Skip to content

CI

CI #370

Workflow file for this run

name: CI
on:
schedule:
- cron: "0 3 * * *"
push:
branches:
- "*"
tags:
- "v*.*.*"
pull_request:
branches:
- "main"
permissions:
packages: write
contents: write
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: psf/black@stable
with:
options: "--check -l 119"
src: "."
audit:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup python
uses: actions/setup-python@v4
with:
python-version: 3.9
- name: Install pip-audit
run: pip install --upgrade pip pip-audit
- name: Setup poetry
uses: Gr1N/setup-poetry@v8
- name: Install dependencies
run: poetry install
- name: Create requirements.txt
run: poetry run pip freeze > requirements.txt
- name: Audit dependencies
run: poetry run pip-audit --ignore-vuln GHSA-6w4m-2xhg-2658 --ignore-vuln PYSEC-2022-43012 --ignore-vuln GHSA-v5gw-mw7f-84px --ignore-vuln PYSEC-2023-48
publish-docker:
needs: lint
if: startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
steps:
# Get the repository's code
- name: Checkout
uses: actions/checkout@v2
# https://github.com/docker/setup-qemu-action
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
# https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
- name: Login to GHCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GH_PACKAGE_DEPLOYMENT }}
- name: Docker meta
id: semver # you'll use this in the next step
uses: docker/metadata-action@v3
with:
# list of Docker images to use as base name for tags
images: |
ghcr.io/rddl-network/rddl-info
# Docker tags based on the following events/attributes
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
- name: Build and push
uses: docker/build-push-action@v2
with:
context: .
platforms: linux/amd64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.semver.outputs.tags }}
labels: ${{ steps.semver.outputs.labels }}