Skip to content

Merge pull request #1780 from jupyterhub/dependabot/pip/helm-chart/im… #1025

Merge pull request #1780 from jupyterhub/dependabot/pip/helm-chart/im…

Merge pull request #1780 from jupyterhub/dependabot/pip/helm-chart/im… #1025

Workflow file for this run

name: Publish helm chart and docker images
on:
pull_request:
paths-ignore:
- "**.md"
- "**.rst"
- "docs/**"
- "examples/**"
- ".github/workflows/**"
- "!.github/workflows/publish.yml"
push:
paths-ignore:
- "**.md"
- "**.rst"
- "docs/**"
- "examples/**"
- ".github/workflows/**"
- "!.github/workflows/publish.yml"
branches-ignore:
- "dependabot/**"
- "pre-commit-ci-update-config"
- "update-*"
workflow_dispatch:
jobs:
# Builds and pushes docker images to DockerHub, packages the Helm chart and
# pushes it to jupyterhub/helm-chart@gh-pages where index.yaml represents the
# JupyterHub organization Helm chart repository.
#
# ref: https://github.com/jupyterhub/helm-chart
# ref: https://hub.docker.com/orgs/jupyterhub
#
Publish:
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/') || (github.ref == 'refs/heads/main')
steps:
- uses: actions/checkout@v4
with:
# chartpress requires the full history
fetch-depth: 0
- uses: actions/setup-python@v4
with:
python-version: "3.11"
- uses: actions/setup-node@v3
# node required to build wheel
with:
node-version: "16"
- name: Set up QEMU (for docker buildx)
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx (for chartpress multi-arch builds)
uses: docker/setup-buildx-action@v3
- name: Install chart publishing dependencies (chartpress, helm)
run: |
. ./ci/common
setup_helm v3.5.4
pip install --no-cache-dir chartpress>=2.1 pyyaml build
- name: Build binderhub wheel
run: python3 -m build --wheel .
- name: Setup push rights to jupyterhub/helm-chart
# This was setup by...
# 1. Generating a private/public key pair:
# ssh-keygen -t ed25519 -C "jupyterhub/binderhub" -f /tmp/id_ed25519
# 2. Registering the private key (/tmp/id_ed25519) as a secret for this
# repo:
# https://github.com/jupyterhub/binderhub/settings/secrets/actions
# 3. Registering the public key (/tmp/id_ed25519.pub) as a deploy key
# with push rights for the jupyterhub/helm chart repo:
# https://github.com/jupyterhub/helm-chart/settings/keys
#
run: |
mkdir -p ~/.ssh
ssh-keyscan github.com >> ~/.ssh/known_hosts
echo "${{ secrets.JUPYTERHUB_HELM_CHART_DEPLOY_KEY }}" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
- name: Setup push rights to Docker Hub
# This was setup by...
# 1. Creating a Docker Hub service account "jupyterhubbot"
# 2. Making the account part of the "bots" team, and granting that team
# permissions to push to the relevant images:
# https://hub.docker.com/orgs/jupyterhub/teams/bots/permissions
# 3. Registering the username and password as a secret for this repo:
# https://github.com/jupyterhub/binderhub/settings/secrets/actions
#
run: |
docker login -u "${{ secrets.DOCKER_USERNAME }}" -p "${{ secrets.DOCKER_PASSWORD }}"
- name: Configure a git user
# Having a user.email and user.name configured with git is required to
# make commits, which is something chartpress does when publishing.
# While Travis CI had a dummy user by default, GitHub Actions doesn't
# and require this explicitly setup.
run: |
git config --global user.email "[email protected]"
git config --global user.name "GitHub Actions user"
- name: Publish images and chart with chartpress
env:
GITHUB_REPOSITORY: "${{ github.repository }}"
run: |
./tools/generate-json-schema.py
./ci/publish
PyPI-testbuild:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
# Versioneer requires past tags
fetch-depth: 0
- uses: actions/setup-python@v4
with:
python-version: "3.11"
- name: Install pypa/build
run: python -mpip install build
- name: Build a sdist, and a binary wheel from the sdist
run: python -mbuild .
# ref: https://github.com/actions/upload-artifact#readme
- uses: actions/upload-artifact@v3
with:
name: pypi-dist
path: "dist/*"
if-no-files-found: error