diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 39ce39ff..4658d74c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -40,6 +40,10 @@ jobs: uses: actions/setup-python@v4 with: python-version: ${{ matrix.python }} + - name: Install system deps for duplicity build + run: | + sudo apt-get update + sudo apt-get install -y librsync-dev - name: Generate cache key CACHE run: echo "CACHE=${{ secrets.CACHE_DATE }} ${{ runner.os }} $(python -VV | @@ -59,6 +63,10 @@ jobs: # Run tests - run: poetry run pytest --prebuild build-push: + permissions: + contents: read + packages: write + pull-requests: write runs-on: ubuntu-24.04 services: registry: @@ -98,11 +106,51 @@ jobs: - name: Compute image name id: image_name_compute run: | + owner="${GITHUB_REPOSITORY_OWNER,,}" + repo="${GITHUB_REPOSITORY#*/}" if [ "${{ matrix.target }}" = "base" ]; then - echo "::set-output name=image_name::${{ env.DOCKER_IMAGE_NAME }}" + echo "image_name=${owner}/${repo}" >> "$GITHUB_OUTPUT" else - echo "::set-output name=image_name::${{ env.DOCKER_IMAGE_NAME }}-${{ matrix.target }}" + echo "image_name=${owner}/${repo}-${{ matrix.target }}" >> "$GITHUB_OUTPUT" fi + - name: Docker meta for PR test image + if: ${{ github.event_name == 'pull_request' }} + id: docker_meta_pr + uses: docker/metadata-action@v5 + with: + images: ghcr.io/${{ steps.image_name_compute.outputs.image_name }} + tags: | + type=raw,value=test-pr${{ github.event.number }} + + - name: Login to GHCR for PR (same-repo only) + if: + ${{ github.event_name == 'pull_request' && + github.event.pull_request.head.repo.full_name == github.repository }} + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ secrets.BOT_LOGIN }} + password: ${{ secrets.BOT_TOKEN }} + + - name: Build & push PR test image (GHCR) + if: + ${{ github.event_name == 'pull_request' && + github.event.pull_request.head.repo.full_name == github.repository }} + uses: docker/build-push-action@v5 + with: + context: . + file: ./Dockerfile + platforms: | + linux/amd64 + linux/arm64/v8 + target: ${{ matrix.target }} + push: true + load: false + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache,mode=max + labels: ${{ steps.docker_meta_pr.outputs.labels }} + tags: ${{ steps.docker_meta_pr.outputs.tags }} + - name: Docker meta for local images id: docker_meta_local uses: docker/metadata-action@v5 @@ -168,3 +216,24 @@ jobs: labels: ${{ steps.docker_meta_public.outputs.labels }} tags: ${{ steps.docker_meta_public.outputs.tags }} target: ${{ matrix.target }} + + commentless-summary: + if: + ${{ github.event_name == 'pull_request' && + github.event.pull_request.head.repo.full_name == github.repository }} + runs-on: ubuntu-24.04 + needs: build-push + steps: + - name: Write to job summary + run: | + { + echo "## Test images pushed to GHCR" + for t in base docker docker-s3 postgres postgres-s3 postgres-multi s3; do + if [ "$t" = base ]; then + img="ghcr.io/${GITHUB_REPOSITORY_OWNER,,}/${GITHUB_REPOSITORY#*/}" + else + img="ghcr.io/${GITHUB_REPOSITORY_OWNER,,}/${GITHUB_REPOSITORY#*/}-$t" + fi + echo "- **$t** → \`$img:test-pr${{ github.event.number }}\`" + done + } >> "$GITHUB_STEP_SUMMARY"