Skip to content

Commit

Permalink
tweak workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
@jacobfilik
jacobfilik committed Mar 4, 2024
1 parent 2aab0eb commit d41fcf4
Showing 1 changed file with 1 addition and 172 deletions.
173 changes: 1 addition & 172 deletions .github/workflows/code.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ env:

defaults:
run:
working-directory: ./xas-standards-api
working-directory: xas-standards-api

jobs:
lint:
Expand Down Expand Up @@ -78,174 +78,3 @@ jobs:
name: ${{ matrix.python }}/${{ matrix.os }}
files: cov.xml

dist:
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.repository
runs-on: "ubuntu-latest"

steps:
- name: Checkout
uses: actions/checkout@v4
with:
# Need this to get version number from last tag
fetch-depth: 0

- name: Build sdist and wheel
run: |
export SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct) && \
pipx run build
- name: Upload sdist and wheel as artifacts
uses: actions/upload-artifact@v4.0.0
with:
name: ${{ env.DIST_WHEEL_PATH }}
path: dist

- name: Check for packaging errors
run: pipx run twine check --strict dist/*

- name: Install python packages
uses: ./.github/actions/install_requirements
with:
python_version: ${{env.CONTAINER_PYTHON}}
requirements_file: requirements.txt
install_options: dist/*.whl
artifact_name: dist

- name: Test module --version works using the installed wheel
# If more than one module in src/ replace with module name to test
run: python -m $(ls src | head -1) --version

container:
needs: [lint, dist, test]
runs-on: ubuntu-latest

permissions:
contents: read
packages: write

env:
TEST_TAG: "testing"

steps:
- name: Checkout
uses: actions/checkout@v4

# image names must be all lower case
- name: Generate image repo name
run: echo IMAGE_REPOSITORY=ghcr.io/$(tr '[:upper:]' '[:lower:]' <<< "${{ github.repository }}") >> $GITHUB_ENV

- name: Set lockfile location in environment
run: |
echo "DIST_LOCKFILE_PATH=lockfiles-${{ env.CONTAINER_PYTHON }}-dist-${{ github.sha }}" >> $GITHUB_ENV
- name: Download wheel and lockfiles
uses: actions/download-artifact@v4.1.0
with:
path: artifacts/
pattern: "*dist*"

- name: Log in to GitHub Docker Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3

- name: Build and export to Docker local cache
uses: docker/build-push-action@v5
with:
# Note build-args, context, file, and target must all match between this
# step and the later build-push-action, otherwise the second build-push-action
# will attempt to build the image again
build-args: |
PIP_OPTIONS=-r ${{ env.DIST_LOCKFILE_PATH }}/requirements.txt ${{ env.DIST_WHEEL_PATH }}/*.whl
context: artifacts/
file: ./Dockerfile
target: runtime
load: true
tags: ${{ env.TEST_TAG }}
# If you have a long docker build (2+ minutes), uncomment the
# following to turn on caching. For short build times this
# makes it a little slower
#cache-from: type=gha
#cache-to: type=gha,mode=max

- name: Test cli works in cached runtime image
run: docker run docker.io/library/${{ env.TEST_TAG }} --version

- name: Create tags for publishing image
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.IMAGE_REPOSITORY }}
tags: |
type=ref,event=tag
type=raw,value=latest, enable=${{ github.ref_type == 'tag' }}
# type=edge,branch=main
# Add line above to generate image for every commit to given branch,
# and uncomment the end of if clause in next step

- name: Push cached image to container registry
if: github.ref_type == 'tag' # || github.ref_name == 'main'
uses: docker/build-push-action@v5
# This does not build the image again, it will find the image in the
# Docker cache and publish it
with:
# Note build-args, context, file, and target must all match between this
# step and the previous build-push-action, otherwise this step will
# attempt to build the image again
build-args: |
PIP_OPTIONS=-r ${{ env.DIST_LOCKFILE_PATH }}/requirements.txt ${{ env.DIST_WHEEL_PATH }}/*.whl
context: artifacts/
file: ./Dockerfile
target: runtime
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

release:
# upload to PyPI and make a release on every tag
needs: [lint, dist, test]
if: ${{ github.event_name == 'push' && github.ref_type == 'tag' }}
runs-on: ubuntu-latest
env:
HAS_PYPI_TOKEN: ${{ secrets.PYPI_TOKEN != '' }}

steps:
- name: Download wheel and lockfiles
uses: actions/download-artifact@v4.1.0
with:
pattern: "*dist*"

- name: Rename lockfiles and dist
run: |
mv lockfiles-${{ env.CONTAINER_PYTHON }}-dist-${{ github.sha }} lockfiles
mv ${{ env.DIST_WHEEL_PATH }} dist
- name: Fixup blank lockfiles
# Github release artifacts can't be blank
run: for f in lockfiles/*; do [ -s $f ] || echo '# No requirements' >> $f; done

- name: Github Release
# We pin to the SHA, not the tag, for security reasons.
# https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15
with:
prerelease: ${{ contains(github.ref_name, 'a') || contains(github.ref_name, 'b') || contains(github.ref_name, 'rc') }}
files: |
dist/*
lockfiles/*
generate_release_notes: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Publish to PyPI
if: ${{ env.HAS_PYPI_TOKEN }}
uses: pypa/gh-action-pypi-publish@release/v1
with:
password: ${{ secrets.PYPI_TOKEN }}

0 comments on commit d41fcf4

Please sign in to comment.