Bump dorny/test-reporter from 41662db5cae40449eff81c63a9a8d0a8c34694bf to 6e6a65b7a0bd2c9197df7d0ae36ac5cee784230c #435
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Container | |
| on: | |
| push: | |
| branches: [ "master" ] | |
| pull_request: | |
| branches: [ "master" ] | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| IMAGE_NAME: pynucleus | |
| IMAGE_TAGS: latest ${{ github.sha }} | |
| TEST_IMAGE_TAG: ${{ github.sha }} | |
| IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }} | |
| REGISTRY_USER: ${{ github.actor }} | |
| REGISTRY_PASSWORD: ${{ github.token }} | |
| permissions: | |
| contents: read | |
| packages: write | |
| jobs: | |
| container: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 300 | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 | |
| with: | |
| egress-policy: audit | |
| - name: Change image tags for PRs | |
| if: github.event_name == 'pull_request' | |
| run: | | |
| echo "IMAGE_TAGS=pr-${{ github.event.number }}" >> $GITHUB_ENV | |
| echo "TEST_IMAGE_TAG=pr-${{ github.event.number }}" >> $GITHUB_ENV | |
| - name: Check out | |
| if: always() | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 | |
| # - uses: hadolint/hadolint-action@v3.1.0 | |
| # with: | |
| # dockerfile: Dockerfile | |
| # ignore: 'DL3008,DL3013' | |
| # verbose: true | |
| - name: Build Image | |
| id: build_image | |
| uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2.13 | |
| with: | |
| image: ${{ env.IMAGE_NAME }} | |
| tags: ${{ env.IMAGE_TAGS }} | |
| containerfiles: | | |
| ./Dockerfile | |
| build-args: | | |
| PYNUCLEUS_BUILD_PARALLELISM=4 | |
| - name: Push To GHCR | |
| if: (github.event_name == 'pull_request') && (github.actor != 'dependabot[bot]') | |
| uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2.8 | |
| id: push-pr | |
| with: | |
| image: ${{ steps.build_image.outputs.image }} | |
| tags: ${{ env.IMAGE_TAGS }} | |
| registry: ${{ env.IMAGE_REGISTRY }} | |
| username: ${{ env.REGISTRY_USER }} | |
| password: ${{ env.REGISTRY_PASSWORD }} | |
| extra-args: | | |
| --disable-content-trust | |
| - name: Run tests | |
| run: | | |
| podman run \ | |
| -e MPIEXEC_FLAGS="--allow-run-as-root --oversubscribe" \ | |
| --workdir /pynucleus \ | |
| --rm \ | |
| --entrypoint='["python3", "-m", "pytest", "--junit-xml", "test-results.xml"]' \ | |
| ${{ steps.build_image.outputs.image }}:${{ env.TEST_IMAGE_TAG }} | |
| - name: Push To GHCR | |
| if: github.event_name == 'push' | |
| uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2.8 | |
| id: push | |
| with: | |
| image: ${{ steps.build_image.outputs.image }} | |
| tags: ${{ steps.build_image.outputs.tags }} | |
| registry: ${{ env.IMAGE_REGISTRY }} | |
| username: ${{ env.REGISTRY_USER }} | |
| password: ${{ env.REGISTRY_PASSWORD }} | |
| extra-args: | | |
| --disable-content-trust | |
| - name: Echo outputs | |
| if: github.event_name == 'push' | |
| run: | | |
| echo "${{ toJSON(steps.push.outputs) }}" | |
| container-test: | |
| needs: container | |
| strategy: | |
| matrix: | |
| include: | |
| - runner: 'ubuntu-latest' | |
| name: Container test ${{ matrix.runner }} | |
| runs-on: ${{ matrix.runner }} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 | |
| with: | |
| egress-policy: audit | |
| - name: Check out | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Install podman-compose | |
| run: pip install podman-compose | |
| - name: Run container test | |
| run: podman-compose run quick-test | |
| update-binder-image: | |
| permissions: | |
| contents: write # for peter-evans/create-pull-request to create branch | |
| pull-requests: write # for peter-evans/create-pull-request to create a PR | |
| needs: container | |
| if: github.event_name == 'push' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout binder branch | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| ref: binder | |
| - name: Modify Dockerfile | |
| run: | | |
| python generateDockerfile.py ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TEST_IMAGE_TAG }} | |
| - name: Create PR | |
| uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| commit-message: "Update Dockerfile" | |
| title: "Update Dockerfile" | |
| body: | | |
| This PR updates the Dockerfile for binder. | |
| branch: binder-update | |
| base: binder | |
| delete-branch: true |