Revert "Limit manual test runs to a few versions" #62
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| push: | |
| branches: [main] | |
| schedule: | |
| - cron: "0 00,12 * * *" # Twice a day | |
| workflow_dispatch: | |
| inputs: | |
| force: | |
| description: Force rebuild and republish all image tags | |
| required: false | |
| default: true | |
| type: boolean | |
| image_name: | |
| description: Override image name for this manual run | |
| required: false | |
| default: "" | |
| type: string | |
| env: | |
| IMAGE_NAME: ${{ inputs.image_name || vars.IMAGE_NAME || 'nikolaik/python-nodejs' }} | |
| jobs: | |
| generate-matrix: | |
| name: Generate build matrix | |
| runs-on: ubuntu-latest | |
| needs: [test] | |
| outputs: | |
| version_matrix: ${{ steps.set-matrix.outputs.matrix }} | |
| arch_matrix: ${{ steps.set-matrix.outputs.arch_matrix }} | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| with: | |
| fetch-depth: 2 | |
| - uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7 | |
| with: | |
| enable-cache: true | |
| - name: Generate build matrix | |
| id: set-matrix | |
| run: | | |
| FORCE=$(if [[ "${{ github.event_name }}" == "workflow_dispatch" && "${{ inputs.force }}" == "true" ]]; then echo "--force"; elif git log --pretty=format:"%s" HEAD^..HEAD | grep -q '\[force\]'; then echo "--force"; else echo ""; fi) | |
| uv run dpn $FORCE build-matrix --event ${{ github.event_name }} | |
| build-arch: | |
| name: ${{ matrix.key }} (${{ matrix.arch }}) | |
| runs-on: ${{ matrix.runner }} | |
| if: needs.generate-matrix.outputs.arch_matrix != '' | |
| needs: [generate-matrix] | |
| strategy: | |
| fail-fast: false | |
| matrix: ${{ fromJSON(needs.generate-matrix.outputs.arch_matrix) }} | |
| steps: | |
| # Setup | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7 | |
| with: | |
| enable-cache: true | |
| - name: Generate Dockerfile from config | |
| run: | | |
| context="$(echo '${{ toJSON(matrix) }}' | jq -c '{key, python, python_canonical, python_image, nodejs, nodejs_canonical, distro, platforms, digest}')" | |
| uv run dpn dockerfile --context "${context}" | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4 | |
| # Build | |
| - name: Build image | |
| uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7 | |
| with: | |
| context: . | |
| file: dockerfiles/${{ matrix.key }}.Dockerfile | |
| platforms: ${{ matrix.platform }} | |
| load: true | |
| tags: ${{ env.IMAGE_NAME }}:${{ matrix.key }}-${{ matrix.arch }} | |
| # Test | |
| - name: Run smoke tests | |
| run: | | |
| docker run --rm ${{ env.IMAGE_NAME }}:${{ matrix.key }}-${{ matrix.arch }} sh -c "node --version && npm --version && yarn --version && python --version && pip --version && pipenv --version && poetry --version && uv --version" | |
| # Push | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Push image | |
| run: docker push "${IMAGE_NAME}:${{ matrix.key }}-${{ matrix.arch }}" | |
| deploy: | |
| name: Publish ${{ matrix.key }} | |
| runs-on: ubuntu-latest | |
| if: needs.generate-matrix.outputs.version_matrix != '' | |
| needs: [generate-matrix, build-arch] | |
| strategy: | |
| fail-fast: false | |
| matrix: ${{ fromJSON(needs.generate-matrix.outputs.version_matrix) }} | |
| steps: | |
| - name: Create local multi-arch manifest | |
| run: | | |
| refs=("${IMAGE_NAME}:${{ matrix.key }}-amd64") | |
| if echo '${{ toJSON(matrix.platforms) }}' | jq -e '.[] == "linux/arm64"' > /dev/null; then | |
| refs+=("${IMAGE_NAME}:${{ matrix.key }}-arm64") | |
| fi | |
| docker manifest create "${IMAGE_NAME}:${{ matrix.key }}" "${refs[@]}" | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Push multi-arch manifest | |
| run: docker manifest push "${IMAGE_NAME}:${{ matrix.key }}" | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4 | |
| - name: Add digest to build context | |
| run: | | |
| mkdir builds/ | |
| digest="$(docker buildx imagetools inspect "${IMAGE_NAME}:${{ matrix.key }}" | awk '/^Digest:/ {print $2}')" | |
| echo '${{ toJSON(matrix) }}' | jq --arg digest "$digest" '. +={"digest": $digest}' >> "builds/${{ matrix.key }}.json" | |
| - name: Upload build context | |
| uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 | |
| with: | |
| name: build-${{ matrix.key }} | |
| path: builds/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| tag-latest: | |
| name: Point latest at canonical build | |
| runs-on: ubuntu-latest | |
| needs: [deploy] | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - uses: astral-sh/setup-uv@e06108dd0aef18192324c70427afc47652e63a82 # v7 | |
| with: | |
| enable-cache: true | |
| - name: Download metadata for builds | |
| uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 | |
| with: | |
| path: builds | |
| pattern: build-* | |
| merge-multiple: true | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Install regctl | |
| uses: regclient/actions/regctl-installer@main | |
| - name: Point latest to canonical image | |
| run: | | |
| latest_tag="$(uv run dpn latest-key --builds-dir builds/)" | |
| regctl image copy "${IMAGE_NAME}:${latest_tag}" "${IMAGE_NAME}:latest" | |
| release: | |
| name: Update versions.json and README.md | |
| runs-on: ubuntu-latest | |
| needs: [deploy, tag-latest] | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7 | |
| with: | |
| enable-cache: true | |
| - name: Download metadata for builds | |
| uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 | |
| with: | |
| path: builds | |
| pattern: build-* | |
| merge-multiple: true | |
| - name: Update versions.json and README.md, then commit and push changes (if any) | |
| run: | | |
| uv run dpn --verbose release --builds-dir builds/ | |
| clean_checkout=$(git status --porcelain) | |
| if [[ -n "${clean_checkout}" ]]; then | |
| git config --global user.name "Nikolai Kristiansen" > /dev/null 2>&1 | |
| git config --global user.email nikolaik@users.noreply.github.com > /dev/null 2>&1 | |
| # Update README.md | |
| today=$(date +%Y-%m-%d) | |
| sed -i -E "s/Last updated by bot: .*/Last updated by bot: ${today}/" README.md | |
| git add versions.json README.md | |
| git commit -m '🗃 Updated python/node versions [skip ci]' | |
| git push --quiet origin main | |
| else | |
| echo "Nothing changed, nothing to archive." | |
| fi | |
| test: | |
| uses: ./.github/workflows/tests.yaml |