Skip to content
release

#patch: bump actions/checkout from 4.2.1 to 4.2.2 (#117) #266

Sign in to view logs

#patch: bump actions/checkout from 4.2.1 to 4.2.2 (#117)

#patch: bump actions/checkout from 4.2.1 to 4.2.2 (#117) #266

Workflow file for this run

.github/workflows/release.yml at ffa20b9
---
name: release
on: # yamllint disable-line rule:truthy
workflow_dispatch:
pull_request:
push:
branches:
- main
env:
IMAGE_NAME: ${{ github.repository_owner }}/ldap_sync
DOCKERHUB_ACCOUNT_NAME: determinedai
EXCHANGE_PATH: /tmp
EXCHANGE_FILE: image.tar
jobs:
build:
runs-on: ubuntu-latest
env:
BUILD_TAG: ${{ github.job }}.${{ github.run_id }}
outputs:
tag: ${{ env.BUILD_TAG }}
permissions:
contents: read
steps:
- name: work around github's inability to add a lowercase() function
run: |
# FYI: the ${name,,} structure converts all of $name to lowercase
echo "LC_IMAGE_NAME=${IMAGE_NAME,,}" >> "$GITHUB_ENV"
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build Docker image
uses: docker/build-push-action@v6
with:
push: false
# note: as this image is exported, we can only build one platform here
platforms: linux/amd64
tags: ${{ env.LC_IMAGE_NAME }}:${{ env.BUILD_TAG }}
cache-from: type=gha
cache-to: type=gha,mode=max
outputs: type=docker,dest=${{ env.EXCHANGE_PATH }}/${{ env.EXCHANGE_FILE }}
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: ${{ env.EXCHANGE_FILE }}
path: ${{ env.EXCHANGE_PATH }}/${{ env.EXCHANGE_FILE }}
retention-days: 1
test_docker_run:
runs-on: ubuntu-latest
needs: build
permissions:
contents: read
steps:
- name: work around github's inability to add a lowercase() function
run: |
echo "LC_IMAGE_NAME=${IMAGE_NAME,,}" >> "$GITHUB_ENV"
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: ${{ env.EXCHANGE_FILE }}
path: ${{ env.EXCHANGE_PATH }}
- name: Load image
run: |
docker load --input ${{ env.EXCHANGE_PATH }}/${{ env.EXCHANGE_FILE }}
docker image ls -a
- name: run test
env:
SOMEVAR: someval
run: |
docker run --rm -i $LC_IMAGE_NAME:${{ needs.build.outputs.tag }} \
/bin/echo "yay"
# TODO: add an actual test of the script
test_python_compile:
runs-on: ubuntu-latest
needs: build
permissions:
contents: read
steps:
- name: work around github's inability to add a lowercase() function
run: |
echo "LC_IMAGE_NAME=${IMAGE_NAME,,}" >> "$GITHUB_ENV"
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: ${{ env.EXCHANGE_FILE }}
path: ${{ env.EXCHANGE_PATH }}
- name: Load image
run: |
docker load --input ${{ env.EXCHANGE_PATH }}/${{ env.EXCHANGE_FILE }}
docker image ls -a
- name: run test
run: |
docker run --rm $LC_IMAGE_NAME:${{ needs.build.outputs.tag }} \
python -m py_compile ldap_sync.py
release:
concurrency: # only release one build at a time
group: ldap_sync
runs-on: ubuntu-latest
needs:
- build
- test_docker_run
- test_python_compile
if: >-
github.ref == 'refs/heads/main'
&& ( github.event_name == 'push'
||
github.event_name == 'workflow_dispatch'
)
permissions:
contents: write
actions: read
checks: read
packages: write
steps:
- name: work around github's inability to add a lowercase() function
run: |
DOCKERHUB_IMAGE_NAME=${IMAGE_NAME/*\//${DOCKERHUB_ACCOUNT_NAME,,}/}
{
printf 'LC_IMAGE_NAME=%s\n' "${IMAGE_NAME,,}"
printf 'DOCKERHUB_LC_IMAGE_NAME=%s\n' "${DOCKERHUB_IMAGE_NAME,,}"
} >> "$GITHUB_ENV"
# create the release
- name: Checkout
uses: actions/[email protected]
with:
fetch-depth: 0 # need all refs for tag generation
- name: Auto-increment version tag
id: versionbump
uses: anothrNick/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
WITH_V: false
DEFAULT_BUMP: minor
RELEASE_BRANCHES: main
INITIAL_VERSION: 0.0.0
DEFAULT_BRANCH: main
- name: Create Github Release
uses: ncipollo/[email protected]
with:
tag: ${{ steps.versionbump.outputs.new_tag }}
name: ${{ steps.versionbump.outputs.new_tag }}
generateReleaseNotes: true
draft: false
prerelease: false
# release with PAT to trigger actions on release
token: ${{ secrets.DETERMINED_TOKEN }}
# rebuild the container after (we need to know the tag, but we know
# this will work because it worked in the job we depend upon)
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GitHub Container Registry
uses: docker/[email protected]
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to DockerHub
uses: docker/[email protected]
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PUBLISH_TOKEN }}
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: ${{ env.EXCHANGE_FILE }}
path: ${{ env.EXCHANGE_PATH }}
- name: Load image
run: |
docker load --input ${{ env.EXCHANGE_PATH }}/${{ env.EXCHANGE_FILE }}
docker image ls -a
- name: Build Docker image
uses: docker/build-push-action@v6
with:
push: true
# platforms: linux/amd64,linux/arm64,linux/arm/v6,linux/arm/v7
platforms: linux/amd64,linux/arm64
tags: |
ghcr.io/${{ env.LC_IMAGE_NAME }}:${{ needs.build.outputs.tag }}
ghcr.io/${{ env.LC_IMAGE_NAME }}:${{ steps.versionbump.outputs.new_tag }}
ghcr.io/${{ env.LC_IMAGE_NAME }}:latest
${{ env.DOCKERHUB_LC_IMAGE_NAME }}:${{ needs.build.outputs.tag }}
${{ env.DOCKERHUB_LC_IMAGE_NAME }}:${{ steps.versionbump.outputs.new_tag }}
${{ env.DOCKERHUB_LC_IMAGE_NAME }}:latest
cache-from: type=registry,ref=ghcr.io/${{ env.LC_IMAGE_NAME }}:latest
# cache-to: type=inline
cleanup:
runs-on: ubuntu-latest
needs:
- build
- release
if: always()
permissions:
actions: write
steps:
- name: clean up ${{ env.EXCHANGE_FILE }} artifact
uses: joutvhu/[email protected]
with:
name: ${{ env.EXCHANGE_FILE }}