Skip to content

Update ci_cd.yml

Update ci_cd.yml #107

Workflow file for this run

name: CI/CD
on:
pull_request:
push:
tags:
- "*"
branches:
- main
- vupadhya/mendallie
env:
MAIN_PYTHON_VERSION: '3.12'
DOCUMENTATION_CNAME: ansys.github.io/allie-flowkit-python
PACKAGE_NAME: allie-flowkit-python
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: write
packages: write
jobs:
code-style:
name: "Code style checks"
runs-on: ubuntu-latest
steps:
- name: "Run PyAnsys code style checks"
uses: ansys/actions/code-style@v7
smoke-tests:
name: Build and Smoke tests
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
python-version: ['3.10', '3.11', '3.12']
should-release:
- ${{ github.event_name == 'push' && contains(github.ref, 'refs/tags') }}
exclude:
- should-release: false
os: macos-latest
steps:
- name: Build wheelhouse and perform smoke test
uses: ansys/actions/build-wheelhouse@v7
with:
library-name: ${{ env.PACKAGE_NAME }}
operating-system: ${{ matrix.os }}
python-version: ${{ matrix.python-version }}
mendscan-sca:
name: Mend Scan
runs-on: ubuntu-latest
steps:
- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: '11'
distribution: 'adopt'
- name: Mend Unified Agent Scan
env:
WS_APIKEY: '${{secrets.MEND_API_KEY}}'
WS_USERKEY: '${{ secrets.MEND_USER_KEY }}'
WS_WSS_URL: 'https://app.whitesourcesoftware.com/agent'
WS_PRODUCTNAME: 'AnsysAllie'
WS_PROJECTNAME: ${{github.event.repository.name}}
WS_GENERATEPROJECTDETAILSJSON: true
WS_GENERATESCANREPORT: true
WS_FILESYSTEMSCAN: true
WS_CHECKPOLICIES: true
WS_FORCECHECKALLDEPENDENCIES: true
WS_SCANREPORTFILENAMEFORMAT: static
WS_FORCEUPDATE_FAILBUILDONPOLICYVIOLATION : true
WS_PYTHON_REQUIREMENTSFILEINCLUDES: "pyproject.toml"
run: |
echo Downloading Mend Unified Agent
curl -LJO https://unified-agent.s3.amazonaws.com/wss-unified-agent.jar
if [[ "$(curl -sL https://unified-agent.s3.amazonaws.com/wss-unified-agent.jar.sha256)" != "$(sha256sum wss-unified-agent.jar)" ]] ; then
echo "Integrity Check Failed"
else
echo "Integrity Check Passed"
echo Starting Unified Agent Scan
java -jar wss-unified-agent.jar -loglevel debug
fi
docs-style:
name: Documentation Style Check
runs-on: ubuntu-latest
steps:
- name: PyAnsys documentation style checks
uses: ansys/actions/doc-style@v7
with:
token: ${{ secrets.GITHUB_TOKEN }}
docs-build:
name: Documentation Build
runs-on: ubuntu-latest
needs: [docs-style]
steps:
- name: "Run Ansys documentation building action"
uses: ansys/actions/doc-build@v7
with:
add-pdf-html-docs-as-assets: true
upload_dev_docs:
name: Upload dev documentation
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
needs: [docs-build]
steps:
- name: Deploy the latest documentation
uses: ansys/actions/doc-deploy-dev@v7
with:
cname: ${{ env.DOCUMENTATION_CNAME }}
token: ${{ secrets.GITHUB_TOKEN }}
tests:
name: "Tests"
runs-on: ${{ matrix.os }}
needs: [smoke-tests]
strategy:
matrix:
os: [ubuntu-latest, windows-latest]
python-version: ['3.9', '3.12']
fail-fast: false
steps:
- name: Testing
uses: ansys/actions/tests-pytest@v7
timeout-minutes: 12
- name: Upload coverage results (HTML)
uses: actions/upload-artifact@v4
if: (matrix.python-version == env.MAIN_PYTHON_VERSION) && (runner.os == 'Linux')
with:
name: coverage-html
path: .cov/html
retention-days: 7
release:
name: "Release project"
if: github.event_name == 'push' && contains(github.ref, 'refs/tags')
needs: [docs-build, tests]
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Release to GitHub
uses: softprops/action-gh-release@v2
with:
generate_release_notes: true
upload_docs_release:
name: Upload release documentation
if: github.event_name == 'push' && contains(github.ref, 'refs/tags')
runs-on: ubuntu-latest
needs: [release]
steps:
- name: Deploy the stable documentation
uses: ansys/actions/doc-deploy-stable@v7
with:
cname: ${{ env.DOCUMENTATION_CNAME }}
token: ${{ secrets.GITHUB_TOKEN }}
release-docker:
name : Generate Docker release
if: github.event_name == 'push' && contains(github.ref, 'refs/tags')
needs: [release]
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Check if tag name contains 'dev'
run: echo "IS_DEV_TAG=$(echo ${{ github.ref_name }} | grep -q 'dev' && echo 'true' || echo 'false')" >> $GITHUB_ENV
- name: Decompose tag into components
if: env.IS_DEV_TAG == 'false'
run: |
if [[ ${{ github.ref_name }} =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
# Split the tag into its components
IFS='.' read -ra PARTS <<< "${{ github.ref_name }}"
echo "X=${PARTS[0]}" >> $GITHUB_ENV
echo "Y=${PARTS[1]}" >> $GITHUB_ENV
echo "Z=${PARTS[2]}" >> $GITHUB_ENV
else
echo "Invalid tag format. Expected vX.Y.Z but got ${{ github.ref_name }}"
exit 1
fi
- name: Build and push Docker image
uses: docker/build-push-action@v6
if: env.IS_DEV_TAG == 'false'
with:
context: .
file: docker/Dockerfile
push: true
platforms: linux/amd64,linux/arm64
tags: |
ghcr.io/${{ github.repository }}:${{ env.X }} ,
ghcr.io/${{ github.repository }}:${{ env.X }}.${{ env.Y }} ,
ghcr.io/${{ github.repository }}:${{ env.X }}.${{ env.Y }}.${{ env.Z }} ,
ghcr.io/${{ github.repository }}:latest
- name: Build and push Docker image dev
if: env.IS_DEV_TAG == 'true'
uses: docker/build-push-action@v6
with:
context: .
file: docker/Dockerfile
push: true
platforms: linux/amd64,linux/arm64
tags: |
ghcr.io/${{ github.repository }}:${{ github.ref_name }}