-
Notifications
You must be signed in to change notification settings - Fork 43
146 lines (127 loc) · 4.33 KB
/
Copy pathrelease-state-manager.yml
File metadata and controls
146 lines (127 loc) · 4.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
name: Release State Manager Image
on:
release:
types: [published]
workflow_dispatch:
inputs:
version:
description: 'Release version (e.g., 1.2.3 or v1.2.3)'
required: true
type: string
env:
GHCR_REGISTRY: ghcr.io
DOCKER_REGISTRY: docker.io
IMAGE_NAME: exosphere-state-manager
SHA_TAG: ${{ github.sha }}
RELEASE_VERSION: ${{ github.event.inputs.version || github.ref_name }}
jobs:
test:
runs-on: ubuntu-latest
services:
mongodb:
image: mongo:7
ports:
- 27017:27017
options: >-
--health-cmd "mongosh --eval 'db.runCommand(\"ping\")'"
--health-interval 10s
--health-timeout 5s
--health-retries 10
env:
MONGO_INITDB_ROOT_USERNAME: admin
MONGO_INITDB_ROOT_PASSWORD: password
MONGO_INITDB_DATABASE: test_db
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Install uv
uses: astral-sh/setup-uv@v6
with:
enable-cache: true
- name: Install dev dependencies with uv
working-directory: state-manager
run: uv sync --group dev
- name: Run full test suite with coverage
working-directory: state-manager
env:
MONGO_URI: mongodb://admin:password@localhost:27017
MONGO_DATABASE_NAME: test_exosphere_state_manager
STATE_MANAGER_SECRET: test-secret-key
SECRETS_ENCRYPTION_KEY: YTzpUlBGLSwm-3yKJRJTZnb0_aQuQQHyz64s8qAERVU=
run: |
uv run pytest tests/ --cov=app --cov-report=xml --cov-report=term-missing --cov-report=html -v --junitxml=full-pytest-report.xml
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
slug: exospherehost/exospherehost
files: state-manager/coverage.xml
flags: unit-tests
name: state-manager-coverage-report
fail_ci_if_error: true
publish-image:
runs-on: ubuntu-latest
needs: test
if: github.repository == 'exospherehost/exospherehost'
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: arm64
- uses: docker/setup-buildx-action@v3
- name: Log in to GHCR
uses: docker/login-action@v3
with:
registry: ${{ env.GHCR_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Parse version
id: version
run: |
VERSION="${{ env.RELEASE_VERSION }}"
# Remove 'v' or 'V' prefix if present
if [[ $VERSION =~ ^[vV] ]]; then
VERSION="${VERSION#?}"
fi
# Extract major, minor, patch
IFS='.' read -r MAJOR MINOR PATCH <<< "$VERSION"
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "major=$MAJOR" >> $GITHUB_OUTPUT
echo "minor=$MINOR" >> $GITHUB_OUTPUT
echo "major_minor=$MAJOR.$MINOR" >> $GITHUB_OUTPUT
- name: Generate tags & labels
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ env.GHCR_REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
${{ env.DOCKER_REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest
type=raw,value=${{ steps.version.outputs.version }}
type=raw,value=${{ steps.version.outputs.major_minor }}
type=raw,value=${{ steps.version.outputs.major }}
type=sha,format=short
- name: Build and push
uses: docker/build-push-action@v5
with:
context: ./state-manager
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
provenance: true
sbom: true