Skip to content

build(deps): bump library/python in /images/techdocs/context #6353

build(deps): bump library/python in /images/techdocs/context

build(deps): bump library/python in /images/techdocs/context #6353

Workflow file for this run

---
on:
push: {}
workflow_dispatch: {}
env:
XDG_CACHE_HOME: ${{ github.workspace }}/.cache/xdg
POETRY_CACHE_DIR: ${{ github.workspace }}/.cache/poetry
jobs:
setup:
runs-on: ubuntu-latest
outputs:
image-names: ${{ steps.image-names.outputs.image_names }}
images-ci: ${{ steps.paths-filter.outputs.images }}
steps:
- uses: actions/checkout@v4
- uses: dorny/paths-filter@v3
id: paths-filter
with:
base: main
list-files: json
filters: |
images:
- 'images/**'
- run: |
set -x
wget https://github.com/mikefarah/yq/releases/download/v4.25.2/yq_linux_amd64 -O ${GITHUB_WORKSPACE}/yq
chmod +x ${GITHUB_WORKSPACE}/yq
- id: image-names
shell: bash
run: |
images=$(echo ${{ steps.paths-filter.outputs.images_files }} | yq -o=json -I0 '.[] |= sub("images/([^/]+)/.*$", "${1}") | unique' -)
echo "$images"
echo "IMAGE_NAMES=${images}" >> $GITHUB_OUTPUT
- run: echo ${{ steps.image-names.outputs.image_names }}
image-ci:
runs-on: ubuntu-latest
needs: ["setup"]
if: ${{ needs.setup.outputs.images-ci == 'true' }}
concurrency:
group: ${{ github.workflow }}-${{ matrix.image }}-${{ github.ref }}
cancel-in-progress: true
permissions:
id-token: write
packages: write
contents: read
strategy:
matrix:
image: ${{ fromJSON(needs.setup.outputs.image-names) }}
steps:
- uses: actions/checkout@v4
- name: Cache xdg
uses: actions/cache@v4
with:
path: ${{ env.XDG_CACHE_HOME }}
key: xdg-v1-${{ hashFiles('**/Makefile') }}
restore-keys: |
xdg-v1-
- name: Cache poetry
uses: actions/cache@v4
with:
path: ${{ env.POETRY_CACHE_DIR }}
key: poetry-v1-${{ hashFiles('**/poetry.lock') }}
restore-keys: |
poetry-v1-
- name: Cache python venv
uses: actions/cache@v4
with:
path: ${{ github.workspace }}/.venv
key: pyvenv-v1-${{ hashFiles('**/poetry.lock') }}
restore-keys: |
pyvenv-v1-
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Setup Poetry
uses: Gr1N/setup-poetry@v9
- name: Run Poetry Install
id: toolchain
shell: bash
run: |
poetry install -vvv
- uses: crazy-max/ghaction-github-runtime@v3
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- name: Validate python
run: |
make VERBOSE=all validate-python
- name: Build images
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
IMAGE_NAMES: ${{ matrix.image }}
run: |
export docker_image_build_args="--cache-from type=gha --cache-to type=gha,mode=max"
make VERBOSE=all validate-static build-images
- name: Tag images
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
IMAGE_NAMES: ${{ matrix.image }}
run: |
make tag-images oci_remote_ref_prefixes=ghcr.io/${{ github.repository }}/e0/
make tag-images oci_remote_ref_prefixes=europe-north1-docker.pkg.dev/engineering-production-af50/images/
- name: Test images
env:
IMAGE_NAMES: ${{ matrix.image }}
run: |
make VERBOSE=all -j4 test
- name: Auth to GCP
if: github.ref == 'refs/heads/main'
uses: google-github-actions/auth@v2
with:
workload_identity_provider: projects/943318002566/locations/global/workloadIdentityPools/github-actions/providers/github-actions-provider
service_account: gha-docker-images@engineering-production-af50.iam.gserviceaccount.com
create_credentials_file: true
- name: Login to GCP artifact registry
if: github.ref == 'refs/heads/main'
run: |
gcloud auth configure-docker europe-north1-docker.pkg.dev
- name: Push images
if: github.ref == 'refs/heads/main'
env:
IMAGE_NAMES: ${{ matrix.image }}
run: |
echo "${{ github.token }}" | docker login https://ghcr.io -u ${{ github.actor }} --password-stdin
make push-images oci_remote_ref_prefixes=ghcr.io/${{ github.repository }}/e0/
make push-images oci_remote_ref_prefixes=europe-north1-docker.pkg.dev/engineering-production-af50/images/
techdocs:
permissions:
contents: read
id-token: write
packages: read
pull-requests: read
name: TechDocs
uses: coopnorge/github-workflow-techdocs/.github/workflows/techdocs.yaml@v0
build:
needs:
- image-ci
- techdocs
if: always()
runs-on: ubuntu-latest
steps:
- run: exit 1
name: "Catch errors"
if: |
needs.image-ci.result == 'failure' ||
needs.techdocs.result == 'failure'