Skip to content

fixup! database: don't store creds in a pickle #246

fixup! database: don't store creds in a pickle

fixup! database: don't store creds in a pickle #246

Workflow file for this run

name: Lint, Build, and Deploy
on:
push:
pull_request:
branches:
- master
release:
types:
- created
env:
PYTHON_VERSION: 3.9
BEEPER_BRIDGE_TYPE: linkedin
CI_REGISTRY_IMAGE: "${{ secrets.CI_REGISTRY }}/bridge/linkedin"
GHCR_REGISTRY: ghcr.io
GHCR_REGISTRY_IMAGE: "ghcr.io/${{ github.repository }}"
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ env.PYTHON_VERSION }}
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- uses: isort/isort-action@master
with:
sortPaths: "./linkedin_matrix"
- uses: psf/black@stable
with:
src: "./linkedin_matrix"
version: "22.3.0"
- name: pre-commit
run: |
pip install pre-commit
pre-commit run -av trailing-whitespace
pre-commit run -av end-of-file-fixer
pre-commit run -av check-yaml
pre-commit run -av check-added-large-files
build-docker:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to registry
uses: docker/login-action@v3
with:
registry: ${{ secrets.CI_REGISTRY }}
username: ${{ secrets.CI_REGISTRY_USER }}
password: ${{ secrets.CI_REGISTRY_PASSWORD }}
- name: Login to ghcr
uses: docker/login-action@v3
with:
registry: ${{ env.GHCR_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker Build
uses: docker/build-push-action@v5
with:
context: .
cache-from: ${{ env.CI_REGISTRY_IMAGE }}:latest
pull: true
file: Dockerfile
tags: |
${{ env.CI_REGISTRY_IMAGE }}:${{ github.sha }}
${{ env.GHCR_REGISTRY_IMAGE }}:${{ github.sha }}
push: true
deploy-docker:
runs-on: ubuntu-latest
needs:
- lint
- build-docker
if: github.ref == 'refs/heads/master'
steps:
- name: Login to Beeper Docker registry
uses: docker/login-action@v3
with:
registry: ${{ secrets.CI_REGISTRY }}
username: ${{ secrets.CI_REGISTRY_USER }}
password: ${{ secrets.CI_REGISTRY_PASSWORD }}
- name: Login to ghcr
uses: docker/login-action@v3
with:
registry: ${{ env.GHCR_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: beeper/docker-retag-push-latest@main
with:
image: ${{ env.CI_REGISTRY_IMAGE }}
- uses: beeper/docker-retag-push-latest@main
with:
image: ${{ env.GHCR_REGISTRY_IMAGE }}
- name: Run bridge CD tool
uses: beeper/bridge-cd-tool@main
env:
CI_REGISTRY: "${{ secrets.CI_REGISTRY }}"
BEEPER_DEV_ADMIN_API_URL: "${{ secrets.BEEPER_DEV_ADMIN_API_URL }}"
BEEPER_STAGING_ADMIN_API_URL: "${{ secrets.BEEPER_STAGING_ADMIN_API_URL }}"
BEEPER_PROD_ADMIN_API_URL: "${{ secrets.BEEPER_PROD_ADMIN_API_URL }}"
BEEPER_DEV_ADMIN_NIGHTLY_PASS: "${{ secrets.BEEPER_DEV_ADMIN_NIGHTLY_PASS }}"
BEEPER_STAGING_ADMIN_NIGHTLY_PASS: "${{ secrets.BEEPER_STAGING_ADMIN_NIGHTLY_PASS }}"
BEEPER_PROD_ADMIN_NIGHTLY_PASS: "${{ secrets.BEEPER_PROD_ADMIN_NIGHTLY_PASS }}"
publish-pypi:
runs-on: ubuntu-latest
needs:
- lint
if: ${{ github.event_name == 'release' && github.event.action == 'created' }}
steps:
- uses: actions/checkout@v4
- name: Publish to pypi
uses: pypa/[email protected]
with:
password: ${{ secrets.PYPI_TOKEN }}
tag-docker-release:
runs-on: ubuntu-latest
needs:
- lint
- build-docker
if: ${{ github.event_name == 'release' && github.event.action == 'created' }}
steps:
- name: Login to ghcr
uses: docker/login-action@v3
with:
registry: ${{ env.GHCR_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Create a label for the tag on ghcr
run: |
docker pull ${{ env.GHCR_REGISTRY_IMAGE }}:${{ github.sha }}
docker tag ${{ env.GHCR_REGISTRY_IMAGE }}:${{ github.sha }} ${{ env.GHCR_REGISTRY_IMAGE }}:${{ github.ref_name }}
docker push ${{ env.GHCR_REGISTRY_IMAGE }}:${{ github.ref_name }}