Bump the dependencies group across 1 directory with 11 updates #150

Summary
Jobs
- Filter
- build
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/docker.yaml at d459293

	# Build, test and push InvenTree docker image
	# This workflow runs under any of the following conditions:
	#
	# - Push to the master branch
	# - Publish release
	#
	# The following actions are performed:
	#
	# - Check that the version number matches the current branch or tag
	# - Build the InvenTree docker image
	# - Run suite of unit tests against the build image
	# - Push the compiled, tested image to dockerhub

	name: Docker

	on:
	release:
	types: [published]

	push:
	branches:
	- "main"
	pull_request:
	branches:
	- "main"

	permissions:
	contents: read

	env:
	platforms: linux/amd64
	image: ghcr.io/invenhost/inventree

	jobs:
	paths-filter:
	permissions:
	contents: read # for dorny/paths-filter to fetch a list of changed files
	pull-requests: read # for dorny/paths-filter to read pull requests
	name: Filter
	runs-on: ubuntu-latest

	outputs:
	docker: ${{ steps.filter.outputs.docker }}

	steps:
	- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # [email protected]
	- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # [email protected]
	id: filter
	with:
	filters: \|
	docker:
	- .github/workflows/docker.yaml
	- contrib/container/**
	- src/backend/InvenTree/InvenTree/settings.py
	- src/backend/requirements.txt
	- tasks.py

	# Build the docker image
	build:
	needs: paths-filter
	if: needs.paths-filter.outputs.docker == 'true' \|\| github.event_name == 'release' \|\| github.event_name == 'push'
	permissions:
	id-token: write
	packages: write
	attestations: write
	contents: read
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	python_version: "3.11"
	runs-on: ubuntu-latest # in the future we can try to use alternative runners here

	steps:
	- name: Check out repo
	uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # [email protected]
	- name: Set Up Python ${{ env.python_version }}
	uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # [email protected]
	with:
	python-version: ${{ env.python_version }}
	- name: Version Check
	id: version
	run: \|
	pip install --require-hashes -r .github/requirements.txt
	python3 .github/scripts/version_check.py
	echo "git_commit_hash=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
	echo "git_commit_date=$(git show -s --format=%ci)" >> $GITHUB_OUTPUT
	- name: Test Docker Image
	id: test-docker
	run: \|
	docker build . --target production --tag inventree-test -f contrib/container/Dockerfile
	docker run --rm inventree-test invoke --version
	docker run --rm inventree-test invoke --list
	docker run --rm inventree-test gunicorn --version
	docker run --rm inventree-test pg_dump --version
	docker run --rm inventree-test test -f /home/inventree/src/backend/InvenTree/manage.py
	- name: Build Docker Image
	# Build the development docker image (using docker-compose.yml)
	run: docker compose --project-directory . -f contrib/container/dev-docker-compose.yml build --no-cache
	- name: Update Docker Image
	run: \|
	docker compose --project-directory . -f contrib/container/dev-docker-compose.yml run inventree-dev-server invoke update
	docker compose --project-directory . -f contrib/container/dev-docker-compose.yml run inventree-dev-server invoke setup-dev
	docker compose --project-directory . -f contrib/container/dev-docker-compose.yml up -d
	docker compose --project-directory . -f contrib/container/dev-docker-compose.yml run inventree-dev-server invoke wait
	- name: Check Data Directory
	# The following file structure should have been created by the docker image
	run: \|
	test -d data
	test -d data/env
	test -d data/pgdb
	test -d data/media
	test -d data/static
	test -d data/plugins
	test -f data/config.yaml
	test -f data/plugins.txt
	test -f data/secret_key.txt
	- name: Run Unit Tests
	run: \|
	echo "GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" >> contrib/container/docker.dev.env
	docker compose --project-directory . -f contrib/container/dev-docker-compose.yml run inventree-dev-server invoke test --disable-pty
	docker compose --project-directory . -f contrib/container/dev-docker-compose.yml run inventree-dev-server invoke test --migrations --disable-pty
	docker compose --project-directory . -f contrib/container/dev-docker-compose.yml down
	- name: Clean up test folder
	run: \|
	rm -rf InvenTree/_testfolder
	- name: Set up QEMU
	if: github.event_name != 'pull_request'
	uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # [email protected]
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # [email protected]
	- name: Set up cosign
	if: github.event_name != 'pull_request'
	uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # [email protected]

	- name: Log into registry ghcr.io
	if: github.event_name != 'pull_request'
	uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # [email protected]
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Extract Docker metadata
	if: github.event_name != 'pull_request'
	id: meta
	uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # [email protected]
	with:
	images: \|
	${{ env.image }}

	- name: Set SOURCE_DATE_EPOCH
	run: echo "SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct)" >> $GITHUB_OUTPUT
	shell: bash
	id: epoch

	- name: Push Docker Images
	id: push-docker
	uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # [email protected]
	with:
	context: .
	file: ./contrib/container/Dockerfile
	platforms: ${{ env.platforms }}
	push: ${{ github.event_name != 'pull_request' }}
	sbom: true
	provenance: mode=max
	target: production
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}
	build-args: \|
	commit_hash=${{ steps.epoch.outputs.git_commit_hash }}
	commit_date=${{ steps.epoch.outputs.git_commit_date }}
	SOURCE_DATE_EPOCH=${{ steps.epoch.outputs.SOURCE_DATE_EPOCH }}
	cache-from: type=gha
	cache-to: type=gha,mode=max
	- name: Sign the published Docker image
	if: ${{ github.event_name != 'pull_request' }}
	env:
	TAGS: ${{ steps.meta.outputs.tags }}
	DIGEST: ${{ steps.push-docker.outputs.digest }}
	run: echo "${TAGS}" \| xargs -I {} cosign sign --yes {}@${DIGEST}
	- name: Attest image
	if: ${{ github.event_name != 'pull_request' }}
	uses: github-early-access/generate-build-provenance@main
	with:
	subject-name: ${{ env.image }}
	subject-digest: ${{ steps.push-docker.outputs.digest }}
	push-to-registry: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the dependencies group across 1 directory with 11 updates #150

Workflow file

Bump the dependencies group across 1 directory with 11 updates #150

Jobs

Run details

Workflow file for this run