Skip to content
Docker Image CI for GHRC

feat: update login process #241

Sign in to view logs

feat: update login process

feat: update login process #241

Workflow file for this run

.github/workflows/publish-ghrch.yaml at 17da1f8
name: Docker Image CI for GHRC
on:
push:
branches:
- "main"
- "preprod"
- "develop"
pull_request:
branches:
- "main"
- "develop"
- "preprod"
jobs:
code-quality:
strategy:
fail-fast: false
matrix:
python-version:
- "3.12.3"
os: [ ubuntu-latest ]
runs-on: ${{ matrix.os }}
environment:
name: code-quality
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v3
with:
python-version: ${{ matrix.python-version }}
architecture: 'x64'
- name: Install pipx, Poetry and Upgrade pip/setuptools
run: |
python --version
python -m pip install pipx
python -m pipx ensurepath
python -m pipx install poetry
export PATH=$PATH:/root/.local/bin
poetry env use python
poetry run pip install --upgrade pip setuptools
poetry add black flake8 bandit
- name: Run black
run: poetry run black . --check
- name: Run flake8
run: poetry run flake8 .
- name: Run bandit
run: poetry run bandit .
tests:
needs: [code-quality]
strategy:
fail-fast: false
max-parallel: 4
matrix:
python-version:
- "3.12.3"
os: [ubuntu-latest]
runs-on: ${{ matrix.os }}
environment:
name: tests
steps:
- name: Checkout code
uses: actions/checkout@v3
with:
submodules: recursive
token: ${{ secrets.GH_SUBMODULE_TOKEN }}
fetch-depth: 0
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v3
with:
python-version: ${{ matrix.python-version }}
architecture: 'x64'
- name: Install pipx, Poetry and Upgrade pip/setuptools
run: |
python --version
python -m pip install pipx
python -m pipx ensurepath
python -m pipx install poetry
export PATH=$PATH:/root/.local/bin
poetry env use python
poetry run pip install --upgrade pip setuptools
poetry install --no-root
- name: Run Tests
run: |
echo "Starting tests ..."
poetry run pytest --cov --cov-report term --cov-report xml:coverage.xml tests
- name: Upload coverage report
uses: actions/upload-artifact@v3
with:
name: coverage
path: coverage.xml
staging:
needs: [tests]
runs-on: ubuntu-latest
environment:
name: ${{ (github.ref == 'refs/heads/main' && 'latest') || (github.ref == 'refs/heads/preprod' && 'preprod') || 'dev' }}
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
submodules: true
token: ${{ secrets.GH_SUBMODULE_TOKEN }}
- name: Login to Docker registry
run: |
echo "Logging into Docker registry..."
echo "${{ secrets.GHRC_PASSWORD }}" | \
docker login ghcr.io -u ${{ secrets.GHRC_USERNAME }} --password-stdin
echo "Logging into Docker registry success"
- name: Determine image tag and build (improved logic)
id: build
run: |
if [[ "${{ github.event_name }}" == "push" ]]; then
BRANCH_NAME="${{ github.ref_name }}"
elif [[ "${{ github.event_name }}" == "pull_request" ]]; then
BRANCH_NAME="${{ github.base_ref }}"
else
echo "Unsupported event: ${{ github.event_name }}"
exit 1
fi
echo "Branch name: $BRANCH_NAME"
if [[ "$BRANCH_NAME" == "main" || "$BRANCH_NAME" == "master" ]]; then
DOCKER_TAG_NAME="latest"
elif [[ "$BRANCH_NAME" == "preprod" ]]; then
DOCKER_TAG_NAME="preprod"
elif [[ "$BRANCH_NAME" == "develop" ]]; then
DOCKER_TAG_NAME="dev"
else
echo "No valid tag found for branch $BRANCH_NAME, exiting..."
exit 1
fi
echo "Building Docker image with tag $DOCKER_TAG_NAME ..."
docker build --no-cache -t ${{ secrets.GHRC_REGISTRY_ADDR }}:$DOCKER_TAG_NAME .
docker push ${{ secrets.GHRC_REGISTRY_ADDR }}:$DOCKER_TAG_NAME
echo "Build and push Docker image ok ..."