Skip to content
CI

Bump certifi from 2024.2.2 to 2024.7.4 #149

Sign in to view logs

Bump certifi from 2024.2.2 to 2024.7.4

Bump certifi from 2024.2.2 to 2024.7.4 #149

Workflow file for this run

.github/workflows/main.yml at 7bc8b85
---
name: CI
"on":
push:
branches:
- main
tags:
- v*.*.*
pull_request:
branches:
- main
permissions:
contents: read
env:
DOCKER_PLATFORMS: linux/amd64,linux/arm64
jobs:
meta:
name: Derive Build Metadata
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Derive version string
id: bin_version
run: echo "bin_version=$(./.version.sh)" >> "$GITHUB_OUTPUT"
- name: bin_version
run: "echo bin_version: ${{ steps.bin_version.outputs.bin_version }}"
- name: Check if this is a running version tag update
id: running_version_tag
run: |
if [ -z "${{ github.event.ref }}" ]; then
echo "is_running_version_tag_update=false" >> "$GITHUB_OUTPUT"
elif [[ "${{ github.event.ref }}" =~ ^refs/tags/v[0-9]+\.[0-9]+$ ]]; then
echo "is_running_version_tag_update=true" >> "$GITHUB_OUTPUT"
elif [[ "${{ github.event.ref }}" =~ ^refs/tags/v[0-9]+$ ]]; then
echo "is_running_version_tag_update=true" >> "$GITHUB_OUTPUT"
else
echo "is_running_version_tag_update=false" >> "$GITHUB_OUTPUT"
fi
- name: is_running_version_tag
run: "echo is_running_version_tag_update: ${{ steps.running_version_tag.outputs.is_running_version_tag_update }}"
outputs:
bin_name: ${{ github.event.repository.name }}
bin_version: ${{ steps.bin_version.outputs.bin_version }}
dockerhub_owner: ${{ github.repository_owner }}
ghcr_owner: ${{ github.repository_owner }}
packagecloud_owner: ${{ github.repository_owner }}
packagecloud_repo: oss
is_prerelease: >-
${{
steps.running_version_tag.outputs.is_running_version_tag_update != 'true' &&
startsWith(github.ref, 'refs/tags/v') &&
(contains(github.ref, '-alpha.')
|| contains(github.ref, '-beta.')
|| contains(github.ref, '-rc.'))
}}
is_release: >-
${{
steps.running_version_tag.outputs.is_running_version_tag_update != 'true' &&
startsWith(github.ref, 'refs/tags/v') &&
!(contains(github.ref, '-alpha.')
|| contains(github.ref, '-beta.')
|| contains(github.ref, '-rc.'))
}}
is_pull_request: ${{ github.event_name == 'pull_request' }}
is_running_version_tag_update: ${{ steps.running_version_tag.outputs.is_running_version_tag_update }}
lint:
name: Lint
runs-on: ubuntu-latest
permissions:
contents: write
checks: write
issues: write
pull-requests: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Python 3.11
uses: actions/setup-python@v4
with:
python-version: 3.11
- name: Install pipenv
env:
PIPENV_VENV_IN_PROJECT: true
run: |
pip install pipenv
pipenv install
- name: Run Trunk Check
uses: trunk-io/trunk-action@v1
docker:
name: Docker Images
needs: [lint, meta]
if: needs.meta.outputs.is_running_version_tag_update != 'true'
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Login to GHCR
if: needs.meta.outputs.is_pull_request != 'true'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Docker Hub
if: needs.meta.outputs.is_pull_request != 'true'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: all
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Available platforms
run: echo ${{ steps.buildx.outputs.platforms }}
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v5
with:
images: |
${{ needs.meta.outputs.dockerhub_owner }}/${{ needs.meta.outputs.bin_name }}
ghcr.io/${{ needs.meta.outputs.ghcr_owner }}/${{ needs.meta.outputs.bin_name }}
tags: |
type=raw,value=latest,enable=${{ needs.meta.outputs.is_release == 'true' }}
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
platforms: ${{ env.DOCKER_PLATFORMS }}
builder: ${{ steps.buildx.outputs.name }}
push: ${{ needs.meta.outputs.is_pull_request != 'true' }}
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}
build-args: |
BIN_VERSION=${{ needs.meta.outputs.bin_version }}
- name: Update Docker Hub description
if: needs.meta.outputs.is_release == 'true'
uses: peter-evans/dockerhub-description@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
repository: ${{ needs.meta.outputs.dockerhub_owner }}/${{ needs.meta.outputs.bin_name }}
readme-filepath: ./README.md
short-description: ${{ github.event.repository.description }}
release:
name: GitHub (Pre)Release
needs: [meta]
if: >-
needs.meta.outputs.is_release == 'true' ||
needs.meta.outputs.is_prerelease == 'true'
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Create GitHub release
uses: softprops/action-gh-release@v1
with:
prerelease: ${{ needs.meta.outputs.is_prerelease == 'true' }}
generate_release_notes: true
tags:
name: Update Release Tags
needs: [meta, release]
if: needs.meta.outputs.is_release == 'true'
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Update running major/minor version tags
uses: sersoft-gmbh/running-release-tags-action@v3
with:
fail-on-non-semver-tag: true
create-release: false
update-full-release: false