Merge pull request #94 from mkuf/config-permissions #76
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- master | |
tags: | |
- "v*" | |
pull_request: | |
branches: | |
- master | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: donkie/spoolman | |
jobs: | |
# Build native image for integration tests | |
# | |
build-amd64: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Log in to the Github Container registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build Spoolman | |
if: ${{ github.event_name != 'pull_request' }} | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
tags: ${{ env.IMAGE_NAME }}:test | |
outputs: type=docker,dest=/tmp/spoolman.tar | |
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache-amd64 | |
cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache-amd64,mode=max | |
# Separate build for pull requests since PRs dont have access to store cache | |
- name: Build Spoolman (PR) | |
if: ${{ github.event_name == 'pull_request' }} | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
tags: ${{ env.IMAGE_NAME }}:test | |
outputs: type=docker,dest=/tmp/spoolman.tar | |
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache-amd64 | |
- name: Upload artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: spoolman | |
path: /tmp/spoolman.tar | |
# | |
# Build tester image for integration tests | |
# | |
build-tester: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Log in to the Github Container registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build Spoolman Tester | |
if: ${{ github.event_name != 'pull_request' }} | |
uses: docker/build-push-action@v4 | |
with: | |
context: ./tests_integration | |
tags: ${{ env.IMAGE_NAME }}-tester:latest | |
outputs: type=docker,dest=/tmp/spoolman-tester.tar | |
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache-tester | |
cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache-tester,mode=max | |
# Separate build for pull requests since PRs dont have access to store cache | |
- name: Build Spoolman Tester (PR) | |
if: ${{ github.event_name == 'pull_request' }} | |
uses: docker/build-push-action@v4 | |
with: | |
context: ./tests_integration | |
tags: ${{ env.IMAGE_NAME }}-tester:latest | |
outputs: type=docker,dest=/tmp/spoolman-tester.tar | |
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache-tester | |
- name: Upload artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: spoolman-tester | |
path: /tmp/spoolman-tester.tar | |
# | |
# Perform integration tests | |
# | |
test: | |
needs: [build-amd64, build-tester] | |
strategy: | |
matrix: | |
dbtype: ["postgres", "sqlite", "mariadb", "cockroachdb"] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Download built images | |
uses: actions/download-artifact@v3 | |
with: | |
path: /tmp | |
- name: Load built images | |
run: | | |
docker load --input /tmp/spoolman/spoolman.tar | |
docker load --input /tmp/spoolman-tester/spoolman-tester.tar | |
- name: Perform integration tests | |
uses: isbang/compose-action@v1.4.1 | |
with: | |
compose-file: "./tests_integration/docker-compose-${{ matrix.dbtype }}.yml" | |
up-flags: "--abort-on-container-exit" | |
down-flags: "--volumes" | |
# | |
# Build arm64 image | |
# Don't run this for pull requests | |
# Only push to buildcache and let release job push to registry | |
# | |
build-arm64: | |
if: ${{ github.event_name != 'pull_request' }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Log in to the Github Container registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and cache Docker image | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
platforms: linux/arm64 | |
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache-arm64 | |
cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache-arm64,mode=max | |
# | |
# Build arm/v7 image | |
# Don't run this for pull requests | |
# Only push to buildcache and let release job push to registry | |
# | |
build-armv7: | |
if: ${{ github.event_name != 'pull_request' }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Log in to the Github Container registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and cache Docker image | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
platforms: linux/arm/v7 | |
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache-armv7 | |
cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache-armv7,mode=max | |
# | |
# Release image if tests pass | |
# Don't run this for pull requests | |
# | |
release: | |
if: ${{ github.event_name != 'pull_request' }} | |
needs: [test, build-amd64, build-arm64, build-armv7] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Log in to the Github Container registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: | | |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
tags: | | |
type=edge | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=semver,pattern={{major}} | |
- name: Build and push Docker images | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
platforms: linux/amd64,linux/arm64,linux/arm/v7 | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
cache-from: | | |
type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache-amd64 | |
type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache-arm64 | |
type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache-armv7 |