From 3e9590207dc40d865b3886f9789284354bab7850 Mon Sep 17 00:00:00 2001 From: Eric Brahmann <37987769+EED85@users.noreply.github.com> Date: Mon, 28 Jul 2025 07:08:57 +0200 Subject: [PATCH 1/8] test-publish (#3) * use GITHUB_TOKEN [no ci] * cleanup docker [no ci] * supress warning using uv [no ci] * add git remote, if not set [no ci] * build docker with tag versioning [no ci] * only build in sepecific changes [no ci] --- .devcontainer/Dockerfile | 20 ++++------ .devcontainer/devcontainer.json | 5 ++- .github/workflows/publish_docker.yml | 60 +++++++++++++++++++++++----- 3 files changed, 63 insertions(+), 22 deletions(-) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 07a3e39..4f44f92 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -14,18 +14,14 @@ LABEL org.opencontainers.image.licenses="MIT" # Install system packages: -# curl -RUN apt-get update && apt-get install -y curl -# gnupg -RUN apt-get update && apt-get install -y gnupg -# git -RUN apt-get update && apt-get install -y git -# unzip -RUN apt-get update && apt-get install -y unzip -# build-essential -RUN apt-get update && apt-get install -y build-essential -# libsqlite3-dev -RUN apt-get update && apt-get install -y libsqlite3-dev +RUN apt-get update && apt-get install -y \ + curl \ + gnupg \ + git \ + unzip \ + build-essential \ + libsqlite3-dev \ + && rm -rf /var/lib/apt/lists/* # duckdb RUN curl -sL https://install.duckdb.org | sh && \ mkdir -p /usr/local/bin && \ diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 568b4f3..a52aa71 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -23,10 +23,13 @@ "files.insertFinalNewline": true, "files.trimFinalNewlines": true, "files.autoSave": "afterDelay", + "terminal.integrated.env.linux": { + "UV_LINK_MODE": "copy" + } } } }, - "postCreateCommand": "uv venv --force && uv sync -v", + "postCreateCommand": "uv venv --force && uv sync -v && if ! git remote | grep origin; then repo=$(basename $(pwd)); git remote add origin https://github.com/EED-Solutions/$repo.git; fi", "features": {}, "remoteUser": "vscode" } diff --git a/.github/workflows/publish_docker.yml b/.github/workflows/publish_docker.yml index fedcabb..f2addf7 100644 --- a/.github/workflows/publish_docker.yml +++ b/.github/workflows/publish_docker.yml @@ -2,11 +2,13 @@ name: Publish Docker Image to GHCR on: workflow_dispatch: -# push: -# branches: [main] -# paths: -# - '.devcontainer/Dockerfile' -# - '.github/workflows/publish.yml' + push: + branches: + - main + - release + - dev + tags: + - 'v*.*.*' # Semantic versioning pattern permissions: contents: read @@ -24,10 +26,50 @@ jobs: with: registry: ghcr.io username: ${{ github.actor }} - password: ${{ secrets.GH_PAT }} + password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push Docker image run: | - IMAGE_NAME=ghcr.io/eed-solutions/eed_docker_python_uv:latest - docker build -t $IMAGE_NAME -f .devcontainer/Dockerfile . - docker push $IMAGE_NAME + IMAGE_NAME=ghcr.io/eed-solutions/eed_docker_python_uv + TAG=latest + SHOULD_BUILD_PUSH=false + + # Determine tag and build indicator based on context + if [[ "${{ github.ref_type }}" == "branch" ]]; then + case "${{ github.ref_name }}" in + "main") + TAG=main + SHOULD_BUILD_PUSH=true + ;; + "dev") + TAG=dev + SHOULD_BUILD_PUSH=true + ;; + "release") + TAG=release + SHOULD_BUILD_PUSH=true + ;; + *) + TAG=${{ github.ref_name }} + ;; + esac + elif [[ "${{ github.ref_type }}" == "tag" ]]; then + TAG=${{ github.ref_name }} + if [[ "${{ github.ref_name }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + SHOULD_BUILD_PUSH=true + fi + fi + + # Build and push the image if indicated + if [[ "$SHOULD_BUILD_PUSH" == "true" ]]; then + docker build -t $IMAGE_NAME:$TAG -f .devcontainer/Dockerfile . + docker push $IMAGE_NAME:$TAG + else + echo "Skipping build and push: not a main/dev/release branch or semantic version tag." + fi + + # Push additional 'latest' tag for semantic version tags + if [[ "${GITHUB_REF}" == refs/tags/v* ]]; then + docker tag $IMAGE_NAME:$TAG $IMAGE_NAME:latest + docker push $IMAGE_NAME:latest + fi From 7210741e8dde30cd028edaea8a332944a2e97c2c Mon Sep 17 00:00:00 2001 From: EED85 Date: Mon, 28 Jul 2025 07:13:23 +0200 Subject: [PATCH 2/8] trigger ci From 0c15d416cea5aef27cf712f6191c00e0633003e5 Mon Sep 17 00:00:00 2001 From: Eric Brahmann <37987769+EED85@users.noreply.github.com> Date: Mon, 28 Jul 2025 07:29:45 +0200 Subject: [PATCH 3/8] add new trigger (#6) --- .github/workflows/publish_docker.yml | 17 ++++++++++++++--- README.md | 13 ++++++++++++- 2 files changed, 26 insertions(+), 4 deletions(-) diff --git a/.github/workflows/publish_docker.yml b/.github/workflows/publish_docker.yml index f2addf7..4939cf1 100644 --- a/.github/workflows/publish_docker.yml +++ b/.github/workflows/publish_docker.yml @@ -1,14 +1,15 @@ name: Publish Docker Image to GHCR on: - workflow_dispatch: push: branches: - main - - release - - dev tags: - 'v*.*.*' # Semantic versioning pattern + pull_request: + # This triggers on any PR, but we filter by source branch in the job + types: [opened, synchronize, reopened] + workflow_dispatch: permissions: contents: read @@ -21,6 +22,16 @@ jobs: steps: - uses: actions/checkout@v4 + # Only continue for PRs if the source branch is dev or release + - name: Check PR source branch + if: github.event_name == 'pull_request' + run: | + echo "PR source branch: ${{ github.head_ref }}" + if [[ "${{ github.head_ref }}" != "dev" && "${{ github.head_ref }}" != "release" ]]; then + echo "Not a PR from dev or release branch. Skipping workflow." + exit 1 + fi + - name: Log in to GHCR uses: docker/login-action@v3 with: diff --git a/README.md b/README.md index 6ee39ee..f1fa3d9 100644 --- a/README.md +++ b/README.md @@ -7,9 +7,20 @@ ## Github actions -Workflows are centraly hosted in EED_Solutions/eed_gha_workflows. +Workflows are centrally hosted in EED_Solutions/eed_gha_workflows. Please check for more details here. +### Docker Publish Workflow Triggering + +The Docker publish workflow (`publish_docker.yml`) is triggered automatically in the following cases: + +- **On any push to the `main` branch.** +- **On any tag pushed to the repository that matches semantic versioning (`v*.*.*`).** +- **When a pull request is opened, synchronized, or reopened and the source branch is named `dev` or `release`.** + - Note: The workflow runs for all PRs, but will immediately exit unless the source branch is `dev` or `release`. + +This ensures Docker images are only built and published for main releases, version tags, and changes coming from the main development branches. + ## Other Test EED85-machine From 28c4e65dc7af15accb98c20f01c81a4ca813cac3 Mon Sep 17 00:00:00 2001 From: EED85 Date: Mon, 28 Jul 2025 07:35:31 +0200 Subject: [PATCH 4/8] bugfix tag name --- .github/workflows/publish_docker.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/publish_docker.yml b/.github/workflows/publish_docker.yml index 4939cf1..da52706 100644 --- a/.github/workflows/publish_docker.yml +++ b/.github/workflows/publish_docker.yml @@ -46,8 +46,8 @@ jobs: SHOULD_BUILD_PUSH=false # Determine tag and build indicator based on context - if [[ "${{ github.ref_type }}" == "branch" ]]; then - case "${{ github.ref_name }}" in + if [[ "$GITHUB_REF_TYPE" == "branch" ]]; then + case "$GITHUB_REF_NAME" in "main") TAG=main SHOULD_BUILD_PUSH=true @@ -64,9 +64,9 @@ jobs: TAG=${{ github.ref_name }} ;; esac - elif [[ "${{ github.ref_type }}" == "tag" ]]; then + elif [[ "$GITHUB_REF_TYPE" == "tag" ]]; then TAG=${{ github.ref_name }} - if [[ "${{ github.ref_name }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + if [[ "$GITHUB_REF_NAME" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then SHOULD_BUILD_PUSH=true fi fi From e25d31b76f35e4dc74d91b2d35740f2ea43256f7 Mon Sep 17 00:00:00 2001 From: EED85 Date: Mon, 28 Jul 2025 07:41:45 +0200 Subject: [PATCH 5/8] try again --- .github/workflows/publish_docker.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/workflows/publish_docker.yml b/.github/workflows/publish_docker.yml index da52706..39159e9 100644 --- a/.github/workflows/publish_docker.yml +++ b/.github/workflows/publish_docker.yml @@ -45,6 +45,18 @@ jobs: TAG=latest SHOULD_BUILD_PUSH=false + # Extract ref type and name + if [[ "$GITHUB_REF" == refs/heads/* ]]; then + GITHUB_REF_TYPE="branch" + GITHUB_REF_NAME="${GITHUB_REF#refs/heads/}" + elif [[ "$GITHUB_REF" == refs/tags/* ]]; then + GITHUB_REF_TYPE="tag" + GITHUB_REF_NAME="${GITHUB_REF#refs/tags/}" + else + GITHUB_REF_TYPE="" + GITHUB_REF_NAME="" + fi + # Determine tag and build indicator based on context if [[ "$GITHUB_REF_TYPE" == "branch" ]]; then case "$GITHUB_REF_NAME" in From 0ac7d1fd9f579d94572982d812305997dbf43cab Mon Sep 17 00:00:00 2001 From: EED85 Date: Mon, 28 Jul 2025 07:45:25 +0200 Subject: [PATCH 6/8] echo some stuff --- .github/workflows/publish_docker.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish_docker.yml b/.github/workflows/publish_docker.yml index 39159e9..5102085 100644 --- a/.github/workflows/publish_docker.yml +++ b/.github/workflows/publish_docker.yml @@ -56,7 +56,8 @@ jobs: GITHUB_REF_TYPE="" GITHUB_REF_NAME="" fi - + echo "GITHUB_REF_TYPE: $GITHUB_REF_TYPE" + echo "GITHUB_REF_NAME: $GITHUB_REF_NAME" # Determine tag and build indicator based on context if [[ "$GITHUB_REF_TYPE" == "branch" ]]; then case "$GITHUB_REF_NAME" in From 618685d4f5743c488702cda95ea6c4cec4cf0e16 Mon Sep 17 00:00:00 2001 From: EED85 Date: Mon, 28 Jul 2025 07:48:56 +0200 Subject: [PATCH 7/8] echo some more stuff --- .github/workflows/publish_docker.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/publish_docker.yml b/.github/workflows/publish_docker.yml index 5102085..37f45a3 100644 --- a/.github/workflows/publish_docker.yml +++ b/.github/workflows/publish_docker.yml @@ -45,6 +45,9 @@ jobs: TAG=latest SHOULD_BUILD_PUSH=false + echo "GITHUB_REF: $GITHUB_REF" + echo "GITHUB_HEAD_REF: $GITHUB_HEAD_REF" + # Extract ref type and name if [[ "$GITHUB_REF" == refs/heads/* ]]; then GITHUB_REF_TYPE="branch" From caa4ce0d08509a1927afed8c96592eb922c6306b Mon Sep 17 00:00:00 2001 From: EED85 Date: Mon, 28 Jul 2025 07:55:30 +0200 Subject: [PATCH 8/8] add some changes --- .github/workflows/publish_docker.yml | 40 +++++++++++++++++----------- 1 file changed, 24 insertions(+), 16 deletions(-) diff --git a/.github/workflows/publish_docker.yml b/.github/workflows/publish_docker.yml index 37f45a3..34b0a16 100644 --- a/.github/workflows/publish_docker.yml +++ b/.github/workflows/publish_docker.yml @@ -45,25 +45,30 @@ jobs: TAG=latest SHOULD_BUILD_PUSH=false + echo "GITHUB_EVENT_NAME: $GITHUB_EVENT_NAME" echo "GITHUB_REF: $GITHUB_REF" echo "GITHUB_HEAD_REF: $GITHUB_HEAD_REF" - # Extract ref type and name - if [[ "$GITHUB_REF" == refs/heads/* ]]; then - GITHUB_REF_TYPE="branch" - GITHUB_REF_NAME="${GITHUB_REF#refs/heads/}" + # Determine context: PR or push/tag + if [[ "$GITHUB_EVENT_NAME" == "pull_request" ]]; then + BRANCH_NAME="$GITHUB_HEAD_REF" + REF_TYPE="pr" + elif [[ "$GITHUB_REF" == refs/heads/* ]]; then + BRANCH_NAME="${GITHUB_REF#refs/heads/}" + REF_TYPE="branch" elif [[ "$GITHUB_REF" == refs/tags/* ]]; then - GITHUB_REF_TYPE="tag" - GITHUB_REF_NAME="${GITHUB_REF#refs/tags/}" + BRANCH_NAME="${GITHUB_REF#refs/tags/}" + REF_TYPE="tag" else - GITHUB_REF_TYPE="" - GITHUB_REF_NAME="" + BRANCH_NAME="" + REF_TYPE="" fi - echo "GITHUB_REF_TYPE: $GITHUB_REF_TYPE" - echo "GITHUB_REF_NAME: $GITHUB_REF_NAME" + echo "REF_TYPE: $REF_TYPE" + echo "BRANCH_NAME: $BRANCH_NAME" + # Determine tag and build indicator based on context - if [[ "$GITHUB_REF_TYPE" == "branch" ]]; then - case "$GITHUB_REF_NAME" in + if [[ "$REF_TYPE" == "branch" || "$REF_TYPE" == "pr" ]]; then + case "$BRANCH_NAME" in "main") TAG=main SHOULD_BUILD_PUSH=true @@ -77,16 +82,19 @@ jobs: SHOULD_BUILD_PUSH=true ;; *) - TAG=${{ github.ref_name }} + TAG="$BRANCH_NAME" ;; esac - elif [[ "$GITHUB_REF_TYPE" == "tag" ]]; then - TAG=${{ github.ref_name }} - if [[ "$GITHUB_REF_NAME" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + elif [[ "$REF_TYPE" == "tag" ]]; then + TAG="$BRANCH_NAME" + if [[ "$BRANCH_NAME" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then SHOULD_BUILD_PUSH=true fi fi + echo "Determined TAG: $TAG" + echo "SHOULD_BUILD_PUSH: $SHOULD_BUILD_PUSH" + # Build and push the image if indicated if [[ "$SHOULD_BUILD_PUSH" == "true" ]]; then docker build -t $IMAGE_NAME:$TAG -f .devcontainer/Dockerfile .