fedora-python-tox/.github/workflows/build-and-push.yml at 4a38b1e578f09a80d7aa9e7e21ed0529bcbfb18a · fedora-python/fedora-python-tox · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
name: Build, test and push container images

on:
  push:
    branches:
      - 'master'
  pull_request:
    branches:
      - 'master'
  schedule:
    - cron: '48 23 * * 6'
  workflow_dispatch:

env:
  FEDORA_VERSION: 42

jobs:
  build-and-push:
    name: Build, test and push
    runs-on: ubuntu-latest
    strategy:
      matrix:
        include:
          - arch: amd64
            toxenv: py36,py39,py310,py311,py312,py313,py314,py315,py314t,py315t,pypy,pypy39,pypy310,pypy311
          - arch: arm64
            toxenv: py312
          - arch: ppc64le
            toxenv: py39,py311
          - arch: s390x
            toxenv: py39,py310,py312
    steps:
      - name: Checkout
        uses: actions/checkout@v2
        with:
          submodules: true
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v1
      - name: Build
        uses: docker/build-push-action@v6
        with:
          context: .
          platforms: linux/${{ matrix.arch }}
          provenance: false
          sbom: false
          load: true
          tags: |
            fedorapython/fedora-python-tox:${{ matrix.arch }}
            fedorapython/fedora-python-tox:${{ matrix.arch }}-f${{ env.FEDORA_VERSION }}
      - name: Verify single-platform image
        run: |
          # Inspect the manifest
          manifest=$(docker manifest inspect fedorapython/fedora-python-tox:${{ matrix.arch }})

          # For single-platform images, manifests should be null
          # For multi-platform or images with attestations, manifests is an array
          manifests=$(echo "$manifest" | jq '.manifests')

          if [ "$manifests" != "null" ]; then
            manifest_count=$(echo "$manifests" | jq '. | length')
            echo "ERROR: Image has a manifest list with $manifest_count entries (expected null for single-platform)!"
            echo "This usually means attestations are enabled or it's a multi-platform image."
            echo "$manifests" | jq '.[] | {platform: .platform, digest: .digest, annotations: .annotations}'
            exit 1
          fi

          echo "✓ Verified: Image is single-platform (manifests: null)"
      - name: Test local project
        env:
          TOXENV: ${{ matrix.toxenv }}
        run: |
          docker run --rm --platform linux/${{ matrix.arch }} -v $PWD/example_project:/src -w /src -e TOXENV fedorapython/fedora-python-tox:${{ matrix.arch }}
      - name: Test remote project
        env:
          TOXENV: ${{ matrix.toxenv }}
        run: |
          docker run --rm --platform linux/${{ matrix.arch }} -e TOXENV -e GIT_URL=https://github.com/frenzymadness/python-tox-example.git fedorapython/fedora-python-tox:${{ matrix.arch }}
      - name: Test parallel run
        env:
          TOXENV: ${{ matrix.toxenv }}
        run: |
          docker run --rm --platform linux/${{ matrix.arch }} -v $PWD/example_project:/src -w /src -e TOXENV -e TOX_PARAMS="-p auto" fedorapython/fedora-python-tox:${{ matrix.arch }}
      - name: Test dnf install and wheel build
        env:
          TOXENV: ${{ matrix.toxenv }}
        run: |
          docker run --rm --platform linux/${{ matrix.arch }} -e DNF_INSTALL="libffi-devel 'pkgconfig(libgit2) >= 1.9' /usr/bin/cowsay" fedorapython/fedora-python-tox:${{ matrix.arch }} sh -c "/run_tests.sh; pip install -I --no-deps --compile --no-binary :all: cffi pygit2~=1.17.0 && cowsay DONE"
      - name: Test external project with WORKDIR
        run: |
          docker run --rm --platform linux/${{ matrix.arch }} -e TOXENV=py3 -e GIT_URL=https://github.com/frenzymadness/nflxprofile.git -e WORKDIR=python fedorapython/fedora-python-tox:${{ matrix.arch }}
      - name: Login to DockerHub
        uses: docker/login-action@v1
        if: github.event_name == 'push' || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch'
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Push to Dockerhub
        uses: docker/build-push-action@v2
        if: github.event_name == 'push' || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch'
        with:
          context: .
          platforms: linux/${{ matrix.arch }}
          provenance: false
          sbom: false
          push: true
          tags: |
            fedorapython/fedora-python-tox:${{ matrix.arch }}
            fedorapython/fedora-python-tox:${{ matrix.arch }}-f${{ env.FEDORA_VERSION }}

  description_update:
    name: 'Update Dockerhub description'
    if: github.event_name == 'push'
    needs: build-and-push
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: 'Update Dockerhub description'
        uses: peter-evans/dockerhub-description@v4
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
          repository: fedorapython/fedora-python-tox

  release:
    name: 'Update and test manifests'
    if: github.event_name == 'push' || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch'
    needs: build-and-push
    runs-on: ubuntu-latest
    steps:
      - name: Login to DockerHub
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Pull all images
        run: >
          for arch in amd64 arm64 ppc64le s390x; do
            docker pull fedorapython/fedora-python-tox:$arch;
            docker pull fedorapython/fedora-python-tox:${arch}-f${{ env.FEDORA_VERSION }};
          done
      - name: Create and push manifest for the :latest tag
        env:
          DOCKER_CLI_EXPERIMENTAL: enabled
        run: >
          docker manifest create fedorapython/fedora-python-tox:latest
          fedorapython/fedora-python-tox:amd64
          fedorapython/fedora-python-tox:arm64
          fedorapython/fedora-python-tox:ppc64le
          fedorapython/fedora-python-tox:s390x;
          docker manifest push fedorapython/fedora-python-tox:latest;
      - name: Test the latest manifest
        run: |
          docker manifest inspect fedorapython/fedora-python-tox:latest | grep '"architecture":' | grep -Ez '(.*(amd64|arm64|ppc64le|s390x).*){4}'
      - name: Create and push manifest for the versioned tag
        env:
          DOCKER_CLI_EXPERIMENTAL: enabled
        run: >
          docker manifest create fedorapython/fedora-python-tox:f${{ env.FEDORA_VERSION }}
          fedorapython/fedora-python-tox:amd64-f${{ env.FEDORA_VERSION }}
          fedorapython/fedora-python-tox:arm64-f${{ env.FEDORA_VERSION }}
          fedorapython/fedora-python-tox:ppc64le-f${{ env.FEDORA_VERSION }}
          fedorapython/fedora-python-tox:s390x-f${{ env.FEDORA_VERSION }};
          docker manifest push fedorapython/fedora-python-tox:f${{ env.FEDORA_VERSION }};
      - name: Test the versioned manifest
        run: |
          docker manifest inspect fedorapython/fedora-python-tox:f${{ env.FEDORA_VERSION }} | grep '"architecture":' | grep -Ez '(.*(amd64|arm64|ppc64le|s390x).*){4}'