mirror of
https://github.com/planetmint/planetmint.git
synced 2025-03-30 15:08:31 +00:00
172 lines
4.7 KiB
YAML
172 lines
4.7 KiB
YAML
# Copyright © 2020 Interplanetary Database Association e.V.,
|
|
# Planetmint and IPDB software contributors.
|
|
# SPDX-License-Identifier: (Apache-2.0 AND CC-BY-4.0)
|
|
# Code is Apache-2.0 and docs are CC-BY-4.0
|
|
|
|
---
|
|
name: CI
|
|
on:
|
|
push:
|
|
branches:
|
|
- "*"
|
|
tags:
|
|
- "v*.*.*"
|
|
pull_request:
|
|
branches:
|
|
- "main"
|
|
|
|
permissions:
|
|
packages: write
|
|
contents: write
|
|
|
|
jobs:
|
|
lint:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- uses: psf/black@stable
|
|
with:
|
|
options: "--check -l 119"
|
|
src: "."
|
|
|
|
audit:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Setup python
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: 3.9
|
|
|
|
- name: Install pip-audit
|
|
run: pip install --upgrade pip pip-audit
|
|
|
|
- name: Install dependencies
|
|
run: pip install .
|
|
|
|
- name: Create requirements.txt
|
|
run: pip freeze > requirements.txt
|
|
|
|
- name: Audit dependencies
|
|
run: pip-audit --ignore-vuln PYSEC-2022-42969 --ignore-vuln PYSEC-2022-203 --ignore-vuln GHSA-r9hx-vwmv-q579
|
|
|
|
test:
|
|
needs: lint
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
PLANETMINT_DATABASE_BACKEND: tarantool_db
|
|
PLANETMINT_DATABASE_HOST: localhost
|
|
PLANETMINT_DATABASE_PORT: 3303
|
|
PLANETMINT_SERVER_BIND: 0.0.0.0:9984
|
|
PLANETMINT_WSSERVER_HOST: 0.0.0.0
|
|
PLANETMINT_WSSERVER_ADVERTISED_HOST: localhost
|
|
PLANETMINT_TENDERMINT_HOST: localhost
|
|
PLANETMINT_TENDERMINT_PORT: 26657
|
|
|
|
steps:
|
|
- name: Check out repository code
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Setup python
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: 3.9
|
|
|
|
- name: Prepare OS
|
|
run: sudo apt-get update && sudo apt-get install -y git zsh curl tarantool-common vim build-essential cmake
|
|
|
|
- name: Get Tendermint
|
|
run: wget https://github.com/tendermint/tendermint/releases/download/v0.34.15/tendermint_0.34.15_linux_amd64.tar.gz && tar zxf tendermint_0.34.15_linux_amd64.tar.gz
|
|
|
|
- name: Install Planetmint
|
|
run: pip install -e '.[dev]'
|
|
|
|
|
|
- name: Execute Tests
|
|
run: make test
|
|
|
|
release:
|
|
needs: test
|
|
if: startsWith(github.ref, 'refs/tags/')
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Check out repository code
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Setup python
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: 3.9
|
|
|
|
- name: Setup poetry
|
|
uses: Gr1N/setup-poetry@v7
|
|
|
|
- name: Install dependencies
|
|
run: pip install -e '.[dev]' && pip install wheel && python setup.py bdist_wheel sdist
|
|
|
|
- name: Upload to PyPI
|
|
run: |
|
|
twine check dist/*
|
|
twine upload --skip-existing dist/*
|
|
env:
|
|
TWINE_USERNAME: __token__
|
|
TWINE_PASSWORD: ${{ secrets.PYPI_TOKEN }}
|
|
|
|
- name: Upload to GitHub
|
|
uses: softprops/action-gh-release@v1
|
|
with:
|
|
files: dist/*
|
|
|
|
publish-docker:
|
|
needs: test
|
|
if: startsWith(github.ref, 'refs/tags/')
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
# Get the repository's code
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
# https://github.com/docker/setup-qemu-action
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v1
|
|
# https://github.com/docker/setup-buildx-action
|
|
- name: Set up Docker Buildx
|
|
id: buildx
|
|
uses: docker/setup-buildx-action@v1
|
|
- name: Login to GHCR
|
|
if: github.event_name != 'pull_request'
|
|
uses: docker/login-action@v1
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.repository_owner }}
|
|
password: ${{ secrets.GH_PACKAGE_DEPLOYMENT }}
|
|
- name: Docker meta
|
|
id: semver # you'll use this in the next step
|
|
uses: docker/metadata-action@v3
|
|
with:
|
|
# list of Docker images to use as base name for tags
|
|
images: |
|
|
ghcr.io/planetmint/planetmint
|
|
# Docker tags based on the following events/attributes
|
|
tags: |
|
|
type=schedule
|
|
type=ref,event=branch
|
|
type=ref,event=pr
|
|
type=semver,pattern={{version}}
|
|
type=semver,pattern={{major}}.{{minor}}
|
|
type=semver,pattern={{major}}
|
|
type=sha
|
|
- name: Build and push
|
|
uses: docker/build-push-action@v2
|
|
with:
|
|
context: .
|
|
platforms: linux/amd64,linux/arm64
|
|
push: ${{ github.event_name != 'pull_request' }}
|
|
tags: ${{ steps.semver.outputs.tags }}
|
|
labels: ${{ steps.semver.outputs.labels }}
|
|
env:
|
|
CRYPTOGRAPHY_DONT_BUILD_RUST: 1
|