Skip to content

Merge pull request #205 from wandb/task/upgrades-9-24 #54

Merge pull request #205 from wandb/task/upgrades-9-24

Merge pull request #205 from wandb/task/upgrades-9-24 #54

Workflow file for this run

name: Build, test and release OpenUI
on:
push:
branches:
- "**"
workflow_dispatch:
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build-frontend:
runs-on: ubuntu-latest
permissions:
contents: write
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
name: Install pnpm
with:
version: 9
run_install: false
- name: Install Node.js
uses: actions/setup-node@v4
with:
cache-dependency-path: frontend/pnpm-lock.yaml
node-version: 20
cache: "pnpm"
- name: Get pnpm store directory
shell: bash
working-directory: ./frontend
run: |
echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
- uses: actions/cache@v4
name: Setup pnpm cache
with:
path: ${{ env.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Install dependencies
working-directory: ./frontend
run: pnpm install
# We use npm here because pnpm wasn't executing post hooks
- name: Build frontend
working-directory: ./frontend
run: npm run build
- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: frontend-${{ github.sha }}
path: ./frontend/dist
- name: Checking in frontend assets
if: github.ref == 'refs/heads/main'
run: |
git config user.name github-actions
git config user.email [email protected]
git add backend/openui/dist
git commit -m "Updated frontend assets"
git push
build-and-push-image:
needs: build-frontend
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
attestations: write
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Download build artifacts
uses: actions/download-artifact@v4
with:
name: frontend-${{ github.sha }}
path: ./backend/openui/dist
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
flavor: |
latest=false
tags: |
type=ref,event=branch
type=ref,event=tag
type=ref,event=pr
type=sha
- name: Build and push Docker image
id: push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64
context: backend/.
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v1
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true
test:
permissions:
contents: read
packages: write
attestations: write
id-token: write
needs: build-and-push-image
timeout-minutes: 10
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
name: Install pnpm
with:
version: 9
run_install: false
- name: Install Node.js
uses: actions/setup-node@v4
with:
cache-dependency-path: frontend/pnpm-lock.yaml
node-version: 20
cache: "pnpm"
- name: Get pnpm store directory
shell: bash
working-directory: ./frontend
run: |
echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
- uses: actions/cache@v4
name: Setup pnpm cache
with:
path: ${{ env.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Install dependencies
working-directory: ./frontend
run: pnpm install
- name: Install Playwright Browsers
working-directory: ./frontend
run: pnpm exec playwright install --with-deps chromium webkit
- name: Get short SHA
id: get_short_sha
run: echo "short_sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
- name: Run Playwright tests
env:
DOCKER_TAG: sha-${{ steps.get_short_sha.outputs.short_sha }}
working-directory: ./frontend
run: pnpm exec playwright test
- uses: actions/upload-artifact@v4
if: always()
with:
name: playwright-report
path: |
./frontend/playwright-report/
./frontend/screenshots/
retention-days: 30
release:
needs: test
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
attestations: write
id-token: write
steps:
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Convert full SHA to short SHA
id: get_short_sha
run: echo "short_sha=$(echo ${{ github.sha }} | cut -c1-7)" >> $GITHUB_OUTPUT
- name: Tag latest image
if: github.ref == 'refs/heads/main'
env:
IMAGE: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
run: |
docker manifest inspect ${{ env.IMAGE }}:sha-${{ steps.get_short_sha.outputs.short_sha }}
docker buildx imagetools create --tag ${{ env.IMAGE }}:latest ${{ env.IMAGE }}:sha-${{ steps.get_short_sha.outputs.short_sha }}