Use c2cciutils - Publish to GitHub Container Registry

mapfish · Dec 16, 2020 · b261051 · b261051
1 parent 96a5a88
commit b261051
Show file tree

Hide file tree

Showing 48 changed files with 183 additions and 660 deletions.
diff --git a/.dependabot/config.yml b/.dependabot/config.yml
@@ -70,3 +70,9 @@ update_configs:
     allowed_updates:
       - match:
           update_type: security
+  - package_manager: python
+    directory: /ci
+    update_schedule: live
+    automerged_updates:
+      - match:
+          update_type: all
diff --git a/examples/.editorconfig → .editorconfig b/examples/.editorconfig → .editorconfig
@@ -1,9 +1,20 @@
 root = true
 
 [*]
-indent_style = space
-indent_size = 2
 end_of_line = lf
+insert_final_newline = true
 charset = utf-8
+indent_style = space
+indent_size = 4
 trim_trailing_whitespace = true
-insert_final_newline = true
+max_line_length = 110
+quote_type = single
+
+[*.js]
+indent_size = 2
+
+[*.yaml]
+indent_size = 2
+
+[Makefile]
+indent_style = tab
diff --git a/.github/workflows/audit.yaml b/.github/workflows/audit.yaml
diff --git a/.github/workflows/backport.yaml b/.github/workflows/backport.yaml
@@ -10,6 +10,8 @@ jobs:
   backport:
     runs-on: ubuntu-18.04
     name: Backport
+    timeout-minutes: 5
+
     steps:
       - uses: camptocamp/backport-action@master
         with:

diff --git a/.github/workflows/clean-dockerhub-tag.yaml b/.github/workflows/clean-dockerhub-tag.yaml
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
@@ -0,0 +1,29 @@
+name: 'Code scanning'
+
+on:
+    push:
+    pull_request:
+    schedule:
+        - cron: '0 19 * * 0'
+
+jobs:
+    CodeQL-Build:
+        runs-on: ubuntu-18.04
+        name: Code scanning
+        timeout-minutes: 15
+        if: "!startsWith(github.event.head_commit.message, '[skip ci] ')"
+
+        steps:
+            - name: Checkout repository
+              uses: actions/checkout@v2
+              with:
+                  fetch-depth: 1
+
+            - name: Initialize CodeQL
+              uses: github/codeql-action/init@v1
+
+            - name: Autobuild
+              uses: github/codeql-action/autobuild@v1
+
+            - name: Perform CodeQL Analysis
+              uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/dependabot-auto-merge.yaml b/.github/workflows/dependabot-auto-merge.yaml
diff --git a/.github/workflows/ci.yaml → .github/workflows/main.yaml b/.github/workflows/ci.yaml → .github/workflows/main.yaml
@@ -2,20 +2,19 @@ name: Continuous integration
 
 on:
   push:
-  pull_request:
 
 jobs:
   build:
     runs-on: ubuntu-18.04
     timeout-minutes: 40
     name: Continuous integration
+    if: "!startsWith(github.event.head_commit.message, '[skip ci] ')"
 
     env:
-      SUMMON_PROVIDER: /usr/local/bin/gopass
       SECRETS: ${{ secrets.SECRETS }}
 
     steps:
-      - uses: actions/checkout@v1
+      - uses: actions/checkout@v2
 
       - name: Get tag
         id: tag2
@@ -27,20 +26,29 @@ jobs:
         if: "startsWith(github.ref, 'refs/tags/')"
       - run: echo --${{ steps.tag2.outputs.replaced }}--
 
-      - run: git --no-pager diff --check `git log --oneline | tail -1 | cut --fields=1 --delimiter=' '`
-      - run: ci/test-eof-newline
-
-      - uses: camptocamp/initialise-gopass-summon-action@v1
+      - uses: camptocamp/initialise-gopass-summon-action@v2
         with:
           ci-gpg-private-key: ${{secrets.CI_GPG_PRIVATE_KEY}}
           github-gopass-ci-token: ${{secrets.GOPASS_CI_GITHUB_TOKEN}}
+          patterns: pypi docker
         if: env.SECRETS == 'TRUE'
       - run: gpg --export-secret-keys --armor D121AF2DFA8E140688BD968930C9B913FD42EF13 > CI.asc
         if: env.SECRETS == 'TRUE'
 
       - run: echo "enablePublishing=true" > gradle.properties
         if: env.SECRETS == 'TRUE'
 
+      - run: |
+          sudo rm /etc/apt/sources.list.d/*.list
+          sudo apt-get update
+          sudo apt-get install python3-wheel python3-setuptools
+
+      - run: echo "${HOME}/.local/bin" >> ${GITHUB_PATH}
+      - run: python3 -m pip install --user --requirement=ci/requirements.txt
+
+      - name: Checks
+        run: c2cciutils-checks
+
       - run: make build
       - run: make acceptance-tests-up
       - run: make acceptance-tests-run
@@ -91,15 +99,8 @@ jobs:
           path: /tmp/test_results
         if: failure()
 
-      - run: mkdir -p ~/.docker
-      - name: Decrypt secrets
-        run: summon --environment dockerhub bash -c 'envsubst < ci/docker-config.json.tmpl > ~/.docker/config.json'
-        if: env.SECRETS == 'TRUE'
-
-      - name: publish
-        run: ci/publish
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Publish
+        run: c2cciutils-publish
         if: env.SECRETS == 'TRUE'
 
       - id: version