Add pacs_users to the groups managed by LDAP for LDAP users #542
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: [ master ] | |
tags: | |
- 'v[0-9]+.[0-9]+.[0-9]+*' | |
pull_request: | |
branches: [ master ] | |
jobs: | |
test: | |
if: github.ref_type == 'branch' || github.ref_name == 'pull_request' | |
runs-on: ubuntu-24.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
engine: [ 'docker', 'podman' ] | |
test-kind: [ 'unit', 'integration' ] | |
steps: | |
- name: Start podman daemon | |
if: matrix.engine == 'podman' | |
run: systemctl --user start podman.service | |
- uses: taiki-e/install-action@just | |
- uses: actions/checkout@v4 | |
- name: Run ${{ matrix.test-kind }} tests on ${{ matrix.engine }} | |
uses: ./ | |
with: | |
engine: ${{ matrix.engine }} | |
command: test-${{ matrix.test-kind }} | |
build: | |
name: Build | |
if: github.event_name == 'push' | |
runs-on: ubuntu-24.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Update __version__.py | |
if: startsWith(github.ref, 'refs/tags/v') | |
run: echo '__version__ = "${GITHUB_REF_NAME:1}"' > chris_backend/__version__.py | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
docker.io/fnndsc/cube | |
ghcr.io/fnndsc/cube | |
tags: | | |
type=ref,event=branch | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=raw,value=latest,enable={{is_default_branch}} | |
- uses: docker/setup-qemu-action@v3 | |
- uses: docker/setup-buildx-action@v3 | |
- name: Login to DockerHub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and push | |
uses: docker/build-push-action@v6 | |
with: | |
push: true | |
context: . | |
file: ./Dockerfile | |
platforms: linux/amd64,linux/arm64 | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
- name: Update Docker Hub description | |
uses: peter-evans/dockerhub-description@v4 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
short-description: ChRIS backend | |
readme-filepath: ./README.md | |
repository: fnndsc/cube | |
openapi: | |
name: Generate OpenAPI Schema | |
runs-on: ubuntu-24.04 | |
steps: | |
- uses: taiki-e/install-action@just | |
- uses: actions/checkout@v4 | |
- name: Update __version__.py | |
if: startsWith(github.ref, 'refs/tags/v') | |
run: echo '__version__ = "${GITHUB_REF_NAME:1}"' > chris_backend/__version__.py | |
- run: just prefer docker | |
- run: just build | |
- name: Generate OpenAPI schema (correct) | |
run: just openapi 2> spectacular.log > schema.yaml || (cat spectacular.log; exit 1) | |
- name: Generate OpenAPI schema (split) | |
run: just openapi-split 2> spectacular_split.log > schema_split.yaml || (cat spectacular_split.log; exit 1) | |
- name: Upload schema YAML files | |
uses: actions/upload-artifact@v4 | |
with: | |
name: openapi_schema | |
path: schema*.yaml | |
if-no-files-found: error | |
- name: Assert no drf-spectacular errors nor warnings | |
run: | | |
for f in spectacular*.log; do | |
if grep -qi '(warning|error)' $f; then | |
cat $f | |
exit 1 | |
fi | |
done | |
- name: Stop services | |
run: just down | |
build-docs: | |
name: Generate OpenAPI Documentation | |
if: startsWith(github.ref, 'refs/tags/v') | |
needs: openapi | |
runs-on: ubuntu-24.04 | |
steps: | |
- uses: actions/download-artifact@v4 | |
with: | |
name: openapi_schema | |
- name: Install the OpenAPI Generator | |
run: npm install @openapitools/openapi-generator-cli -g | |
- name: Generate html2 | |
run: | | |
openapi-generator-cli generate -i schema_split.yaml -g html2 -o dist \ | |
-p [email protected],infoUrl=https://chrisproject.org \ | |
-p licenseInfo=MIT \ | |
-p licenseUrl=${{ github.server_url }}/${{ github.repository }}/blob/${{ github.sha }}/LICENSE \ | |
-p pythonPackageName=chris_oag | |
- name: Upload pages artifact | |
uses: actions/upload-pages-artifact@v3 | |
with: | |
path: ./dist | |
deploy-docs: | |
name: Update GitHub Pages | |
needs: build-docs | |
runs-on: ubuntu-24.04 | |
# Grant GITHUB_TOKEN the permissions required to make a Pages deployment | |
permissions: | |
pages: write # to deploy to Pages | |
id-token: write # to verify the deployment originates from an appropriate source | |
# Deploy to the github-pages environment | |
environment: | |
name: github-pages | |
url: ${{ steps.deployment.outputs.page_url }} | |
steps: | |
- name: Deploy to GitHub Pages | |
id: deployment | |
uses: actions/deploy-pages@v4 | |
draft-release: | |
name: Draft GitHub Release | |
runs-on: ubuntu-24.04 | |
if: startsWith(github.ref, 'refs/tags/v') | |
needs: | |
- build | |
- openapi | |
steps: | |
- id: version | |
run: echo "version=${GITHUB_REF_NAME:1}" >> "$GITHUB_OUTPUT" | |
- uses: actions/download-artifact@v4 | |
with: | |
name: openapi_schema | |
- uses: softprops/action-gh-release@v2 | |
with: | |
draft: true | |
prerelease: ${{ contains( github.ref_name, '-' ) }} | |
files: '*.yaml' | |
fail_on_unmatched_files: true | |
name: CUBE - version ${{ steps.version.outputs.version }} | |
generate_release_notes: true | |
body: | | |
## Getting the Image | |
Using [Podman](https://podman.io): | |
```shell | |
podman pull ghcr.io/fnndsc/cube:${{ steps.version.outputs.version }} | |
``` | |
Using [Docker](https://docker.com): | |
```shell | |
docker pull ghcr.io/fnndsc/cube:${{ steps.version.outputs.version }} | |
``` |