name: CI on: pull_request: branches: [main] push: branches: [main] env: REGISTRY: brosner.dev IMAGE_NAME: ${{ gitea.repository }} jobs: pre-commit: name: Static Analysis (pre-commit) runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-python@v5 with: python-version-file: "pyproject.toml" - uses: pre-commit/action@v3.0.1 tests: name: Tests runs-on: ubuntu-latest needs: pre-commit services: postgres: image: postgres env: POSTGRES_PASSWORD: postgres options: >- --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 ports: - 5432:5432 steps: - uses: actions/checkout@v4 - name: Setup Python uses: actions/setup-python@v5 with: python-version-file: "pyproject.toml" - name: Install uv uses: astral-sh/setup-uv@v5 with: version: "0.7.8" - name: Install dependencies run: uv sync --group=test - name: Run pytest run: uv run pytest --cov=teufa --cov-report=xml --junitxml=junit.xml --override-ini=junit_family=legacy tests/ env: DATABASE_URL: postgresql+psycopg://postgres:postgres@postgres:5432/postgres - name: Upload coverage reports to Codecov uses: codecov/codecov-action@v5 with: token: ${{ secrets.CODECOV_TOKEN }} - name: Upload test results to Codecov if: ${{ !cancelled() }} uses: codecov/test-results-action@v1 with: token: ${{ secrets.CODECOV_TOKEN }} build: name: Build and push image runs-on: ${{ matrix.arch.runner }} strategy: matrix: arch: - runner: ubuntu-latest platform: linux/amd64 - runner: ubuntu-arm-latest platform: linux/arm64 permissions: packages: write needs: tests steps: - uses: actions/checkout@v4 - name: Prepare run: | platform=${{ matrix.arch.platform }} echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV - name: Generate metadata id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - name: Login to the container registry uses: docker/login-action@v3 with: registry: brosner.dev username: brosner password: ${{ secrets.CI_TOKEN }} - name: Setup docker buildx uses: docker/setup-buildx-action@v3 - name: Build image id: build uses: docker/build-push-action@v6 with: tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} labels: ${{ steps.meta.outputs.labels }} annotations: ${{ steps.meta.outputs.annotations }} target: prod platforms: ${{ matrix.arch.platform }} outputs: type=image,push-by-digest=true,name-canonical=true,push=true - name: Export digest run: | mkdir -p ${{ runner.temp }}/digests digest="${{ steps.build.outputs.digest }}" touch "${{ runner.temp }}/digests/${digest#sha256:}" - name: Upload digest uses: christopherhx/gitea-upload-artifact@v4 with: name: digests-${{ env.PLATFORM_PAIR }} path: ${{ runner.temp }}/digests/* if-no-files-found: error retention-days: 1 merge: name: Create docker manifest runs-on: ubuntu-latest needs: - build steps: - name: Download digests uses: christopherhx/gitea-download-artifact@v4 with: path: ${{ runner.temp }}/digests pattern: digests-* merge-multiple: true - name: Login to the container registry uses: docker/login-action@v3 with: registry: brosner.dev username: brosner password: ${{ secrets.CI_TOKEN }} - name: Setup docker buildx uses: docker/setup-buildx-action@v3 - name: Generate metadata id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=ref,event=branch type=ref,event=pr type=sha - name: Create manifest list and push working-directory: ${{ runner.temp }}/digests run: | docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ $(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *) - name: Inspect image run: | docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }}