ci #174
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci | |
| concurrency: | |
| cancel-in-progress: ${{ ! startsWith(github.ref, 'refs/tags/') }} | |
| group: ci-${{ github.ref_name }}-${{ github.event_name }} | |
| on: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - "v*" | |
| pull_request: | |
| branches: | |
| - main | |
| schedule: | |
| - cron: "0 0 * * *" | |
| env: | |
| REGISTRY: ghcr.io | |
| jobs: | |
| build: | |
| if: | | |
| ( | |
| github.event_name == 'push' && ( | |
| github.ref == 'refs/heads/main' || | |
| startsWith(github.ref, 'refs/tags/') | |
| ) | |
| ) || ( | |
| github.event_name == 'pull_request' | |
| ) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| name: Checkout | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Docker metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ env.REGISTRY }}/${{ github.repository }} | |
| - id: image-tag | |
| name: Set image tag | |
| run: | | |
| echo "image-tag=$(echo ${{ github.sha }} | cut -c 1-7 )" >> $GITHUB_OUTPUT | |
| - if: github.event_name == 'pull_request' | |
| name: Build image (PR) | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64 | |
| labels: ${{ steps.meta.outputs.labels }} | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| - if: github.ref == 'refs/heads/main' | |
| name: Build image (edge) | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64 | |
| labels: ${{ steps.meta.outputs.labels }} | |
| push: true | |
| tags: | | |
| ${{ env.REGISTRY }}/${{ github.repository }}:${{ steps.image-tag.outputs.image-tag }} | |
| ${{ env.REGISTRY }}/${{ github.repository }}:latest | |
| - if: startsWith(github.ref, 'refs/tags/') | |
| name: Build image (stable) | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| labels: ${{ steps.meta.outputs.labels }} | |
| push: true | |
| tags: | | |
| ${{ env.REGISTRY }}/${{ github.repository }}:${{ github.ref_name }} | |
| linter: | |
| if: contains(fromJSON('["push", "pull_request"]'), github.event_name) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| name: Checkout | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| architecture: "x64" | |
| - name: Run linters | |
| run: | | |
| pip install -U pip pre-commit | |
| pre-commit run -a | |
| self-test-edge: | |
| if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| name: Checkout | |
| - name: Send normal email | |
| uses: licenseware/send-email-notification@main | |
| with: | |
| api-key: ${{ secrets.SENDGRID_API_KEY }} | |
| subject: ${{ github.repository }}:${{ github.run_id }} | |
| from-email: ${{ secrets.SENDGRID_FROM_EMAIL }} | |
| to-email: ${{ secrets.SENDGRID_TO_EMAIL }} | |
| markdown-body: | | |
| # Hello World | |
| This is a test email from self-test-action | |
| - name: Send email with attachments | |
| uses: licenseware/send-email-notification@main | |
| with: | |
| api-key: ${{ secrets.SENDGRID_API_KEY }} | |
| subject: ${{ github.repository }}:${{ github.run_id }} | |
| from-email: ${{ secrets.SENDGRID_FROM_EMAIL }} | |
| to-email: ${{ secrets.SENDGRID_TO_EMAIL }} | |
| markdown-body: | | |
| # Hello again | |
| Check the following sources | |
| attachments: | | |
| Dockerfile | |
| main.py | |
| attachments-disposition: inline | |
| self-test-stable: | |
| if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| name: Checkout | |
| - name: Send normal email | |
| uses: licenseware/send-email-notification@v1 | |
| with: | |
| api-key: ${{ secrets.SENDGRID_API_KEY }} | |
| subject: ${{ github.repository }}:${{ github.ref_name }} | |
| from-email: ${{ secrets.SENDGRID_FROM_EMAIL }} | |
| to-email: ${{ secrets.SENDGRID_TO_EMAIL }} | |
| markdown-body: ${{ github.event.release.body }} | |
| trivy: | |
| if: contains(fromJSON('["push", "pull_request"]'), github.event_name) | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| scan-type: | |
| - fs | |
| - config | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Trivy ${{ matrix.scan-type }} | |
| uses: aquasecurity/trivy-action@master | |
| with: | |
| exit-code: "1" | |
| scan-ref: . | |
| scan-type: ${{ matrix.scan-type }} | |
| trivy-config: trivy.yaml | |
| stale: | |
| if: github.event_name == 'schedule' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write # only for delete-branch option | |
| issues: write | |
| pull-requests: write | |
| steps: | |
| - name: Stale action | |
| uses: actions/stale@v9 | |
| release-please: | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: Release please | |
| uses: googleapis/release-please-action@v4 | |
| with: | |
| release-type: simple | |
| labeler: | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'pull_request' || github.event_name == 'schedule' | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| issues: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: PR Labeler | |
| uses: srvaroa/labeler@master | |
| env: | |
| GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
| with: | |
| config_path: .github/labeler.yml | |
| use_local_config: false | |
| fail_on_error: false |