Skip to content

build: Debug Docker #825

build: Debug Docker

build: Debug Docker #825

Workflow file for this run

# From https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python#publishing-to-package-registries
name: "Publish"
on:
push:
pull_request:
branches:
- main
jobs:
tests:
name: Run tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install devbox
uses: jetpack-io/[email protected]
- name: Run linting
run: devbox run lint
- name: Check code formatting
run: devbox run format-check
- name: Run type checks
run: devbox run typecheck
- name: Run tests
run: devbox run test
env:
# Unit tests actually run against the GH API for 'real integration testing',
# and providing a token will increase the otherwise too-low rate limit.
# The `GITHUB_TOKEN` failed (https://github.com/alexpovel/ancv/actions/runs/4093416643/jobs/7063406195):
#
# body = b'{"message":"Resource not accessible by integration","documentation_url":"https://docs.github.com/rest/reference/gists#list-gists-for-a-user"}'
#
# So use a personal token.
GH_TOKEN: ${{ secrets.GH_PERMISSIONLESS_FGAT }}
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
with:
# Docs say a token isn't required for public GitHub repositories using GH
# Actions, but it didn't work and failed with:
#
# [2022-08-08T19:50:41.725Z] ['error'] There was an error running the
# uploader: Error uploading to https://codecov.io: Error: There was an error
# fetching the storage URL during POST: 404 - {'detail':
# ErrorDetail(string='Unable to locate build via Github Actions API. Please
# upload with the Codecov repository upload token to resolve issue.',
# code='not_found')}
#
# See also: https://github.com/alexpovel/ancv/runs/7733256776?check_suite_focus=true#step:7:37
token: ${{ secrets.CODECOV_TOKEN }}
files: coverage.xml
release-please:
name: Execute release chores
runs-on: ubuntu-latest
needs: tests
outputs:
created: ${{ steps.release.outputs.release_created }}
tag_name: ${{ steps.release.outputs.tag_name }}
steps:
# https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow
- uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
- uses: googleapis/release-please-action@v4
id: release
with:
# Token needs: `contents: write`, `pull-requests: write`
token: ${{ steps.app-token.outputs.token }}
publish:
name: Publish to PyPI
runs-on: ubuntu-latest
needs: release-please
if: ${{ needs.release-please.outputs.created }}
# https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/
environment: pypi
permissions:
id-token: write
steps:
- uses: actions/checkout@v4
- name: Install devbox
uses: jetpack-io/[email protected]
with:
enable-cache: true
- name: Build package
run: devbox run uv build
- name: Publish package
uses: pypa/[email protected]
build-and-push-image:
name: Build Docker image and push to GitHub Container Registry
runs-on: ubuntu-latest
# needs: release-please
# if: ${{ needs.release-please.outputs.created }}
# environment: container-registry
permissions:
contents: read
packages: write
# env:
# REGISTRY: ghcr.io
# IMAGE_NAME: ${{ github.repository }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
# - name: Log in to the container registry
# uses: docker/login-action@v3
# with:
# registry: ${{ env.REGISTRY }}
# username: ${{ github.actor }}
# password: ${{ secrets.GITHUB_TOKEN }}
# - name: Extract metadata (tags, labels) for Docker
# id: meta
# uses: docker/metadata-action@v5
# with:
# images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
# tags: |
# type=semver,value=${{ needs.release-please.outputs.tag_name }},pattern={{version}}
# type=semver,value=${{ needs.release-please.outputs.tag_name }},pattern={{major}}.{{minor}}
# type=semver,value=${{ needs.release-please.outputs.tag_name }},pattern={{major}},enable=${{ !startsWith(needs.release-please.outputs.tag_name, 'v0.') }}
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: .
push: false
# tags: ${{ steps.meta.outputs.tags }}
# labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64