diff --git a/.github/workflows/development-build.yml b/.github/workflows/development-build.yml new file mode 100644 index 0000000..039c099 --- /dev/null +++ b/.github/workflows/development-build.yml @@ -0,0 +1,44 @@ +name: Development Build + +on: + push: + branches-ignore: + - master + +concurrency: + group: dev-build-${{ github.ref }} + cancel-in-progress: true + +jobs: + quay_dev: + name: Push Quay (Dev) + runs-on: ubuntu-latest + permissions: + contents: read + + steps: + - name: Checkout Code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: Podman Login + env: + QUAY_USER: ${{ secrets.QUAY_USERNAME }} + QUAY_TOKEN: ${{ secrets.QUAY_API_TOKEN }} + run: echo "$QUAY_TOKEN" | podman login -u="$QUAY_USER" --password-stdin quay.io + + - name: Clean Old Development Tag + env: + QUAY_USER: ${{ secrets.QUAY_USERNAME }} + QUAY_TOKEN: ${{ secrets.QUAY_API_TOKEN }} + run: | + REPO="quay.io/quads/badfish" + echo "$QUAY_TOKEN" | skopeo login -u="$QUAY_USER" --password-stdin quay.io + + echo "Attempting to delete old development tag..." + skopeo delete "docker://$REPO:development" || echo "Tag development not found or already deleted." + + - name: Build and Push Dev + run: | + # Added --no-cache to ensure fresh layers + podman build --no-cache -t quay.io/quads/badfish:development . + podman push quay.io/quads/badfish:development diff --git a/.github/workflows/production-release.yml b/.github/workflows/production-release.yml new file mode 100644 index 0000000..93d1202 --- /dev/null +++ b/.github/workflows/production-release.yml @@ -0,0 +1,137 @@ +name: Production Release + +on: + push: + branches: + - master + +concurrency: + group: production-release + cancel-in-progress: true + +jobs: + # ------------------------------------------------------------------ + # JOB 1: RELEASE (Calculate Version, Tag, Push to PyPI) + # ------------------------------------------------------------------ + release: + name: Semantic Release + runs-on: ubuntu-latest + permissions: + contents: write # Needed to create releases/tags + id-token: write # Needed for PyPI trusted publishing + outputs: + released: ${{ steps.semantic.outputs.released }} + tag: ${{ steps.semantic.outputs.tag }} + version: ${{ steps.semantic.outputs.version }} + + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-depth: 0 + + - name: Python Semantic Release + id: semantic + uses: python-semantic-release/python-semantic-release@7f12e960334860b29ce37894a485596489438914 # v9.15.0 + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + + - name: Publish to PyPI + if: steps.semantic.outputs.released == 'true' + uses: pypa/gh-action-pypi-publish@67339c736fd9352e5f1a7421053be3d68444052f # release/v1 + with: + password: ${{ secrets.PYPI_API_TOKEN }} + + # ------------------------------------------------------------------ + # JOB 2: COPR BUILD (Fedora SRPM) + # ------------------------------------------------------------------ + copr_build: + name: Submit to COPR + needs: release + if: needs.release.outputs.released == 'true' + runs-on: ubuntu-latest + container: fedora:latest + permissions: + contents: read + + steps: + - name: Install Git + run: dnf -y install git + + - name: Checkout Tagged Release + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + ref: ${{ needs.release.outputs.tag }} + + - name: Install tooling + run: | + dnf -y install @development-tools @rpm-development-tools copr-cli make zlib-devel + + - name: Work around GHA permission issue + run: git config --global --add safe.directory /__w/badfish/badfish + + - name: Setup COPR Config + env: + API_TOKEN_CONTENT: ${{ secrets.COPR_API_TOKEN }} + run: | + mkdir -p "$HOME/.config" + echo "$API_TOKEN_CONTENT" > "$HOME/.config/copr" + + - name: Sync Spec Version and Build + env: + RELEASE_VERSION: ${{ needs.release.outputs.version }} + run: | + cd rpm + sed -i "s/^Version:.*/Version: ${RELEASE_VERSION}/" python3-badfish.spec + make srpm + SRPM_FILE=$(find . -name "*.src.rpm" -type f | head -n 1) + if [ -z "$SRPM_FILE" ]; then + echo "Error: No .src.rpm file found in $(pwd) or subdirectories." + echo "Ensure your Makefile outputs the SRPM locally or defines _topdir." + exit 1 + fi + echo "Found SRPM: $SRPM_FILE" + copr build quadsdev/badfish "$SRPM_FILE" + # ------------------------------------------------------------------ + # JOB 3: QUAY PUBLISH (Master & Latest) + # ------------------------------------------------------------------ + quay_master: + name: Push Quay (Master) + needs: release + if: needs.release.outputs.released == 'true' + runs-on: ubuntu-latest + permissions: + contents: read + + steps: + - name: Checkout Tagged Release + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + ref: ${{ needs.release.outputs.tag }} + + - name: Podman Login + env: + QUAY_USER: ${{ secrets.QUAY_USERNAME }} + QUAY_TOKEN: ${{ secrets.QUAY_API_TOKEN }} + run: echo "$QUAY_TOKEN" | podman login -u="$QUAY_USER" --password-stdin quay.io + + - name: Clean Old Tags + env: + QUAY_USER: ${{ secrets.QUAY_USERNAME }} + QUAY_TOKEN: ${{ secrets.QUAY_API_TOKEN }} + run: | + REPO="quay.io/quads/badfish" + echo "$QUAY_TOKEN" | skopeo login -u="$QUAY_USER" --password-stdin quay.io + + # Delete 'master' and 'latest' if they exist + for tag in master latest; do + echo "Attempting to delete old tag: $tag" + skopeo delete "docker://$REPO:$tag" || echo "Tag $tag not found or already deleted." + done + + - name: Build and Push + run: | + # Added --no-cache to ensure fresh layers + podman build --no-cache -t quay.io/quads/badfish:master . + podman tag quay.io/quads/badfish:master quay.io/quads/badfish:latest + podman push quay.io/quads/badfish:master + podman push quay.io/quads/badfish:latest diff --git a/.github/workflows/push-copr-build.yml b/.github/workflows/push-copr-build.yml deleted file mode 100644 index 41cf75d..0000000 --- a/.github/workflows/push-copr-build.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -name: RPM build -on: - # Build only on pushes into master branch. - push: - branches: [ master ] - -jobs: - build: - name: Submit a build from Fedora container - container: fedora:latest - runs-on: ubuntu-latest - - steps: - - name: Check out proper version of sources - uses: actions/checkout@v1 - - - name: Install API token for copr-cli - env: - API_TOKEN_CONTENT: ${{ secrets.COPR_API_TOKEN }} - run: | - mkdir -p "$HOME/.config" - echo "$API_TOKEN_CONTENT" > "$HOME/.config/copr" - - - name: Install tooling for source RPM build - run: | - dnf -y install @development-tools @rpm-development-tools copr-cli make zlib-devel - - - name: Work around GHA permission issue - run: git config --global --add safe.directory /__w/badfish/badfish - - - name: Build the source RPM - run: | - cd rpm && make srpm - - - name: Submit the build by uploading the source RPM - run: | - copr build quadsdev/badfish rpm/*.src.rpm diff --git a/.github/workflows/source-tarball.yml b/.github/workflows/source-tarball.yml deleted file mode 100644 index 08a2da8..0000000 --- a/.github/workflows/source-tarball.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: Create Source tarball - -on: - push: - branches: - - master - -jobs: - package: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - name: Create versioned tarball - id: create-tarball - run: | - make tarball - echo "tarball_name=$(ls badfish-*.tar.gz | head -n1)" >> $GITHUB_OUTPUT - echo "version=$(ls badfish-*.tar.gz | sed 's/badfish-\(.*\)\.tar\.gz/\1/')" >> $GITHUB_OUTPUT - working-directory: rpm - - - name: Upload artifact - uses: actions/upload-artifact@v4 - with: - name: source-tarball - path: rpm/badfish-*.tar.gz - - - name: Create Release and Upload Asset - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - gh release create "v${{ steps.create-tarball.outputs.version }}" \ - --title "Release ${{ steps.create-tarball.outputs.version }}" \ - --notes "Release ${{ steps.create-tarball.outputs.version }}" \ - --repo ${{ github.repository }} - - gh release upload "v${{ steps.create-tarball.outputs.version }}" \ - "rpm/${{ steps.create-tarball.outputs.tarball_name }}" \ - --clobber \ - --repo ${{ github.repository }} diff --git a/.github/workflows/sync-back.yml b/.github/workflows/sync-back.yml new file mode 100644 index 0000000..108716b --- /dev/null +++ b/.github/workflows/sync-back.yml @@ -0,0 +1,43 @@ +name: Sync Back to Development + +on: + workflow_run: + workflows: ["Production Release"] + types: + - completed + +permissions: + contents: write + +jobs: + sync-branches: + runs-on: ubuntu-latest + # Only run if the Production Release actually succeeded + if: ${{ github.event.workflow_run.conclusion == 'success' }} + + steps: + - name: Checkout Source Code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + # Fetch full history to ensure merge works + fetch-depth: 0 + # We need to checkout development, but the context starts at the default branch (usually master) + ref: development + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Merge Master into Development + run: | + git config --global user.name 'github-actions[bot]' + git config --global user.email 'github-actions[bot]@users.noreply.github.com' + + # Fetch latest updates from origin + git fetch origin + + # Merge origin/master (which holds the new version commit) into the current branch (development) + # We use --no-ff to create a merge commit, or plain merge is fine too. + # If there are no changes in dev, this is a fast-forward. + echo "Merging master back into development..." + git merge origin/master --no-edit + + # Push the update back to development + git push origin development diff --git a/pyproject.toml b/pyproject.toml index e0af8ab..9c2fb65 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,3 +4,10 @@ build-backend = "setuptools.build_meta" [tool.black] line-length = 120 + +[tool.semantic_release] +version_variables = [ + "src/badfish/__init__.py:__version__" +] +branch = "master" +build_command = "pip install build && python -m build" diff --git a/src/badfish/__init__.py b/src/badfish/__init__.py index e69de29..9e604c0 100644 --- a/src/badfish/__init__.py +++ b/src/badfish/__init__.py @@ -0,0 +1 @@ +__version__ = "1.0.7"