Skip to content

Fix CI: produce one Docker image tag per release, run tests and build validation on PRs #60

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
zgypa merged 5 commits into from
Mar 2, 2026
Merged

Fix CI: produce one Docker image tag per release, run tests and build validation on PRs #60

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
dbe5691
Initial plan
Copilot Mar 1, 2026
33992c0
Fix build process: one release asset per tag, tests only before deplo…
Copilot Mar 1, 2026
12c0fd7
test.yml: run on PRs with Docker build-only validation, allow manual …
Copilot Mar 1, 2026
043cc00
fix: update publish workflow to clarify tag conditions and ensure ine…
zgypa Mar 2, 2026
2333b24
fix: restrict PR trigger to review requests only in test workflow
zgypa Mar 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 27 additions & 2 deletions .github/workflows/publish-ghcr.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
name: Publish Docker image to GHCR
# type: line; This workflow intentionally only builds+pushes on semver tags for releases, to avoid multiple image artifacts and ensure clarity.

on:
# Only run on v* semver tags (release publish)
push:
tags:
- 'v*'
workflow_dispatch:
- 'v*' # type: line; Only semver tags (v*) publish image, not branches/other refs.
# If no version tag is present, the workflow is inert. # type: line; Ensures job only acts when a semver tag is present.

permissions:
contents: read
Expand All @@ -15,8 +17,26 @@ env:
IMAGE_NAME: ${{ github.repository }}

jobs:
test:
runs-on: ubuntu-latest

steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Install Nix
uses: cachix/install-nix-action@v27

- name: Set up Nix Flake environment
run: nix develop --command true

- name: Run Django tests
run: |
nix develop --command python bfd9000_web/manage.py test --verbosity=2

build-and-push:
runs-on: ubuntu-latest
needs: [test]

steps:
- name: Checkout repository
Expand All @@ -40,6 +60,11 @@ jobs:
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
# Only produce the exact version tag (e.g. "1.2.3" from tag "v1.2.3").
# The metadata-action defaults generate 3 tags (version, major.minor, and ref),
# causing 3 separate image assets per release. This restricts output to one.
tags: |
type=semver,pattern={{version}}

- name: Cache Docker layers
uses: actions/cache@v4
Expand Down
27 changes: 23 additions & 4 deletions .github/workflows/test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,9 @@ name: Run Django Tests
# AI should know how to fix it.

on:
push:
branches: [main, master, develop]
# Only run when a review is requested on a PR (not on push, open, etc)
pull_request:
# Run on all PRs, regardless of target branch
types: [opened, synchronize, reopened, ready_for_review]
types: [review_requested]

jobs:
test:
Expand All @@ -26,3 +24,24 @@ jobs:
- name: Run Django tests
run: |
nix develop --command python bfd9000_web/manage.py test --verbosity=2

build:
runs-on: ubuntu-latest

steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Build Docker image (no push)
# Build only to verify the Dockerfile is valid; image is discarded after this job.
uses: docker/build-push-action@v5
with:
context: ./bfd9000_web
file: ./bfd9000_web/Dockerfile
push: false