-
-
Notifications
You must be signed in to change notification settings - Fork 31
147 lines (139 loc) · 4.08 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
name: build
on: [push]
permissions:
packages: write
id-token: write
jobs:
test-elasticsearch:
runs-on: ubuntu-latest
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:8.14.3
env:
node.name: index
cluster.name: yente-index
discovery.type: single-node
xpack.security.enabled: "false"
xpack.security.http.ssl.enabled: "false"
xpack.security.transport.ssl.enabled: "false"
ports:
- 9200:9200
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install dependencies
env:
DEBIAN_FRONTEND: noninteractive
run: |
pip install -U pip poetry
sudo apt-get install -y -qq libicu-dev
poetry install --with dev
- name: Run pytest tests
env:
YENTE_INDEX_TYPE: elasticsearch
YENTE_INDEX_URL: http://localhost:9200/
run: |
make test
test-opensearch:
runs-on: ubuntu-latest
services:
opensearch:
image: opensearchproject/opensearch:2.15.0
env:
node.name: index
cluster.name: yente-index
discovery.type: single-node
plugins.security.disabled: true
OPENSEARCH_INITIAL_ADMIN_PASSWORD: YenteIns3cureDefault
ports:
- 9200:9200
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install dependencies
env:
DEBIAN_FRONTEND: noninteractive
run: |
pip install -U pip poetry
sudo apt-get install -y -qq libicu-dev
poetry install --with dev
- name: Run pytest tests with opensearch backend
env:
YENTE_INDEX_TYPE: opensearch
YENTE_INDEX_URL: http://localhost:9200/
run: |
make test
package-python:
runs-on: ubuntu-latest
needs: [test-elasticsearch, test-opensearch]
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install dependencies
env:
DEBIAN_FRONTEND: noninteractive
run: |
pip install -U pip poetry
sudo apt-get install -y -qq libicu-dev
poetry install --with dev
- name: Run mypy strict type check
run: |
make typecheck
- name: Build a distribution
run: |
poetry build
- name: Publish a Python distribution to PyPI
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
uses: pypa/gh-action-pypi-publish@release/v1
with:
skip-existing: true
package-docker:
runs-on: ubuntu-latest
needs: [package-python]
steps:
- uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/opensanctions/yente
tags: |
type=ref,event=branch
type=semver,pattern={{version}}
type=sha
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
install: true
- name: Debug information
run: |
docker --version
echo "${GITHUB_REF}"
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push release
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
pull: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max