Merge pull request #5 from cdzombak/dependabot/pip/certifi-2024.7.4 #47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: CI | |
| "on": | |
| push: | |
| branches: | |
| - "main" | |
| tags: | |
| - "v*.*.*" | |
| pull_request: | |
| branches: | |
| - "main" | |
| permissions: | |
| contents: read | |
| jobs: | |
| meta: | |
| name: Derive Build Metadata | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Derive version string | |
| id: bin_version | |
| run: echo "bin_version=$(./.version.sh)" >> "$GITHUB_OUTPUT" | |
| - name: bin_version | |
| run: "echo bin_version: ${{ steps.bin_version.outputs.bin_version }}" | |
| - name: Check if this is a running version tag update | |
| id: running_version_tag | |
| run: | | |
| if [ -z "${{ github.event.ref }}" ]; then | |
| echo "is_running_version_tag_update=false" >> "$GITHUB_OUTPUT" | |
| elif [[ "${{ github.event.ref }}" =~ ^refs/tags/v[0-9]+\.[0-9]+$ ]]; then | |
| echo "is_running_version_tag_update=true" >> "$GITHUB_OUTPUT" | |
| elif [[ "${{ github.event.ref }}" =~ ^refs/tags/v[0-9]+$ ]]; then | |
| echo "is_running_version_tag_update=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "is_running_version_tag_update=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: is_running_version_tag | |
| run: "echo is_running_version_tag_update: ${{ steps.running_version_tag.outputs.is_running_version_tag_update }}" | |
| outputs: | |
| project_name: ${{ github.event.repository.name }} | |
| bin_version: ${{ steps.bin_version.outputs.bin_version }} | |
| dockerhub_owner: ${{ github.repository_owner }} | |
| is_prerelease: >- | |
| ${{ | |
| steps.running_version_tag.outputs.is_running_version_tag_update != 'true' && | |
| startsWith(github.ref, 'refs/tags/v') && | |
| (contains(github.ref, '-alpha.') | |
| || contains(github.ref, '-beta.') | |
| || contains(github.ref, '-rc.')) | |
| }} | |
| is_release: >- | |
| ${{ | |
| steps.running_version_tag.outputs.is_running_version_tag_update != 'true' && | |
| startsWith(github.ref, 'refs/tags/v') && | |
| !(contains(github.ref, '-alpha.') | |
| || contains(github.ref, '-beta.') | |
| || contains(github.ref, '-rc.')) | |
| }} | |
| is_pull_request: ${{ github.event_name == 'pull_request' }} | |
| is_running_version_tag_update: ${{ steps.running_version_tag.outputs.is_running_version_tag_update }} | |
| lint: | |
| name: Lint & Format | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| cache: "pip" | |
| - name: Install Ruff | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install ruff | |
| - name: Ruff | |
| run: | | |
| ruff format --check . | |
| ruff check --output-format=github . | |
| - name: Install Prettier | |
| run: npm install -g prettier | |
| - name: Prettier | |
| run: prettier --check . | |
| - name: Actionlint | |
| uses: raven-actions/[email protected] | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| cache: "pip" | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r tests/requirements.txt | |
| - name: Python tests | |
| run: | | |
| python -m unittest tests/*.py | |
| docker-amd64-cuda: | |
| name: Docker Image (amd64-cuda) | |
| needs: [meta, lint, test] | |
| if: needs.meta.outputs.is_running_version_tag_update != 'true' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Login to Docker Hub | |
| if: needs.meta.outputs.is_pull_request != 'true' | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Available platforms | |
| run: echo ${{ steps.buildx.outputs.platforms }} | |
| - name: "Meta" | |
| id: docker_meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ needs.meta.outputs.dockerhub_owner }}/${{ needs.meta.outputs.project_name }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| flavor: | | |
| latest=false | |
| suffix=-amd64-cuda | |
| - name: "Build & Push" | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./Dockerfile-amd64-cuda | |
| platforms: amd64 | |
| builder: ${{ steps.buildx.outputs.name }} | |
| push: ${{ needs.meta.outputs.is_pull_request != 'true' }} | |
| tags: ${{ steps.docker_meta.outputs.tags }} | |
| labels: ${{ steps.docker_meta.outputs.labels }} | |
| build-args: | | |
| BIN_VERSION=${{ needs.meta.outputs.bin_version }} | |
| docker-amd64-cpu: | |
| name: Docker Image (amd64-cpu) | |
| needs: [meta, lint, test] | |
| if: needs.meta.outputs.is_running_version_tag_update != 'true' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Login to Docker Hub | |
| if: needs.meta.outputs.is_pull_request != 'true' | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Available platforms | |
| run: echo ${{ steps.buildx.outputs.platforms }} | |
| - name: "Meta" | |
| id: docker_meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ needs.meta.outputs.dockerhub_owner }}/${{ needs.meta.outputs.project_name }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| flavor: | | |
| latest=false | |
| suffix=-amd64-cpu | |
| - name: "Build & Push" | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./Dockerfile-amd64-cpu | |
| platforms: amd64 | |
| builder: ${{ steps.buildx.outputs.name }} | |
| push: ${{ needs.meta.outputs.is_pull_request != 'true' }} | |
| tags: ${{ steps.docker_meta.outputs.tags }} | |
| labels: ${{ steps.docker_meta.outputs.labels }} | |
| build-args: | | |
| BIN_VERSION=${{ needs.meta.outputs.bin_version }} | |
| docker-arm64: | |
| name: Docker Image (arm64) | |
| needs: [meta, lint, test] | |
| if: needs.meta.outputs.is_running_version_tag_update != 'true' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Login to Docker Hub | |
| if: needs.meta.outputs.is_pull_request != 'true' | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Available platforms | |
| run: echo ${{ steps.buildx.outputs.platforms }} | |
| - name: "Meta" | |
| id: docker_meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ needs.meta.outputs.dockerhub_owner }}/${{ needs.meta.outputs.project_name }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| flavor: | | |
| latest=false | |
| suffix=-arm64 | |
| - name: "Build & Push" | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./Dockerfile-arm64 | |
| platforms: arm64 | |
| builder: ${{ steps.buildx.outputs.name }} | |
| push: ${{ needs.meta.outputs.is_pull_request != 'true' }} | |
| tags: ${{ steps.docker_meta.outputs.tags }} | |
| labels: ${{ steps.docker_meta.outputs.labels }} | |
| build-args: | | |
| BIN_VERSION=${{ needs.meta.outputs.bin_version }} | |
| release: | |
| name: (Pre)Release | |
| needs: [meta, lint, test, docker-amd64-cuda, docker-amd64-cpu, docker-arm64] | |
| if: >- | |
| needs.meta.outputs.is_release == 'true' || | |
| needs.meta.outputs.is_prerelease == 'true' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Create GitHub release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| prerelease: ${{ needs.meta.outputs.is_prerelease == 'true' }} | |
| generate_release_notes: true | |
| - name: Update Docker Hub description | |
| if: needs.meta.outputs.is_release == 'true' | |
| uses: peter-evans/dockerhub-description@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| repository: ${{ needs.meta.outputs.dockerhub_owner }}/${{ needs.meta.outputs.project_name }} | |
| readme-filepath: ./README.md | |
| short-description: ${{ github.event.repository.description }} | |
| tags: | |
| name: Update Release Tags | |
| needs: [meta, release] | |
| if: needs.meta.outputs.is_release == 'true' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Update running major/minor version tags | |
| uses: sersoft-gmbh/running-release-tags-action@v3 | |
| with: | |
| fail-on-non-semver-tag: true | |
| create-release: false | |
| update-full-release: false | |
| ntfy: | |
| name: Ntfy | |
| if: ${{ !cancelled() }} | |
| runs-on: ubuntu-latest | |
| needs: | |
| [ | |
| meta, | |
| lint, | |
| test, | |
| docker-amd64-cuda, | |
| docker-amd64-cpu, | |
| docker-arm64, | |
| release, | |
| tags, | |
| ] | |
| steps: | |
| - name: Send success notification | |
| uses: niniyas/ntfy-action@master | |
| if: ${{ !contains(needs.*.result, 'failure') && (needs.meta.outputs.is_release == 'true' || needs.meta.outputs.is_prerelease == 'true') }} | |
| with: | |
| url: "https://ntfy.cdzombak.net" | |
| topic: "gha-builds" | |
| priority: 3 | |
| headers: '{"authorization": "Bearer ${{ secrets.NTFY_TOKEN }}"}' | |
| tags: white_check_mark | |
| title: ${{ github.event.repository.name }} ${{ needs.meta.outputs.bin_version }} available | |
| details: ${{ github.event.repository.name }} version ${{ needs.meta.outputs.bin_version }} is now available. | |
| - name: Send failure notification | |
| uses: niniyas/ntfy-action@master | |
| if: ${{ contains(needs.*.result, 'failure') }} | |
| with: | |
| url: "https://ntfy.cdzombak.net" | |
| topic: "gha-builds" | |
| priority: 3 | |
| headers: '{"authorization": "Bearer ${{ secrets.NTFY_TOKEN }}"}' | |
| tags: no_entry | |
| title: ${{ github.event.repository.name }} ${{ needs.meta.outputs.bin_version }} build failed | |
| details: Build failed for ${{ github.event.repository.name }} version ${{ needs.meta.outputs.bin_version }}. |