Skip to content

Commit

Permalink
test
Browse files Browse the repository at this point in the history
  • Loading branch information
@llaumgui
llaumgui committed May 4, 2024
1 parent 222e186 commit 3e46d4e
Showing 1 changed file with 1 addition and 167 deletions.
168 changes: 1 addition & 167 deletions .github/workflows/devops.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ jobs:
ls -R
cat coverage.xml
- name: SonarCloud Scan
uses: sonarsource/sonarcloud-github-action@master
uses: sonarsource/sonarcloud-github-action@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
Expand Down Expand Up @@ -127,169 +127,3 @@ jobs:
with:
name: seedboxsync-${{ github.sha }}.tar.gz
path: dist/*.tar.gz


##############################################################################
# Build and tests Docker image
#
test_docker:
needs: [
test_sonar
]
runs-on: ubuntu-latest
name: Build and test docker images
steps:
- name: Git checkout
uses: actions/checkout@v4
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images:
${{ env.IMAGE_NAME }}
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build Docker image
uses: docker/build-push-action@v5
with:
tags: |
${{ env.IMAGE_NAME }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=registry,ref=${{ env.IMAGE_NAME }}
cache-to: type=inline
# Test with Trivy
# https://github.com/aquasecurity/trivy-action
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: ${{ env.IMAGE_NAME }}
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results.sarif'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'


##############################################################################
# Build and deploy job (only on main)
#
docker_build_deploy:
if: ${{ github.event_name != 'pull_request' && ( github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') ) }}
needs: [
test_docker
]
runs-on: ubuntu-latest
name: Build and deploy docker images
steps:
- name: Git checkout
uses: actions/checkout@v4
# Login against 2 Docker registries except on PR
# https://github.com/docker/login-action
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Log into registry ${{ env.GHCR_REGISTRY }}
uses: docker/login-action@v3
with:
registry: ${{ env.GHCR_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ env.IMAGE_NAME }}
${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image
if: ${{ github.ref == 'refs/heads/main' }}
uses: docker/build-push-action@v5
with:
push: ${{ github.event_name != 'pull_request' }}
tags: |
${{ env.IMAGE_NAME }}:main
${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:main
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=registry,ref=${{ env.IMAGE_NAME }}:main
cache-to: type=inline
- name: Set env
if: ${{ startsWith(github.ref, 'refs/tags/v') }}
run: echo "RELEASE_VERSION=${GITHUB_REF:11}" >> $GITHUB_ENV
- name: Build and push Docker image
if: ${{ startsWith(github.ref, 'refs/tags/v') }}
uses: docker/build-push-action@v5
with:
push: ${{ github.event_name != 'pull_request' }}
tags: |
${{ env.IMAGE_NAME }}:${{ env.RELEASE_VERSION }}
${{ env.IMAGE_NAME }}:latest
${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.RELEASE_VERSION }}
${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:latest
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=registry,ref=${{ env.IMAGE_NAME }}:latest
cache-to: type=inline


##############################################################################
# Release job
#
release:
if: ${{ startsWith(github.ref, 'refs/tags/v') }}
needs: [
package,
]
runs-on: ubuntu-latest
name: Release on GitHub and PyPi
steps:
- name: Git checkout
uses: actions/checkout@v4
- name: Set env
run: echo "RELEASE_VERSION=${GITHUB_REF:11}" >> $GITHUB_ENV
- name: Set up Python ${{ env.pythonLastVersion }}
uses: actions/setup-python@v5
with:
python-version: ${{ env.pythonLastVersion }}
cache: 'pip'
- name: Install Dependencies
run: pip install -r requirements-dev.txt
- name: Package
run: make dist
- name: Create GitHub release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: Release ${{ github.ref }}
body: |
Changes in this Release
- First Change
- Second Change
draft: true
prerelease: false
- name: Upload asset in GitHub release
id: upload-release-asset
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
asset_path: dist/seedboxsync-${{ env.RELEASE_VERSION }}.tar.gz
asset_name: seedboxsync-${{ env.RELEASE_VERSION }}.tar.gz
asset_content_type: application/tar+gzip
- name: Publish package
uses: pypa/gh-action-pypi-publish@master
with:
user: __token__
password: ${{ secrets.PYPI_PASSWORD }}

0 comments on commit 3e46d4e

Please sign in to comment.