Skip to content

put a minimum on secret size #6273

put a minimum on secret size

put a minimum on secret size #6273

Workflow file for this run

name: website
on:
push:
workflow_dispatch:
env:
DOCKER_IMAGE_NAME: ghcr.io/loculus-project/website
concurrency:
group: ci-${{ github.ref == 'refs/heads/main' && github.run_id || github.ref }}-website
cancel-in-progress: true
jobs:
checks:
name: Check format and types
runs-on: ubuntu-latest
timeout-minutes: 15
defaults:
run:
working-directory: ./website
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: lts/*
- uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('website/**/package-lock.json') }}
- run: npm ci
- run: npm run check-format
- run: npm run check-types
unitTests:
name: Unit Tests
runs-on: ubuntu-latest
timeout-minutes: 15
defaults:
run:
working-directory: ./website
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: lts/*
- name: Cache .npm
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('website/**/package-lock.json') }}
- name: Install dependencies
run: npm ci
- name: Run tests
run: npm run test
dockerImage:
name: Build Website Docker Image # Don't change: Referenced by .github/workflows/update-argocd-metadata.yml
runs-on: ubuntu-latest
timeout-minutes: 15
permissions:
contents: read
packages: write
checks: read
steps:
- uses: actions/checkout@v4
- name: Generate files hash
id: files-hash
run: |
DIR_HASH=$(echo -n ${{ hashFiles('website/**', '.github/workflows/website.yml') }})
echo "DIR_HASH=$DIR_HASH" >> $GITHUB_ENV
- name: Setup Docker metadata
id: dockerMetadata
uses: docker/metadata-action@v5
with:
images: ${{ env.DOCKER_IMAGE_NAME }}
tags: |
type=raw,value=${{ env.DIR_HASH }}
type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
type=ref,event=branch
type=sha,prefix=commit-
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Check if image exists
id: check-image
run: |
EXISTS=$(docker manifest inspect ${{ env.DOCKER_IMAGE_NAME }}:${{ env.DIR_HASH }} > /dev/null 2>&1 && echo "true" || echo "false")
echo "CACHE_HIT=$EXISTS" >> $GITHUB_ENV
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and push image
if: env.CACHE_HIT == 'false'
uses: docker/build-push-action@v5
with:
context: ./website
push: true
tags: ${{ steps.dockerMetadata.outputs.tags }}
cache-from: type=gha,scope=website-${{ github.ref }}
cache-to: type=gha,mode=max,scope=website-${{ github.ref }}
- name: Retag and push existing image if cache hit
if: env.CACHE_HIT == 'true'
run: |
TAGS=(${{ steps.dockerMetadata.outputs.tags }})
for TAG in "${TAGS[@]}"; do
docker buildx imagetools create --tag $TAG ${{ env.DOCKER_IMAGE_NAME }}:${{ env.DIR_HASH }}
done