-
Notifications
You must be signed in to change notification settings - Fork 0
184 lines (157 loc) · 6.02 KB
/
main.yml
File metadata and controls
184 lines (157 loc) · 6.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
# This workflow will upload a Python Package using Twine when a release is created
# For more information see: https://help.github.com/en/actions/language-and-framework-guides/using-python-with-github-actions#publishing-to-package-registries
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: Publish Python Package and Docker Image
on:
push:
branches:
- release-v*
release:
types: [published]
jobs:
build_pypi_and_docker:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
with:
fetch-depth: 0 # unshallow checkout enables setuptools_scm to infer PyPi version from Git
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.12'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install build setuptools
- name: Build Package
run: python -m build
- name: Upload Wheel Artifact
uses: actions/upload-artifact@v4
with:
name: netfoundry-wheel-${{ github.run_id }}
path: dist/netfoundry-*.whl
if-no-files-found: error
- name: Install Wheel
run: pip install dist/netfoundry-*.whl
- name: Read version string
id: read_version
run: |
PYPI_VERSION=$(python setup.py --version)
[[ ${PYPI_VERSION} =~ ^[0-9]+\.[0-9]+\.[0-9]+.* ]] || {
echo "ERROR: unexpected version string '${PYPI_VERSION}'" >&2
exit 1
}
echo ::set-output name=pypi_version::${PYPI_VERSION}
- name: Compare installed version to PyPi version
env:
PYPI_VERSION: ${{ steps.read_version.outputs.pypi_version }}
run: |
INSTALLED_VERSION="$(python3 -m netfoundry.version)"
echo "PYPI_VERSION=${PYPI_VERSION}, INSTALLED_VERSION=${INSTALLED_VERSION#v}"
if ! [[ ${PYPI_VERSION} == ${INSTALLED_VERSION#v} ]]; then
echo "ERROR: PyPi and installed version do not match." >&2
exit 1
fi
- name: Test shell autocomplete
run: |
register-python-argcomplete nfctl
- name: Run the NF CLI demo to test installed version
id: test_demo
shell: bash
env:
NETFOUNDRY_CLIENT_ID: ${{ secrets.NETFOUNDRY_CLIENT_ID }}
NETFOUNDRY_PASSWORD: ${{ secrets.NETFOUNDRY_PASSWORD }}
NETFOUNDRY_OAUTH_URL: ${{ secrets.NETFOUNDRY_OAUTH_URL }}
run: ./scripts/test-demo.sh
- name: Publish Test Package
uses: pypa/gh-action-pypi-publish@v1.13.0
with:
user: __token__
password: ${{ secrets.TEST_PYPI_API_TOKEN }}
repository_url: https://test.pypi.org/legacy/
- name: Append 'latest' tag if release
env:
GITHUB_EVENT_ACTION: ${{ github.event.action }}
PYPI_VERSION: ${{ steps.read_version.outputs.pypi_version }}
id: compose_tags
run: |
CONTAINER_TAGS="netfoundry/python:${PYPI_VERSION}"
if [[ ${GITHUB_EVENT_ACTION} == published ]]; then
CONTAINER_TAGS+=",netfoundry/python:latest"
fi
echo GITHUB_EVENT_ACTION="${GITHUB_EVENT_ACTION}"
echo CONTAINER_TAGS="${CONTAINER_TAGS}"
echo ::set-output name=container_tags::${CONTAINER_TAGS}
- name: Publish Release to PyPi
if: github.event.action == 'published'
uses: pypa/gh-action-pypi-publish@v1.13.0
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
- name: Attach Wheel Artifact to GH Release
if: ${{ github.event.action == 'published' }}
uses: softprops/action-gh-release@v2
with:
files: dist/netfoundry-*.whl
fail_on_unmatched_files: true
generate_release_notes: true
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: amd64,arm64
# ignore arm/v7 (32bit) because unsupported by "cryptography" dep of
# Ansible and demand seems unlikely
- name: Set up Docker BuildKit
id: buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_API_USER }}
password: ${{ secrets.DOCKER_HUB_API_TOKEN }}
- name: Build & Push Multi-Platform Container
uses: docker/build-push-action@v6
with:
context: ${{ github.workspace }} # build context is workspace so we can copy artifacts from ./dist/
file: ${{ github.workspace }}/docker/Dockerfile
builder: ${{ steps.buildx.outputs.name }}
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.compose_tags.outputs.container_tags }}
cleanup-delay:
if: failure()
needs: [build_pypi_and_docker]
runs-on: ubuntu-latest
steps:
- name: Wait 30 minutes before cleanup
run: |
echo "Test demo failed to complete. Waiting 30 minutes before cleanup to allow investigation..."
sleep 1800
cleanup-network:
if: always() && needs.build_pypi_and_docker.result == 'failure'
needs: [cleanup-delay]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.12'
- name: Install nfctl
run: |
python -m pip install --upgrade pip
pip install .
- name: Delete test network
env:
NETFOUNDRY_CLIENT_ID: ${{ secrets.NETFOUNDRY_CLIENT_ID }}
NETFOUNDRY_PASSWORD: ${{ secrets.NETFOUNDRY_PASSWORD }}
NETFOUNDRY_OAUTH_URL: ${{ secrets.NETFOUNDRY_OAUTH_URL }}
run: |
# Use wildcard pattern to match network created by this run
NETWORK_PATTERN="gh-${GITHUB_RUN_ID}-%"
echo "Attempting to delete network matching: ${NETWORK_PATTERN}"
# Try to delete the network, ignore errors if it doesn't exist
nfctl delete network "name=${NETWORK_PATTERN}" --yes || echo "Network may not exist or already deleted"