diff --git a/.github/renovate.json b/.github/renovate.json index 67e7daa..4e3342a 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -5,7 +5,7 @@ ":semanticCommitTypeAll(fix)" ], "baseBranches": [ - "next" + "main" ], "platformCommit": true, "dependencyDashboardAutoclose": true, diff --git a/.github/workflows/release.yml b/.github/workflows-old/release.yml similarity index 56% rename from .github/workflows/release.yml rename to .github/workflows-old/release.yml index 5d728b0..10e74be 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows-old/release.yml @@ -3,6 +3,10 @@ on: push: branches: [main] +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + jobs: release: name: Release @@ -29,29 +33,32 @@ jobs: name: GitHub Container Registry runs-on: ubuntu-latest needs: release + permissions: + contents: read + packages: write steps: - uses: actions/checkout@v4 - name: Login to GitHub Container Registry - run: echo ${{ secrets.GHCR_ACCESS_TOKEN }} | docker login ghcr.io -u luketainton --password-stdin + run: echo ${{ secrets.GITHUB_TOKEN }} | docker login ${{ env.REGISTRY }} -u ${{ github.actor }} --password-stdin - name: Build image for GitHub Package Registry run: | docker build . --file Dockerfile \ --build-arg "version=${{ needs.release.outputs.new_tag }}" \ - --tag ghcr.io/luketainton/roboluke-tasks:${{ needs.release.outputs.new_tag }} \ - --tag ghcr.io/luketainton/roboluke-tasks:latest + --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.release.outputs.new_tag }} \ + --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - name: Push image to GitHub Package Registry run: | - docker push ghcr.io/luketainton/roboluke-tasks:latest - docker push ghcr.io/luketainton/roboluke-tasks:${{ needs.release.outputs.new_tag }} + docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest + docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.release.outputs.new_tag }} - deploy: - name: Update Portainer Deployment - runs-on: ubuntu-latest - needs: publish - steps: - - uses: fjogeleit/http-request-action@v1 - with: - url: ${{ secrets.PORTAINER_WEBHOOK_URL }} - method: POST - timeout: 60000 - preventFailureOnNoResponse: "true" + # deploy: + # name: Update Portainer Deployment + # runs-on: ubuntu-latest + # needs: publish + # steps: + # - uses: fjogeleit/http-request-action@v1 + # with: + # url: ${{ secrets.PORTAINER_WEBHOOK_URL }} + # method: POST + # timeout: 60000 + # preventFailureOnNoResponse: "true" diff --git a/.github/workflows/create_release.yml b/.github/workflows/create_release.yml new file mode 100644 index 0000000..0c95b1b --- /dev/null +++ b/.github/workflows/create_release.yml @@ -0,0 +1,36 @@ +name: Create Release +on: + workflow_dispatch: + schedule: + - cron: "0 9 * * *" + +jobs: + create_release: + name: Create Release + runs-on: ubuntu-latest + outputs: + new_tag: ${{ steps.tag_version.outputs.new_tag }} + steps: + - uses: actions/checkout@v4 + + - name: Bump version and push tag + id: tag_version + uses: mathieudutour/github-tag-action@v6.2 + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + default_bump: minor + + - name: Create a GitHub release + uses: ncipollo/release-action@v1 + with: + tag: ${{ steps.tag_version.outputs.new_tag }} + name: ${{ steps.tag_version.outputs.new_tag }} + body: ${{ steps.tag_version.outputs.changelog }} + generateReleaseNotes: true + + create_docker: + name: Create Docker Image + needs: create_release + uses: luketainton/roboluke-tasks/.github/workflows/docker_publish.yml@main + with: + release: ${{ needs.create_release.outputs.new_tag }} diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml new file mode 100644 index 0000000..7b02506 --- /dev/null +++ b/.github/workflows/docker_publish.yml @@ -0,0 +1,61 @@ +name: Publish Docker Image + +on: + workflow_call: + inputs: + release: + required: true + type: string + +jobs: + publish: + name: Publish Docker image + runs-on: ubuntu-latest + permissions: + packages: write + contents: read + attestations: write + id-token: write + steps: + - name: Check out the repo + uses: actions/checkout@v4 + with: + ref: ${{ inputs.release }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to GitHub Container Registry + uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@a64d0487d7069df33b279515d35d60fa80e2ea62 + with: + images: | + ghcr.io/${{ github.repository }} + tags: | + type=semver,pattern=v{{version}},value=${{ inputs.release }} + + - name: Build and push Docker image + id: push + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c + with: + context: . + push: true + # provenance: mode=max + labels: ${{ steps.meta.outputs.labels }} + tags: | + ghcr.io/${{ github.repository }}:latest + ghcr.io/${{ github.repository }}:${{ inputs.release }} + + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 + with: + subject-name: ghcr.io/${{ github.repository }} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true diff --git a/requirements.txt b/requirements.txt index 8b386a6..c3b25d1 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,5 +1,5 @@ appdirs==1.4.4 -astroid==3.2.2 +astroid==3.2.3 attrs==23.2.0 autopep8==2.3.1 backoff==2.2.1 @@ -33,7 +33,7 @@ python-dotenv==1.0.1 PyYAML==6.0.1 requests==2.32.3 requests-toolbelt==1.0.0 -sentry-sdk==2.7.1 +sentry-sdk==2.9.0 six==1.16.0 toml==0.10.2 tomli==2.0.1