-
Notifications
You must be signed in to change notification settings - Fork 389
132 lines (118 loc) · 4.46 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: Publish helm chart and docker images
on:
pull_request:
paths-ignore:
- "**.md"
- "**.rst"
- "docs/**"
- "examples/**"
- ".github/workflows/**"
- "!.github/workflows/publish.yml"
push:
paths-ignore:
- "**.md"
- "**.rst"
- "docs/**"
- "examples/**"
- ".github/workflows/**"
- "!.github/workflows/publish.yml"
branches-ignore:
- "dependabot/**"
- "pre-commit-ci-update-config"
- "update-*"
workflow_dispatch:
jobs:
# Builds and pushes docker images to quay.io, packages the Helm chart and
# pushes it to jupyterhub/helm-chart@gh-pages where index.yaml represents the
# JupyterHub organization Helm chart repository.
#
# ref: https://github.com/jupyterhub/helm-chart
# ref: https://quay.io/organization/jupyterhub
#
Publish:
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/') || (github.ref == 'refs/heads/main')
steps:
- uses: actions/checkout@v4
with:
# chartpress requires the full history
fetch-depth: 0
- uses: actions/setup-python@v5
with:
python-version: "3.12"
- uses: actions/setup-node@v4
# node required to build wheel
with:
node-version: "22"
- name: Set up QEMU (for docker buildx)
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx (for chartpress multi-arch builds)
uses: docker/setup-buildx-action@v3
- name: Setup helm
uses: azure/setup-helm@v4
with:
version: "v3.16.2"
- name: Install chart publishing dependencies (chartpress, etc)
run: |
pip install --no-cache-dir chartpress>=2.1 pyyaml build
- name: Build binderhub wheel
run: python3 -m build --wheel .
- name: Setup push rights to jupyterhub/helm-chart
# This was setup by...
# 1. Generating a private/public key pair:
# ssh-keygen -t ed25519 -C "jupyterhub/binderhub" -f /tmp/id_ed25519
# 2. Registering the private key (/tmp/id_ed25519) as a secret for this
# repo:
# https://github.com/jupyterhub/binderhub/settings/secrets/actions
# 3. Registering the public key (/tmp/id_ed25519.pub) as a deploy key
# with push rights for the jupyterhub/helm chart repo:
# https://github.com/jupyterhub/helm-chart/settings/keys
#
run: |
mkdir -p ~/.ssh
ssh-keyscan github.com >> ~/.ssh/known_hosts
echo "${{ secrets.JUPYTERHUB_HELM_CHART_DEPLOY_KEY }}" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
- name: Setup push rights to Quay.io
# This was setup by...
# 1. Creating a [Robot Account](https://quay.io/organization/jupyterhub?tab=robots) in the JupyterHub
# . quay.io org
# 2. Giving it enough permissions to push to the binderhub image
# 3. Putting the robot account's username and password in GitHub actions environment
run: |
docker login -u "${{ secrets.QUAY_USERNAME }}" -p "${{ secrets.QUAY_PASSWORD }}" quay.io
docker login -u "${{ secrets.DOCKER_USERNAME }}" -p "${{ secrets.DOCKER_PASSWORD }}" docker.io
- name: Configure a git user
# Having a user.email and user.name configured with git is required to
# make commits, which is something chartpress does when publishing.
# While Travis CI had a dummy user by default, GitHub Actions doesn't
# and require this explicitly setup.
run: |
git config --global user.email "[email protected]"
git config --global user.name "GitHub Actions user"
- name: Publish images and chart with chartpress
env:
GITHUB_REPOSITORY: "${{ github.repository }}"
run: |
./tools/generate-json-schema.py
./ci/publish
PyPI-testbuild:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
# Versioneer requires past tags
fetch-depth: 0
- uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install pypa/build
run: python -mpip install build
- name: Build a sdist, and a binary wheel from the sdist
run: python -mbuild .
# ref: https://github.com/actions/upload-artifact#readme
- uses: actions/upload-artifact@v4
with:
name: pypi-dist
path: "dist/*"
if-no-files-found: error