-
Notifications
You must be signed in to change notification settings - Fork 161
139 lines (131 loc) · 4.52 KB
/
next.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: next
on:
push:
branches:
- next
env:
SHELLCHECK_VERSION: v0.10.0
SHELLCHECK_SHA256: 6c881ab0698e4e6ea235245f22832860544f17ba386442fe7e9d629f8cbedf87
NEWT_VERSION: 0.52.24
NEWT_SHA256: 5ded7e221f85f642521c49b1826c8de19845aa372baf5d630a51774b544fbdbb
jobs:
codestyle:
name: Code style
runs-on: ubuntu-24.04
steps:
- name: Check out repo
uses: actions/checkout@v4
- name: Install Checkcode dependencies
run: |
pip install flake8 pycodestyle doc8 Pygments
- name: Install recent shellcheck
run: |
wget -q https://github.com/koalaman/shellcheck/releases/download/$SHELLCHECK_VERSION/shellcheck-$SHELLCHECK_VERSION.linux.x86_64.tar.xz
echo "$SHELLCHECK_SHA256 shellcheck-$SHELLCHECK_VERSION.linux.x86_64.tar.xz" | sha256sum -c
tar -xJf shellcheck-$SHELLCHECK_VERSION.linux.x86_64.tar.xz
sudo cp shellcheck-$SHELLCHECK_VERSION/shellcheck /usr/local/bin/
- name: Check code
run: scripts/checkcode.sh .
perform_tests_legacy:
name: Legacy Python
runs-on: ubuntu-20.04
strategy:
matrix:
python-version: ["3.6", "3.7"]
steps:
- name: Check out repo
uses: actions/checkout@v4
- name: Run tests
uses: ./.github/actions/perform-tests
with:
python-version: ${{ matrix.python-version }}
perform_tests_modern:
name: Modern Python
runs-on: ubuntu-24.04
strategy:
matrix:
python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13"]
steps:
- name: Check out repo
uses: actions/checkout@v4
- name: PyTest
uses: ./.github/actions/perform-tests
with:
python-version: ${{ matrix.python-version }}
build_containers:
name: Build, test and deploy container images
needs:
- codestyle
- perform_tests_legacy
- perform_tests_modern
runs-on: ubuntu-24.04
permissions:
id-token: write
packages: write
contents: read
attestations: write
strategy:
matrix:
image-name: ["kas", "kas-isar"]
steps:
- name: Check out repo
uses: actions/checkout@v4
- name: Set up docker build
uses: ./.github/actions/docker-init
with:
deploy-user: ${{ github.actor }}
deploy-token: ${{ secrets.GITHUB_TOKEN }}
image-name: ${{ matrix.image-name }}
- name: Build ${{ matrix.image-name }} image
uses: docker/build-push-action@v5
with:
context: /home/runner/kas-clone
target: ${{ matrix.image-name }}
platforms: linux/amd64
build-args: |
SOURCE_DATE_EPOCH=${{ env.SOURCE_DATE_EPOCH }}
DEBIAN_TAG=${{ env.DEBIAN_TAG }}
outputs: type=docker,rewrite-timestamp=true
tags: ghcr.io/${{ github.repository }}/${{ matrix.image-name }}:next
- name: Test ${{ matrix.image-name }} image
run: |
cd image-tests/${{ matrix.image-name }}
KAS_CONTAINER_IMAGE=ghcr.io/${{ github.repository }}/${{ matrix.image-name }}:next \
KAS_CLONE_DEPTH=1 \
../../kas-container build kas.yml
- name: Complete build and deploy ${{ matrix.image-name }} image
uses: docker/build-push-action@v5
id: push
with:
context: /home/runner/kas-clone
target: ${{ matrix.image-name }}
platforms: linux/amd64,linux/arm64
build-args: |
SOURCE_DATE_EPOCH=${{ env.SOURCE_DATE_EPOCH }}
DEBIAN_TAG=${{ env.DEBIAN_TAG }}
provenance: false
outputs: type=registry,rewrite-timestamp=true
tags: ghcr.io/${{ github.repository }}/${{ matrix.image-name }}:next
annotations: ${{ env.DOCKER_METADATA_OUTPUT_ANNOTATIONS }}
- name: Attest ${{ matrix.image-name }} image
uses: actions/attest-build-provenance@v1
with:
subject-name: ghcr.io/${{ github.repository }}/${{ matrix.image-name }}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true
cleanup_ghcr_containers:
name: cleanup untagged ${{ matrix.image-name }} containers
runs-on: ubuntu-24.04
needs: build_containers
permissions:
packages: write
strategy:
matrix:
image-name: ["kas", "kas-isar"]
steps:
- uses: dataaxiom/ghcr-cleanup-action@98b4022383d6ddb70ccbf6a378b4d8c67a60f066 #v1.0.13
with:
dry-run: false
validate: true
package: kas/${{ matrix.image-name }}
token: ${{ secrets.GITHUB_TOKEN }}