Merge pull request #174 from ral-facilities/dependabot/github_actions… #330
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| push: | |
| branches: | |
| - main | |
| - develop | |
| permissions: | |
| contents: read | |
| jobs: | |
| linting: | |
| name: Linting | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Install python-ldap system dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libsasl2-dev python3-dev libldap2-dev libssl-dev | |
| - name: Set up Python | |
| uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 | |
| with: | |
| python-version: "3.12" | |
| cache: "pip" | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| python -m pip install .[code-analysis] | |
| - name: Run black | |
| run: black --check --line-length 120 ldap_jwt_auth test | |
| - name: Run pylint | |
| run: pylint ldap_jwt_auth | |
| unit-tests: | |
| name: Unit Tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Install python-ldap system dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libsasl2-dev python3-dev libldap2-dev libssl-dev | |
| - name: Set up Python | |
| uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 | |
| with: | |
| python-version: "3.12" | |
| cache: "pip" | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| python -m pip install .[test] | |
| - name: Create logging configuration file | |
| run: cp ldap_jwt_auth/logging.example.ini ldap_jwt_auth/logging.ini | |
| - name: Run unit tests | |
| run: pytest -c test/pytest.ini test/unit/ --cov --cov-report=xml | |
| - name: Upload coverage reports to Codecov | |
| if: success() | |
| uses: codecov/codecov-action@1e68e06f1dbfde0e4cefc87efeba9e4643565303 # v5.1.2 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| docker: | |
| # This job triggers only if all the other jobs succeed. It builds the Docker image and if successful, | |
| # it pushes it to Harbor. | |
| needs: [linting, unit-tests] | |
| name: Docker | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Login to Harbor | |
| uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
| with: | |
| registry: ${{ secrets.HARBOR_URL }} | |
| username: ${{ secrets.HARBOR_USERNAME }} | |
| password: ${{ secrets.HARBOR_TOKEN }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1 | |
| with: | |
| images: ${{ secrets.HARBOR_URL }}/auth-api | |
| - name: Build and push Docker image to Harbor | |
| uses: docker/build-push-action@b32b51a8eda65d6793cd0494a773d4f6bcef32dc # v6.11.0 | |
| with: | |
| context: . | |
| file: ./Dockerfile.prod | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} |