Bump certifi from 2024.2.2 to 2024.7.4 #46
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: CI | |
"on": | |
push: | |
branches: | |
- "main" | |
tags: | |
- "v*.*.*" | |
pull_request: | |
branches: | |
- "main" | |
permissions: | |
contents: read | |
jobs: | |
meta: | |
name: Derive Build Metadata | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Derive version string | |
id: bin_version | |
run: echo "bin_version=$(./.version.sh)" >> "$GITHUB_OUTPUT" | |
- name: bin_version | |
run: "echo bin_version: ${{ steps.bin_version.outputs.bin_version }}" | |
- name: Check if this is a running version tag update | |
id: running_version_tag | |
run: | | |
if [ -z "${{ github.event.ref }}" ]; then | |
echo "is_running_version_tag_update=false" >> "$GITHUB_OUTPUT" | |
elif [[ "${{ github.event.ref }}" =~ ^refs/tags/v[0-9]+\.[0-9]+$ ]]; then | |
echo "is_running_version_tag_update=true" >> "$GITHUB_OUTPUT" | |
elif [[ "${{ github.event.ref }}" =~ ^refs/tags/v[0-9]+$ ]]; then | |
echo "is_running_version_tag_update=true" >> "$GITHUB_OUTPUT" | |
else | |
echo "is_running_version_tag_update=false" >> "$GITHUB_OUTPUT" | |
fi | |
- name: is_running_version_tag | |
run: "echo is_running_version_tag_update: ${{ steps.running_version_tag.outputs.is_running_version_tag_update }}" | |
outputs: | |
project_name: ${{ github.event.repository.name }} | |
bin_version: ${{ steps.bin_version.outputs.bin_version }} | |
dockerhub_owner: ${{ github.repository_owner }} | |
is_prerelease: >- | |
${{ | |
steps.running_version_tag.outputs.is_running_version_tag_update != 'true' && | |
startsWith(github.ref, 'refs/tags/v') && | |
(contains(github.ref, '-alpha.') | |
|| contains(github.ref, '-beta.') | |
|| contains(github.ref, '-rc.')) | |
}} | |
is_release: >- | |
${{ | |
steps.running_version_tag.outputs.is_running_version_tag_update != 'true' && | |
startsWith(github.ref, 'refs/tags/v') && | |
!(contains(github.ref, '-alpha.') | |
|| contains(github.ref, '-beta.') | |
|| contains(github.ref, '-rc.')) | |
}} | |
is_pull_request: ${{ github.event_name == 'pull_request' }} | |
is_running_version_tag_update: ${{ steps.running_version_tag.outputs.is_running_version_tag_update }} | |
lint: | |
name: Lint & Format | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: "3.12" | |
cache: "pip" | |
- name: Install Ruff | |
run: | | |
python -m pip install --upgrade pip | |
pip install ruff | |
- name: Ruff | |
run: | | |
ruff format --check . | |
ruff check --output-format=github . | |
- name: Install Prettier | |
run: npm install -g prettier | |
- name: Prettier | |
run: prettier --check . | |
- name: Actionlint | |
uses: raven-actions/[email protected] | |
test: | |
name: Test | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: "3.12" | |
cache: "pip" | |
- name: Install dependencies | |
run: | | |
python -m pip install --upgrade pip | |
pip install -r tests/requirements.txt | |
- name: Python tests | |
run: | | |
python -m unittest tests/*.py | |
docker-amd64-cuda: | |
name: Docker Image (amd64-cuda) | |
needs: [meta, lint, test] | |
if: needs.meta.outputs.is_running_version_tag_update != 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Login to Docker Hub | |
if: needs.meta.outputs.is_pull_request != 'true' | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Available platforms | |
run: echo ${{ steps.buildx.outputs.platforms }} | |
- name: "Meta" | |
id: docker_meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
${{ needs.meta.outputs.dockerhub_owner }}/${{ needs.meta.outputs.project_name }} | |
tags: | | |
type=ref,event=branch | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=semver,pattern={{major}} | |
flavor: | | |
latest=false | |
suffix=-amd64-cuda | |
- name: "Build & Push" | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: ./Dockerfile-amd64-cuda | |
platforms: amd64 | |
builder: ${{ steps.buildx.outputs.name }} | |
push: ${{ needs.meta.outputs.is_pull_request != 'true' }} | |
tags: ${{ steps.docker_meta.outputs.tags }} | |
labels: ${{ steps.docker_meta.outputs.labels }} | |
build-args: | | |
BIN_VERSION=${{ needs.meta.outputs.bin_version }} | |
docker-amd64-cpu: | |
name: Docker Image (amd64-cpu) | |
needs: [meta, lint, test] | |
if: needs.meta.outputs.is_running_version_tag_update != 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Login to Docker Hub | |
if: needs.meta.outputs.is_pull_request != 'true' | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Available platforms | |
run: echo ${{ steps.buildx.outputs.platforms }} | |
- name: "Meta" | |
id: docker_meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
${{ needs.meta.outputs.dockerhub_owner }}/${{ needs.meta.outputs.project_name }} | |
tags: | | |
type=ref,event=branch | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=semver,pattern={{major}} | |
flavor: | | |
latest=false | |
suffix=-amd64-cpu | |
- name: "Build & Push" | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: ./Dockerfile-amd64-cpu | |
platforms: amd64 | |
builder: ${{ steps.buildx.outputs.name }} | |
push: ${{ needs.meta.outputs.is_pull_request != 'true' }} | |
tags: ${{ steps.docker_meta.outputs.tags }} | |
labels: ${{ steps.docker_meta.outputs.labels }} | |
build-args: | | |
BIN_VERSION=${{ needs.meta.outputs.bin_version }} | |
docker-arm64: | |
name: Docker Image (arm64) | |
needs: [meta, lint, test] | |
if: needs.meta.outputs.is_running_version_tag_update != 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Login to Docker Hub | |
if: needs.meta.outputs.is_pull_request != 'true' | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Available platforms | |
run: echo ${{ steps.buildx.outputs.platforms }} | |
- name: "Meta" | |
id: docker_meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
${{ needs.meta.outputs.dockerhub_owner }}/${{ needs.meta.outputs.project_name }} | |
tags: | | |
type=ref,event=branch | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=semver,pattern={{major}} | |
flavor: | | |
latest=false | |
suffix=-arm64 | |
- name: "Build & Push" | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: ./Dockerfile-arm64 | |
platforms: arm64 | |
builder: ${{ steps.buildx.outputs.name }} | |
push: ${{ needs.meta.outputs.is_pull_request != 'true' }} | |
tags: ${{ steps.docker_meta.outputs.tags }} | |
labels: ${{ steps.docker_meta.outputs.labels }} | |
build-args: | | |
BIN_VERSION=${{ needs.meta.outputs.bin_version }} | |
release: | |
name: (Pre)Release | |
needs: [meta, lint, test, docker-amd64-cuda, docker-amd64-cpu, docker-arm64] | |
if: >- | |
needs.meta.outputs.is_release == 'true' || | |
needs.meta.outputs.is_prerelease == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Create GitHub release | |
uses: softprops/action-gh-release@v1 | |
with: | |
prerelease: ${{ needs.meta.outputs.is_prerelease == 'true' }} | |
generate_release_notes: true | |
- name: Update Docker Hub description | |
if: needs.meta.outputs.is_release == 'true' | |
uses: peter-evans/dockerhub-description@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
repository: ${{ needs.meta.outputs.dockerhub_owner }}/${{ needs.meta.outputs.project_name }} | |
readme-filepath: ./README.md | |
short-description: ${{ github.event.repository.description }} | |
tags: | |
name: Update Release Tags | |
needs: [meta, release] | |
if: needs.meta.outputs.is_release == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Update running major/minor version tags | |
uses: sersoft-gmbh/running-release-tags-action@v3 | |
with: | |
fail-on-non-semver-tag: true | |
create-release: false | |
update-full-release: false | |
ntfy: | |
name: Ntfy | |
if: ${{ !cancelled() }} | |
runs-on: ubuntu-latest | |
needs: | |
[ | |
meta, | |
lint, | |
test, | |
docker-amd64-cuda, | |
docker-amd64-cpu, | |
docker-arm64, | |
release, | |
tags, | |
] | |
steps: | |
- name: Send success notification | |
uses: niniyas/ntfy-action@master | |
if: ${{ !contains(needs.*.result, 'failure') && (needs.meta.outputs.is_release == 'true' || needs.meta.outputs.is_prerelease == 'true') }} | |
with: | |
url: "https://ntfy.cdzombak.net" | |
topic: "gha-builds" | |
priority: 3 | |
headers: '{"authorization": "Bearer ${{ secrets.NTFY_TOKEN }}"}' | |
tags: white_check_mark | |
title: ${{ github.event.repository.name }} ${{ needs.meta.outputs.bin_version }} available | |
details: ${{ github.event.repository.name }} version ${{ needs.meta.outputs.bin_version }} is now available. | |
- name: Send failure notification | |
uses: niniyas/ntfy-action@master | |
if: ${{ contains(needs.*.result, 'failure') }} | |
with: | |
url: "https://ntfy.cdzombak.net" | |
topic: "gha-builds" | |
priority: 3 | |
headers: '{"authorization": "Bearer ${{ secrets.NTFY_TOKEN }}"}' | |
tags: no_entry | |
title: ${{ github.event.repository.name }} ${{ needs.meta.outputs.bin_version }} build failed | |
details: Build failed for ${{ github.event.repository.name }} version ${{ needs.meta.outputs.bin_version }}. |