fix start script #202
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Tests | |
on: | |
push: | |
branches: [ "main" ] | |
pull_request: | |
workflow_call: | |
workflow_dispatch: | |
jobs: | |
tests: | |
name: ✅ Run tests | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- python-version: "3.8" | |
os: ubuntu-latest | |
- python-version: "3.9" | |
os: ubuntu-latest | |
- python-version: "3.10" | |
os: ubuntu-latest | |
- python-version: "3.11" | |
os: ubuntu-latest | |
# - python-version: "3.11" | |
# os: windows-latest | |
# - python-version: "3.11" | |
# os: macos-latest # Consistently 10min+ slower than all other platforms | |
steps: | |
- uses: actions/checkout@v4 | |
- name: ♻️ Cache models | |
# if: ${{ matrix.python-version != '3.10' }} | |
uses: actions/cache@v3 | |
with: | |
path: models | |
key: ${{ runner.os }}-models | |
- name: Set up Python ${{ matrix.python-version }} | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Install dependencies | |
run: | | |
pipx install hatch | |
- name: Test with coverage | |
run: | | |
hatch run test | |
- name: Rename coverage per os/version | |
run: mv .coverage ".coverage.${{ matrix.os }}.${{ matrix.python-version }}" | |
- name: ☂️ Upload coverage files | |
uses: actions/upload-artifact@v3 | |
if: ${{ matrix.os == 'ubuntu-latest' }} | |
with: | |
name: coverage | |
path: .coverage.* | |
publish-coverage: | |
name: ☂️ Publish coverage | |
needs: [ tests ] | |
runs-on: ubuntu-latest | |
permissions: | |
statuses: write | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: '3.11' | |
- name: Get coverage files | |
uses: actions/download-artifact@v3 | |
with: | |
name: coverage | |
path: coverage | |
- run: pip install coverage[toml] smokeshow | |
- run: ls -la coverage | |
- run: coverage combine coverage | |
- run: coverage report | |
- run: coverage html --show-contexts --title "☂️ Coverage for vemonet/libre-chat [${{ github.sha }}]" | |
- name: Store coverage HTML | |
uses: actions/upload-artifact@v3 | |
with: | |
name: coverage-html | |
path: htmlcov | |
- run: smokeshow upload htmlcov | |
env: | |
SMOKESHOW_GITHUB_STATUS_DESCRIPTION: Coverage {coverage-percentage} | |
SMOKESHOW_GITHUB_COVERAGE_THRESHOLD: 90 | |
SMOKESHOW_GITHUB_CONTEXT: coverage | |
SMOKESHOW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SMOKESHOW_GITHUB_PR_HEAD_SHA: ${{ github.sha }} | |
SMOKESHOW_AUTH_KEY: ${{ secrets.SMOKESHOW_AUTH_KEY }} | |
publish-docs: | |
name: 📚 Update docs website | |
if: github.event_name != 'pull_request' | |
needs: [ tests, codeql ] | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
pages: write | |
id-token: write | |
concurrency: | |
group: "pages" | |
cancel-in-progress: false | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: 3.11 | |
- name: Install dependencies | |
run: pip install ".[doc]" | |
- name: Deploy mkdocs on GitHub Pages | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: mkdocs build -f docs/mkdocs.yml -d dist # mkdocs gh-deploy dont support new pages | |
- name: Setup Pages | |
uses: actions/configure-pages@v3 | |
- name: Upload artifact | |
uses: actions/upload-pages-artifact@v2 | |
with: | |
path: './docs/dist' | |
- name: Deploy to GitHub Pages | |
id: deployment | |
uses: actions/deploy-pages@v2 | |
publish-docker: | |
name: 🐳 Publish docker image | |
needs: [ tests, codeql ] | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
id-token: write # This is used to complete the identity challenge with sigstore/fulcio | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ${{ github.repository }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
# Enabling the cache causes the build to go out of storage space | |
# - name: ♻️ Cache models | |
# uses: actions/cache@v3 | |
# with: | |
# path: models | |
# key: ${{ runner.os }}-models | |
# Install the cosign tool except on PR | |
- name: Install cosign | |
if: github.event_name != 'pull_request' | |
uses: sigstore/[email protected] | |
with: | |
cosign-release: 'v2.1.1' | |
- name: Setup Docker buildx | |
uses: docker/setup-buildx-action@v2 | |
# Login against a Docker registry except on PR | |
- name: Log into registry ${{ env.REGISTRY }} | |
if: github.event_name != 'pull_request' | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
# Extract metadata (tags, labels) for Docker | |
- name: Extract Docker metadata | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
tags: | | |
type=ref,event=branch | |
type=semver,pattern={{version}} | |
# Build and push Docker image with Buildx (don't push on PR) | |
- name: Build and push Docker image | |
id: build-and-push | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
# Sign the resulting Docker image digest except on PRs https://github.com/sigstore/cosign | |
- name: Sign the published Docker image | |
if: ${{ github.event_name != 'pull_request' }} | |
env: | |
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable | |
TAGS: ${{ steps.meta.outputs.tags }} | |
DIGEST: ${{ steps.build-and-push.outputs.digest }} | |
# This step uses the identity token to provision an ephemeral certificate against the sigstore community Fulcio instance. | |
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} | |
# Commented because it was hanging for 20min, probably servers issues | |
codeql: | |
name: 🔎 CodeQL analysis | |
runs-on: ubuntu-latest | |
permissions: | |
security-events: write | |
actions: read | |
contents: read | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v2 | |
with: | |
languages: python | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v2 |