From 93d1b552a975bede2675a4bac1838e89b6c8f1c2 Mon Sep 17 00:00:00 2001 From: Daniel Fernandes Date: Thu, 10 Apr 2025 13:33:49 +0000 Subject: [PATCH 01/12] Make pypi, release depend on test --- .../workflows/ci.yml.jinja" | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" index c6ed106f..98d9d938 100644 --- "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" +++ "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" @@ -54,14 +54,14 @@ jobs: {% if pypi %} pypi: if: github.ref_type == 'tag' - needs: dist + needs: [dist, test] uses: ./.github/workflows/_pypi.yml permissions: id-token: write {% endif %} release: if: github.ref_type == 'tag' - needs: [dist{% if sphinx %}, docs{% endif %}] + needs: [dist, test{% if sphinx %}, docs{% endif %}] uses: ./.github/workflows/_release.yml permissions: contents: write From b7f2a2c30bbc839bfffb44da499002698d20e696 Mon Sep 17 00:00:00 2001 From: Daniel Fernandes Date: Thu, 10 Apr 2025 14:09:05 +0000 Subject: [PATCH 02/12] Split container build and push into two jobs --- .github/workflows/_container.yml | 26 +++----------- ...f docker %}_push_container.yml{% endif %}" | 35 +++++++++++++++++++ 2 files changed, 40 insertions(+), 21 deletions(-) create mode 100644 "template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if docker %}_push_container.yml{% endif %}" diff --git a/.github/workflows/_container.yml b/.github/workflows/_container.yml index da5e4936..bec61a29 100644 --- a/.github/workflows/_container.yml +++ b/.github/workflows/_container.yml @@ -36,25 +36,9 @@ jobs: - name: Test cli works in cached runtime image run: docker run --rm tag_for_testing --version - - - name: Create tags for publishing image - id: meta - uses: docker/metadata-action@v5 + + - name: Upload container as artifact + uses: actions/upload-artifact@v4 with: - images: ghcr.io/${{ github.repository }} - tags: | - type=ref,event=tag - type=raw,value=latest - - - name: Push cached image to container registry - if: github.ref_type == 'tag' - uses: docker/build-push-action@v6 - env: - DOCKER_BUILD_RECORD_UPLOAD: false - # This does not build the image again, it will find the image in the - # Docker cache and publish it - with: - context: . - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} + name: container + path: container diff --git "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if docker %}_push_container.yml{% endif %}" "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if docker %}_push_container.yml{% endif %}" new file mode 100644 index 00000000..49900927 --- /dev/null +++ "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if docker %}_push_container.yml{% endif %}" @@ -0,0 +1,35 @@ +on: + workflow_call: + +jobs: + push: + runs-on: ubuntu-latest + + steps: + - name: Download container artifact + uses: actions/download-artifact@v4 + with: + name: container + path: container + + - name: Create tags for publishing image + id: meta + uses: docker/metadata-action@v5 + with: + images: ghcr.io/${{ github.repository }} + tags: | + type=ref,event=tag + type=raw,value=latest + + - name: Push cached image to container registry + if: github.ref_type == 'tag' + uses: docker/build-push-action@v6 + env: + DOCKER_BUILD_RECORD_UPLOAD: false + # This does not build the image again, it will find the image in the + # Docker cache and publish it + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} From 55901ed58fca2f79b8ec0e3300133afed0a55604 Mon Sep 17 00:00:00 2001 From: Daniel Fernandes Date: Thu, 10 Apr 2025 14:13:04 +0000 Subject: [PATCH 03/12] Add call to _push_container.yml in ci.yml.jinja --- .../workflows/ci.yml.jinja" | 7 +++++++ 1 file changed, 7 insertions(+) diff --git "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" index 98d9d938..a759b8bd 100644 --- "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" +++ "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" @@ -41,6 +41,13 @@ jobs: permissions: contents: read packages: write + + push container: + needs: [container, test] + uses: ./github/workflows/_push_container.yml + permissions: + contents: read + packages: write {% endif %}{% if sphinx %} docs: needs: check From fcdb8b26c79800c8a7fc79891a0376cbd1679786 Mon Sep 17 00:00:00 2001 From: Daniel Fernandes Date: Fri, 11 Apr 2025 14:51:20 +0100 Subject: [PATCH 04/12] Move _push_container.yml out of template, add symlink to new location --- .github/workflows/_push_container.yml | 35 ++++++++++++++++++ ...f docker %}_push_container.yml{% endif %}" | 36 +------------------ 2 files changed, 36 insertions(+), 35 deletions(-) create mode 100644 .github/workflows/_push_container.yml mode change 100644 => 120000 "template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if docker %}_push_container.yml{% endif %}" diff --git a/.github/workflows/_push_container.yml b/.github/workflows/_push_container.yml new file mode 100644 index 00000000..49900927 --- /dev/null +++ b/.github/workflows/_push_container.yml @@ -0,0 +1,35 @@ +on: + workflow_call: + +jobs: + push: + runs-on: ubuntu-latest + + steps: + - name: Download container artifact + uses: actions/download-artifact@v4 + with: + name: container + path: container + + - name: Create tags for publishing image + id: meta + uses: docker/metadata-action@v5 + with: + images: ghcr.io/${{ github.repository }} + tags: | + type=ref,event=tag + type=raw,value=latest + + - name: Push cached image to container registry + if: github.ref_type == 'tag' + uses: docker/build-push-action@v6 + env: + DOCKER_BUILD_RECORD_UPLOAD: false + # This does not build the image again, it will find the image in the + # Docker cache and publish it + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if docker %}_push_container.yml{% endif %}" "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if docker %}_push_container.yml{% endif %}" deleted file mode 100644 index 49900927..00000000 --- "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if docker %}_push_container.yml{% endif %}" +++ /dev/null @@ -1,35 +0,0 @@ -on: - workflow_call: - -jobs: - push: - runs-on: ubuntu-latest - - steps: - - name: Download container artifact - uses: actions/download-artifact@v4 - with: - name: container - path: container - - - name: Create tags for publishing image - id: meta - uses: docker/metadata-action@v5 - with: - images: ghcr.io/${{ github.repository }} - tags: | - type=ref,event=tag - type=raw,value=latest - - - name: Push cached image to container registry - if: github.ref_type == 'tag' - uses: docker/build-push-action@v6 - env: - DOCKER_BUILD_RECORD_UPLOAD: false - # This does not build the image again, it will find the image in the - # Docker cache and publish it - with: - context: . - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} diff --git "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if docker %}_push_container.yml{% endif %}" "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if docker %}_push_container.yml{% endif %}" new file mode 120000 index 00000000..daeafe96 --- /dev/null +++ "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if docker %}_push_container.yml{% endif %}" @@ -0,0 +1 @@ +../../../.github/workflows/_push_container.yml \ No newline at end of file From 39adf2c6c5ee8d8e9b18d6538cd1a40882442a4c Mon Sep 17 00:00:00 2001 From: Daniel Fernandes Date: Fri, 11 Apr 2025 15:34:00 +0100 Subject: [PATCH 05/12] Fix key name, fix file path --- .../workflows/ci.yml.jinja" | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" index a759b8bd..af7719d8 100644 --- "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" +++ "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" @@ -42,9 +42,9 @@ jobs: contents: read packages: write - push container: + push_container: needs: [container, test] - uses: ./github/workflows/_push_container.yml + uses: ./.github/workflows/_push_container.yml permissions: contents: read packages: write From 7cdac25faf4acade8e2e4fde375f068166124f94 Mon Sep 17 00:00:00 2001 From: Daniel Fernandes Date: Fri, 11 Apr 2025 15:49:48 +0100 Subject: [PATCH 06/12] Add ref_type=tag condition to push container --- .../workflows/ci.yml.jinja" | 1 + 1 file changed, 1 insertion(+) diff --git "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" index af7719d8..3c095e2f 100644 --- "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" +++ "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" @@ -43,6 +43,7 @@ jobs: packages: write push_container: + if: github.ref_type == 'tag' needs: [container, test] uses: ./.github/workflows/_push_container.yml permissions: From 2cdd01823d254d74850d4f3be682131220ccf7d1 Mon Sep 17 00:00:00 2001 From: Daniel Fernandes Date: Fri, 11 Apr 2025 16:40:47 +0100 Subject: [PATCH 07/12] Seperate _docs into _push_docs, add symlink --- .github/workflows/_docs.yml | 19 ----------- .github/workflows/_push_docs.yml | 32 +++++++++++++++++++ .../{% if sphinx %}_push_docs.yml{% endif %}" | 1 + 3 files changed, 33 insertions(+), 19 deletions(-) create mode 100644 .github/workflows/_push_docs.yml create mode 120000 "template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if sphinx %}_push_docs.yml{% endif %}" diff --git a/.github/workflows/_docs.yml b/.github/workflows/_docs.yml index a1cafcae..90485e64 100644 --- a/.github/workflows/_docs.yml +++ b/.github/workflows/_docs.yml @@ -33,22 +33,3 @@ jobs: with: name: docs path: build - - - name: Sanitize ref name for docs version - run: echo "DOCS_VERSION=${GITHUB_REF_NAME//[^A-Za-z0-9._-]/_}" >> $GITHUB_ENV - - - name: Move to versioned directory - run: mv build/html .github/pages/$DOCS_VERSION - - - name: Write switcher.json - run: python .github/pages/make_switcher.py --add $DOCS_VERSION ${{ github.repository }} .github/pages/switcher.json - - - name: Publish Docs to gh-pages - if: github.ref_type == 'tag' || github.ref_name == 'main' - # We pin to the SHA, not the tag, for security reasons. - # https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions - uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - publish_dir: .github/pages - keep_files: true diff --git a/.github/workflows/_push_docs.yml b/.github/workflows/_push_docs.yml new file mode 100644 index 00000000..00a715af --- /dev/null +++ b/.github/workflows/_push_docs.yml @@ -0,0 +1,32 @@ +on: + workflow_call: + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Download built docs artifact + uses: actions/download-artifact@v4 + with: + name: docs + path: build + + - name: Sanitize ref name for docs version + run: echo "DOCS_VERSION=${GITHUB_REF_NAME//[^A-Za-z-1-9._-]/_}" >> $GITHUB_ENV + + - name: Move to versioned directory + run: mv build/html .github/pages/$DOCS_VERSION + + - name: Write switcher.json + run: python .github/pages/make_switcher.py --add $DOCS_VERSION ${{ github.repository }} .github/pages/switcher.json + + - name: Publish Docs to gh-pages + if: github.ref_type == 'tag' || github.ref_name == 'main' + # We pin to the SHA, not the tag, for security reasons. + # https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions + uses: peaceiris/actions-gh-pages@3f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0 + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + publish_dir: .github/pages + keep_files: true diff --git "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if sphinx %}_push_docs.yml{% endif %}" "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if sphinx %}_push_docs.yml{% endif %}" new file mode 120000 index 00000000..0c8d3868 --- /dev/null +++ "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/{% if sphinx %}_push_docs.yml{% endif %}" @@ -0,0 +1 @@ +../../../.github/workflows/_push_docs.yml \ No newline at end of file From f262aa59c4f1fdf9d41b8d38c2d0393a5a7233b1 Mon Sep 17 00:00:00 2001 From: Daniel Fernandes Date: Mon, 14 Apr 2025 13:08:30 +0000 Subject: [PATCH 08/12] Add repo checkout to _push_docs.yml --- .github/workflows/_push_docs.yml | 81 ++++++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) diff --git a/.github/workflows/_push_docs.yml b/.github/workflows/_push_docs.yml index 00a715af..f1c3cf72 100644 --- a/.github/workflows/_push_docs.yml +++ b/.github/workflows/_push_docs.yml @@ -6,6 +6,87 @@ jobs: runs-on: ubuntu-latest steps: + - name: Avoid git conflicts when tag and branch pushed at same time + if: github.ref_type == 'tag' + run: sleep 60 + + - name: Checkout + uses: actions/checkout@v4 + with: + # Need this to get version number from last tag + fetch-depth: 0 + + - name: Avoid git conflicts when tag and branch pushed at same time + if: github.ref_type == 'tag' + run: sleep 60 + + - name: Checkout + uses: actions/checkout@v4 + with: + # Need this to get version number from last tag + fetch-depth: 0 + + - name: Avoid git conflicts when tag and branch pushed at same time + if: github.ref_type == 'tag' + run: sleep 60 + + - name: Checkout + uses: actions/checkout@v4 + with: + # Need this to get version number from last tag + fetch-depth: 0 + + - name: Avoid git conflicts when tag and branch pushed at same time + if: github.ref_type == 'tag' + run: sleep 60 + + - name: Checkout + uses: actions/checkout@v4 + with: + # Need this to get version number from last tag + fetch-depth: 0 + + - name: Avoid git conflicts when tag and branch pushed at same time + if: github.ref_type == 'tag' + run: sleep 60 + + - name: Checkout + uses: actions/checkout@v4 + with: + # Need this to get version number from last tag + fetch-depth: 0 + + - name: Avoid git conflicts when tag and branch pushed at same time + if: github.ref_type == 'tag' + run: sleep 60 + + - name: Checkout + uses: actions/checkout@v4 + with: + # Need this to get version number from last tag + fetch-depth: 0 + + - name: Avoid git conflicts when tag and branch pushed at same time + if: github.ref_type == 'tag' + run: sleep 60 + + - name: Checkout + uses: actions/checkout@v4 + with: + # Need this to get version number from last tag + fetch-depth: 0 + + - name: Avoid git conflicts when tag and branch pushed at same time + if: github.ref_type == 'tag' + run: sleep 60 + + - name: Checkout + uses: actions/checkout@v4 + with: + # Need this to get version number from last tag + fetch-depth: 0 + + - name: Download built docs artifact uses: actions/download-artifact@v4 with: From 7a7a0a6b9f7623c84e6728ac71c0a457c2c167ea Mon Sep 17 00:00:00 2001 From: Daniel Fernandes Date: Tue, 15 Apr 2025 08:55:23 +0000 Subject: [PATCH 09/12] Remove duplicate code --- .github/workflows/_push_docs.yml | 71 -------------------------------- 1 file changed, 71 deletions(-) diff --git a/.github/workflows/_push_docs.yml b/.github/workflows/_push_docs.yml index f1c3cf72..02cc973f 100644 --- a/.github/workflows/_push_docs.yml +++ b/.github/workflows/_push_docs.yml @@ -16,77 +16,6 @@ jobs: # Need this to get version number from last tag fetch-depth: 0 - - name: Avoid git conflicts when tag and branch pushed at same time - if: github.ref_type == 'tag' - run: sleep 60 - - - name: Checkout - uses: actions/checkout@v4 - with: - # Need this to get version number from last tag - fetch-depth: 0 - - - name: Avoid git conflicts when tag and branch pushed at same time - if: github.ref_type == 'tag' - run: sleep 60 - - - name: Checkout - uses: actions/checkout@v4 - with: - # Need this to get version number from last tag - fetch-depth: 0 - - - name: Avoid git conflicts when tag and branch pushed at same time - if: github.ref_type == 'tag' - run: sleep 60 - - - name: Checkout - uses: actions/checkout@v4 - with: - # Need this to get version number from last tag - fetch-depth: 0 - - - name: Avoid git conflicts when tag and branch pushed at same time - if: github.ref_type == 'tag' - run: sleep 60 - - - name: Checkout - uses: actions/checkout@v4 - with: - # Need this to get version number from last tag - fetch-depth: 0 - - - name: Avoid git conflicts when tag and branch pushed at same time - if: github.ref_type == 'tag' - run: sleep 60 - - - name: Checkout - uses: actions/checkout@v4 - with: - # Need this to get version number from last tag - fetch-depth: 0 - - - name: Avoid git conflicts when tag and branch pushed at same time - if: github.ref_type == 'tag' - run: sleep 60 - - - name: Checkout - uses: actions/checkout@v4 - with: - # Need this to get version number from last tag - fetch-depth: 0 - - - name: Avoid git conflicts when tag and branch pushed at same time - if: github.ref_type == 'tag' - run: sleep 60 - - - name: Checkout - uses: actions/checkout@v4 - with: - # Need this to get version number from last tag - fetch-depth: 0 - - - name: Download built docs artifact uses: actions/download-artifact@v4 with: From 51ae06a045bd38a0a20d5091166240eb3d4509e4 Mon Sep 17 00:00:00 2001 From: Daniel Fernandes Date: Tue, 15 Apr 2025 08:58:39 +0000 Subject: [PATCH 10/12] Add _push_docs.yml to ci and tempalte ci --- .github/workflows/ci.yml | 6 ++++++ .../workflows/ci.yml.jinja" | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f198a244..966af2f7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -32,6 +32,12 @@ jobs: permissions: contents: write + push_docs: + needs: docs + uses: ./.github/workflows/_push_docs.yml + permissions: + contents: write + example: needs: test if: github.ref_name == 'main' diff --git "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" index 3c095e2f..7bdd0532 100644 --- "a/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" +++ "b/template/{% if git_platform==\"github.com\" %}.github{% endif %}/workflows/ci.yml.jinja" @@ -54,6 +54,12 @@ jobs: needs: check if: needs.check.outputs.branch-pr == '' uses: ./.github/workflows/_docs.yml + + push_docs: + needs: docs + uses: ./.github/workflows/_push_docs.yml + permissions: + contents: write {% endif %} dist: needs: check From 9168714c5bd850e197ca6b1ea2562c27285c24b8 Mon Sep 17 00:00:00 2001 From: Daniel Fernandes Date: Tue, 15 Apr 2025 09:15:17 +0000 Subject: [PATCH 11/12] Remove uneccesary wait --- .github/workflows/_push_docs.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/_push_docs.yml b/.github/workflows/_push_docs.yml index 02cc973f..ed018814 100644 --- a/.github/workflows/_push_docs.yml +++ b/.github/workflows/_push_docs.yml @@ -6,10 +6,6 @@ jobs: runs-on: ubuntu-latest steps: - - name: Avoid git conflicts when tag and branch pushed at same time - if: github.ref_type == 'tag' - run: sleep 60 - - name: Checkout uses: actions/checkout@v4 with: From 78aa8bd8cf1dd9ad185cb43e7c5e328acb43a77b Mon Sep 17 00:00:00 2001 From: Daniel Fernandes Date: Tue, 15 Apr 2025 13:07:22 +0000 Subject: [PATCH 12/12] Fix referenced SHA --- .github/workflows/_push_docs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/_push_docs.yml b/.github/workflows/_push_docs.yml index ed018814..790b28fa 100644 --- a/.github/workflows/_push_docs.yml +++ b/.github/workflows/_push_docs.yml @@ -31,7 +31,7 @@ jobs: if: github.ref_type == 'tag' || github.ref_name == 'main' # We pin to the SHA, not the tag, for security reasons. # https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions - uses: peaceiris/actions-gh-pages@3f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0 + uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} publish_dir: .github/pages