-
-
Notifications
You must be signed in to change notification settings - Fork 3
201 lines (168 loc) · 6 KB
/
merged_ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
# Workflow that runs on closed PRs to the default branch
name: Default Branch PR Merged CI (Python)
on:
pull_request:
types: ["closed"]
branches: ["main"]
# Specify concurrency such that only one workflow can run at a time
# * Different workflow files are not affected
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
# Define an autotagger job that creates tags on changes to master
# Use #major #minor in merge commit messages to bump version beyond patch
bump-tag:
runs-on: ubuntu-latest
if: |
github.event_name == 'pull_request' &&
github.event.action == 'closed' &&
github.event.pull_request.merged == true
permissions:
contents: write
outputs:
tag: ${{ steps.tag.outputs.tag }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Bump version and push tag
uses: anothrNick/[email protected]
id: tag
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
RELEASE_BRANCHES: main
WITH_V: true
DEFAULT_BUMP: patch
GIT_API_TAGGING: false
# Job for building container image
# * Builds and pushes an OCI Container image to the registry defined in the environment variables
build-container:
runs-on: ubuntu-latest
needs: bump-tag
permissions:
contents: read
packages: write
steps:
# Do a non-shallow clone of the repo to ensure tags are present
# * This allows setuptools-git-versioning to automatically set the version
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Tag the built image according to the event type
# The event is a semver release, so use the version
- name: Extract metadata (tags, labels) for Container
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: type=semver,pattern={{version}},value=${{ needs.bump-tag.outputs.tag }}
# Build and push the Container image to the registry
# * Creates a multiplatform-aware image
# * Pulls build cache from the registry and pushes new cache back
- name: Build and push container image
uses: docker/build-push-action@v6
with:
context: .
file: Containerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache
cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache,mode=max
# Job to build and publish the package on PyPi as a wheel
build-wheel:
runs-on: ubuntu-latest
needs: bump-tag
steps:
# Do a non-shallow clone of the repo to ensure tags are present
# * This allows setuptools-git-versioning to automatically set the version
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup uv
uses: astral-sh/setup-uv@v3
with:
enable-cache: true
cache-dependency-glob: "pyproject.toml"
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version-file: "pyproject.toml"
- name: Install editable package and required dependencies
run: uv sync --no-dev
# Building the wheel dynamically assigns the version according to git
# * The setuptools_git_versioning package reads the git tags and assigns the version
# * The version is then used in the wheel filename and made available in the package
# * setuptools_git_versioning is configured in pyproject.toml
- name: Build wheel
run: uv build --wheel .
- name: Upload wheel
uses: actions/upload-artifact@v4
with:
name: wheel
path: dist/*.whl
- name: Publish wheel
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
# Define a job that builds the documentation
# * Surfaces the documentation as an artifact
build-docs:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup uv
uses: astral-sh/setup-uv@v3
with:
enable-cache: true
cache-dependency-glob: "pyproject.toml"
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version-file: "pyproject.toml"
- name: Install editable package and required dependencies
run: uv sync
# Pydoctor is ran to find any linking errors in the docs
- name: Build documentation
run: |
uv run pydoctor --html-output=tmpdocs -W -q
PDOC_ALLOW_EXEC=1 uv run pdoc -o docs \
--docformat=google \
--logo="https://cdn.prod.website-files.com/62d92550f6774db58d441cca/6324a2038936ecda71599a8b_OCF_Logo_black_trans.png" \
src/nwp_consumer
- name: Upload documentation artifact
uses: actions/upload-pages-artifact@v3
with:
path: docs/
# Job to deploy the documentation to GitHub pages
deploy-docs:
needs: build-docs
runs-on: ubuntu-latest
permissions:
pages: write
id-token: write
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
steps:
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4