From cc6922e45346fb0d4b098180fe06aa9260434fd2 Mon Sep 17 00:00:00 2001 From: Ranbir Aulakh Date: Wed, 18 Oct 2023 14:37:12 -0400 Subject: [PATCH] feat: Update Github action workflows (#29) * Update Github action workflows * Remove ssh_key --- .github/workflows/docker-build.yml | 11 ++----- .../workflows/docker-publish-dockerhub.yml | 32 +++++++------------ .github/workflows/docker-publish-github.yml | 25 +++++---------- ...ntation.yaml => documentation-publish.yml} | 12 ++++--- .github/workflows/osml-model-runner-build.yml | 13 ++++++++ .../workflows/osml-model-runner-publish.yml | 29 +++++++++++++++++ .github/workflows/python-publish.yml | 13 +++----- .github/workflows/python-tox.yml | 13 ++------ 8 files changed, 77 insertions(+), 71 deletions(-) rename .github/workflows/{documentation.yaml => documentation-publish.yml} (76%) create mode 100644 .github/workflows/osml-model-runner-build.yml create mode 100644 .github/workflows/osml-model-runner-publish.yml diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index 9b3b8761..651c70b5 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -1,21 +1,14 @@ name: Build Docker Container on: - push: - branches: [ "main" ] - pull_request: - branches: [ "main" ] + workflow_call: jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: lfs: 'true' - ssh-key: ${{ secrets.git_ssh_key }} - name: Build the Docker image run: docker build . --file Dockerfile --tag osml-model-runner:$(date +%s) diff --git a/.github/workflows/docker-publish-dockerhub.yml b/.github/workflows/docker-publish-dockerhub.yml index 436caa0f..1461eb63 100644 --- a/.github/workflows/docker-publish-dockerhub.yml +++ b/.github/workflows/docker-publish-dockerhub.yml @@ -1,17 +1,11 @@ -name: Publish DockerHub Container -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. +name: Publish OSML Model Runner DockerHub Container -# GitHub recommends pinning actions to a commit SHA. -# To get a newer version, you will need to update the SHA. -# You can also reference a tag or branch, but the action may change without warning. - -# Configures this workflow to run every time a change is pushed to the branch called `main`. on: - push: - branches: ['main'] + workflow_call: + +env: + REGISTRY: awsosml + IMAGE_NAME: ${{ github.repository }} jobs: push_to_registry: @@ -19,25 +13,21 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out the repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: lfs: 'true' - ssh-key: ${{ secrets.git_ssh_key }} - - name: Log in to Docker Hub - uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 + uses: docker/metadata-action@v5 with: - images: awsosml/osml-model-runner - + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - name: Publish Container to Dockerhub - uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 + uses: docker/build-push-action@v5 with: context: . file: ./Dockerfile diff --git a/.github/workflows/docker-publish-github.yml b/.github/workflows/docker-publish-github.yml index cc80509f..dc70059e 100644 --- a/.github/workflows/docker-publish-github.yml +++ b/.github/workflows/docker-publish-github.yml @@ -1,45 +1,36 @@ -name: Publish GitHub Container +name: Publish OSML Model Runner GitHub Container -# Configures this workflow to run every time a change is pushed to the branch called `main`. on: - push: - branches: ['main'] + workflow_call: -# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds. env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} -# There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu. jobs: build-and-push-image: runs-on: ubuntu-latest - # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. permissions: contents: read packages: write - # steps: - name: Checkout repository - uses: actions/checkout@v3 - # Uses the `docker/login-action` action to log in to the Container registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here. + uses: actions/checkout@v4 + with: + lfs: 'true' - name: Log in to the Container registry - uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - # This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels. - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 + uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - # This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages. - # It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository. - # It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step. - name: Push to Github - uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 + uses: docker/build-push-action@v5 with: context: . push: true diff --git a/.github/workflows/documentation.yaml b/.github/workflows/documentation-publish.yml similarity index 76% rename from .github/workflows/documentation.yaml rename to .github/workflows/documentation-publish.yml index a9bc5cad..9847301b 100644 --- a/.github/workflows/documentation.yaml +++ b/.github/workflows/documentation-publish.yml @@ -1,12 +1,17 @@ -name: Docs -on: [push, pull_request, workflow_dispatch] +name: Generate and Publish Documentation for OSML Model Runner + +on: + workflow_call: + permissions: contents: write + jobs: docs: + if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-python@v3 - name: Install dependencies run: | @@ -19,7 +24,6 @@ jobs: tox -e docs - name: Deploy uses: peaceiris/actions-gh-pages@v3.9.3 - if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} with: publish_branch: gh-pages github_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/osml-model-runner-build.yml b/.github/workflows/osml-model-runner-build.yml new file mode 100644 index 00000000..3b69b95d --- /dev/null +++ b/.github/workflows/osml-model-runner-build.yml @@ -0,0 +1,13 @@ +name: "OSML Model Runner Build Workflow" + +on: + pull_request: + branches: ["main", "dev"] + +jobs: + Build_Validate_Tox: + uses: ./.github/workflows/python-tox.yml + secrets: inherit + Build_Docker_Container: + uses: ./.github/workflows/docker-build.yml + secrets: inherit diff --git a/.github/workflows/osml-model-runner-publish.yml b/.github/workflows/osml-model-runner-publish.yml new file mode 100644 index 00000000..87d3bb9b --- /dev/null +++ b/.github/workflows/osml-model-runner-publish.yml @@ -0,0 +1,29 @@ +name: "OSML Model Runner Build and Publish Workflow" + +on: + push: + branches: ["main", "dev"] + +jobs: + Build_Validate_Tox: + uses: ./.github/workflows/python-tox.yml + secrets: inherit + Build_Docker_Container: + uses: ./.github/workflows/docker-build.yml + secrets: inherit + Publish_Python: + needs: [Build_Validate_Tox, Build_Docker_Container] + uses: ./.github/workflows/python-publish.yml + secrets: inherit + Publish_Docker_Github: + needs: [Build_Validate_Tox, Build_Docker_Container] + uses: ./.github/workflows/docker-publish-dockerhub.yml + secrets: inherit + Publish_Docker_Dockerhub: + needs: [Build_Validate_Tox, Build_Docker_Container] + uses: ./.github/workflows/docker-publish-github.yml + secrets: inherit + Publish_Documentation: + needs: [Publish_Python, Publish_Docker_Github, Publish_Docker_Dockerhub] + uses: ./.github/workflows/documentation-publish.yml + secrets: inherit diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml index 4ed3b4d4..f3b91793 100644 --- a/.github/workflows/python-publish.yml +++ b/.github/workflows/python-publish.yml @@ -1,14 +1,10 @@ # This workflow will upload a Python Package using Twine when a release is created # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python#publishing-to-package-registries -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - name: Publish Python Package on: + workflow_call: release: types: [published] @@ -17,11 +13,10 @@ permissions: jobs: deploy: - + if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v3 with: @@ -33,7 +28,7 @@ jobs: - name: Build package run: python -m build - name: Publish package - uses: pypa/gh-action-pypi-publish@27b31702a0e7fc50959f5ad993c78deac1bdfc29 + uses: pypa/gh-action-pypi-publish@v1.8.10 with: user: __token__ password: ${{ secrets.PYPI_API_TOKEN }} diff --git a/.github/workflows/python-tox.yml b/.github/workflows/python-tox.yml index f76e24ed..469027ca 100644 --- a/.github/workflows/python-tox.yml +++ b/.github/workflows/python-tox.yml @@ -1,27 +1,18 @@ -# This workflow will install Python dependencies, run tests and lint with a single version of Python -# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python - name: Build/Validation with Tox on: - push: - branches: [ "main", "dev" ] - pull_request: - branches: [ "main", "dev" ] + workflow_call: permissions: contents: read jobs: build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: lfs: 'true' - ssh-key: ${{ secrets.git_ssh_key }} - name: Set up Python 3.10 uses: actions/setup-python@v3 with: