GitHub Actions 의존성 업데이트 #866
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| - push | |
| - pull_request | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| DB_USER: kirito | |
| DB_PASSWORD: eugeo | |
| DB_NAME: test | |
| jobs: | |
| check-coding-convention: | |
| name: Check Coding Convention | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Set-up | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version-file: "pyproject.toml" | |
| # Install Dependencies | |
| - name: Install Checkers | |
| run: pip install black ruff | |
| # Lint | |
| - name: Check coding convention | |
| run: ruff check | |
| - name: Check missing autofix | |
| run: black --check . | |
| test-program: | |
| name: Test Program | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:16 | |
| env: | |
| POSTGRES_USER: ${{ env.DB_USER }} | |
| POSTGRES_PASSWORD: ${{ env.DB_PASSWORD }} | |
| POSTGRES_DB: ${{ env.DB_NAME }} | |
| ports: | |
| - 5432:5432 | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| valkey: | |
| image: valkey/valkey:latest | |
| ports: | |
| - 6379:6379 | |
| steps: | |
| # Set-up | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v6 | |
| with: | |
| enable-cache: true | |
| - name: Setup Python | |
| run: uv python install | |
| - name: Install dependencies | |
| run: uv sync --locked --all-extras --dev | |
| # Type Check | |
| - name: Check static types | |
| run: uv run mypy yui | |
| # Test | |
| - name: Run test cases | |
| run: uv run pytest -v --cov=yui --cov-report=xml --junitxml=junit.xml | |
| env: | |
| SQLALCHEMY_WARN_20: 1 | |
| YUI_TEST_DATABASE_URL: postgresql+psycopg://${{ env.DB_USER }}:${{ env.DB_PASSWORD }}@localhost/${{ env.DB_NAME }} | |
| GOOGLE_API_KEY: ${{ secrets.TEST_GOOGLE_API_KEY }} | |
| NAVER_CLIENT_ID: ${{ secrets.TEST_NAVER_CLIENT_ID }} | |
| NAVER_CLIENT_SECRET: ${{ secrets.TEST_NAVER_CLIENT_SECRET }} | |
| # After jobs | |
| - name: Export requirements.txt for docker build | |
| run: | | |
| uv export --locked --format requirements.txt --output-file requirements.txt --no-hashes --no-emit-project --no-dev | |
| - name: Archive requirements.txt file | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: python-deps | |
| path: requirements.txt | |
| - name: Upload coverage | |
| if: ${{ !cancelled() }} | |
| uses: codecov/codecov-action@v5 | |
| with: | |
| files: ./coverage.xml | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| - name: Upload test results to Codecov | |
| if: ${{ !cancelled() }} | |
| uses: codecov/test-results-action@v1 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| deploy: | |
| name: Deploy | |
| runs-on: ubuntu-latest | |
| needs: [check-coding-convention, test-program] | |
| permissions: | |
| contents: read | |
| packages: write | |
| attestations: write | |
| id-token: write | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| - name: Set up Docker BuildX | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Fetch stored requirements.txt | |
| uses: actions/download-artifact@v5 | |
| with: | |
| name: python-deps | |
| - name: Get Docker metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| labels: | | |
| org.opencontainers.image.title=YUI | |
| org.opencontainers.image.description=Yui is a bot for Slack | |
| env: | |
| DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index | |
| - name: Build and push | |
| id: push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| push: true | |
| tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest | |
| annotations: ${{ steps.meta.outputs.annotations }} | |
| cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest | |
| cache-to: type=inline | |
| - name: Generate artifact attestation | |
| uses: actions/attest-build-provenance@v3 | |
| with: | |
| subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| subject-digest: ${{ steps.push.outputs.digest }} | |
| push-to-registry: true |