Update default_branch_pr_merged_ci.yml #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Workflow that should run on closed PRs to the default branch | |
| # * Bumps the git tag and builds and pushes a container with that tag | |
| # | |
| # Example usage: | |
| # | |
| # name: Default Branch PR Merged CI | |
| # | |
| # on: | |
| # pull_request: | |
| # types: ["closed"] | |
| # branches: ["main"] | |
| # | |
| # jobs: | |
| # run_default_branch_pr_merged_ci: | |
| # uses: openclimatefix/.github/.github/workflows/default_branch_pr_merged_ci.yml@main | |
| # with: | |
| # containerfile: Containerfile | |
| # secrets: inherit | |
| name: Default Branch PR Merged CI | |
| on: | |
| workflow_call: | |
| inputs: | |
| containerfile: | |
| description: > | |
| Path to the containerfile for building the image. | |
| Pass 'None' to prevent building an image. | |
| default: 'Dockerfile' | |
| required: false | |
| type: string | |
| enable_pypi: | |
| description: Whether to build a wheel and deploy to PyPI | |
| default: false | |
| type: boolean | |
| outputs: | |
| tag: | |
| description: The new tag created by the version bump | |
| value: ${{ jobs.bump-tag.outputs.tag }} | |
| # Specify concurrency such that only one workflow can run at a time | |
| # * Different workflow files are not affected | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: false | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| # Define an autotagger job that creates tags on changes to master | |
| # Use #major #minor in merge commit messages to bump version beyond patch | |
| bump-tag: | |
| runs-on: ubuntu-latest | |
| # Better to run on merged PR's only, but can be run on pushes to main if desired | |
| if: > | |
| github.event_name == 'push' || | |
| ( | |
| contains(github.event_name, 'pull_request') && | |
| github.event.action == 'closed' && | |
| github.event.pull_request.merged == true | |
| ) | |
| permissions: | |
| contents: write | |
| outputs: | |
| tag: ${{ steps.tag.outputs.tag }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Bump version and push tag | |
| uses: anothrNick/github-tag-action@1.67.0 | |
| id: tag | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| RELEASE_BRANCHES: main | |
| WITH_V: true | |
| DEFAULT_BUMP: patch | |
| GIT_API_TAGGING: false | |
| # Job for building container image | |
| # * Builds and pushes an OCI Container image to the registry defined in the environment variables | |
| build-container: | |
| runs-on: ubuntu-latest | |
| needs: bump-tag | |
| permissions: | |
| contents: read | |
| packages: write | |
| if: ${{ inputs.containerfile != 'None' }} | |
| steps: | |
| # Do a non-shallow clone of the repo to ensure tags are present | |
| # * This allows setuptools-git-versioning to automatically set the version | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # Tag the built image according to the event type | |
| # The event is a semver release, so use the version | |
| - name: Extract metadata (tags, labels) for Container | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: type=semver,pattern={{version}},value=${{ needs.bump-tag.outputs.tag }} | |
| # Build and push the Container image to the registry | |
| # * Creates a multiplatform-aware image | |
| # * Pulls build cache from the registry and pushes new cache back | |
| - name: Build and push container image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: ${{ inputs.containerfile }} | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| platforms: linux/amd64 | |
| cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache | |
| cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache,mode=max | |
| build-wheel: | |
| runs-on: ubuntu-latest | |
| needs: bump-tag | |
| if: ${{ inputs.enable_pypi }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ needs.bump-tag.outputs.tag }} | |
| - name: Setup uv | |
| uses: astral-sh/setup-uv@v5 | |
| with: | |
| enable-cache: true | |
| cache-dependency-glob: "pyproject.toml" | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version-file: "pyproject.toml" | |
| - name: Build package | |
| run: uv build | |
| - name: Publish package | |
| run: uv publish --token ${{ secrets.token }} | |