diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index c116b93..b34c768 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -2,7 +2,7 @@ name: Mark stale issues and pull requests on: schedule: - - cron: "21 4 * * *" + - cron: $cron-daily jobs: stale: diff --git a/automation/stale.yml b/automation/stale.yml index 30c3dd9..277380b 100644 --- a/automation/stale.yml +++ b/automation/stale.yml @@ -2,7 +2,7 @@ name: Mark stale issues and pull requests on: schedule: - - cron: "30 1 * * *" + - cron: $cron-daily jobs: stale: diff --git a/ci/docker-publish.yml b/ci/docker-publish.yml index ba69744..ab266ef 100644 --- a/ci/docker-publish.yml +++ b/ci/docker-publish.yml @@ -1,80 +1,63 @@ name: Docker +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + on: + schedule: + - cron: $cron-daily push: - # Publish `$default-branch` as Docker `latest` image. - branches: - - $default-branch - - # Publish `v1.2.3` tags as releases. - tags: - - v* - - # Run tests for any PRs. + branches: [ $default-branch ] + # Publish semver tags as releases. + tags: [ 'v*.*.*' ] pull_request: + branches: [ $default-branch ] env: - # TODO: Change variable to your image's name. - IMAGE_NAME: image + # Use docker.io for Docker Hub if empty + REGISTRY: ghcr.io + # github.repository as / + IMAGE_NAME: ${{ github.repository }} + jobs: - # Run tests. - # See also https://docs.docker.com/docker-hub/builds/automated-testing/ - test: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - - name: Run tests - run: | - if [ -f docker-compose.test.yml ]; then - docker-compose --file docker-compose.test.yml build - docker-compose --file docker-compose.test.yml run sut - else - docker build . --file Dockerfile - fi - - # Push image to GitHub Packages. - # See also https://docs.docker.com/docker-hub/builds/ - push: - # Ensure test job passes before pushing image. - needs: test + build: runs-on: ubuntu-latest - if: github.event_name == 'push' - permissions: contents: read packages: write steps: - - uses: actions/checkout@v2 + - name: Checkout repository + uses: actions/checkout@v2 - - name: Build image - run: docker build . --file Dockerfile --tag $IMAGE_NAME + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - - name: Log into registry - run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login docker.pkg.github.com -u ${{ github.actor }} --password-stdin + # Extract metadata (tags, labels) for Docker + # https://github.com/docker/metadata-action + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - - name: Push image - run: | - IMAGE_ID=docker.pkg.github.com/${{ github.repository }}/$IMAGE_NAME - - # Change all uppercase to lowercase - IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]') - - # Strip git ref prefix from version - VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,') - - # Strip "v" prefix from tag name - [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//') - - # Use Docker `latest` tag convention - [ "$VERSION" == "$default-branch" ] && VERSION=latest - - echo IMAGE_ID=$IMAGE_ID - echo VERSION=$VERSION - - docker tag $IMAGE_NAME $IMAGE_ID:$VERSION - docker push $IMAGE_ID:$VERSION + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and push Docker image + uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc + with: + context: . + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/ci/openshift.yml b/ci/openshift.yml index 6d5c20a..ec5e0fb 100644 --- a/ci/openshift.yml +++ b/ci/openshift.yml @@ -144,7 +144,8 @@ jobs: # oc-login works on all platforms, but oc must be installed first. # The GitHub Ubuntu runner already includes oc. - # Otherwise, https://github.com/redhat-actions/oc-installer#readme is available. + # Otherwise, https://github.com/redhat-actions/openshift-tools-installer can be used to install oc, + # as well as many other tools. # https://github.com/redhat-actions/oc-login#readme - name: Log in to OpenShift diff --git a/ci/python-publish.yml b/ci/python-publish.yml index 1a03a7b..3bfabfc 100644 --- a/ci/python-publish.yml +++ b/ci/python-publish.yml @@ -1,11 +1,16 @@ # This workflow will upload a Python Package using Twine when a release is created # For more information see: https://help.github.com/en/actions/language-and-framework-guides/using-python-with-github-actions#publishing-to-package-registries +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + name: Upload Python Package on: release: - types: [created] + types: [published] jobs: deploy: @@ -21,11 +26,11 @@ jobs: - name: Install dependencies run: | python -m pip install --upgrade pip - pip install setuptools wheel twine - - name: Build and publish - env: - TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }} - TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }} - run: | - python setup.py sdist bdist_wheel - twine upload dist/* + pip install build + - name: Build package + run: python -m build + - name: Publish package + uses: pypa/gh-action-pypi-publish@27b31702a0e7fc50959f5ad993c78deac1bdfc29 + with: + user: __token__ + password: ${{ secrets.PYPI_API_TOKEN }}