Merge pull request #357 from stustapay/milo/improve-forbidden-object-… #67
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Push or tag on master | |
| on: | |
| push: | |
| branches: [ "master" ] | |
| tags: [ "v*" ] | |
| jobs: | |
| build_and_test_app: | |
| uses: ./.github/workflows/app.yaml | |
| secrets: inherit | |
| build_app_release: | |
| uses: ./.github/workflows/app_release.yaml | |
| secrets: inherit | |
| build_and_test_backend: | |
| uses: ./.github/workflows/core.yaml | |
| secrets: inherit | |
| build_and_test_webfrontend: | |
| uses: ./.github/workflows/web.yaml | |
| secrets: inherit | |
| get-distros: | |
| name: "Calculate list of debian distros" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| - id: set-distros | |
| run: | | |
| # if we're running from a tag, get the full list of distros; otherwise just use debian:sid | |
| dists='["debian:bookworm"]' | |
| if [[ $GITHUB_REF == refs/tags/* ]]; then | |
| dists=$(tools/build_debian_packages.py --show-dists-json) | |
| fi | |
| echo "::set-output name=distros::$dists" | |
| # map the step outputs to job outputs | |
| outputs: | |
| distros: ${{ steps.set-distros.outputs.distros }} | |
| # now build the packages with an abrechnung build. | |
| build-debs: | |
| needs: | |
| - get-distros | |
| name: "Build .deb packages" | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| distro: ${{ fromJson(needs.get-distros.outputs.distros) }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| path: src | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v1 | |
| with: | |
| install: true | |
| - name: Set up docker layer caching | |
| uses: actions/cache@v2 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Set up python | |
| uses: actions/setup-python@v5 | |
| - name: Build the packages | |
| # see https://github.com/docker/build-push-action/issues/252 | |
| # for the cache magic here | |
| run: | | |
| ./src/tools/build_debian_packages.py \ | |
| --docker-build-arg=--cache-from=type=local,src=/tmp/.buildx-cache \ | |
| --docker-build-arg=--cache-to=type=local,mode=max,dest=/tmp/.buildx-cache-new \ | |
| --docker-build-arg=--progress=plain \ | |
| --docker-build-arg=--load \ | |
| "${{ matrix.distro }}" | |
| rm -rf /tmp/.buildx-cache | |
| mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
| - name: Upload debs as artifacts | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: debs | |
| path: debs/* | |
| # if it's a tag, create a release and attach the artifacts to it | |
| attach-assets: | |
| name: "Attach assets to release" | |
| if: ${{ !failure() && !cancelled() && startsWith(github.ref, 'refs/tags/') }} | |
| needs: | |
| - build_and_test_app | |
| - build_app_release | |
| - build_and_test_backend | |
| - build_and_test_webfrontend | |
| - build-debs | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download all workflow run artifacts | |
| uses: actions/download-artifact@v2 | |
| with: | |
| path: artifacts | |
| merge-multiple: true | |
| - name: List files | |
| run: | | |
| ls -lah artifacts | |
| - name: Attach to release | |
| uses: softprops/action-gh-release@a929a66f232c1b11af63782948aa2210f981808a # PR#109 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| files: | | |
| artifacts/debs/*.deb | |
| # if it's not already published, keep the release as a draft. | |
| draft: true | |
| # mark it as a prerelease if the tag contains 'rc'. | |
| prerelease: ${{ contains(github.ref, 'rc') || contains(github.ref, 'alpha') || contains(github.ref, 'beta') }} |