mebbe #54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | ||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| pull_request: | ||
| merge_group: | ||
| types: [checks_requested] | ||
| workflow_dispatch: # generally only for the "combine-prs" workflow | ||
| permissions: | ||
| contents: read | ||
| packages: read | ||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} | ||
| cancel-in-progress: true | ||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| packages: write | ||
| steps: | ||
| - name: Check out repository | ||
| uses: actions/checkout@v4 | ||
| - name: Expose GitHub Runtime | ||
| uses: crazy-max/ghaction-github-runtime@v3 | ||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
| - name: Cache RUN --mount=type=cache /var/cache/apt | ||
| uses: actions/cache@v3 | ||
| with: | ||
| path: var-cache-apt | ||
| key: var-cache-apt-${{ hashFiles('Dockerfile') }} | ||
| restore-keys: | | ||
| var-cache-apt- | ||
| - name: Cache RUN --mount=type=cache /var/lib/apt | ||
| uses: actions/cache@v3 | ||
| with: | ||
| path: var-lib-apt | ||
| key: var-lib-apt-${{ hashFiles('Dockerfile') }} | ||
| restore-keys: | | ||
| var-lib-apt- | ||
| - name: Cache RUN --mount=type=cache /root/.cache/pip | ||
| uses: actions/cache@v3 | ||
| with: | ||
| path: root-cache-pip | ||
| key: root-cache-pip-${{ hashFiles('requirements/*.txt') }} | ||
| restore-keys: | | ||
| root-cache-pip- | ||
| - name: Cache RUN --mount=type=cache /root/.npm | ||
| uses: actions/cache@v3 | ||
| with: | ||
| path: root-npm | ||
| key: root-npm-${{ hashFiles('package.json', 'package-lock.json') }} | ||
| restore-keys: | | ||
| root-npm- | ||
| - name: inject var-cache-apt into docker | ||
| uses: reproducible-containers/buildkit-cache-dance@v2.1.4 | ||
| with: | ||
| cache-source: var-cache-apt | ||
| cache-target: /var/cache/apt | ||
| skip-extraction: ${{ steps.cache-var-cache-apt.outputs.cache-hit }} | ||
| - name: inject var-lib-apt into docker | ||
| uses: reproducible-containers/buildkit-cache-dance@v2.1.4 | ||
| with: | ||
| cache-source: var-lib-apt | ||
| cache-target: /var/lib/apt | ||
| skip-extraction: ${{ steps.cache-var-lib-apt.outputs.cache-hit }} | ||
| - name: inject root-cache-pip into docker | ||
| uses: reproducible-containers/buildkit-cache-dance@v2.1.4 | ||
| with: | ||
| cache-source: root-cache-pip | ||
| cache-target: /root/.cache/pip | ||
| skip-extraction: ${{ steps.cache-root-cache-pip.outputs.cache-hit }} | ||
| - name: inject root-npm into docker | ||
| uses: reproducible-containers/buildkit-cache-dance@v2.1.4 | ||
| with: | ||
| cache-source: root-npm | ||
| cache-target: /root/.npm | ||
| skip-extraction: ${{ steps.cache-root-npm.outputs.cache-hit }} | ||
| - name: Build Docker Image | ||
| run: | | ||
| echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.event_name == "pull_request" ? github.event.pull_request.head.repo.owner.name : github.repository_owner }} --password-stdin | ||
| docker buildx build --build-arg="DEVEL=yes" --build-arg="CI=yes" --cache-to type=gha,mode=max --cache-from type=gha --push -t ghcr.io/${{ github.event_name == "pull_request" ? github.event.pull_request.head.repo.full_name : github.repository }}:ci-${{ github.run_id }} . | ||
| test: | ||
| needs: build | ||
| strategy: | ||
| matrix: | ||
| include: | ||
| - name: Tests | ||
| command: bin/tests --postgresql-host postgres | ||
| - name: Lint | ||
| command: bin/lint | ||
| - name: Dependencies | ||
| command: bin/deps | ||
| - name: Licenses | ||
| command: bin/licenses | ||
| - name: Translations | ||
| command: bin/translations | ||
| - name: User Documentation | ||
| command: bin/user-docs | ||
| - name: Developer Documentation | ||
| command: bin/dev-docs | ||
| runs-on: ubuntu-latest | ||
| container: | ||
| image: ghcr.io/${{ github.event_name == 'pull_request' ? github.event.pull_request.head.repo.full_name : github.repository }}:ci-${{ github.run_id }} | ||
| env: | ||
| BILLING_BACKEND: warehouse.subscriptions.services.MockStripeBillingService api_base=http://stripe:12111 api_version=2020-08-27 | ||
| services: | ||
| postgres: | ||
| image: ${{ (matrix.name == 'Tests') && 'postgres:14.11' || '' }} | ||
| ports: | ||
| - 5432:5432 | ||
| env: | ||
| POSTGRES_HOST_AUTH_METHOD: trust # never do this in production! | ||
| # Set health checks to wait until postgres has started | ||
| options: --health-cmd "pg_isready --username=postgres --dbname=postgres" --health-interval 10s --health-timeout 5s --health-retries 5 | ||
| stripe: | ||
| image: ${{ (matrix.name == 'Tests') && 'stripe/stripe-mock:v0.162.0' || '' }} | ||
| ports: | ||
| - 12111:12111 | ||
| name: ${{ matrix.name }} | ||
| steps: | ||
| - name: Check out repository | ||
| uses: actions/checkout@v4 | ||
| - name: Cache mypy results | ||
| if: ${{ (matrix.name == 'Lint') }} | ||
| uses: actions/cache@v4 | ||
| with: | ||
| path: | | ||
| dev/.mypy_cache | ||
| key: ${{ runner.os }}-mypy-${{ hashFiles('requirements.txt', 'requirements/*.txt') }} | ||
| - name: Run ${{ matrix.name }} | ||
| run: ${{ matrix.command }} | ||
