Skip to content

Commit 8b68b8c

Browse files
flowstateflowstate
committed
added workflows from main, tweaked to have more robust setup from sdk wfs
1 parent 446a1c6 commit 8b68b8c

File tree

4 files changed

+408
-0
lines changed

4 files changed

+408
-0
lines changed

.github/workflows/docker-stable.yml

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
name: Mark Release as Stable
2+
on:
3+
workflow_dispatch:
4+
inputs:
5+
version:
6+
description: 'Version to mark as stable (e.g., 1.2.3)'
7+
required: true
8+
9+
jobs:
10+
stable:
11+
runs-on: ubuntu-latest
12+
steps:
13+
- uses: actions/checkout@v4
14+
15+
- name: Check if version exists in PyPI
16+
id: version_check
17+
run: |
18+
if ! curl -s -f https://pypi.org/pypi/socketsecurity/${{ inputs.version }}/json > /dev/null; then
19+
echo "Error: Version ${{ inputs.version }} not found on PyPI"
20+
exit 1
21+
fi
22+
echo "Version ${{ inputs.version }} found on PyPI - proceeding with release"
23+
24+
- name: Login to Docker Hub
25+
uses: docker/login-action@v3
26+
with:
27+
username: ${{ secrets.DOCKERHUB_USERNAME }}
28+
password: ${{ secrets.DOCKERHUB_TOKEN }}
29+
30+
- name: Set up QEMU
31+
uses: docker/setup-qemu-action@v3
32+
33+
- name: Set up Docker Buildx
34+
uses: docker/setup-buildx-action@v3
35+
36+
- name: Build & Push Stable Docker
37+
uses: docker/build-push-action@v5
38+
with:
39+
push: true
40+
platforms: linux/amd64,linux/arm64
41+
tags: socketdev/cli:stable
42+
build-args: |
43+
CLI_VERSION=${{ inputs.version }}

.github/workflows/pr-preview.yml

Lines changed: 168 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,168 @@
1+
name: PR Preview
2+
on:
3+
pull_request:
4+
types: [opened, synchronize]
5+
6+
jobs:
7+
preview:
8+
runs-on: ubuntu-latest
9+
steps:
10+
- uses: actions/checkout@v4
11+
- uses: actions/setup-python@v5
12+
with:
13+
python-version: '3.x'
14+
15+
# Install all dependencies from pyproject.toml
16+
- name: Install dependencies
17+
run: |
18+
python -m pip install --upgrade pip
19+
pip install -e .
20+
21+
- name: Set preview version
22+
run: |
23+
BASE_VERSION=$(python -c "from socketsecurity import __version__; print(__version__)")
24+
PREVIEW_VERSION="${BASE_VERSION}.dev${{ github.event.pull_request.number }}${{ github.event.pull_request.commits }}"
25+
echo "VERSION=${PREVIEW_VERSION}" >> $GITHUB_ENV
26+
27+
# Update version in __init__.py
28+
echo "__version__ = \"${PREVIEW_VERSION}\"" > socketsecurity/__init__.py.tmp
29+
cat socketsecurity/__init__.py | grep -v "__version__" >> socketsecurity/__init__.py.tmp
30+
mv socketsecurity/__init__.py.tmp socketsecurity/__init__.py
31+
32+
# Verify the change
33+
echo "Updated version in __init__.py:"
34+
python -c "from socketsecurity import __version__; print(__version__)"
35+
36+
- name: Check if version exists on Test PyPI
37+
id: version_check
38+
env:
39+
VERSION: ${{ env.VERSION }}
40+
run: |
41+
if curl -s -f https://test.pypi.org/pypi/socketsecurity/$VERSION/json > /dev/null; then
42+
echo "Version ${VERSION} already exists on Test PyPI"
43+
echo "exists=true" >> $GITHUB_OUTPUT
44+
else
45+
echo "Version ${VERSION} not found on Test PyPI"
46+
echo "exists=false" >> $GITHUB_OUTPUT
47+
fi
48+
49+
- name: Build package
50+
if: steps.version_check.outputs.exists != 'true'
51+
run: |
52+
pip install build
53+
python -m build
54+
55+
- name: Restore original version
56+
if: always()
57+
run: |
58+
BASE_VERSION=$(echo $VERSION | cut -d'.' -f1-3)
59+
echo "__version__ = \"${BASE_VERSION}\"" > socketsecurity/__init__.py.tmp
60+
cat socketsecurity/__init__.py | grep -v "__version__" >> socketsecurity/__init__.py.tmp
61+
mv socketsecurity/__init__.py.tmp socketsecurity/__init__.py
62+
63+
- name: Publish to Test PyPI
64+
if: steps.version_check.outputs.exists != 'true'
65+
uses: pypa/gh-action-pypi-publish@v1.8.11
66+
with:
67+
repository-url: https://test.pypi.org/legacy/
68+
password: ${{ secrets.TEST_PYPI_TOKEN }}
69+
verbose: true
70+
71+
- name: Comment on PR
72+
if: steps.version_check.outputs.exists != 'true'
73+
uses: actions/github-script@v7
74+
env:
75+
VERSION: ${{ env.VERSION }}
76+
with:
77+
script: |
78+
const version = process.env.VERSION;
79+
const prNumber = context.payload.pull_request.number;
80+
const owner = context.repo.owner;
81+
const repo = context.repo.repo;
82+
// Find existing bot comments
83+
const comments = await github.rest.issues.listComments({
84+
owner: context.repo.owner,
85+
repo: context.repo.repo,
86+
issue_number: prNumber,
87+
});
88+
89+
const botComment = comments.data.find(comment =>
90+
comment.user.type === 'Bot' &&
91+
comment.body.includes('🚀 Preview package published!')
92+
);
93+
94+
const comment = `
95+
🚀 Preview package published!
96+
97+
Install with:
98+
\`\`\`bash
99+
pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple socketsecurity==${version}
100+
\`\`\`
101+
102+
Docker image: \`socketdev/cli:pr-${prNumber}\`
103+
`;
104+
105+
if (botComment) {
106+
// Update existing comment
107+
await github.rest.issues.updateComment({
108+
owner: owner,
109+
repo: repo,
110+
comment_id: botComment.id,
111+
body: comment
112+
});
113+
} else {
114+
// Create new comment
115+
await github.rest.issues.createComment({
116+
owner: owner,
117+
repo: repo,
118+
issue_number: prNumber,
119+
body: comment
120+
});
121+
}
122+
123+
- name: Verify package is available
124+
if: steps.version_check.outputs.exists != 'true'
125+
id: verify_package
126+
env:
127+
VERSION: ${{ env.VERSION }}
128+
run: |
129+
for i in {1..30}; do
130+
if pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple socketsecurity==${VERSION}; then
131+
echo "Package ${VERSION} is now available and installable on Test PyPI"
132+
pip uninstall -y socketsecurity
133+
echo "success=true" >> $GITHUB_OUTPUT
134+
exit 0
135+
fi
136+
echo "Attempt $i: Package not yet installable, waiting 20s... (${i}/30)"
137+
sleep 20
138+
done
139+
echo "success=false" >> $GITHUB_OUTPUT
140+
exit 1
141+
142+
- name: Login to Docker Hub
143+
if: steps.verify_package.outputs.success == 'true'
144+
uses: docker/login-action@v3
145+
with:
146+
username: ${{ secrets.DOCKERHUB_USERNAME }}
147+
password: ${{ secrets.DOCKERHUB_TOKEN }}
148+
149+
- name: Set up QEMU
150+
uses: docker/setup-qemu-action@v3
151+
152+
- name: Set up Docker Buildx
153+
uses: docker/setup-buildx-action@v3
154+
155+
- name: Build & Push Docker Preview
156+
if: steps.verify_package.outputs.success == 'true'
157+
uses: docker/build-push-action@v5
158+
env:
159+
VERSION: ${{ env.VERSION }}
160+
with:
161+
push: true
162+
platforms: linux/amd64,linux/arm64
163+
tags: |
164+
socketdev/cli:pr-${{ github.event.pull_request.number }}
165+
build-args: |
166+
CLI_VERSION=${{ env.VERSION }}
167+
PIP_INDEX_URL=https://test.pypi.org/simple
168+
PIP_EXTRA_INDEX_URL=https://pypi.org/simple

.github/workflows/release.yml

Lines changed: 107 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,107 @@
1+
name: Release
2+
on:
3+
push:
4+
tags:
5+
- 'v*'
6+
7+
jobs:
8+
release:
9+
runs-on: ubuntu-latest
10+
steps:
11+
- uses: actions/checkout@v4
12+
- uses: actions/setup-python@v5
13+
with:
14+
python-version: '3.x'
15+
16+
- name: Get Version
17+
id: version
18+
run: |
19+
RAW_VERSION=$(python -c "from socketsecurity import __version__; print(__version__)")
20+
echo "VERSION=$RAW_VERSION" >> $GITHUB_ENV
21+
if [ "v$RAW_VERSION" != "${{ github.ref_name }}" ]; then
22+
echo "Error: Git tag (${{ github.ref_name }}) does not match package version (v$RAW_VERSION)"
23+
exit 1
24+
fi
25+
26+
- name: Check if version exists on PyPI
27+
id: version_check
28+
env:
29+
VERSION: ${{ env.VERSION }}
30+
run: |
31+
if curl -s -f https://pypi.org/pypi/socketsecurity/$VERSION/json > /dev/null; then
32+
echo "Version ${VERSION} already exists on PyPI"
33+
echo "pypi_exists=true" >> $GITHUB_OUTPUT
34+
else
35+
echo "Version ${VERSION} not found on PyPI - proceeding with PyPI deployment"
36+
echo "pypi_exists=false" >> $GITHUB_OUTPUT
37+
fi
38+
39+
- name: Check Docker image existence
40+
id: docker_check
41+
env:
42+
VERSION: ${{ env.VERSION }}
43+
run: |
44+
if curl -s -f "https://hub.docker.com/v2/repositories/socketdev/cli/tags/${{ env.VERSION }}" > /dev/null; then
45+
echo "Docker image socketdev/cli:${VERSION} already exists"
46+
echo "docker_exists=true" >> $GITHUB_OUTPUT
47+
else
48+
echo "docker_exists=false" >> $GITHUB_OUTPUT
49+
fi
50+
51+
- name: Build package
52+
if: steps.version_check.outputs.pypi_exists != 'true'
53+
run: |
54+
pip install build
55+
python -m build
56+
57+
- name: Publish to PyPI
58+
if: steps.version_check.outputs.pypi_exists != 'true'
59+
uses: pypa/gh-action-pypi-publish@v1.8.11
60+
with:
61+
password: ${{ secrets.PYPI_TOKEN }}
62+
63+
- name: Login to Docker Hub
64+
uses: docker/login-action@v3
65+
with:
66+
username: ${{ secrets.DOCKERHUB_USERNAME }}
67+
password: ${{ secrets.DOCKERHUB_TOKEN }}
68+
69+
- name: Set up QEMU
70+
uses: docker/setup-qemu-action@v3
71+
72+
- name: Set up Docker Buildx
73+
uses: docker/setup-buildx-action@v3
74+
75+
- name: Verify package is installable
76+
id: verify_package
77+
env:
78+
VERSION: ${{ env.VERSION }}
79+
run: |
80+
for i in {1..30}; do
81+
if pip install socketsecurity==${VERSION}; then
82+
echo "Package ${VERSION} is now available and installable on PyPI"
83+
pip uninstall -y socketsecurity
84+
echo "success=true" >> $GITHUB_OUTPUT
85+
exit 0
86+
fi
87+
echo "Attempt $i: Package not yet installable, waiting 20s... (${i}/30)"
88+
sleep 20
89+
done
90+
echo "success=false" >> $GITHUB_OUTPUT
91+
exit 1
92+
93+
- name: Build & Push Docker
94+
if: |
95+
steps.verify_package.outputs.success == 'true' &&
96+
steps.docker_check.outputs.docker_exists != 'true'
97+
uses: docker/build-push-action@v5
98+
env:
99+
VERSION: ${{ env.VERSION }}
100+
with:
101+
push: true
102+
platforms: linux/amd64,linux/arm64
103+
tags: |
104+
socketdev/cli:latest
105+
socketdev/cli:${{ env.VERSION }}
106+
build-args: |
107+
CLI_VERSION=${{ env.VERSION }}

0 commit comments

Comments
 (0)