-
Notifications
You must be signed in to change notification settings - Fork 4
Publishing
C2C CI utils is built to be able to publish a project with the following structure:
Have stabilization branches named by default <major>.<minor>
.
Have tag for the release named by default <major>.<minor>.<patch>
.
With C2C CI utils, you can publish a python package and a Docker image from the same repository.
The default publishing is:
- Push on the
<major>.<minor>
branch will publish Docker images. - Create the tag
<major>.<minor>.<patch>
will publish the Docker images, and the Python package. - Push on a pull request will publish the Docker images with the pull request ID ad tag.
- Close a pull request will delete the related Docker images.
- Push on the
master
branch will publish the Docker images with the master tag (Publishing a python package is also possible). - The version at the last line of the
SECURITY.md
of themaster
branch will also be published using thelatest
tag, this will respect thetags
present in the configuration. - In the
SECURITY.md
file of themaster
branch, we can also add a columnAlternate Tag
to publish the Docker images with another tag, this will respect thetags
present in the configuration (only for Docker).
The Docker images are published on Docker Hub and GitHub Container Registry.
See also the publishing part of the Configuration.
Add your project to the Geo GHCI GitHub application to manage the security:
- Trigger rebuild, then a dpkg version is updated.
- Update the dependency against the CVE.
c2cciutils
should be added in ci/requirements.txt
.
You should create a ci/dpkg-versions.yaml
file with {}
:
echo {} > ci/dpkg-versions.yaml
git add ci/dpkg-versions.yaml
Add your Docker images in ci/config.yaml
like:
publish:
docker:
images:
- name: camptocamp/project
You can use this workflow to integrate it in the CI
env:
HAS_SECRETS: ${{ secrets.HAS_SECRETS }}
jobs:
main:
...
steps:
# Chechout
- uses: actions/checkout@v4
with:
fetch-depth: 0
# Get the secrets
- uses: camptocamp/initialise-gopass-summon-action@v2
with:
ci-gpg-private-key: ${{secrets.CI_GPG_PRIVATE_KEY}}
github-gopass-ci-token: ${{secrets.GOPASS_CI_GITHUB_TOKEN}}
patterns: pypi docker
if: env.HAS_SECRETS == 'HAS_SECRETS'
# Install c2cciutils
- run: echo "${HOME}/.local/bin" >> ${GITHUB_PATH}
- run: python3 -m pip install --user --requirement=ci/requirements.txt
...
# Publish
- name: Publish
run: c2cciutils-publish
if: env.HAS_SECRETS == 'HAS_SECRETS'
You can run the publishing locally in dry-run mode:
GITHUB_REF=... c2cciutils-publish --dry-run ...