Merge pull request #2 from kbase/develop

Develop

Author: jsfillman

.github/workflows/manual-build.yml

@@ -0,0 +1,11 @@
+---
+name: Manual Build & Push
+on:
+ workflow_dispatch:
+jobs:
+  build-push:
+    uses: kbase/.github/.github/workflows/reusable_build-push.yml@main
+    with:
+      name: '${{ github.event.repository.name }}-develop'
+      tags: br-${{ github.ref_name }}
+    secrets: inherit

.github/workflows/old/build_and_push_image.yml

@@ -0,0 +1,62 @@
+name: Build and push narrative images
+
+on:
+  workflow_call:
+    secrets:
+      GHCR_USERNAME:
+        required: true
+      GHCR_TOKEN:
+        required: true
+
+jobs:
+  docker_build:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check Out GitHub Repo
+      if: github.event.pull_request.draft == false
+      with:
+        ref: "${{ github.event.pull_request.head.sha }}"
+      uses: actions/checkout@v2
+    - name: Check Source Branch
+      if: github.head_ref != 'develop' && (github.base_ref == 'master' || github.base_ref == 'main')
+      run: echo "PRs must be made to develop branch before merging to main/master"; exit 1
+    - name: Build And Push To Packages
+      if: github.event.pull_request.draft == false && github.event.action != 'closed' && github.event.pull_request.merged != true
+      env:
+        PR: "${{ github.event.pull_request.number }}"
+        SHA: "${{ github.event.pull_request.head.sha }}"
+        DOCKER_ACTOR: "${{ secrets.GHCR_USERNAME }}"
+        DOCKER_TOKEN: "${{ secrets.GHCR_TOKEN }}"
+      shell: bash
+      run: |
+          export MY_ORG=$(echo "${GITHUB_REPOSITORY}" | awk -F / '{print tolower($1)}')
+          export DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+          export BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+          export COMMIT=$(echo "$SHA" | cut -c -7)
+
+          echo "Source branch is $GITHUB_HEAD_REF"
+          echo "Target branch is $GITHUB_BASE_REF"
+
+          if  [ "$GITHUB_BASE_REF" = "develop" ]; then
+            export MY_APP=$(echo $(echo "${GITHUB_REPOSITORY}" | awk -F / '{print $2}')"-develop")
+          elif [ "$GITHUB_BASE_REF" = "main" ] || [ "$GITHUB_BASE_REF" = "master" ]; then
+            export MY_APP=$(echo "${GITHUB_REPOSITORY}" | awk -F / '{print $2}')
+          else
+            echo "Target branch must be develop, main, or master";
+            exit 1
+          fi
+
+          if [[ ( $GITHUB_BASE_REF = "main"  || $GITHUB_BASE_REF = "master" ) && $GITHUB_HEAD_REF != "develop" ]]; then
+            echo "Must merge PRs to develop before merging to main/master";
+            exit 1
+          else
+            echo "$DOCKER_TOKEN" | docker login ghcr.io -u "$DOCKER_ACTOR" --password-stdin
+            docker build --build-arg BUILD_DATE="$DATE" \
+                        --build-arg COMMIT="$COMMIT" \
+                        --build-arg BRANCH="$GITHUB_HEAD_REF" \
+                        --build-arg PULL_REQUEST="$PR" \
+                        --label us.kbase.vcs-commit="$COMMIT" \
+                        --label us.kbase.vcs-pull-req="$PR" \
+                        -t ghcr.io/"$MY_ORG"/"$MY_APP":"pr-""$PR" .
+            docker push ghcr.io/"$MY_ORG"/"$MY_APP":"pr-""$PR"
+          fi

.github/workflows/old/pr_build.yml

@@ -0,0 +1,28 @@
+---
+name: Build & Tag Image on PR
+'on':
+  pull_request:
+    branches:
+    - develop
+    - main
+    - master
+    types:
+    - closed
+    - edited
+    - opened
+    - ready_for_review
+    - reopened
+    - synchronize
+    - workflow_dispatch
+jobs:
+  run_build_and_push:
+    uses: ./.github/workflows/build_and_push_image.yml
+    secrets:
+      GHCR_USERNAME: ${{ secrets.GHCR_USERNAME }}
+      GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }}
+
+  tag_on_merge:
+    uses: ./.github/workflows/tag_on_merge.yml
+    secrets:
+      GHCR_USERNAME: ${{ secrets.GHCR_USERNAME }}
+      GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }}

.github/workflows/old/prod_release.yml

@@ -0,0 +1,37 @@
+---
+name: Publish Release Image
+'on':
+  release:
+    branches:
+    - main
+    - master
+    types:
+    - published
+jobs:
+  docker_build:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check Tag
+      id: check-tag
+      run: |-
+        if [[ ${{ github.ref_name }} =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+          echo ::set-output name=match::true
+        fi
+    - name: Report SemVer Check
+      if: steps.check-tag.outputs.match != 'true'
+      run: echo "Release version must follow semantic naming (e.g. 1.0.2)"; exit 1
+    - name: Check Source Branch
+      if: github.event.release.target_commitish != 'master' && github.event.release.target_commitish != 'main'
+      run: echo "Releases must be built from master/main branch"; exit 1
+    - name: Check out GitHub Repo
+      with:
+        ref: "${{ github.event.pull_request.head.sha }}"
+      uses: actions/checkout@v2
+    - name: Build and Push to Packages
+      env:
+        PR: "${{ github.event.pull_request.number }}"
+        SHA: "${{ github.event.pull_request.head.sha }}"
+        VER: "${{ github.event.release.tag_name }}"
+        DOCKER_ACTOR: "${{ secrets.GHCR_USERNAME }}"
+        DOCKER_TOKEN: "${{ secrets.GHCR_TOKEN }}"
+      run: "curl https://raw.githubusercontent.com/kbase/.github/main/workflow-templates/scripts/prod_release.sh | bash"

.github/workflows/old/pull-request-develop-merged.yml

@@ -0,0 +1,20 @@
+---
+name: PR to develop closed and merged
+on:
+  pull_request:
+    branches:
+      - develop
+    types:
+      - closed
+jobs:
+#  test:
+#    if: ${{ github.event.pull_request.merged }}
+#    uses: ./.github/workflows/reusable_test-python.yml
+  build-push:
+    if: ${{ github.event.pull_request.merged }}
+#    needs: test
+    uses: ./.github/workflows/reusable_build-push.yml
+    with:
+      name: '${{ github.event.repository.name }}-develop'
+      tags: pr-${{ github.event.number }},latest
+    secrets: inherit

.github/workflows/old/pull-request-develop.yml

@@ -0,0 +1,13 @@
+---
+name: PR to develop opened
+on:
+  pull_request:
+    branches:
+      - develop
+    types:
+      - opened
+      - reopened
+      - synchronize
+jobs:
+  build:
+    uses: kbase/.github/.github/workflows/reusable_build.yml@main

.github/workflows/old/pull-request-main-merged.yml

@@ -0,0 +1,21 @@
+---
+name: PR to main post-merge
+on:
+  pull_request:
+    branches:
+      - main
+      - master
+    types:
+      - closed
+jobs:
+#  test:
+#    if: ${{ github.event.pull_request.merged }}
+#    uses: ./.github/workflows/reusable_test-python.yml
+  build-push:
+    if: ${{ github.event.pull_request.merged }}
+#    needs: test
+    uses: ./.github/workflows/reusable_build-push.yml
+    with:
+      name: '${{ github.event.repository.name }}'
+      tags: pr-${{ github.event.number }},latest-rc
+    secrets: inherit

.github/workflows/old/pull-request-main-opened.yml

@@ -0,0 +1,18 @@
+---
+name: PR to main pre-merge build
+on:
+  pull_request:
+    branches:
+      - main
+      - master
+    types:
+      - opened
+      - reopened
+      - synchronize
+jobs:
+  build-push:
+    uses: kbase/.github/.github/workflows/reusable_build-push.yml@main
+    with:
+      name: '${{ github.event.repository.name }}'
+      tags: pr-${{ github.event.number }}
+    secrets: inherit

.github/workflows/old/tag_on_merge.yml

@@ -0,0 +1,52 @@
+name: Tag on merge
+
+on:
+  workflow_call:
+    secrets:
+      GHCR_USERNAME:
+        required: true
+      GHCR_TOKEN:
+        required: true
+
+jobs:
+  tag_on_merge:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Tag Latest Image On Merge
+      if: github.event_name == 'pull_request' && github.event.action == 'closed' && github.event.pull_request.merged == true
+      env:
+        PR: "${{ github.event.pull_request.number }}"
+        SHA: "${{ github.event.pull_request.head.sha }}"
+        DOCKER_ACTOR: "${{ secrets.GHCR_USERNAME }}"
+        DOCKER_TOKEN: "${{ secrets.GHCR_TOKEN }}"
+      shell: bash
+      run: |
+        export MY_ORG=$(echo "${GITHUB_REPOSITORY}" | awk -F / '{print tolower($1)}')
+        export DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+        export BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+        export COMMIT=$(echo "$SHA" | cut -c -7)
+        echo "Source branch is $GITHUB_HEAD_REF"
+        echo "Target branch is $GITHUB_BASE_REF"
+        if  [ "$GITHUB_BASE_REF" = "develop" ]; then
+          export MY_APP=$(echo $(echo "${GITHUB_REPOSITORY}" | awk -F / '{print $2}')"-develop")
+        elif [ "$GITHUB_BASE_REF" = "main" ] || [ "$GITHUB_BASE_REF" = "master" ]; then
+          export MY_APP=$(echo "${GITHUB_REPOSITORY}" | awk -F / '{print $2}')
+        else
+          echo "Target branch must be develop, main, or master";
+          exit 1
+        fi
+        docker login -u "$DOCKER_ACTOR" -p "$DOCKER_TOKEN" ghcr.io
+        docker pull ghcr.io/"$MY_ORG"/"$MY_APP":"pr-""$PR"
+        if  [ "$GITHUB_BASE_REF" = "develop" ]; then
+          docker tag ghcr.io/"$MY_ORG"/"$MY_APP":"pr-""$PR" ghcr.io/"$MY_ORG"/"$MY_APP":"latest"
+          docker push ghcr.io/"$MY_ORG"/"$MY_APP":"latest"
+        elif [[ ( $GITHUB_BASE_REF = "main"  || $GITHUB_BASE_REF = "master" ) && $GITHUB_HEAD_REF != "develop" ]]; then
+          echo "Must merge PRs to develop before merging to main/master";
+          exit 1
+        elif [ "$GITHUB_BASE_REF" = "main" ] || [ "$GITHUB_BASE_REF" = "master" ]; then
+          docker tag ghcr.io/"$MY_ORG"/"$MY_APP":"pr-""$PR" ghcr.io/"$MY_ORG"/"$MY_APP":"latest-rc"
+          docker push ghcr.io/"$MY_ORG"/"$MY_APP":"latest-rc"
+        else
+          echo "Target branch must be develop, main, or master";
+          exit 1
+        fi  

.github/workflows/pr_build.yml

@@ -0,0 +1,37 @@
+---
+name: PR to develop opened
+on:
+  pull_request:
+    branches:
+      - develop
+      - main
+      - master
+    types:
+      - opened
+      - reopened
+      - synchronize
+jobs:
+  build-develop-open:
+    if: github.head_ref = 'develop' && github.event.pull_request.merged == false
+    uses: kbase/.github/.github/workflows/reusable_build.yml@main
+  build-main-open:
+    if: (github.head_ref = 'main' || github.head_ref = 'master') && github.event.pull_request.merged == false
+    uses: kbase/.github/.github/workflows/reusable_build-push.yml@main
+    with:
+      name: '${{ github.event.repository.name }}'
+      tags: pr-${{ github.event.number }}
+    secrets: inherit
+  build-develop-merge:
+    if: github.head_ref = 'develop' && github.event.pull_request.merged == true
+    uses: kbase/.github/.github/workflows/reusable_build-push.yml@main
+    with:
+      name: '${{ github.event.repository.name }}-develop'
+      tags: pr-${{ github.event.number }},latest
+    secrets: inherit
+  build-main-merge:
+    if: (github.head_ref = 'main' || github.head_ref = 'master') && github.event.pull_request.merged == true
+    uses: kbase/.github/.github/workflows/reusable_build-push.yml@main
+    with:
+      name: '${{ github.event.repository.name }}'
+      tags: pr-${{ github.event.number }},latest-rc
+    secrets: inherit