Skip to content

ci

ci #236

Workflow file for this run

name: ci
concurrency:
cancel-in-progress: ${{ ! (github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')) }}
group: ci-${{ github.ref_name }}-${{ github.event_name }}
on:
pull_request:
branches:
- master
push:
branches:
- master
tags:
- "v*"
schedule:
- cron: 30 0 */1 * *
workflow_dispatch:
release:
types:
- published
jobs:
build-pr:
if: github.event_name == 'pull_request'
permissions:
contents: read
packages: write
uses: ./.github/workflows/build-docker.yml
with:
context: .
image-name: ghcr.io/${{ github.repository }}
platforms: linux/amd64,linux/arm64
push: true
scout-cves: true
scout-compare: true
scout-comment-pr: true
secrets:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
build-edge:
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
permissions:
contents: read
packages: write
uses: ./.github/workflows/build-docker.yml
with:
context: .
image-name: ghcr.io/${{ github.repository }}
image-extra-tags: |
ghcr.io/${{ github.repository }}:${{ github.run_id }}
platforms: linux/amd64,linux/arm64
push: true
scout-cves: true
scout-compare: false
scout-comment-pr: false
secrets:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
build-tag:
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
permissions:
contents: read
packages: write
uses: ./.github/workflows/build-docker.yml
with:
context: .
image-name: ghcr.io/${{ github.repository }}
image-extra-tags: |
ghcr.io/${{ github.repository }}:${{ github.ref_name }}
platforms: linux/amd64,linux/arm64
push: true
scout-cves: true
scout-compare: false
scout-comment-pr: false
secrets:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
github-release:
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Create a GitHub release
env:
GH_TOKEN: ${{ github.token }}
run: |
gh release create ${{ github.ref_name }} \
--title ${{ github.ref_name }} \
--latest \
--generate-notes \
--verify-tag
checks:
if: contains(fromJSON('["push", "pull_request", "schedule"]'), github.event_name)
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Run linters
run: |
pip install -U pip pre-commit
pre-commit run -a
- if: failure() && github.ref_name != 'refs/heads/main'
name: Commit linting changes
uses: EndBug/add-and-commit@v9
with:
message: "chore: lint 🚨"
new_branch: ${{ github.head_ref || github.ref_name }}