages/opal-server/dist/* + # asset_name: opal-server-${{ github.event.release.tag_name }}.zip + # asset_content_type: application/zip # Publish package distributions to PyPI - name: Publish package distributions to PyPI - Opal-Common if: github.event_name == 'release' && github.event.action == 'created' uses: pypa/gh-action-pypi-publish@release/v1 with: - password: ${{ secrets.PYPI_TOKEN }} + # password: ${{ secrets.PYPI_TOKEN }} + password: ${{ secrets.TEST_PYPI_TOKEN }} packages-dir: packages/opal-common/ - env: - name: pypi - url: https://pypi.org/p/opal-common + repository-url: https://test.pypi.org/test-opal-common/ + # env: + # name: pypi + # url: https://pypi.org/p/opal-common - name: Publish package distributions to PyPI - Opal-Client if: github.event_name == 'release' && github.event.action == 'created' uses: pypa/gh-action-pypi-publish@release/v1 with: - password: ${{ secrets.PYPI_TOKEN }} + # password: ${{ secrets.PYPI_TOKEN }} + password: ${{ secrets.TEST_PYPI_TOKEN }} packages-dir: packages/opal-client/ - env: - name: pypi - url: https://pypi.org/p/opal-client + repository-url: https://test.pypi.org/test-opal-client/ + # env: + # name: pypi + # url: https://pypi.org/p/opal-client - name: Publish package distributions to PyPI - Opal-Server if: github.event_name == 'release' && github.event.action == 'created' uses: pypa/gh-action-pypi-publish@release/v1 with: - password: ${{ secrets.PYPI_TOKEN }} + # password: ${{ secrets.PYPI_TOKEN }} + password: ${{ secrets.TEST_PYPI_TOKEN }} packages-dir: packages/opal-server/ - env: - name: pypi - url: https://pypi.org/p/opal-server + repository-url: https://test.pypi.org/test-opal-server/ + # env: + # name: pypi + # url: https://pypi.org/p/opal-server - - name: Push changes of packages/__packaging__.py to GitHub - uses: ad-m/github-push-action@master - with: - github_token: ${{ secrets.TOKEN_GITHUB }} - branch: master + # - name: Push changes of packages/__packaging__.py to GitHub + # uses: ad-m/github-push-action@master + # with: + # github_token: ${{ secrets.TOKEN_GITHUB }} + # branch: master From 3edaa54e903e47022e676c6bf8d06f315e6ec4b1 Mon Sep 17 00:00:00 2001 From: eli Date: Wed, 24 Jul 2024 14:38:35 -0700 Subject: [PATCH 18/26] test pypi --- .github/workflows/on_release.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index a4c2ba1b..a71a2507 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -171,14 +171,14 @@ jobs: # permitio/opal-client-cedar:${{ env.opal_version_tag }} - name: Python setup - if: github.event_name == 'release' && github.event.action == 'created' + #if: github.event_name == 'release' && github.event.action == 'created' uses: actions/setup-python@v5 with: python-version: '3.11.8' # This is the root file representing the package for all the sub-packages. - name: Bump version - packaging__.py - if: github.event_name == 'release' && github.event.action == 'created' + #if: github.event_name == 'release' && github.event.action == 'created' run: | #version_tag=${{ github.event.release.tag_name }} version_tag=1.2.3 @@ -191,7 +191,7 @@ jobs: # git commit -m "Bump version to ${version_tag}" - name: Cleanup setup.py and Build every sub-packages - if: github.event_name == 'release' && github.event.action == 'created' + #if: github.event_name == 'release' && github.event.action == 'created' run: | pip install wheel cd packages/opal-common/ ; rm -rf *.egg-info build/ dist/ @@ -234,7 +234,7 @@ jobs: # Publish package distributions to PyPI - name: Publish package distributions to PyPI - Opal-Common - if: github.event_name == 'release' && github.event.action == 'created' + #if: github.event_name == 'release' && github.event.action == 'created' uses: pypa/gh-action-pypi-publish@release/v1 with: # password: ${{ secrets.PYPI_TOKEN }} @@ -246,7 +246,7 @@ jobs: # url: https://pypi.org/p/opal-common - name: Publish package distributions to PyPI - Opal-Client - if: github.event_name == 'release' && github.event.action == 'created' + #if: github.event_name == 'release' && github.event.action == 'created' uses: pypa/gh-action-pypi-publish@release/v1 with: # password: ${{ secrets.PYPI_TOKEN }} @@ -258,7 +258,7 @@ jobs: # url: https://pypi.org/p/opal-client - name: Publish package distributions to PyPI - Opal-Server - if: github.event_name == 'release' && github.event.action == 'created' + #if: github.event_name == 'release' && github.event.action == 'created' uses: pypa/gh-action-pypi-publish@release/v1 with: # password: ${{ secrets.PYPI_TOKEN }} From 34c405a5b4fba34fc825ff152cca6e158531f02a Mon Sep 17 00:00:00 2001 From: eli Date: Wed, 24 Jul 2024 14:42:52 -0700 Subject: [PATCH 19/26] Remove unwanted files before publishing --- .github/workflows/on_release.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index a71a2507..f2c90efd 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -231,6 +231,12 @@ jobs: # asset_path: packages/opal-server/dist/* # asset_name: opal-server-${{ github.event.release.tag_name }}.zip # asset_content_type: application/zip + + - name: Remove unwanted files before publishing + run: | + cd packages/opal-common/ ; rm -rf build/ + cd ../opal-client/ ; rm -rf build/ + cd ../opal-server/ ; rm -rf build/ # Publish package distributions to PyPI - name: Publish package distributions to PyPI - Opal-Common From dcf927b89fc8f576bb6f4396f0564754e744c856 Mon Sep 17 00:00:00 2001 From: eli Date: Wed, 24 Jul 2024 14:45:40 -0700 Subject: [PATCH 20/26] with dist at path --- .github/workflows/on_release.yml | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index f2c90efd..7713c154 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -231,13 +231,7 @@ jobs: # asset_path: packages/opal-server/dist/* # asset_name: opal-server-${{ github.event.release.tag_name }}.zip # asset_content_type: application/zip - - - name: Remove unwanted files before publishing - run: | - cd packages/opal-common/ ; rm -rf build/ - cd ../opal-client/ ; rm -rf build/ - cd ../opal-server/ ; rm -rf build/ - + # Publish package distributions to PyPI - name: Publish package distributions to PyPI - Opal-Common #if: github.event_name == 'release' && github.event.action == 'created' @@ -245,7 +239,7 @@ jobs: with: # password: ${{ secrets.PYPI_TOKEN }} password: ${{ secrets.TEST_PYPI_TOKEN }} - packages-dir: packages/opal-common/ + packages-dir: packages/opal-common/dist/ repository-url: https://test.pypi.org/test-opal-common/ # env: # name: pypi @@ -257,7 +251,7 @@ jobs: with: # password: ${{ secrets.PYPI_TOKEN }} password: ${{ secrets.TEST_PYPI_TOKEN }} - packages-dir: packages/opal-client/ + packages-dir: packages/opal-client/dist/ repository-url: https://test.pypi.org/test-opal-client/ # env: # name: pypi @@ -269,7 +263,7 @@ jobs: with: # password: ${{ secrets.PYPI_TOKEN }} password: ${{ secrets.TEST_PYPI_TOKEN }} - packages-dir: packages/opal-server/ + packages-dir: packages/opal-server/dist/ repository-url: https://test.pypi.org/test-opal-server/ # env: # name: pypi From 8603da4e8e9534cb347214811c13c4eab05067dc Mon Sep 17 00:00:00 2001 From: eli Date: Wed, 24 Jul 2024 14:54:01 -0700 Subject: [PATCH 21/26] test legacy --- .github/workflows/on_release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 7713c154..bad4d4dc 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -240,7 +240,7 @@ jobs: # password: ${{ secrets.PYPI_TOKEN }} password: ${{ secrets.TEST_PYPI_TOKEN }} packages-dir: packages/opal-common/dist/ - repository-url: https://test.pypi.org/test-opal-common/ + repository-url: https://test.pypi.org/legacy/ # env: # name: pypi # url: https://pypi.org/p/opal-common @@ -252,7 +252,7 @@ jobs: # password: ${{ secrets.PYPI_TOKEN }} password: ${{ secrets.TEST_PYPI_TOKEN }} packages-dir: packages/opal-client/dist/ - repository-url: https://test.pypi.org/test-opal-client/ + repository-url: https://test.pypi.org/legacy/ # env: # name: pypi # url: https://pypi.org/p/opal-client @@ -264,7 +264,7 @@ jobs: # password: ${{ secrets.PYPI_TOKEN }} password: ${{ secrets.TEST_PYPI_TOKEN }} packages-dir: packages/opal-server/dist/ - repository-url: https://test.pypi.org/test-opal-server/ + repository-url: https://test.pypi.org/legacy/ # env: # name: pypi # url: https://pypi.org/p/opal-server From a7033431bef2791ac4b8a1015ebe5b6f44eab615 Mon Sep 17 00:00:00 2001 From: eli Date: Wed, 24 Jul 2024 15:03:33 -0700 Subject: [PATCH 22/26] final --- .github/workflows/on_release.yml | 366 ++++++++++++++++--------------- 1 file changed, 184 insertions(+), 182 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index bad4d4dc..2ac1a066 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -1,16 +1,16 @@ name: Build and publish to Docker Hub -on: push - # release: - # # job will automatically run after a new "release" is create on github. - # types: [created] +on: + release: + # job will automatically run after a new "release" is create on github. + types: [created] - # #Allows you to run this workflow manually from the Actions tab - # workflow_dispatch: - # inputs: - # dry_run: - # description: 'If true, will not push the built images to docker hub.' - # required: false - # default: 'false' + #Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + inputs: + dry_run: + description: 'If true, will not push the built images to docker hub.' + required: false + default: 'false' jobs: # this job will build, test and (potentially) push the docker images to docker hub @@ -42,156 +42,155 @@ jobs: with: fetch-depth: 0 - # - name: Set up QEMU - # uses: docker/setup-qemu-action@v2 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 - # - name: Set up Docker Buildx - # uses: docker/setup-buildx-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 - # - name: Login to DockerHub - # if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - # uses: docker/login-action@v2 - # with: - # username: ${{ secrets.DOCKERHUB_USERNAME }} - # password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to DockerHub + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} - # - name: Get version tag from github release - # if: github.event_name == 'release' && github.event.action == 'created' - # run: | - # echo "opal_version_tag=${{ github.event.release.tag_name }}" >> $GITHUB_ENV + - name: Get version tag from github release + if: github.event_name == 'release' && github.event.action == 'created' + run: | + echo "opal_version_tag=${{ github.event.release.tag_name }}" >> $GITHUB_ENV - # - name: Get version tag from git history - # if: ${{ !(github.event_name == 'release' && github.event.action == 'created') }} - # run: | - # echo "opal_version_tag=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV + - name: Get version tag from git history + if: ${{ !(github.event_name == 'release' && github.event.action == 'created') }} + run: | + echo "opal_version_tag=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV - # - name: Echo version tag - # run: | - # echo "The version tag that will be published to docker hub is: ${{ env.opal_version_tag }}" + - name: Echo version tag + run: | + echo "The version tag that will be published to docker hub is: ${{ env.opal_version_tag }}" - # - name: Build client for testing - # id: build_client - # uses: docker/build-push-action@v4 - # with: - # file: docker/Dockerfile - # push: false - # target: client - # cache-from: type=registry,ref=permitio/opal-client:latest - # cache-to: type=inline - # load: true - # tags: | - # permitio/opal-client:test + - name: Build client for testing + id: build_client + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + push: false + target: client + cache-from: type=registry,ref=permitio/opal-client:latest + cache-to: type=inline + load: true + tags: | + permitio/opal-client:test - # - name: Build server for testing - # id: build_server - # uses: docker/build-push-action@v4 - # with: - # file: docker/Dockerfile - # push: false - # target: server - # cache-from: type=registry,ref=permitio/opal-server:latest - # cache-to: type=inline - # load: true - # tags: | - # permitio/opal-server:test + - name: Build server for testing + id: build_server + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + push: false + target: server + cache-from: type=registry,ref=permitio/opal-server:latest + cache-to: type=inline + load: true + tags: | + permitio/opal-server:test - # # TEST PHASE - # - name: Create modified docker compose file - # run: sed 's/:latest/:test/g' docker/docker-compose-example.yml > docker/docker-compose-test.yml + # TEST PHASE + - name: Create modified docker compose file + run: sed 's/:latest/:test/g' docker/docker-compose-example.yml > docker/docker-compose-test.yml - # - name: Bring up stack - # run: docker-compose -f docker/docker-compose-test.yml up -d + - name: Bring up stack + run: docker-compose -f docker/docker-compose-test.yml up -d - # - name: Check if OPA is healthy - # run: ./scripts/wait-for.sh -t 60 http://localhost:8181/v1/data/users -- sleep 10 && curl -s "http://localhost:8181/v1/data/users" | jq '.result.bob.location.country == "US"' + - name: Check if OPA is healthy + run: ./scripts/wait-for.sh -t 60 http://localhost:8181/v1/data/users -- sleep 10 && curl -s "http://localhost:8181/v1/data/users" | jq '.result.bob.location.country == "US"' - # - name: Output container logs - # run: docker-compose -f docker/docker-compose-test.yml logs + - name: Output container logs + run: docker-compose -f docker/docker-compose-test.yml logs - # # PUSH PHASE - # - name: Output local docker images - # run: docker image ls --digests | grep opal + # PUSH PHASE + - name: Output local docker images + run: docker image ls --digests | grep opal - # # pushes the *same* docker images that were previously tested as part of e2e sanity test. - # # each image is pushed with the versioned tag first, if it succeeds the image is pushed with the latest tag as well. - # - name: Build & Push client - # id: build_push_client - # uses: docker/build-push-action@v4 - # with: - # file: docker/Dockerfile - # platforms: linux/amd64,linux/arm64 - # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - # target: client - # cache-from: type=registry,ref=permitio/opal-client:latest - # cache-to: type=inline - # tags: | - # permitio/opal-client:latest - # permitio/opal-client:${{ env.opal_version_tag }} + # pushes the *same* docker images that were previously tested as part of e2e sanity test. + # each image is pushed with the versioned tag first, if it succeeds the image is pushed with the latest tag as well. + - name: Build & Push client + id: build_push_client + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + platforms: linux/amd64,linux/arm64 + push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + target: client + cache-from: type=registry,ref=permitio/opal-client:latest + cache-to: type=inline + tags: | + permitio/opal-client:latest + permitio/opal-client:${{ env.opal_version_tag }} - # - name: Build client-standalone - # id: build_push_client_standalone - # uses: docker/build-push-action@v4 - # with: - # file: docker/Dockerfile - # platforms: linux/amd64,linux/arm64 - # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - # target: client-standalone - # cache-from: type=registry,ref=permitio/opal-client-standalone:latest - # cache-to: type=inline - # tags: | - # permitio/opal-client-standalone:latest - # permitio/opal-client-standalone:${{ env.opal_version_tag }} + - name: Build client-standalone + id: build_push_client_standalone + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + platforms: linux/amd64,linux/arm64 + push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + target: client-standalone + cache-from: type=registry,ref=permitio/opal-client-standalone:latest + cache-to: type=inline + tags: | + permitio/opal-client-standalone:latest + permitio/opal-client-standalone:${{ env.opal_version_tag }} - # - name: Build server - # id: build_push_server - # uses: docker/build-push-action@v4 - # with: - # file: docker/Dockerfile - # platforms: linux/amd64,linux/arm64 - # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - # target: server - # cache-from: type=registry,ref=permitio/opal-server:latest - # cache-to: type=inline - # tags: | - # permitio/opal-server:latest - # permitio/opal-server:${{ env.opal_version_tag }} + - name: Build server + id: build_push_server + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + platforms: linux/amd64,linux/arm64 + push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + target: server + cache-from: type=registry,ref=permitio/opal-server:latest + cache-to: type=inline + tags: | + permitio/opal-server:latest + permitio/opal-server:${{ env.opal_version_tag }} - # - name: Build & Push client cedar - # id: build_push_client_cedar - # uses: docker/build-push-action@v4 - # with: - # file: docker/Dockerfile - # platforms: linux/amd64,linux/arm64 - # push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - # target: client-cedar - # cache-from: type=registry,ref=permitio/opal-client-cedar:latest - # cache-to: type=inline - # tags: | - # permitio/opal-client-cedar:latest - # permitio/opal-client-cedar:${{ env.opal_version_tag }} + - name: Build & Push client cedar + id: build_push_client_cedar + uses: docker/build-push-action@v4 + with: + file: docker/Dockerfile + platforms: linux/amd64,linux/arm64 + push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + target: client-cedar + cache-from: type=registry,ref=permitio/opal-client-cedar:latest + cache-to: type=inline + tags: | + permitio/opal-client-cedar:latest + permitio/opal-client-cedar:${{ env.opal_version_tag }} - name: Python setup - #if: github.event_name == 'release' && github.event.action == 'created' + if: github.event_name == 'release' && github.event.action == 'created' uses: actions/setup-python@v5 with: python-version: '3.11.8' # This is the root file representing the package for all the sub-packages. - name: Bump version - packaging__.py - #if: github.event_name == 'release' && github.event.action == 'created' + if: github.event_name == 'release' && github.event.action == 'created' run: | - #version_tag=${{ github.event.release.tag_name }} - version_tag=1.2.3 + version_tag=${{ github.event.release.tag_name }} version_tuple=$(echo $version_tag | sed 's/\./, /g') sed -i "s/VERSION = (.*/VERSION = (${version_tuple})/" packages/__packaging__.py cat packages/__packaging__.py - # git config --local user.email "eli@permit.io" - # git config --local user.name "elimoshkovich" - # git add packages/__packaging__.py - # git commit -m "Bump version to ${version_tag}" + git config --local user.email "eli@permit.io" + git config --local user.name "elimoshkovich" + git add packages/__packaging__.py + git commit -m "Bump version to ${version_tag}" - name: Cleanup setup.py and Build every sub-packages - #if: github.event_name == 'release' && github.event.action == 'created' + if: github.event_name == 'release' && github.event.action == 'created' run: | pip install wheel cd packages/opal-common/ ; rm -rf *.egg-info build/ dist/ @@ -204,73 +203,76 @@ jobs: python setup.py sdist bdist_wheel cd ../.. - # # Upload package distributions to the release - Assets - # - name: Upload assets to release - Opal-Common - # if: github.event_name == 'release' && github.event.action == 'created' - # uses: actions/upload-release-asset@v1 - # with: - # upload_url: ${{ github.event.release.upload_url }} - # asset_path: packages/opal-common/dist/* - # asset_name: opal-common-${{ github.event.release.tag_name }}.zip - # asset_content_type: application/zip + # Upload package distributions to the release - Assets + - name: Upload assets to release - Opal-Common + if: github.event_name == 'release' && github.event.action == 'created' + uses: actions/upload-release-asset@v1 + with: + upload_url: ${{ github.event.release.upload_url }} + asset_path: packages/opal-common/dist/* + asset_name: opal-common-${{ github.event.release.tag_name }}.zip + asset_content_type: application/zip - # - name: Upload assets to release - Opal-Client - # if: github.event_name == 'release' && github.event.action == 'created' - # uses: actions/upload-release-asset@v1 - # with: - # upload_url: ${{ github.event.release.upload_url }} - # asset_path: packages/opal-client/dist/* - # asset_name: opal-client-${{ github.event.release.tag_name }}.zip - # asset_content_type: application/zip + - name: Upload assets to release - Opal-Client + if: github.event_name == 'release' && github.event.action == 'created' + uses: actions/upload-release-asset@v1 + with: + upload_url: ${{ github.event.release.upload_url }} + asset_path: packages/opal-client/dist/* + asset_name: opal-client-${{ github.event.release.tag_name }}.zip + asset_content_type: application/zip - # - name: Upload assets to release - Opal-Server - # if: github.event_name == 'release' && github.event.action == 'created' - # uses: actions/upload-release-asset@v1 - # with: - # upload_url: ${{ github.event.release.upload_url }} - # asset_path: packages/opal-server/dist/* - # asset_name: opal-server-${{ github.event.release.tag_name }}.zip - # asset_content_type: application/zip + - name: Upload assets to release - Opal-Server + if: github.event_name == 'release' && github.event.action == 'created' + uses: actions/upload-release-asset@v1 + with: + upload_url: ${{ github.event.release.upload_url }} + asset_path: packages/opal-server/dist/* + asset_name: opal-server-${{ github.event.release.tag_name }}.zip + asset_content_type: application/zip # Publish package distributions to PyPI - name: Publish package distributions to PyPI - Opal-Common - #if: github.event_name == 'release' && github.event.action == 'created' + if: github.event_name == 'release' && github.event.action == 'created' uses: pypa/gh-action-pypi-publish@release/v1 with: - # password: ${{ secrets.PYPI_TOKEN }} - password: ${{ secrets.TEST_PYPI_TOKEN }} + password: ${{ secrets.PYPI_TOKEN }} packages-dir: packages/opal-common/dist/ - repository-url: https://test.pypi.org/legacy/ - # env: - # name: pypi - # url: https://pypi.org/p/opal-common + # For Test only ! + # password: ${{ secrets.TEST_PYPI_TOKEN }} + # repository-url: https://test.pypi.org/legacy/ + env: + name: pypi + url: https://pypi.org/p/opal-common - name: Publish package distributions to PyPI - Opal-Client - #if: github.event_name == 'release' && github.event.action == 'created' + if: github.event_name == 'release' && github.event.action == 'created' uses: pypa/gh-action-pypi-publish@release/v1 with: - # password: ${{ secrets.PYPI_TOKEN }} - password: ${{ secrets.TEST_PYPI_TOKEN }} + password: ${{ secrets.PYPI_TOKEN }} packages-dir: packages/opal-client/dist/ - repository-url: https://test.pypi.org/legacy/ - # env: - # name: pypi - # url: https://pypi.org/p/opal-client + # For Test only ! + # password: ${{ secrets.TEST_PYPI_TOKEN }} + # repository-url: https://test.pypi.org/legacy/ + env: + name: pypi + url: https://pypi.org/p/opal-client - name: Publish package distributions to PyPI - Opal-Server - #if: github.event_name == 'release' && github.event.action == 'created' + if: github.event_name == 'release' && github.event.action == 'created' uses: pypa/gh-action-pypi-publish@release/v1 with: - # password: ${{ secrets.PYPI_TOKEN }} - password: ${{ secrets.TEST_PYPI_TOKEN }} + password: ${{ secrets.PYPI_TOKEN }} packages-dir: packages/opal-server/dist/ - repository-url: https://test.pypi.org/legacy/ - # env: - # name: pypi - # url: https://pypi.org/p/opal-server + # For Test only ! + # password: ${{ secrets.TEST_PYPI_TOKEN }} + # repository-url: https://test.pypi.org/legacy/ + env: + name: pypi + url: https://pypi.org/p/opal-server - # - name: Push changes of packages/__packaging__.py to GitHub - # uses: ad-m/github-push-action@master - # with: - # github_token: ${{ secrets.TOKEN_GITHUB }} - # branch: master + - name: Push changes of packages/__packaging__.py to GitHub + uses: ad-m/github-push-action@master + with: + github_token: ${{ secrets.TOKEN_GITHUB }} + branch: master From f42f8786cf0777fb758ba6f0b3ca240cd43e6e42 Mon Sep 17 00:00:00 2001 From: eli Date: Thu, 25 Jul 2024 09:03:44 -0700 Subject: [PATCH 23/26] fix if conditions and change trigger to publish --- .github/workflows/on_release.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 2ac1a066..620edc25 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -2,8 +2,7 @@ name: Build and publish to Docker Hub on: release: # job will automatically run after a new "release" is create on github. - types: [created] - + types: [published] #Allows you to run this workflow manually from the Actions tab workflow_dispatch: inputs: @@ -171,14 +170,14 @@ jobs: permitio/opal-client-cedar:${{ env.opal_version_tag }} - name: Python setup - if: github.event_name == 'release' && github.event.action == 'created' + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} uses: actions/setup-python@v5 with: python-version: '3.11.8' # This is the root file representing the package for all the sub-packages. - name: Bump version - packaging__.py - if: github.event_name == 'release' && github.event.action == 'created' + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} run: | version_tag=${{ github.event.release.tag_name }} version_tuple=$(echo $version_tag | sed 's/\./, /g') @@ -190,7 +189,7 @@ jobs: git commit -m "Bump version to ${version_tag}" - name: Cleanup setup.py and Build every sub-packages - if: github.event_name == 'release' && github.event.action == 'created' + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} run: | pip install wheel cd packages/opal-common/ ; rm -rf *.egg-info build/ dist/ @@ -205,7 +204,7 @@ jobs: # Upload package distributions to the release - Assets - name: Upload assets to release - Opal-Common - if: github.event_name == 'release' && github.event.action == 'created' + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} uses: actions/upload-release-asset@v1 with: upload_url: ${{ github.event.release.upload_url }} @@ -214,7 +213,7 @@ jobs: asset_content_type: application/zip - name: Upload assets to release - Opal-Client - if: github.event_name == 'release' && github.event.action == 'created' + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} uses: actions/upload-release-asset@v1 with: upload_url: ${{ github.event.release.upload_url }} @@ -223,7 +222,7 @@ jobs: asset_content_type: application/zip - name: Upload assets to release - Opal-Server - if: github.event_name == 'release' && github.event.action == 'created' + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} uses: actions/upload-release-asset@v1 with: upload_url: ${{ github.event.release.upload_url }} @@ -233,7 +232,7 @@ jobs: # Publish package distributions to PyPI - name: Publish package distributions to PyPI - Opal-Common - if: github.event_name == 'release' && github.event.action == 'created' + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} uses: pypa/gh-action-pypi-publish@release/v1 with: password: ${{ secrets.PYPI_TOKEN }} @@ -246,7 +245,7 @@ jobs: url: https://pypi.org/p/opal-common - name: Publish package distributions to PyPI - Opal-Client - if: github.event_name == 'release' && github.event.action == 'created' + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} uses: pypa/gh-action-pypi-publish@release/v1 with: password: ${{ secrets.PYPI_TOKEN }} @@ -259,7 +258,7 @@ jobs: url: https://pypi.org/p/opal-client - name: Publish package distributions to PyPI - Opal-Server - if: github.event_name == 'release' && github.event.action == 'created' + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} uses: pypa/gh-action-pypi-publish@release/v1 with: password: ${{ secrets.PYPI_TOKEN }} @@ -272,6 +271,7 @@ jobs: url: https://pypi.org/p/opal-server - name: Push changes of packages/__packaging__.py to GitHub + if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} uses: ad-m/github-push-action@master with: github_token: ${{ secrets.TOKEN_GITHUB }} From 67f104ca2c57981bbb290e67d562550e366114a4 Mon Sep 17 00:00:00 2001 From: eli Date: Thu, 25 Jul 2024 09:32:45 -0700 Subject: [PATCH 24/26] all assets within one single step --- .github/workflows/on_release.yml | 32 ++++++++------------------------ 1 file changed, 8 insertions(+), 24 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 620edc25..373a2b18 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -30,6 +30,7 @@ jobs: runs-on: ubuntu-latest env: GITHUB_TOKEN: ${{ secrets.TOKEN_GITHUB }} + github_token: ${{ secrets.TOKEN_GITHUB }} permissions: id-token: write contents: write # 'write' access to repository contents @@ -202,33 +203,16 @@ jobs: python setup.py sdist bdist_wheel cd ../.. - # Upload package distributions to the release - Assets - - name: Upload assets to release - Opal-Common + # Upload package distributions to the release - All assets in one step + - name: Upload assets to release if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - uses: actions/upload-release-asset@v1 + uses: shogo82148/actions-upload-release-asset@v1.7.5 with: upload_url: ${{ github.event.release.upload_url }} - asset_path: packages/opal-common/dist/* - asset_name: opal-common-${{ github.event.release.tag_name }}.zip - asset_content_type: application/zip - - - name: Upload assets to release - Opal-Client - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - uses: actions/upload-release-asset@v1 - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: packages/opal-client/dist/* - asset_name: opal-client-${{ github.event.release.tag_name }}.zip - asset_content_type: application/zip - - - name: Upload assets to release - Opal-Server - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} - uses: actions/upload-release-asset@v1 - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: packages/opal-server/dist/* - asset_name: opal-server-${{ github.event.release.tag_name }}.zip - asset_content_type: application/zip + asset_path: | + packages/opal-common/dist/* + packages/opal-client/dist/* + packages/opal-server/dist/* # Publish package distributions to PyPI - name: Publish package distributions to PyPI - Opal-Common From 1382a4ed75bc3af04ace9dc161070bf8963cd859 Mon Sep 17 00:00:00 2001 From: eli Date: Wed, 31 Jul 2024 12:05:36 -0700 Subject: [PATCH 25/26] check1 --- .github/workflows/on_release.yml | 39 ++++++++++++++------------------ 1 file changed, 17 insertions(+), 22 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 373a2b18..39a2bc96 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -1,15 +1,10 @@ name: Build and publish to Docker Hub -on: - release: - # job will automatically run after a new "release" is create on github. - types: [published] +on: push + # release: + # # job will automatically run after a new "release" is create on github. + # types: [published] #Allows you to run this workflow manually from the Actions tab workflow_dispatch: - inputs: - dry_run: - description: 'If true, will not push the built images to docker hub.' - required: false - default: 'false' jobs: # this job will build, test and (potentially) push the docker images to docker hub @@ -49,7 +44,7 @@ jobs: uses: docker/setup-buildx-action@v2 - name: Login to DockerHub - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + if: ${{ !(github.event_name == 'workflow_dispatch') }} uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} @@ -120,7 +115,7 @@ jobs: with: file: docker/Dockerfile platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + push: ${{ !(github.event_name == 'workflow_dispatch') }} target: client cache-from: type=registry,ref=permitio/opal-client:latest cache-to: type=inline @@ -134,7 +129,7 @@ jobs: with: file: docker/Dockerfile platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + push: ${{ !(github.event_name == 'workflow_dispatch') }} target: client-standalone cache-from: type=registry,ref=permitio/opal-client-standalone:latest cache-to: type=inline @@ -148,7 +143,7 @@ jobs: with: file: docker/Dockerfile platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + push: ${{ !(github.event_name == 'workflow_dispatch') }} target: server cache-from: type=registry,ref=permitio/opal-server:latest cache-to: type=inline @@ -162,7 +157,7 @@ jobs: with: file: docker/Dockerfile platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + push: ${{ !(github.event_name == 'workflow_dispatch') }} target: client-cedar cache-from: type=registry,ref=permitio/opal-client-cedar:latest cache-to: type=inline @@ -171,14 +166,14 @@ jobs: permitio/opal-client-cedar:${{ env.opal_version_tag }} - name: Python setup - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + if: ${{ !(github.event_name == 'workflow_dispatch') }} uses: actions/setup-python@v5 with: python-version: '3.11.8' # This is the root file representing the package for all the sub-packages. - name: Bump version - packaging__.py - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + if: ${{ !(github.event_name == 'workflow_dispatch') }} run: | version_tag=${{ github.event.release.tag_name }} version_tuple=$(echo $version_tag | sed 's/\./, /g') @@ -190,7 +185,7 @@ jobs: git commit -m "Bump version to ${version_tag}" - name: Cleanup setup.py and Build every sub-packages - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + if: ${{ !(github.event_name == 'workflow_dispatch') }} run: | pip install wheel cd packages/opal-common/ ; rm -rf *.egg-info build/ dist/ @@ -205,7 +200,7 @@ jobs: # Upload package distributions to the release - All assets in one step - name: Upload assets to release - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + if: ${{ !(github.event_name == 'workflow_dispatch') }} uses: shogo82148/actions-upload-release-asset@v1.7.5 with: upload_url: ${{ github.event.release.upload_url }} @@ -216,7 +211,7 @@ jobs: # Publish package distributions to PyPI - name: Publish package distributions to PyPI - Opal-Common - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + if: ${{ !(github.event_name == 'workflow_dispatch') }} uses: pypa/gh-action-pypi-publish@release/v1 with: password: ${{ secrets.PYPI_TOKEN }} @@ -229,7 +224,7 @@ jobs: url: https://pypi.org/p/opal-common - name: Publish package distributions to PyPI - Opal-Client - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + if: ${{ !(github.event_name == 'workflow_dispatch') }} uses: pypa/gh-action-pypi-publish@release/v1 with: password: ${{ secrets.PYPI_TOKEN }} @@ -242,7 +237,7 @@ jobs: url: https://pypi.org/p/opal-client - name: Publish package distributions to PyPI - Opal-Server - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + if: ${{ !(github.event_name == 'workflow_dispatch') }} uses: pypa/gh-action-pypi-publish@release/v1 with: password: ${{ secrets.PYPI_TOKEN }} @@ -255,7 +250,7 @@ jobs: url: https://pypi.org/p/opal-server - name: Push changes of packages/__packaging__.py to GitHub - if: ${{ !(github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true') }} + if: ${{ !(github.event_name == 'workflow_dispatch') }} uses: ad-m/github-push-action@master with: github_token: ${{ secrets.TOKEN_GITHUB }} From c0294d7be1a12b3c6fe61754248286544d89bd68 Mon Sep 17 00:00:00 2001 From: eli Date: Wed, 31 Jul 2024 12:15:25 -0700 Subject: [PATCH 26/26] without workflow_dispatch --- .github/workflows/on_release.yml | 46 +++++++++----------------------- 1 file changed, 13 insertions(+), 33 deletions(-) diff --git a/.github/workflows/on_release.yml b/.github/workflows/on_release.yml index 39a2bc96..2b9461ec 100644 --- a/.github/workflows/on_release.yml +++ b/.github/workflows/on_release.yml @@ -1,10 +1,9 @@ name: Build and publish to Docker Hub -on: push - # release: - # # job will automatically run after a new "release" is create on github. - # types: [published] +on: + release: + # job will automatically run after a new "release" is create on github. + types: [published] #Allows you to run this workflow manually from the Actions tab - workflow_dispatch: jobs: # this job will build, test and (potentially) push the docker images to docker hub @@ -44,25 +43,14 @@ jobs: uses: docker/setup-buildx-action@v2 - name: Login to DockerHub - if: ${{ !(github.event_name == 'workflow_dispatch') }} uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Get version tag from github release - if: github.event_name == 'release' && github.event.action == 'created' - run: | - echo "opal_version_tag=${{ github.event.release.tag_name }}" >> $GITHUB_ENV - - - name: Get version tag from git history - if: ${{ !(github.event_name == 'release' && github.event.action == 'created') }} - run: | - echo "opal_version_tag=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV - - name: Echo version tag run: | - echo "The version tag that will be published to docker hub is: ${{ env.opal_version_tag }}" + echo "The version tag that will be published to docker hub is: ${{ github.event.release.tag_name }}" - name: Build client for testing id: build_client @@ -115,13 +103,13 @@ jobs: with: file: docker/Dockerfile platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch') }} + push: true target: client cache-from: type=registry,ref=permitio/opal-client:latest cache-to: type=inline tags: | permitio/opal-client:latest - permitio/opal-client:${{ env.opal_version_tag }} + permitio/opal-client:${{ github.event.release.tag_name }} - name: Build client-standalone id: build_push_client_standalone @@ -129,13 +117,13 @@ jobs: with: file: docker/Dockerfile platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch') }} + push: true target: client-standalone cache-from: type=registry,ref=permitio/opal-client-standalone:latest cache-to: type=inline tags: | permitio/opal-client-standalone:latest - permitio/opal-client-standalone:${{ env.opal_version_tag }} + permitio/opal-client-standalone:${{ github.event.release.tag_name }} - name: Build server id: build_push_server @@ -143,13 +131,13 @@ jobs: with: file: docker/Dockerfile platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch') }} + push: true target: server cache-from: type=registry,ref=permitio/opal-server:latest cache-to: type=inline tags: | permitio/opal-server:latest - permitio/opal-server:${{ env.opal_version_tag }} + permitio/opal-server:${{ github.event.release.tag_name }} - name: Build & Push client cedar id: build_push_client_cedar @@ -157,23 +145,21 @@ jobs: with: file: docker/Dockerfile platforms: linux/amd64,linux/arm64 - push: ${{ !(github.event_name == 'workflow_dispatch') }} + push: true target: client-cedar cache-from: type=registry,ref=permitio/opal-client-cedar:latest cache-to: type=inline tags: | permitio/opal-client-cedar:latest - permitio/opal-client-cedar:${{ env.opal_version_tag }} + permitio/opal-client-cedar:${{ github.event.release.tag_name }} - name: Python setup - if: ${{ !(github.event_name == 'workflow_dispatch') }} uses: actions/setup-python@v5 with: python-version: '3.11.8' # This is the root file representing the package for all the sub-packages. - name: Bump version - packaging__.py - if: ${{ !(github.event_name == 'workflow_dispatch') }} run: | version_tag=${{ github.event.release.tag_name }} version_tuple=$(echo $version_tag | sed 's/\./, /g') @@ -185,7 +171,6 @@ jobs: git commit -m "Bump version to ${version_tag}" - name: Cleanup setup.py and Build every sub-packages - if: ${{ !(github.event_name == 'workflow_dispatch') }} run: | pip install wheel cd packages/opal-common/ ; rm -rf *.egg-info build/ dist/ @@ -200,7 +185,6 @@ jobs: # Upload package distributions to the release - All assets in one step - name: Upload assets to release - if: ${{ !(github.event_name == 'workflow_dispatch') }} uses: shogo82148/actions-upload-release-asset@v1.7.5 with: upload_url: ${{ github.event.release.upload_url }} @@ -211,7 +195,6 @@ jobs: # Publish package distributions to PyPI - name: Publish package distributions to PyPI - Opal-Common - if: ${{ !(github.event_name == 'workflow_dispatch') }} uses: pypa/gh-action-pypi-publish@release/v1 with: password: ${{ secrets.PYPI_TOKEN }} @@ -224,7 +207,6 @@ jobs: url: https://pypi.org/p/opal-common - name: Publish package distributions to PyPI - Opal-Client - if: ${{ !(github.event_name == 'workflow_dispatch') }} uses: pypa/gh-action-pypi-publish@release/v1 with: password: ${{ secrets.PYPI_TOKEN }} @@ -237,7 +219,6 @@ jobs: url: https://pypi.org/p/opal-client - name: Publish package distributions to PyPI - Opal-Server - if: ${{ !(github.event_name == 'workflow_dispatch') }} uses: pypa/gh-action-pypi-publish@release/v1 with: password: ${{ secrets.PYPI_TOKEN }} @@ -250,7 +231,6 @@ jobs: url: https://pypi.org/p/opal-server - name: Push changes of packages/__packaging__.py to GitHub - if: ${{ !(github.event_name == 'workflow_dispatch') }} uses: ad-m/github-push-action@master with: github_token: ${{ secrets.TOKEN_GITHUB }}