Compare commits
3 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| a5e252b3b1 | |||
| 011bc1c113 | |||
| e94e04cff3 |
74
.github/workflows/docker-build-publish.yml
vendored
74
.github/workflows/docker-build-publish.yml
vendored
@@ -10,6 +10,35 @@ on:
|
||||
required: true
|
||||
type: string
|
||||
|
||||
checkout_repo:
|
||||
description: >
|
||||
Optional external repo to checkout (owner/name). If set, repo is checked out
|
||||
into checkout_path.
|
||||
required: false
|
||||
type: string
|
||||
default: ""
|
||||
|
||||
checkout_ref:
|
||||
description: >
|
||||
Optional git ref (branch/tag/SHA) for checkout_repo. Defaults to repo default branch.
|
||||
required: false
|
||||
type: string
|
||||
default: ""
|
||||
|
||||
checkout_path:
|
||||
description: >
|
||||
Path to checkout checkout_repo into.
|
||||
required: false
|
||||
type: string
|
||||
default: "external-src"
|
||||
|
||||
checkout_fetch_depth:
|
||||
description: >
|
||||
Fetch depth for checkout_repo (0 = full history).
|
||||
required: false
|
||||
type: string
|
||||
default: "0"
|
||||
|
||||
registry_host:
|
||||
required: true
|
||||
type: string
|
||||
@@ -21,6 +50,14 @@ on:
|
||||
description: >
|
||||
Multiline build args, one per line: KEY=VALUE (values may include spaces)
|
||||
|
||||
extra_tags:
|
||||
description: >
|
||||
Optional extra tags to apply to each image.
|
||||
Accepts JSON array (e.g. ["latest", "main"]) or newline-separated list.
|
||||
required: false
|
||||
type: string
|
||||
default: ""
|
||||
|
||||
env:
|
||||
description: >
|
||||
Multiline env vars, one per line: KEY=VALUE
|
||||
@@ -53,6 +90,17 @@ jobs:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Checkout external repository
|
||||
if: ${{ inputs.checkout_repo != '' }}
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
repository: ${{ inputs.checkout_repo }}
|
||||
ref: ${{ inputs.checkout_ref }}
|
||||
server-url: ${{ github.server_url }}
|
||||
token: ${{ secrets.ci_token }}
|
||||
path: ${{ inputs.checkout_path }}
|
||||
fetch-depth: ${{ inputs.checkout_fetch_depth }}
|
||||
|
||||
- name: Load env vars
|
||||
if: ${{ inputs.env != '' }}
|
||||
run: |
|
||||
@@ -98,6 +146,7 @@ jobs:
|
||||
env:
|
||||
IMAGES: ${{ inputs.images }}
|
||||
BUILD_ARGS: ${{ inputs.build_args }}
|
||||
EXTRA_TAGS_INPUT: ${{ inputs.extra_tags }}
|
||||
CI_TOKEN: ${{ secrets.ci_token }}
|
||||
TRIVY_SEVERITY: ${{ inputs.trivy_severity }}
|
||||
run: |
|
||||
@@ -137,6 +186,25 @@ jobs:
|
||||
VERSION_TAGS+=("latest")
|
||||
fi
|
||||
|
||||
EXTRA_TAGS=()
|
||||
if [ -n "$EXTRA_TAGS_INPUT" ]; then
|
||||
if echo "$EXTRA_TAGS_INPUT" | jq -e . >/dev/null 2>&1; then
|
||||
if ! echo "$EXTRA_TAGS_INPUT" | jq -e 'type == "array"' >/dev/null 2>&1; then
|
||||
echo "inputs.extra_tags must be a JSON array" >&2
|
||||
exit 1
|
||||
fi
|
||||
mapfile -t EXTRA_TAGS < <(echo "$EXTRA_TAGS_INPUT" | jq -r '.[]')
|
||||
else
|
||||
while IFS= read -r line; do
|
||||
trimmed="${line#"${line%%[![:space:]]*}"}"
|
||||
trimmed="${trimmed%"${trimmed##*[![:space:]]}"}"
|
||||
[ -z "$trimmed" ] && continue
|
||||
case "$trimmed" in \#*) continue;; esac
|
||||
EXTRA_TAGS+=("$trimmed")
|
||||
done <<< "$EXTRA_TAGS_INPUT"
|
||||
fi
|
||||
fi
|
||||
|
||||
BUILD_ARG_FLAGS=()
|
||||
BUILD_ARGS_JSON="{}"
|
||||
if [ -n "$BUILD_ARGS" ]; then
|
||||
@@ -216,6 +284,9 @@ jobs:
|
||||
for ver in "${VERSION_TAGS[@]}"; do
|
||||
TAGS+=("$FULL_IMAGE:$ver")
|
||||
done
|
||||
for extra in "${EXTRA_TAGS[@]}"; do
|
||||
TAGS+=("$FULL_IMAGE:$extra")
|
||||
done
|
||||
TAGS_JSON=$(printf '%s\n' "${TAGS[@]}" | jq -R . | jq -s .)
|
||||
|
||||
TARGET_NAME="img_${IDX}"
|
||||
@@ -275,6 +346,9 @@ jobs:
|
||||
for ver in "${VERSION_TAGS[@]}"; do
|
||||
TAGS+=("$FULL_IMAGE:$ver")
|
||||
done
|
||||
for extra in "${EXTRA_TAGS[@]}"; do
|
||||
TAGS+=("$FULL_IMAGE:$extra")
|
||||
done
|
||||
|
||||
TAG_ARGS=()
|
||||
for tag in "${TAGS[@]}"; do
|
||||
|
||||
88
.github/workflows/python-uv-ci-with-db.yml
vendored
88
.github/workflows/python-uv-ci-with-db.yml
vendored
@@ -21,6 +21,12 @@ on:
|
||||
required: false
|
||||
type: string
|
||||
default: ""
|
||||
test_env:
|
||||
description: >
|
||||
Multiline env vars for tests, one per line: KEY=VALUE
|
||||
required: false
|
||||
type: string
|
||||
default: ""
|
||||
uv_sync_args:
|
||||
type: string
|
||||
default: "--frozen --dev"
|
||||
@@ -36,6 +42,48 @@ on:
|
||||
test_command:
|
||||
type: string
|
||||
default: "uv run pytest"
|
||||
alembic_command:
|
||||
type: string
|
||||
default: ""
|
||||
postgres_image:
|
||||
type: string
|
||||
default: "postgres:16"
|
||||
postgres_user:
|
||||
type: string
|
||||
default: "postgres"
|
||||
postgres_password:
|
||||
type: string
|
||||
default: "postgres"
|
||||
postgres_db:
|
||||
type: string
|
||||
default: "test_db"
|
||||
postgres_health_cmd:
|
||||
type: string
|
||||
default: "pg_isready -U postgres"
|
||||
postgres_health_interval:
|
||||
type: string
|
||||
default: "10s"
|
||||
postgres_health_timeout:
|
||||
type: string
|
||||
default: "5s"
|
||||
postgres_health_retries:
|
||||
type: string
|
||||
default: "5"
|
||||
redis_image:
|
||||
type: string
|
||||
default: "redis:7-alpine"
|
||||
redis_health_cmd:
|
||||
type: string
|
||||
default: "redis-cli ping"
|
||||
redis_health_interval:
|
||||
type: string
|
||||
default: "5s"
|
||||
redis_health_timeout:
|
||||
type: string
|
||||
default: "5s"
|
||||
redis_health_retries:
|
||||
type: string
|
||||
default: "20"
|
||||
secrets:
|
||||
ssh_private_key:
|
||||
required: false
|
||||
@@ -47,18 +95,25 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
services:
|
||||
postgres:
|
||||
image: postgres:16
|
||||
image: ${{ inputs.postgres_image }}
|
||||
env:
|
||||
POSTGRES_USER: postgres
|
||||
POSTGRES_PASSWORD: postgres
|
||||
POSTGRES_DB: test_db
|
||||
POSTGRES_USER: ${{ inputs.postgres_user }}
|
||||
POSTGRES_PASSWORD: ${{ inputs.postgres_password }}
|
||||
POSTGRES_DB: ${{ inputs.postgres_db }}
|
||||
ports:
|
||||
- 5432:5432
|
||||
options: >-
|
||||
--health-cmd="pg_isready -U postgres"
|
||||
--health-interval=10s
|
||||
--health-timeout=5s
|
||||
--health-retries=5
|
||||
--health-cmd="${{ inputs.postgres_health_cmd }}"
|
||||
--health-interval=${{ inputs.postgres_health_interval }}
|
||||
--health-timeout=${{ inputs.postgres_health_timeout }}
|
||||
--health-retries=${{ inputs.postgres_health_retries }}
|
||||
redis:
|
||||
image: ${{ inputs.redis_image }}
|
||||
options: >-
|
||||
--health-cmd="${{ inputs.redis_health_cmd }}"
|
||||
--health-interval=${{ inputs.redis_health_interval }}
|
||||
--health-timeout=${{ inputs.redis_health_timeout }}
|
||||
--health-retries=${{ inputs.redis_health_retries }}
|
||||
permissions:
|
||||
contents: read
|
||||
defaults:
|
||||
@@ -121,6 +176,19 @@ jobs:
|
||||
- name: Sync dependencies
|
||||
run: uv sync ${{ inputs.uv_sync_args }}
|
||||
|
||||
- name: Load test env vars
|
||||
if: ${{ inputs.test_env != '' }}
|
||||
run: |
|
||||
while IFS= read -r line; do
|
||||
[ -z "$line" ] && continue
|
||||
case "$line" in \#*) continue;; esac
|
||||
if [[ "$line" != *=* ]]; then
|
||||
echo "Invalid env line: $line" >&2
|
||||
exit 1
|
||||
fi
|
||||
echo "$line" >> "$GITHUB_ENV"
|
||||
done <<< "${{ inputs.test_env }}"
|
||||
|
||||
- name: Run format check
|
||||
if: ${{ inputs.format_command != '' }}
|
||||
run: ${{ inputs.format_command }}
|
||||
@@ -133,6 +201,10 @@ jobs:
|
||||
if: ${{ inputs.typecheck_command != '' }}
|
||||
run: ${{ inputs.typecheck_command }}
|
||||
|
||||
- name: Alembic upgrade head (smoke test)
|
||||
if: ${{ inputs.alembic_command != '' }}
|
||||
run: ${{ inputs.alembic_command }}
|
||||
|
||||
- name: Run tests
|
||||
if: ${{ inputs.test_command != '' }}
|
||||
run: ${{ inputs.test_command }}
|
||||
|
||||
Reference in New Issue
Block a user