Skip to content

Template updates

Template updates #13

name: Pull request validation workflow
on:
pull_request:
types:
- opened
- synchronize
- labeled
paths-ignore:
- '**.md'
env:
STEP_SCRIPTS: ${{ github.workspace }}/.github/steps/pull-request
jobs:
update-pr-branch-version:
if: github.repository != 'UWIT-IAM/example-flask-app'
runs-on: ubuntu-latest
outputs:
new-version: ${{ steps.update-version.outputs.new-version }}
steps:
- uses: uwit-iam/actions/[email protected]
id: guidance
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
- uses: uwit-iam/actions/update-pr-branch-version@main
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
version-guidance: ${{ steps.guidance.outputs.guidance }}
id: update-version
validate-image-quality:
if: github.repository != 'UWIT-IAM/example-flask-app'
permissions:
contents: write
id-token: write
pull-requests: write
needs: [update-pr-branch-version]
runs-on: ubuntu-latest
env:
APP_VERSION: ${{ needs.update-pr-branch-version.outputs.new-version }}
pr_tag: pull-request-${{ github.event.pull_request.number }} # e.g., "pull-request-15"
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.ref }}
- uses: uwit-iam/action-setup-poetry-project@main
id: auth
with:
credentials: "${{ secrets.MCI_GCLOUD_AUTH_JSON }}"
enable_private_docker: true
enable_private_pypi: true
- name: Run validation checks and tests
run: |
poetry run pytest
poetry run flake8
poetry run black --check .
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and push Docker image (dependencies)
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
push: true
target: dependencies
tags: us-docker.pkg.dev/uwit-mci-iam/containers/${template:app_name_hyphen}.dependencies:${{ env.pr_tag }}
secret-files: |
"gcloud_auth_credentials=${{ steps.auth.outputs.credentials_file_path }}"
- name: Build and push Docker image (app)
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
push: true
target: app
tags: us-docker.pkg.dev/uwit-mci-iam/containers/${template:app_name_hyphen}.app:${{ env.pr_tag }}
- name: Build and push Docker image (tests)
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
push: true
target: tests
tags: us-docker.pkg.dev/uwit-mci-iam/containers/${template:app_name_hyphen}.tests:${{ env.pr_tag }}
- uses: mshick/add-pr-comment@v2
env:
image: us-docker.pkg.dev/uwit-mci-iam/containers/${template:app_name_hyphen}.app:${{ env.pr_tag }}
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
allow-repeats: false
message: |
Download and run the latest build with:
```
docker pull ${{ env.image }}
docker run -it ${{ env.image }}
```