UWIT-IAM · counik · Dec 2, 2024 · Nov 28, 2024 · Nov 28, 2024
diff --git a/.github/workflows/release-on-push-to-main.template.yaml b/.github/workflows/release-on-push-to-main.template.yaml
@@ -0,0 +1,69 @@
+name: Release on push to `main`
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - pyproject.toml
+  workflow_dispatch:
+
+jobs:
+  publish-if-new-version:
+    if: github.repository != 'UWIT-IAM/example-flask-app'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 2
+
+      # Only publish if the version has changed; otherwise, we would be
+      # re-publishing existing stuff without updating the version, and that
+      # could cause problems.
+      - name: Check if the change should be published
+        if: github.event_name != 'workflow_dispatch'
+        run: |
+          set -x
+          publishable=false
+          diff=$(git diff HEAD:pyproject.toml HEAD~1:pyproject.toml) || exit 0
+          echo "$diff" | grep '+version ='
+          if [[ "$?" -ne 0 ]]
+          then
+            echo 'Not publishable - skipping'
+            exit 1
+          fi
+
+      - uses: uwit-iam/action-setup-poetry-project@main
+        id: auth
+        with:
+          credentials: "${{ secrets.MCI_GCLOUD_AUTH_JSON }}"
+          enable_private_docker: true
+          enable_private_pypi: true
+
+      - name: Run validation checks and tests
+        run: |
+          poetry run pytest
+          poetry run flake8
+          poetry run black --check .
+
+      - name: Calculate versioning variables
+        id: get-version
+        run: |
+          echo "version=$(poetry version -s)"         >> $GITHUB_OUTPUT
+          echo "timestamp=$(date --utc +%Y.%m.%d.%H.%M.%S)" >> $GITHUB_OUTPUT
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          target: app
+          tags: |
+            us-docker.pkg.dev/uwit-mci-iam/containers/${template:app_name}:${{ steps.get-version.outputs.version }}
+            us-docker.pkg.dev/uwit-mci-iam/containers/${template:app_name}:deploy-dev.${{ steps.get-version.outputs.timestamp }}.v${{ steps.get-version.outputs.version }}
+          secret-files: |
+            "gcloud_auth_credentials=${{ steps.auth.outputs.credentials_file_path }}"
+
diff --git a/.github/workflows/release-on-push-to-main.yaml b/.github/workflows/release-on-push-to-main.yaml
diff --git a/pyproject.template.toml b/pyproject.template.toml
@@ -15,6 +15,11 @@ uw-it-build-fingerprinter = "^0.2.6"
 black = "^22.6.0"
 flake8 = "^5.0.2"
 
+[[tool.poetry.source]]
+name = "iam-pypi"
+url = "https://us-python.pkg.dev/uwit-mci-iam/iam-pypi/simple/"
+priority = "explicit"
+
 [build-system]
 requires = ["poetry-core>=1.0.0"]
 build-backend = "poetry.core.masonry.api"