Skip to content

v0.9.0

v0.9.0 #45

Workflow file for this run

name: Build and Publish
on:
release:
types: [ published ]
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
test-and-build:
runs-on: ubuntu-latest
env:
PIP_PROGRESS_BAR: "off"
PIP_DISABLE_PIP_VERSION_CHECK: "on"
POETRY_NO_INTERACTION: 1
POETRY_VIRTUALENVS_IN_PROJECT: true
container:
image: python:3.12-alpine
outputs:
version: ${{ steps.version.outputs.version }}
steps:
- name: Install git
run: apk add git
- name: Checkout Repository
uses: actions/checkout@v4
with:
fetch-tags: true
fetch-depth: 0
- name: Fix directory permissions
run: chown -R root:root .
- uses: ./.github/actions/setup-poetry-project
with:
install_plugin: true
- name: Run Pytest
run: poetry run pytest
- name: Build Package
run: poetry build
- name: Archive Production Artifacts
uses: actions/upload-artifact@v4
with:
name: dist
path: |
dist
- name: Store version
id: version
run: |
echo "version=$(poetry version --short)" >> $GITHUB_OUTPUT
publish-to-pypi:
needs: test-and-build
runs-on: ubuntu-latest
environment: release
permissions:
# IMPORTANT: this permission is mandatory for PyPI trusted publishing
id-token: write
steps:
- name: Download a single artifact
uses: actions/download-artifact@v4
with:
name: dist
path: dist
- name: Display structure of downloaded files
run: ls -R
- name: Publish Package Distributions to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
attestations: true
publish-to-ghcr:
needs:
- test-and-build
- publish-to-pypi
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
attestations: write
id-token: write
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
tags: |
type=pep440,pattern={{version}}
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Build and Push Container Image
id: push
uses: docker/build-push-action@v6
with:
context: "{{defaultContext}}"
file: Docker/release.Dockerfile
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
KCWARDEN_VERSION=${{ needs.test-and-build.outputs.version }}
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v1
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true
- name: Log out from GitHub Container Registry
run: docker logout ghcr.io