Skip to content

[Auto-generated] Update dependencies (#527) #319

[Auto-generated] Update dependencies (#527)

[Auto-generated] Update dependencies (#527) #319

name: CI/CD - New updates to 'master'
on:
push:
branches: [master]
concurrency: ${{ github.workflow }}-${{ github.ref }}
env:
DEPENDABOT_BRANCH: ci/dependabot-updates
GIT_USER_NAME: "TEAM 4.0[bot]"
GIT_USER_EMAIL: "[email protected]"
DEFAULT_REPO_BRANCH: master
jobs:
update_version:
name: Update the version (new build number)
if: github.repository_owner == 'EMMC-ASBL'
runs-on: ubuntu-latest
outputs:
continue_workflow: ${{ steps.update_version_step.outputs.continue_workflow }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up git config
run: |
git config --global user.name "${{ env.GIT_USER_NAME }}"
git config --global user.email "${{ env.GIT_USER_EMAIL }}"
- name: Set up Python 3.9
uses: actions/setup-python@v5
with:
python-version: "3.9"
- name: Install Python dependencies
run: |
python -m pip install -U pip
pip install -U setuptools wheel
pip install -U -r .dev/requirements_dev.txt
- name: Update version
id: update_version_step
run: |
invoke setver
if [ -n "$(git status --porcelain app/__init__.py)" ]; then
echo "Version updated !"
CONTINUE_WORKFLOW=true
else
# The version has not changed - i.e. the workflow shouldn't continue.
CONTINUE_WORKFLOW=false
echo "Version not updated !"
fi
echo "CONTINUE_WORKFLOW=${CONTINUE_WORKFLOW}" >> $GITHUB_ENV
echo "continue_workflow=${CONTINUE_WORKFLOW}" >> $GITHUB_OUTPUT
- name: Update changelog
if: env.CONTINUE_WORKFLOW == 'true'
uses: CharMixer/auto-changelog-action@v1
with:
token: ${{ secrets.RELEASE_PAT }}
release_branch: ${{ env.DEFAULT_REPO_BRANCH }}
- name: Commit changes
if: env.CONTINUE_WORKFLOW == 'true'
run: |
git add app/__init__.py CHANGELOG.md
git commit --amend -C HEAD
- name: Update '${{ env.DEFAULT_REPO_BRANCH }}'
if: env.CONTINUE_WORKFLOW == 'true'
uses: CasperWA/push-protected@v2
with:
token: ${{ secrets.RELEASE_PAT }}
branch: ${{ env.DEFAULT_REPO_BRANCH }}
sleep: 15
force: true
unprotect_reviews: false
update_dependabot_branch:
name: Update permanent dependabot branch
if: github.repository_owner == 'EMMC-ASBL' && needs.update_version.outputs.continue_workflow == 'true'
runs-on: ubuntu-latest
needs: update_version
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ env.DEPENDABOT_BRANCH }}
fetch-depth: 0
- name: Set up git config
run: |
git config --global user.name "${{ env.GIT_USER_NAME }}"
git config --global user.email "${{ env.GIT_USER_EMAIL }}"
- name: Update '${{ env.DEPENDABOT_BRANCH }}'
run: |
git fetch origin
LATEST_PR_BODY="$(gh api /repos/${{ github.repository}}/pulls -X GET -f state=closed -f per_page=1 -f sort=updated -f direction=desc --jq '.[].body')"
cat .github/utils/single_dependency_pr_body.txt | head -8 > .tmp_file.txt
if [ -z "$(printf '%s\n' "${LATEST_PR_BODY}" | head -8 | diff - .tmp_file.txt --strip-trailing-cr)" ]; then
echo "The dependencies have just been updated! Reset to ${{ env.DEFAULT_REPO_BRANCH }}."
git reset --hard origin/${{ env.DEFAULT_REPO_BRANCH }}
echo "FORCE_PUSH=yes" >> $GITHUB_ENV
else
echo "Merge new updates to ${{ env.DEFAULT_REPO_BRANCH }} into ${{ env.DEPENDABOT_BRANCH }}"
git merge -m "Keep '${{ env.DEPENDABOT_BRANCH }}' up-to-date with '${{ env.DEFAULT_REPO_BRANCH }}'" origin/${{ env.DEFAULT_REPO_BRANCH }}
echo "FORCE_PUSH=no" >> $GITHUB_ENV
fi
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Push to '${{ env.DEPENDABOT_BRANCH }}'
uses: CasperWA/push-protected@v2
with:
token: ${{ secrets.RELEASE_PAT }}
branch: ${{ env.DEPENDABOT_BRANCH }}
sleep: 15
force: ${{ env.FORCE_PUSH }}
publish_container_image:
name: Publish Container image on GH Packages
if: github.repository_owner == 'EMMC-ASBL' && needs.update_version.outputs.continue_workflow == 'true'
runs-on: ubuntu-latest
needs: update_version
permissions:
packages: write
contents: read
env:
IMAGE_NAME: oteapi
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ env.DEFAULT_REPO_BRANCH }}
fetch-depth: 0
- name: Set up git config
run: |
git config --global user.name "${{ env.GIT_USER_NAME }}"
git config --global user.email "${{ env.GIT_USER_EMAIL }}"
- name: Build image
run: |
docker build \
--file Dockerfile \
--tag "${IMAGE_NAME}" \
--label "gh_actions_runnumber=${GITHUB_RUN_ID}" \
--label "org.opencontainers.image.description=$(cat README.md)" \
--label "oteapi=production" \
--target production \
.
- name: Log in to registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u TEAM4-0 --password-stdin
- name: Push image
run: |
IMAGE_ID=ghcr.io/${{ github.repository_owner }}/${IMAGE_NAME}
# Change all uppercase to lowercase
IMAGE_ID=$(echo ${IMAGE_ID} | tr '[A-Z]' '[a-z]')
# Get current OTEAPI Services version from app/__init__.py
regex="^__version__ = (\"|')(.*)(\"|')$"
while IFS="" read -r line || [ -n "${line}" ]; do
if [[ "${line}" =~ $regex ]]; then
VERSION="${BASH_REMATCH[2]}"
fi
done < app/__init__.py
echo IMAGE_ID=${IMAGE_ID}
echo VERSION=${VERSION}
# Tag image using current OTEAPI Services version
docker tag ${IMAGE_NAME} ${IMAGE_ID}:${VERSION}
# Always tag as the "latest"
docker tag ${IMAGE_NAME} ${IMAGE_ID}:latest
docker image inspect ${IMAGE_NAME}
docker push --all-tags ${IMAGE_ID}