repos/roboluke
4
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Releases 51 Activity

Update .gitea/workflows/release.yml
All checks were successful
Snyk / security (push) Successful in 2m18s
Details

Browse Source
This commit is contained in:
Luke Tainton 2025-05-07 01:32:03 +02:00
parent fd8d04c89d
commit d5dd7907fb
1 changed files with 164 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

234
.gitea/workflows/release.yml
View File

@ -5,90 +5,184 @@ on:
- cron: "0 9 * * 0" - cron: "0 9 * * 0"
jobs: jobs:
test: # test:
name: Test # name: Test
uses: https://git.tainton.uk/repos/roboluke/.gitea/workflows/ci.yml@main # uses: https://git.tainton.uk/repos/roboluke/.gitea/workflows/ci.yml@main
with: # with:
python-version: 3.13 # python-version: 3.13
secrets:
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
# create_release:
# name: Create Release
# needs: test
# uses: https://git.tainton.uk/actions/gha-workflows/.gitea/workflows/create-release.yml@main
# secrets: # secrets:
# ACTIONS_TOKEN: ${{ secrets.ACTIONS_TOKEN }} # SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
# SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
# SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
tag:
name: Tag release
uses: https://git.tainton.uk/actions/gha-workflows/.gitea/workflows/release-with-tag.yaml@main
create_release: create_release:
name: Create Release name: Create Release
needs: tag
uses: https://git.tainton.uk/actions/gha-workflows/.gitea/workflows/create-release-preexisting-tag.yaml@main
with:
tag: ${{ needs.tag.outputs.tag_name }}
body: ${{ needs.tag.outputs.changelog }}
secrets:
ACTIONS_TOKEN: ${{ secrets.ACTIONS_TOKEN }}
get_release_id:
name: Get Release ID
runs-on: ubuntu-latest runs-on: ubuntu-latest
# needs: test needs: [tag, create_release]
outputs: outputs:
release_name: ${{ steps.get_next_version.outputs.tag }} releaseid: ${{ steps.getid.outputs.releaseid }}
steps: steps:
- name: Get Release ID
id: getid
run: |
rid=$(curl -s -X 'GET' \
-H 'accept: application/json' \
'${{ gitea.server_url }}/api/v1/repos/${{ gitea.repository }}/releases/latest' | jq -r '.id')
echo "releaseid=$rid" >> "$GITEA_OUTPUT"
echo "$rid"
build_whl:
name: Build Wheel File
needs: [tag, get_release_id]
runs-on: ubuntu-latest
steps:
- name: Check out repository code
uses: actions/checkout@v4.2.2
with:
ref: ${{ needs.tag.outputs.tag_name }}
# - name: Setup Python
# uses: actions/setup-python@v5
# with:
# python-version: "3.13"
- name: Install uv
uses: astral-sh/setup-uv@v5
with:
enable-cache: true
cache-dependency-glob: "uv.lock"
- name: Set up Python
run: uv python install
- name: Update pyproject.toml
run: ./tools/update_pyproject.sh ${{ needs.tag.outputs.tag_name }}
- name: Install dependencies
run: uv sync
- name: Build wheel file
run: uv build
- name: Upload Release Asset
run: |
for file in dist/*.whl; do
curl -s -X POST \
-H "Authorization: token ${{ secrets.ACTIONS_TOKEN }}" \
-H "Content-Type: multipart/form-data" \
-F "attachment=@${{ gitea.workspace }}/$file" \
"${{ gitea.server_url }}/api/v1/repos/${{ gitea.repository }}/releases/${{ needs.get_release_id.outputs.releaseid }}/assets"
done
- name: Publish to PyPI
run: uv publish
env:
UV_PUBLISH_TOKEN: ${{ secrets.PYPI_API_TOKEN }}
# - name: Publish to PyPI
# uses: pypa/gh-action-pypi-publish@release/v1
# with:
# # user: ${{ vars.PYPI_USERNAME }}
# user: __token__
# password: ${{ secrets.PYPI_API_TOKEN }}
# publish_pypi:
# name: Publish to PyPI
# needs: build_whl
# runs-on: ubuntu-latest
# steps:
# - name: Create dist folder
# run: mkdir -p dist
# - uses: actions/download-artifact@v4
# with:
# name: whl
# path: dist
# - name: Publish to PyPI
# uses: pypa/gh-action-pypi-publish@release/v1
# with:
# # user: ${{ vars.PYPI_USERNAME }}
# user: __token__
# password: ${{ secrets.PYPI_API_TOKEN }}
create_docker:
name: Publish Docker Images
runs-on: ubuntu-latest
needs: tag
steps:
- name: Update Docker configuration
continue-on-error: true
run: |
mkdir -p /etc/default
mkdir -p /etc/docker
touch -a /etc/default/docker
touch -a /etc/docker/daemon.json
echo "DOCKER_OPTS=\"--insecure-registry ${{ vars.PACKAGES_REGISTRY_URL }}\"" >> /etc/default/docker
echo "{\"insecure-registries\": [\"${{ vars.PACKAGES_REGISTRY_URL }}\"]}" > /etc/docker/daemon.json
- name: Get repo name
id: split
run: echo "repo=${REPO##*/}" >> "$GITEA_OUTPUT"
env:
REPO: ${{ gitea.repository }}
- name: Check out repository - name: Check out repository
uses: actions/checkout@v4.2.2 uses: actions/checkout@v4.2.2
with: with:
fetch-depth: 0 fetch-depth: 0
ref: ${{ needs.tag.outputs.tag_name }}
- name: Changes since last tag - name: Set up Docker Buildx
id: changes uses: docker/setup-buildx-action@v3
run: |
rm -f .changes
git log $(git describe --tags --abbrev=0)..HEAD --no-merges --oneline >> .changes
cat .changes
- name: Check for changes - name: Log in to Gitea Container Registry
run: | uses: docker/login-action@v3
if [[ -z $(grep '[^[:space:]]' .changes) ]] ; then
echo "changes=false"
echo "changes=false" >> "$GITEA_OUTPUT"
else
echo "changes=true"
echo "changes=true" >> "$GITEA_OUTPUT"
fi
- name: Cancel if no changes
if: steps.changes.outputs.changes == 'false'
run: exit 1
- name: Set server URL
id: set_srvurl
run: |
SRVURL=$(echo "${{ gitea.server_url }}" | sed 's/https:\/\/\(.*\)/\1/')
echo "srvurl=$SRVURL" >> "$GITEA_OUTPUT"
- name: Get next version
uses: TriPSs/conventional-changelog-action@v6
id: get_next_version
with: with:
git-url: ${{ steps.set_srvurl.outputs.srvurl }} registry: ${{ vars.PACKAGES_REGISTRY_URL }}
github-token: ${{ gitea.token }} username: ${{ vars.ACTIONS_USERNAME }}
preset: "conventionalcommits" password: ${{ secrets.ACTIONS_TOKEN }}
# preset: "angular" # This is the default
skip-commit: true
release-count: 1
output-file: false
create-summary: true
skip-on-empty: true
skip-version-file: true
skip-tag: true
- name: Create release - name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ vars.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
tags: type=semver,pattern=v{{version}},value=${{ needs.tag.outputs.tag_name }}
images: |
ghcr.io/${{ vars.GHCR_USERNAME }}/${{ steps.split.outputs.repo }}
${{ vars.PACKAGES_REGISTRY_URL }}/${{ gitea.repository }}
- name: Print metadata
run: | run: |
curl -s -X POST \ printf "Annotations:\n${{ steps.meta.outputs.annotations }}"
-H "Authorization: token ${{ secrets.ACTIONS_TOKEN }}" \ echo ""
-H "accept: application/json" \ printf "Labels:\n${{ steps.meta.outputs.labels }}"
-H "Content-Type: application/json" \ echo ""
-d "{\"tag_name\": \"${{ steps.get_next_version.outputs.tag }}\", \"name\": \"${{ steps.get_next_version.outputs.tag }}\", \"body\": \"${{ steps.get_next_version.outputs.changelog }}\"}" \ printf "Tags:\n${{ steps.meta.outputs.tags }}"
"${{ gitea.server_url }}/api/v1/repos/${{ gitea.repository }}/releases"
print_release: - name: Build images
name: Print Release uses: docker/build-push-action@v6
runs-on: ubuntu-latest with:
needs: create_release context: .
steps: push: false
- run: echo "Created release ${{ needs.create_release.outputs.release_name }}." load: true
annotations: ${{ steps.meta.outputs.annotations }}
labels: ${{ steps.meta.outputs.labels }}
tags: ${{ steps.meta.outputs.tags }}
- name: Push images
run: |
strtags="${{ steps.meta.outputs.tags }}"
readarray -t lines <<<"$strtags"
for element in "${lines[@]}"; do docker push "$element"; done
unset strtags lines