Skip to content

chore(deps): pin dependencies #135

chore(deps): pin dependencies

chore(deps): pin dependencies #135

name: jenkins-agent-python-pr
on:
pull_request:
paths:
- jenkins-agents/jenkins-agent-python/**
- .github/workflows/jenkins-agent-python-pr.yaml
# Declare default permissions as read only.
permissions: read-all
jobs:
build:
env:
context: jenkins-agents/jenkins-agent-python
image_name: jenkins-agent-python
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
fetch-depth: 0
- name: Check if version.json has been bumped
id: changes
run: echo "changed=$(git --no-pager diff --name-only origin/main HEAD | grep "${context}/version.json" | wc -l)" >> $GITHUB_OUTPUT
- name: Fail if version.json not bumped
if: steps.changes.outputs.changed == 0
run: |
echo "${context}/version.json has not changed. Publishing the same tag removes the SHA, which causes issues. Failing."
exit 1
- name: Check and verify version.json
id: check_version
uses: redhat-cop/github-actions/get-image-version@e4729075dcd3f34946b80df6b1bfb952b9fee166 # v4
with:
IMAGE_CONTEXT_DIR: ${{ env.context }}
- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile
ignore: DL3041
- name: Log into ghcr.io
uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1
with:
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
registry: ghcr.io
- name: Build image
uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2
with:
context: ${{ env.context }}
dockerfiles: |
./${{ env.context }}/Dockerfile
image: ${{ env.image_name }}
oci: true
tags: ${{ steps.check_version.outputs.IMAGE_TAGS }}
- name: Test image
run: |
echo "Testing ${{ env.image_name }}"
./_test/kind/setup.sh ${{ env.image_name }}