From 1433c4234d5b2f8c995f9cde68d23c0808ed90a9 Mon Sep 17 00:00:00 2001 From: Hauwa Muhammad Date: Thu, 22 Feb 2024 09:14:31 +0000 Subject: [PATCH 1/2] WIP: testing workflows --- .github/workflows/Testandbuild.yml | 54 ++++++++++++ .github/workflows/ghcr.yml | 133 +++++++++++++++-------------- .github/workflows/rubyandnode.yaml | 46 +++++----- 3 files changed, 146 insertions(+), 87 deletions(-) create mode 100644 .github/workflows/Testandbuild.yml diff --git a/.github/workflows/Testandbuild.yml b/.github/workflows/Testandbuild.yml new file mode 100644 index 0000000..90debc1 --- /dev/null +++ b/.github/workflows/Testandbuild.yml @@ -0,0 +1,54 @@ +name: Test and Build + +on: + push: {} + pull_request: {} + +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 + - name: Set up Ruby + uses: ruby/setup-ruby@22fdc77bf4148f810455b226c90fb81b5cbc00a7 + with: + ruby-version: '3.2' + - name: Set up Node + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c + with: + node-version: '20' + - name: Build and test + run: | + bundle install --without development + yarn install + bundle exec rake + + + build-and-push-image: + if: github.ref == 'refs/heads/main' || github.event.pull_request.base.ref == 'main' + needs: test + runs-on: ubuntu-latest + env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Log in to the Container registry + uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + - name: Build and push Docker image + uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/ghcr.yml b/.github/workflows/ghcr.yml index 7df259e..496de21 100644 --- a/.github/workflows/ghcr.yml +++ b/.github/workflows/ghcr.yml @@ -1,74 +1,75 @@ -# -name: Create and publish a Docker image -#todo this needs changing to be more of a manual trigger (or tied to development branch) -on: - push: - branches: - - 'main' +# name: Create and publish a Docker image - pull_request: - branches: - - 'main' +# on: +# push: +# branches: +# - 'main' + +# pull_request: +# branches: +# - 'main' -# Defines two custom environment variables for the workflow. These are used -# for the Container registry domain, and a name for the Docker image that -# this workflow builds. -env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} +# # Defines two custom environment variables for the workflow. These are used +# # for the Container registry domain, and a name for the Docker image that +# # this workflow builds. +# env: +# REGISTRY: ghcr.io +# IMAGE_NAME: ${{ github.repository }} -# There is a single job in this workflow. It's configured to run on the latest -# available version of Ubuntu. -jobs: - build-and-push-image: - runs-on: ubuntu-latest - # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in - # this job. - permissions: - contents: read - packages: write +# # There is a single job in this workflow. It's configured to run on the latest +# # available version of Ubuntu. +# jobs: +# build-and-push-image: +# runs-on: ubuntu-latest +# needs: ['test'] +# # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in +# # this job. +# permissions: +# contents: read +# packages: write - steps: - - name: Checkout repository - uses: actions/checkout@v4 +# steps: +# - name: Checkout repository +# uses: actions/checkout@v4 - # Uses the `docker/login-action` action to log in to the Container - # registry registry using the account and password that will publish - # the packages. Once published, the packages are scoped to the account - # defined here. - - name: Log in to the Container registry - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} +# # Uses the `docker/login-action` action to log in to the Container +# # registry registry using the account and password that will publish +# # the packages. Once published, the packages are scoped to the account +# # defined here. +# - name: Log in to the Container registry +# uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc +# with: +# registry: ${{ env.REGISTRY }} +# username: ${{ github.actor }} +# password: ${{ secrets.GITHUB_TOKEN }} - # This step uses [docker/metadata-action] - # (https://github.com/docker/metadata-action#about) to extract tags and - # labels that will be applied to the specified image. The `id` "meta" - # allows the output of this step to be referenced in a subsequent step. - # The `images` value provides the base name for the tags and labels. - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} +# # This step uses [docker/metadata-action] +# # (https://github.com/docker/metadata-action#about) to extract tags and +# # labels that will be applied to the specified image. The `id` "meta" +# # allows the output of this step to be referenced in a subsequent step. +# # The `images` value provides the base name for the tags and labels. +# - name: Extract metadata (tags, labels) for Docker +# id: meta +# uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 +# with: +# images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - # This step uses the `docker/build-push-action` action to build the - # image, based on your repository's `Dockerfile`. If the build - # succeeds, it pushes the image to GitHub Packages. It uses the - # `context` parameter to define the build's context as the set of files - # located in the specified path. For more information, see "[Usage] - # (https://github.com/docker/build-push-action#usage)" in the README of - # the `docker/build-push-action` repository. It uses the `tags` and - # `labels` parameters to tag and label the image with the output from - # the "meta" step. - - name: Build and push Docker image - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 - with: - context: . - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} +# # This step uses the `docker/build-push-action` action to build the +# # image, based on your repository's `Dockerfile`. If the build +# # succeeds, it pushes the image to GitHub Packages. It uses the +# # `context` parameter to define the build's context as the set of files +# # located in the specified path. For more information, see "[Usage] +# # (https://github.com/docker/build-push-action#usage)" in the README of +# # the `docker/build-push-action` repository. It uses the `tags` and +# # `labels` parameters to tag and label the image with the output from +# # the "meta" step. +# - name: Build and push Docker image +# uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 +# with: +# context: . +# push: true +# tags: ${{ steps.meta.outputs.tags }} +# labels: ${{ steps.meta.outputs.labels }} - #TODO: makesure the right tags are being applied +# #TODO: makesure the right tags are being applied +# \ No newline at end of file diff --git a/.github/workflows/rubyandnode.yaml b/.github/workflows/rubyandnode.yaml index affbcca..c2709dc 100644 --- a/.github/workflows/rubyandnode.yaml +++ b/.github/workflows/rubyandnode.yaml @@ -1,26 +1,30 @@ -name: Ruby and Node +# #This is a reusable workflow that can be called by another workflow. -on: - pull_request: {} +# name: Ruby and Node -jobs: - test: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 +# on: +# push: {} +# pull_request: {} + +# jobs: +# test: +# runs-on: ubuntu-latest +# steps: +# - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 - - name: Set up Ruby - uses: ruby/setup-ruby@22fdc77bf4148f810455b226c90fb81b5cbc00a7 - with: - ruby-version: '3.2' +# - name: Set up Ruby +# uses: ruby/setup-ruby@22fdc77bf4148f810455b226c90fb81b5cbc00a7 +# with: +# ruby-version: '3.2' - - name: Set up Node - uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c - with: - node-version: '20' +# - name: Set up Node +# uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c +# with: +# node-version: '20' - - name: Build and test - run: | - bundle install --without development - yarn install - bundle exec rake +# - name: Build and test +# run: | +# bundle install --without development +# yarn install +# bundle exec rake +# \ No newline at end of file From 98d30fa284ec91e11b52f82da1b329c69357f4fa Mon Sep 17 00:00:00 2001 From: Hauwa Muhammad Date: Thu, 22 Feb 2024 10:11:46 +0000 Subject: [PATCH 2/2] WIP: Added read permissions for contents and write permissions for packages --- .github/workflows/Testandbuild.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/Testandbuild.yml b/.github/workflows/Testandbuild.yml index 90debc1..e4bf608 100644 --- a/.github/workflows/Testandbuild.yml +++ b/.github/workflows/Testandbuild.yml @@ -28,6 +28,9 @@ jobs: if: github.ref == 'refs/heads/main' || github.event.pull_request.base.ref == 'main' needs: test runs-on: ubuntu-latest + permissions: + contents: read + packages: write env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }}