-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #113 from nasa/release/1.0.0
Release/1.0.0
- Loading branch information
Showing
10 changed files
with
351 additions
and
298 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,192 @@ | ||
| # When code is pushed to a branch, run linting and tests, and | ||
| # then automatically increment the version number as appropriate for the branch source. | ||
| name: Lint and Test | ||
|
|
||
| # Controls when the workflow will run | ||
| on: | ||
| # Triggers the workflow on push events | ||
| push: | ||
| branches: [ develop, release/**, main, feature/**, issue/**, issues/** ] | ||
|
|
||
| # Allows you to run this workflow manually from the Actions tab | ||
| workflow_dispatch: | ||
|
|
||
| env: | ||
| POETRY_VERSION: "1.3.2" | ||
| PYTHON_VERSION: "3.10" | ||
| REGISTRY: ghcr.io | ||
| IMAGE_NAME: ${{ github.repository }} | ||
|
|
||
| jobs: | ||
| run_tests: | ||
| uses: ./.github/workflows/run_tests.yml | ||
| secrets: | ||
| codecov_token: ${{ secrets.CODECOV_TOKEN }} | ||
|
|
||
| build: | ||
| needs: run_tests | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | ||
| - name: Retrieve repository | ||
| uses: actions/checkout@v4 | ||
| - name: Set up Python | ||
| uses: actions/setup-python@v5 | ||
| with: | ||
| python-version: ${{ env.PYTHON_VERSION }} | ||
| - name: Install Poetry | ||
| uses: abatilo/[email protected] | ||
| with: | ||
| poetry-version: ${{ env.POETRY_VERSION }} | ||
| - name: Get version | ||
| id: get-version | ||
| run: | | ||
| echo "current_version=$(poetry version | awk '{print $2}')" >> $GITHUB_OUTPUT | ||
| echo "pyproject_name=$(poetry version | awk '{print $1}')" >> $GITHUB_ENV | ||
| # Bumps the version, based on which branch is the target. | ||
| - name: Bump pre-alpha version | ||
| # If triggered by push to a feature branch | ||
| if: | | ||
| ${{ startsWith(github.ref, 'refs/heads/issue') }} || | ||
| ${{ startsWith(github.ref, 'refs/heads/dependabot/') }} || | ||
| ${{ startsWith(github.ref, 'refs/heads/feature/') }} | ||
| run: | | ||
| new_ver="${{ steps.get-version.outputs.current_version }}+$(git rev-parse --short ${GITHUB_SHA})" | ||
| poetry version $new_ver | ||
| echo "software_version=$(poetry version | awk '{print $2}')" >> $GITHUB_ENV | ||
| - name: Bump alpha version | ||
| # If triggered by push to the develop branch | ||
| if: ${{ github.ref == 'refs/heads/develop' }} | ||
| run: | | ||
| poetry version prerelease | ||
| echo "software_version=$(poetry version | awk '{print $2}')" >> $GITHUB_ENV | ||
| echo "venue=sit" >> $GITHUB_ENV | ||
| - name: Bump rc version | ||
| # If triggered by push to a release branch | ||
| if: ${{ startsWith(github.ref, 'refs/heads/release/') }} | ||
| env: | ||
| # True if the version already has a 'rc' pre-release identifier | ||
| BUMP_RC: ${{ contains(steps.get-version.outputs.current_version, 'rc') }} | ||
| run: | | ||
| if [ "$BUMP_RC" = true ]; then | ||
| poetry version prerelease | ||
| else | ||
| poetry version ${GITHUB_REF#refs/heads/release/}rc1 | ||
| fi | ||
| echo "software_version=$(poetry version | awk '{print $2}')" >> $GITHUB_ENV | ||
| echo "venue=uat" >> $GITHUB_ENV | ||
| - name: Release version | ||
| # If triggered by push to the main branch | ||
| if: ${{ startsWith(github.ref, 'refs/heads/main') }} | ||
| env: | ||
| CURRENT_VERSION: ${{ steps.get-version.outputs.current_version }} | ||
| # Remove rc* from the end of version string | ||
| # The ${string%%substring} syntax below deletes the longest match of $substring from back of $string. | ||
| run: | | ||
| poetry version ${CURRENT_VERSION%%rc*} | ||
| echo "software_version=$(poetry version | awk '{print $2}')" >> $GITHUB_ENV | ||
| echo "venue=ops" >> $GITHUB_ENV | ||
| - name: Run Snyk as a blocking step | ||
| uses: snyk/actions/python-3.10@master | ||
| env: | ||
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | ||
| with: | ||
| command: test | ||
| args: > | ||
| --org=${{ secrets.SNYK_ORG_ID }} | ||
| --project-name=${{ github.repository }} | ||
| --severity-threshold=high | ||
| --fail-on=all | ||
| - name: Run Snyk on Python | ||
| uses: snyk/actions/python-3.10@master | ||
| env: | ||
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | ||
| with: | ||
| command: monitor | ||
| args: > | ||
| --org=${{ secrets.SNYK_ORG_ID }} | ||
| --project-name=${{ github.repository }} | ||
| - name: Commit Version Bump | ||
| # If building the `develop`, a `release` branch, or `main`, | ||
| # then we commit the version bump back to the repo. | ||
| if: | | ||
| github.ref == 'refs/heads/develop' || | ||
| github.ref == 'refs/heads/main' || | ||
| startsWith(github.ref, 'refs/heads/release') | ||
| run: | | ||
| git config --global user.name 'batchee bot' | ||
| git config --global user.email '[email protected]' | ||
| git commit -am "/version ${{ env.software_version }}" | ||
| git push | ||
| # Builds and pushes the package to the Python Package Index (PyPI) | ||
| - name: Build Python Artifact | ||
| run: | | ||
| poetry build | ||
| - uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: python-artifact | ||
| path: dist/* | ||
| - name: Publish to test.pypi.org | ||
| id: pypi-test-publish | ||
| if: | | ||
| github.ref == 'refs/heads/develop' || | ||
| startsWith(github.ref, 'refs/heads/release') | ||
| env: | ||
| POETRY_PYPI_TOKEN_TESTPYPI: ${{secrets.PYPI_TOKEN_TESTPYPI}} | ||
| run: | | ||
| poetry config repositories.testpypi https://test.pypi.org/legacy/ | ||
| poetry publish -r testpypi | ||
| - name: Publish to pypi.org | ||
| if: ${{ github.ref == 'refs/heads/main' }} | ||
| id: pypi-publish | ||
| env: | ||
| POETRY_PYPI_TOKEN_PYPI: ${{secrets.PYPI_TOKEN_PYPI}} | ||
| run: | | ||
| poetry publish | ||
| # Builds and pushes a Docker image | ||
| - name: Log in to the Container registry | ||
| if: ${{ !startsWith(github.ref, 'refs/heads/main/') }} | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ${{ env.REGISTRY }} | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Extract metadata (tags, labels) for Docker | ||
| if: ${{ !startsWith(github.ref, 'refs/heads/main/') }} | ||
| id: meta | ||
| uses: docker/metadata-action@v5 | ||
| with: | ||
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | ||
| tags: | | ||
| type=raw,pattern={{version}},value=${{ env.software_version }} | ||
| type=raw,value=${{ env.venue }} | ||
| - name: Build and push Docker image | ||
| if: ${{ !startsWith(github.ref, 'refs/heads/main/') }} | ||
| id: docker-push | ||
| uses: docker/build-push-action@v5 | ||
| with: | ||
| context: . | ||
| file: Dockerfile | ||
| build-args: | | ||
| SOURCE=${{env.pyproject_name}}[harmony]==${{ env.software_version }} | ||
| push: true | ||
| pull: true | ||
| tags: ${{ steps.meta.outputs.tags }} | ||
| labels: ${{ steps.meta.outputs.labels }} | ||
|
|
||
| - name: Push Tag | ||
| if: | | ||
| github.ref == 'refs/heads/develop' || | ||
| github.ref == 'refs/heads/main' || | ||
| startsWith(github.ref, 'refs/heads/release') | ||
| run: | | ||
| git config user.name "${GITHUB_ACTOR}" | ||
| git config user.email "${GITHUB_ACTOR}@users.noreply.github.com" | ||
| git tag -a "${{ env.software_version }}" -m "Version ${{ env.software_version }}" | ||
| git push origin "${{ env.software_version }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.