stash #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is a GitHub workflow defining a set of jobs with a set of steps. | |
| # ref: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions | |
| # | |
| name: Release | |
| # Always tests wheel building, but only publish to PyPI on pushed tags. | |
| on: | |
| pull_request: | |
| paths-ignore: | |
| - "docs/**" | |
| - ".github/workflows/*.yaml" | |
| - "!.github/workflows/release.yaml" | |
| push: | |
| paths-ignore: | |
| - "docs/**" | |
| - ".github/workflows/*.yaml" | |
| - "!.github/workflows/release.yaml" | |
| branches-ignore: | |
| - "dependabot/**" | |
| - "pre-commit-ci-update-config" | |
| tags: ["**"] | |
| workflow_dispatch: | |
| jobs: | |
| build-release: | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| # id-token=write is required for pypa/gh-action-pypi-publish, and the PyPI | |
| # project needs to be configured to trust this workflow. | |
| # | |
| # ref: https://github.com/jupyterhub/team-compass/issues/648 | |
| # | |
| id-token: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - name: install build package | |
| run: | | |
| pip install --upgrade pip | |
| pip install build | |
| pip freeze | |
| - name: build release | |
| run: | | |
| python -m build --sdist --wheel . | |
| ls -l dist | |
| - name: test to see if built js file is in the package | |
| run: | | |
| tar -tvf dist/*.tar.gz | grep dist/viewer.js | |
| unzip -l dist/*.whl | grep dist/viewer.js | |
| - name: publish to pypi | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| if: startsWith(github.ref, 'refs/tags/') | |
| publish-images: | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 10 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - vncserver: tigervnc | |
| - vncserver: turbovnc | |
| services: | |
| # So that we can test this in PRs/branches | |
| local-registry: | |
| image: registry:2 | |
| ports: | |
| - 5000:5000 | |
| steps: | |
| - name: Should we push this image to a public registry? | |
| run: | | |
| if [ "${{ startsWith(github.ref, 'refs/tags/') || (github.ref == 'refs/heads/main') }}" = "true" ]; then | |
| echo "REGISTRY=quay.io/" >> $GITHUB_ENV | |
| else | |
| echo "REGISTRY=localhost:5000/" >> $GITHUB_ENV | |
| fi | |
| - uses: actions/checkout@v4 | |
| - name: Set up QEMU (for docker buildx) | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx (for multi-arch builds) | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| # Allows pushing to registry on localhost:5000 | |
| driver-opts: network=host | |
| - name: Setup push rights | |
| # This was setup by... | |
| # 1. Creating a [Robot Account](https://quay.io/organization/jupyterhub?tab=robots) in the JupyterHub | |
| # Quay.io org | |
| # 2. Giving it enough permissions to push the image | |
| # 3. Putting the robot account's username and password in GitHub actions environment | |
| if: env.REGISTRY != 'localhost:5000/' | |
| run: | | |
| docker login -u "${{ secrets.QUAY_USERNAME }}" -p "${{ secrets.QUAY_PASSWORD }}" "${{ env.REGISTRY }}" | |
| # https://github.com/jupyterhub/action-major-minor-tag-calculator | |
| # If this is a tagged build this will return additional parent tags. | |
| # E.g. 1.2.3 is expanded to Docker tags | |
| # [{prefix}:1.2.3, {prefix}:1.2, {prefix}:1, {prefix}:latest] unless | |
| # this is a backported tag in which case the newer tags aren't updated. | |
| # For branches this will return the branch name. | |
| # If GITHUB_TOKEN isn't available (e.g. in PRs) returns no tags []. | |
| - name: Get image tags | |
| id: tags | |
| uses: jupyterhub/action-major-minor-tag-calculator@v3 | |
| with: | |
| githubToken: ${{ secrets.GITHUB_TOKEN }} | |
| prefix: >- | |
| ${{ env.REGISTRY }}jupyterhub/jupyter-remote-desktop-proxy: | |
| defaultTag: "${{ env.REGISTRY }}jupyterhub/jupyter-remote-desktop-proxy:noref" | |
| branchRegex: ^\w[\w-.]*$ | |
| - name: Build and push image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| # tags parameter must be a string input so convert `gettags` JSON | |
| # array into a comma separated list of tags | |
| tags: ${{ join(fromJson(steps.tags.outputs.tags)) }} |