Skip to content

Add env variables AUTH_LDAP_GROUP_SEARCH_ROOT for LDAP group mirroring and AUTH_LDAP_CHRIS_ADMIN_GROUP to define a ChRIS admin group #540

Add env variables AUTH_LDAP_GROUP_SEARCH_ROOT for LDAP group mirroring and AUTH_LDAP_CHRIS_ADMIN_GROUP to define a ChRIS admin group

Add env variables AUTH_LDAP_GROUP_SEARCH_ROOT for LDAP group mirroring and AUTH_LDAP_CHRIS_ADMIN_GROUP to define a ChRIS admin group #540

Workflow file for this run

name: CI
on:
push:
branches: [ master ]
tags:
- 'v[0-9]+.[0-9]+.[0-9]+*'
pull_request:
branches: [ master ]
jobs:
test:
if: github.ref_type == 'branch' || github.ref_name == 'pull_request'
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
engine: [ 'docker', 'podman' ]
test-kind: [ 'unit', 'integration' ]
steps:
- name: Start podman daemon
if: matrix.engine == 'podman'
run: systemctl --user start podman.service
- uses: taiki-e/install-action@just
- uses: actions/checkout@v4
- name: Run ${{ matrix.test-kind }} tests on ${{ matrix.engine }}
uses: ./
with:
engine: ${{ matrix.engine }}
command: test-${{ matrix.test-kind }}
build:
name: Build
if: github.event_name == 'push'
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Update __version__.py
if: startsWith(github.ref, 'refs/tags/v')
run: echo '__version__ = "${GITHUB_REF_NAME:1}"' > chris_backend/__version__.py
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
docker.io/fnndsc/cube
ghcr.io/fnndsc/cube
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=raw,value=latest,enable={{is_default_branch}}
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v6
with:
push: true
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64
cache-from: type=gha
cache-to: type=gha,mode=max
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Update Docker Hub description
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
short-description: ChRIS backend
readme-filepath: ./README.md
repository: fnndsc/cube
openapi:
name: Generate OpenAPI Schema
runs-on: ubuntu-24.04
steps:
- uses: taiki-e/install-action@just
- uses: actions/checkout@v4
- name: Update __version__.py
if: startsWith(github.ref, 'refs/tags/v')
run: echo '__version__ = "${GITHUB_REF_NAME:1}"' > chris_backend/__version__.py
- run: just prefer docker
- run: just build
- name: Generate OpenAPI schema (correct)
run: just openapi 2> spectacular.log > schema.yaml || (cat spectacular.log; exit 1)
- name: Generate OpenAPI schema (split)
run: just openapi-split 2> spectacular_split.log > schema_split.yaml || (cat spectacular_split.log; exit 1)
- name: Upload schema YAML files
uses: actions/upload-artifact@v4
with:
name: openapi_schema
path: schema*.yaml
if-no-files-found: error
- name: Assert no drf-spectacular errors nor warnings
run: |
for f in spectacular*.log; do
if grep -qi '(warning|error)' $f; then
cat $f
exit 1
fi
done
- name: Stop services
run: just down
build-docs:
name: Generate OpenAPI Documentation
if: startsWith(github.ref, 'refs/tags/v')
needs: openapi
runs-on: ubuntu-24.04
steps:
- uses: actions/download-artifact@v4
with:
name: openapi_schema
- name: Install the OpenAPI Generator
run: npm install @openapitools/openapi-generator-cli -g
- name: Generate html2
run: |
openapi-generator-cli generate -i schema_split.yaml -g html2 -o dist \
-p [email protected],infoUrl=https://chrisproject.org \
-p licenseInfo=MIT \
-p licenseUrl=${{ github.server_url }}/${{ github.repository }}/blob/${{ github.sha }}/LICENSE \
-p pythonPackageName=chris_oag
- name: Upload pages artifact
uses: actions/upload-pages-artifact@v3
with:
path: ./dist
deploy-docs:
name: Update GitHub Pages
needs: build-docs
runs-on: ubuntu-24.04
# Grant GITHUB_TOKEN the permissions required to make a Pages deployment
permissions:
pages: write # to deploy to Pages
id-token: write # to verify the deployment originates from an appropriate source
# Deploy to the github-pages environment
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
steps:
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4
draft-release:
name: Draft GitHub Release
runs-on: ubuntu-24.04
if: startsWith(github.ref, 'refs/tags/v')
needs:
- build
- openapi
steps:
- id: version
run: echo "version=${GITHUB_REF_NAME:1}" >> "$GITHUB_OUTPUT"
- uses: actions/download-artifact@v4
with:
name: openapi_schema
- uses: softprops/action-gh-release@v2
with:
draft: true
prerelease: ${{ contains( github.ref_name, '-' ) }}
files: '*.yaml'
fail_on_unmatched_files: true
name: CUBE - version ${{ steps.version.outputs.version }}
generate_release_notes: true
body: |
## Getting the Image
Using [Podman](https://podman.io):
```shell
podman pull ghcr.io/fnndsc/cube:${{ steps.version.outputs.version }}
```
Using [Docker](https://docker.com):
```shell
docker pull ghcr.io/fnndsc/cube:${{ steps.version.outputs.version }}
```