-
-
Notifications
You must be signed in to change notification settings - Fork 47
149 lines (139 loc) · 4.55 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
name: ci
on:
push:
branches:
- 'main'
- 'dev'
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
env:
SLEEP: 60
DOCKER_BUILDKIT: '1'
TARGET_PLATFORMS: "linux/amd64,linux/arm64,linux/arm/v6"
defaults:
run:
shell: bash
jobs:
lint:
name: Lint files
runs-on: ubuntu-latest
steps:
-
uses: actions/checkout@v4
with:
fetch-depth: 1
persist-credentials: false
-
name: Check shell scripts
uses: ludeeus/action-shellcheck@master
environment:
name: Set up environment for docker and poetry
needs: [lint]
runs-on: ubuntu-latest
outputs:
docker_tags: ${{ steps.docker.outputs.tags }}
docker_labels: ${{ steps.docker.outputs.labels }}
steps:
-
name: Cache environment files
uses: actions/cache@v3
with:
path: /tmp/buildkitd.toml
key: ${{ github.workflow }}-environment
-
name: Create buildkitd config
run: |
echo 'experimantal = true' > /tmp/buildkitd.toml
echo 'debug = true' >> /tmp/buildkitd.toml
echo 'insecure-entitlements = [ "security.insecure" ]' >> /tmp/buildkitd.toml
# echo '[worker.oci]' >> /tmp/buildkitd.toml
# echo 'max-parallelism = 1' >> /tmp/buildkitd.toml
cat /tmp/buildkitd.toml
-
name: Set up Docker metadata
id: docker
uses: docker/metadata-action@v5
with:
images: |
${{ github.repository }}
ghcr.io/${{ github.repository }}
labels: |
org.opencontainers.image.source=https://github.com/miigotu/certbot-dns-godaddy
org.opencontainers.image.url=https://github.com/miigotu/certbot-dns-godaddy
org.opencontainers.image.licenses=Apache-2.0
tags: |
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
type=schedule
type=ref,event=branch
type=ref,event=tag
type=ref,event=pr
type=raw,prefix=${{ github.ref_name }},suffix=,value=${{ github.run_id }},event=push
type=raw,prefix=${{ github.ref_name }},suffix=,value=${{ github.sha }},event=push
type=raw,prefix=,suffix=,value=${{ github.head_ref }},event=pr
type=raw,prefix=,suffix=,value=${{ github.ref_name }},event=push,enable=${{ github.event_name != 'pull_request' }}
type=edge,branch=dev
type=semver,pattern={{version}},enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
type=semver,pattern={{major}}.{{minor}},enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
docker:
name: Build and push docker images
needs: [environment, lint]
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Restore environment files
uses: actions/cache@v3
with:
path: /tmp/buildkitd.toml
key: ${{ github.workflow }}-environment
restore-keys: ${{ github.workflow }}-environment
-
name: Set up QEMU
if: success()
id: qemu
uses: docker/setup-qemu-action@v3
-
name: Set up Docker Buildx
if: success()
uses: docker/setup-buildx-action@v3
-
name: Login to GitHub Container Registry
if: success()
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Login to DockerHub
if: success()
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and push docker image
if: success()
uses: docker/build-push-action@v5
with:
context: .
platforms: ${{ env.TARGET_PLATFORMS }}
push: ${{ github.event_name != 'pull_request' }}
labels: ${{ needs.environment.outputs.docker_labels }}
tags: ${{ needs.environment.outputs.docker_tags }}
poetry:
name: Build and publish wheels
needs: [environment, lint, docker]
runs-on: ubuntu-latest
steps:
-
uses: actions/checkout@v4
-
name: Build and publish to pypi
uses: JRubics/[email protected]
with:
pypi_token: ${{ secrets.PYPI_TOKEN }}