move non secret config to vars #33

Workflow file for this run

.github/workflows/tests_build.yml at 4161541

	---
	name: "Unit tests and build"
	on:
	push:
	branches: ['**']
	release:
	types: [released]
	env:
	TAG: "${{ github.ref_type == 'tag' && github.ref_name \|\| 'tmp' }}"
	IMAGE_NAME: "${{ vars.DOCKER_ORG }}/nansat"
	BASE_IMAGE_NAME: "${{ vars.DOCKER_ORG }}/nansat_base"
	BASE_IMAGE_TAG: '0.0.18'
	jobs:
	tests_and_docker_build:
	name: 'Run unit tests and build docker image'
	runs-on: 'ubuntu-20.04'
	strategy:
	matrix:
	tag_suffix:
	- ''
	- '-slim'
	version:
	- {'python': '3.7', 'latest': false}
	- {'python': '3.8', 'latest': false}
	- {'python': '3.9', 'latest': false}
	- {'python': '3.10', 'latest': false}
	- {'python': '3.11', 'latest': true}
	steps:
	- name: 'Checkout repository'
	uses: actions/checkout@v4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Cache Docker layers
	uses: actions/cache@v3
	with:
	path: /tmp/.buildx-cache
	key: ${{ runner.os }}-buildx${{ matrix.tag_suffix }}-python${{ matrix.version.python }}-${{ github.sha }}
	restore-keys: \|
	${{ runner.os }}-buildx${{ matrix.tag_suffix }}-python${{ matrix.version.python }}-

	- name: Login to DockerHub
	uses: docker/login-action@v3
	with:
	username: ${{ vars.DOCKER_USER }}
	password: ${{ secrets.DOCKER_PASS }}

	- name: 'Run tests'
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: >
	docker run --rm
	-v "$(pwd):/src"
	-e "GITHUB_ACTIONS=$GITHUB_ACTIONS"
	-e "GITHUB_REF=$GITHUB_REF"
	-e "GITHUB_SHA=$GITHUB_SHA"
	-e "GITHUB_HEAD_REF=$GITHUB_HEAD_REF"
	-e "GITHUB_REPOSITORY=$GITHUB_REPOSITORY"
	-e "GITHUB_RUN_ID=$GITHUB_RUN_ID"
	-e "GITHUB_TOKEN=$GITHUB_TOKEN"
	"${BASE_IMAGE_NAME}:${BASE_IMAGE_TAG}${{ matrix.tag_suffix }}-python${{ matrix.version.python }}"
	bash -c "
	apt update && apt install -y g++ &&
	python setup.py sdist &&
	coverage run --omit=nansat/mappers/,nansat/tests/,nansat/nansatmap.py --source=nansat setup.py test"

	- name: 'Install Python 3.11'
	uses: actions/setup-python@v4
	with:
	python-version: '3.11'

	- name: 'Upload coverage to coveralls.io'
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: pip install coveralls && coveralls --service=github

	- name: Build docker image
	uses: docker/build-push-action@v5
	with:
	context: .
	build-args: \|
	BASE_IMAGE=${{ env.BASE_IMAGE_NAME }}:${{ env.BASE_IMAGE_TAG }}${{ matrix.tag_suffix }}-python${{ matrix.version.python }}
	NANSAT_RELEASE=${{ env.TAG == 'tmp' && '0.0.0' \|\| env.TAG }}
	push: ${{ github.ref_type == 'tag' }}
	tags: \|
	${{ env.IMAGE_NAME }}:${{ env.TAG }}${{ matrix.tag_suffix }}-python${{ matrix.version.python }}
	${{ env.IMAGE_NAME }}:latest${{ matrix.tag_suffix }}-python${{ matrix.version.python }}
	${{ matrix.version.latest && format('latest{0}', matrix.tag_suffix) \|\| '' }}
	cache-from: type=local,src=/tmp/.buildx-cache
	cache-to: type=local,dest=/tmp/.buildx-cache-new

	# Temp fix
	# https://github.com/docker/build-push-action/issues/252
	# https://github.com/moby/buildkit/issues/1896
	- name: Move cache
	run: \|
	rm -rf /tmp/.buildx-cache
	mv /tmp/.buildx-cache-new /tmp/.buildx-cache

	publish_python_package:
	name: Publish the Python package to PyPI
	runs-on: 'ubuntu-20.04'
	needs: 'tests_and_docker_build'
	if: github.event_name == 'release'
	steps:
	- name: 'Checkout repository'
	uses: actions/checkout@v4

	- name: Set up Python 3.11
	uses: actions/setup-python@v4
	with:
	python-version: 3.11

	- name: Build package
	run: NANSAT_RELEASE="${TAG}" python setup.py sdist
	shell: bash

	- name: Publish
	uses: pypa/gh-action-pypi-publish@release/v1
	with:
	# Storing the PyPI URL in the repositories' secrets makes
	# publishing to the test PyPI from forks easy
	repository_url: ${{ vars.PYPI_REPOSITORY_URL }}
	password: ${{ secrets.PYPI_TOKEN }}
	...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

move non secret config to vars #33

Workflow file

move non secret config to vars #33

Jobs

Run details

Workflow file for this run