-
Notifications
You must be signed in to change notification settings - Fork 0
125 lines (103 loc) · 3.92 KB
/
ci.yml
File metadata and controls
125 lines (103 loc) · 3.92 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
name: ci
on:
push:
branches: [main]
tags: ["**"]
pull_request:
branches: [main]
merge_group:
branches: [main]
workflow_call:
workflow_dispatch:
permissions: {}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.ref_name != github.event.repository.default_branch }}
jobs:
python:
permissions:
contents: read
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
python: [3.12]
fail-fast: false
runs-on: ${{ matrix.os }}
env:
ENVIRONMENT: ci
UV_LOCKED: 1
UV_NO_SYNC: 1
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: astral-sh/setup-uv@e06108dd0aef18192324c70427afc47652e63a82 # v7
- id: setup-python
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
with:
python-version: ${{ matrix.python }}
- name: Set up environment
if: ${{ runner.os != 'Windows' }}
run: |
mkdir -p .venv
echo "$(realpath .venv)/bin" >> "${GITHUB_PATH}"
- name: Set up environment (Windows)
if: ${{ runner.os == 'Windows' }}
run: |
New-Item -Type Directory -Force .venv
"$(Resolve-Path .venv)/Scripts" | Out-File -FilePath "${env:GITHUB_PATH}" -Append
- run: uv sync && uv pip list
- run: make lint test
docker:
permissions:
contents: read
packages: write
runs-on: ubuntu-latest
env:
GHCR_IMAGE_NAME: ghcr.io/${{ github.repository }}
steps:
- uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4
- uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4
- id: build-ci
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7
with:
target: ${{ env.ENVIRONMENT }}
cache-from: ${{ env.GHCR_IMAGE_NAME }}:cache
load: true
env:
ENVIRONMENT: ci
- run: docker run "${IMAGE_ID}" uv pip list
env:
IMAGE_ID: ${{ steps.build-ci.outputs.imageid }}
- run: docker run "${IMAGE_ID}"
env:
IMAGE_ID: ${{ steps.build-ci.outputs.imageid }}
- id: docker_metadata
uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6
with:
images: ${{ env.GHCR_IMAGE_NAME }}
- if: ${{ github.event_name == 'push' || github.ref_name == github.event.repository.default_branch }}
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ github.token }}
- if: ${{ github.event_name == 'push' || github.ref_name == github.event.repository.default_branch }}
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7
with:
target: ${{ env.ENVIRONMENT }}
cache-from: ${{ env.GHCR_IMAGE_NAME }}:cache
cache-to: type=inline
tags: ${{ env.GHCR_IMAGE_NAME }}:dev
push: ${{ github.event_name == 'push' || github.ref_name == github.event.repository.default_branch }}
env:
ENVIRONMENT: dev
- if: ${{ github.event_name == 'push' || github.ref_name == github.event.repository.default_branch }}
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7
with:
cache-from: ${{ env.GHCR_IMAGE_NAME }}:cache
cache-to: type=registry,ref=${{ env.GHCR_IMAGE_NAME }}:cache,mode=max
tags: ${{ steps.docker_metadata.outputs.tags }}
labels: ${{ steps.docker_metadata.outputs.labels }}
annotations: ${{ steps.docker_metadata.outputs.annotations }}
push: ${{ github.event_name == 'push' || github.ref_name == github.event.repository.default_branch }}
env:
ENVIRONMENT: prod