CI #66
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| schedule: | |
| # Weekly rebuild of all images, to pick up any upstream changes. | |
| - cron: "15 3 * * 0" # At 03:15 on Sunday | |
| # Hourly rebuild of dev images | |
| - cron: "45 4 * * *" # At 04:45 every day | |
| pull_request: | |
| push: | |
| branches: | |
| - main | |
| concurrency: | |
| # Only cancel in-progress runs for pull_request events, this prevents cancelling workflows against main or tags | |
| # A pull_request will reuse the same group thus enabling cancelation, all others receive a unique run_id | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }} | |
| cancel-in-progress: true | |
| jobs: | |
| ci: | |
| name: CI | |
| # This should be the only action checked as required in the repo settings. | |
| # | |
| # This is a meta-job, here to express the conditions we require | |
| # in order to consider a CI run to be successful. | |
| if: always() | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| needs: | |
| - build | |
| - dev | |
| steps: | |
| - uses: re-actors/alls-green@release/v1 | |
| with: | |
| jobs: ${{ toJSON(needs) }} | |
| allowed-skips: ${{ | |
| ( | |
| github.event_name == 'schedule' && | |
| ( | |
| github.event.schedule != '15 3 * * 0' && '["build"]' | |
| || | |
| github.event.schedule != '45 4 * * 0' && '["dev"]' | |
| ) | |
| ) || '[]' | |
| }} | |
| build: | |
| name: Build | |
| # Build all images, excluding dev versions. | |
| # | |
| # Builds all versions of each image in parallel. | |
| # | |
| # Run on merges to main, or on weekly scheduled re-builds. | |
| if: contains(fromJSON('["push", "pull_request"]'), github.event_name) || github.event.schedule == '15 3 * * 0' | |
| permissions: | |
| contents: read | |
| packages: write | |
| uses: "posit-dev/images-shared/.github/workflows/bakery-build.yml@main" | |
| secrets: | |
| DOCKER_HUB_ACCESS_TOKEN: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | |
| APP_ID: ${{ secrets.APP_ID }} | |
| APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }} | |
| with: | |
| runs-on: ubuntu-latest-4x | |
| dev-versions: "exclude" | |
| # Push images only for merges into main and weekly schduled re-builds. | |
| push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' || github.event.schedule == '15 3 * * 0' }} | |
| dev: | |
| name: Dev Build | |
| # Dev Build | |
| # | |
| # Builds all development versions of each image in parallel. | |
| # | |
| # Run on merges to main, or on hourly scheduled re-builds. | |
| if: contains(fromJSON('["push", "pull_request"]'), github.event_name) || github.event.schedule == '45 4 * * *' | |
| permissions: | |
| contents: read | |
| packages: write | |
| uses: "posit-dev/images-shared/.github/workflows/bakery-build.yml@main" | |
| secrets: | |
| APP_ID: ${{ secrets.APP_ID }} | |
| APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }} | |
| with: | |
| runs-on: ubuntu-latest-4x | |
| dev-versions: "only" | |
| # Push images only for merges into main and hourly schduled re-builds. | |
| # TODO: Override image registry before enabling pushing | |
| # push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' || github.event.schedule == '45 4 * * *' }} | |
| push: false |