Skip to content

chore: update actions versions to latest #587

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
lubojr merged 1 commit into from
May 28, 2026
Merged

chore: update actions versions to latest #587

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
54 changes: 27 additions & 27 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,231 +13,231 @@
- 'requirements.txt'
jobs:
build-docker:
runs-on: ubuntu-latest
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Build the eoxserver docker image
run: |
docker pull eoxa/eoxserver:latest || true
docker build --cache-from eoxa/eoxserver:latest -t eoxserver .
docker save eoxserver | gzip > eoxserver.tar.gz
- name: Save image to cache
uses: actions/cache/save@v3
uses: actions/cache/save@6f8efc29b200d32929f49075959781ed54ec270c # v3
with:
path: eoxserver.tar.gz
key: eoxserver.tar.gz-${{ github.run_id }}-${{ github.run_number }}
- name: Slack Notify
uses: 8398a7/action-slack@v3.8.0
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
if: failure()

test:

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}
runs-on: ubuntu-latest
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
command:
- "-m eoxserver.services.ows.wps.test_data_types"
- "-m eoxserver.services.ows.wps.test_allowed_values"
- "manage.py test --pythonpath=./eoxserver/ eoxserver.core -v2"
- "manage.py test --pythonpath=./eoxserver/ eoxserver.backends -v2"
- "manage.py test --pythonpath=./eoxserver/ eoxserver.services -v2"
- "manage.py test --pythonpath=./eoxserver/ eoxserver.resources.coverages -v2"
- "manage.py test autotest_services --tag wcs20 -v2"
- "manage.py test autotest_services --tag wcs11 -v2"
- "manage.py test autotest_services --tag wcs10 -v2"
- "manage.py test autotest_services --tag wms -v2"
- "manage.py test autotest_services --tag wps -v2"
- "manage.py test autotest_services --tag opensearch -v2"
needs: build-docker
steps:
- uses: actions/checkout@v3
- uses: actions/cache/restore@v3
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: actions/cache/restore@6f8efc29b200d32929f49075959781ed54ec270c # v3
id: cache
with:
path: eoxserver.tar.gz
key: eoxserver.tar.gz-${{ github.run_id }}-${{ github.run_number }}
- name: Import docker image and name it autotest
run: |
docker load --input eoxserver.tar.gz
docker tag eoxserver:latest eoxserver:autotest
- name: Start the services and install test dependencies
run: |
echo "DB=spatialite" >> sample.env
docker compose config
docker compose up -d
docker compose ps
docker exec -i eoxserver-autotest-1 pip3 install scipy
- name: Run the tests
env:
COMPOSE_INTERACTIVE_NO_CLI: 1
run: |
docker exec -i eoxserver-autotest-1 python3 ${{ matrix.command }}
- name: Upload logs and outputs of failed tests
uses: 'actions/upload-artifact@v4'
uses: 'actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02' # v4
with:
name: logs ${{ matrix.command }}
path: |
autotest/autotest/logs/*.log
autotest/autotest/responses/*
retention-days: 5
if: failure()
- name: Slack Notify
uses: 8398a7/action-slack@v3.8.0
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
if: failure()

publish-docker:

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}
runs-on: ubuntu-latest
runs-on: ubuntu-24.04
needs: test
if: contains(github.ref, 'refs/tags/') || github.ref == 'refs/heads/master'
steps:
- uses: actions/checkout@v3
- uses: actions/cache/restore@v3
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: actions/cache/restore@6f8efc29b200d32929f49075959781ed54ec270c # v3
id: cache
with:
path: eoxserver.tar.gz
key: eoxserver.tar.gz-${{ github.run_id }}-${{ github.run_number }}
- name: Branch name
id: branch_name
run: |
echo ::set-output name=SOURCE_TAG::$([[ $GITHUB_REF == refs/tags/* ]] && echo ${GITHUB_REF#refs/tags/} || echo "")
- name: Login to Docker Hub
uses: docker/login-action@v1
uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7 # v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
if: success()
- name: Import docker image
run: |
docker load --input eoxserver.tar.gz
- name: Tag docker latest image
run: |
docker tag eoxserver eoxa/eoxserver:latest
if: github.ref == 'refs/heads/master'
- name: Tag docker release image
run: |
docker tag eoxserver eoxa/eoxserver:${{ steps.branch_name.outputs.SOURCE_TAG }}
if: steps.branch_name.outputs.SOURCE_TAG
- name: Push docker images
run: |
# TODO: --all-tags does not seem to work with the version on github-actions
# docker push --all-tags eoxa/eoxserver
for tag in $(docker image ls --format "{{.Tag}}" eoxa/eoxserver) ; do docker push "eoxa/eoxserver:$tag" ; done
if: success()
- name: Slack Notify
uses: 8398a7/action-slack@v3.8.0
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
if: failure()

publish-pypi:

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}
runs-on: ubuntu-latest
runs-on: ubuntu-24.04
needs: test
if: contains(github.ref, 'refs/tags/')
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Branch name
id: branch_name
run: |
echo ::set-output name=SOURCE_TAG::$([[ $GITHUB_REF == refs/tags/* ]] && echo ${GITHUB_REF#refs/tags/} || echo "")
- name: Build Python package
id: build_python_release
run: |
python -m pip install --upgrade pip
pip install setuptools wheel
sudo apt-get install -y gdal-bin
python setup.py sdist bdist_wheel
- uses: actions/upload-artifact@v4
- uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7
with:
name: eoxserver-dist
path: ./dist/
retention-days: 2
- name: Push package to pypi
uses: pypa/gh-action-pypi-publish@master
uses: pypa/gh-action-pypi-publish@c1b34028248d0c9f7d90fe29fef2122e2276ff6f # master
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
if: success()
- name: Slack Notify
uses: 8398a7/action-slack@v3.8.0
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
if: failure()

publish-github:

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}
runs-on: ubuntu-latest
runs-on: ubuntu-24.04
needs: publish-pypi
if: contains(github.ref, 'refs/tags/')
steps:
- uses: actions/checkout@v3
- uses: actions/download-artifact@v4
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
with:
name: eoxserver-dist
- name: Branch name
id: branch_name
run: |
echo ::set-output name=SOURCE_TAG::$([[ $GITHUB_REF == refs/tags/* ]] && echo ${GITHUB_REF#refs/tags/} || echo "")
echo ::set-output name=WHEEL_FILE::$(ls *.whl)
echo ::set-output name=SRC_DIST_FILE::$(ls *.tar.gz)
- name: Draft Release
id: create_release
uses: actions/create-release@v1
uses: actions/create-release@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e # v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: ${{ steps.branch_name.outputs.SOURCE_TAG }}
draft: true
- name: Upload Release Asset Wheel
uses: actions/upload-release-asset@v1
uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 # v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ${{ steps.branch_name.outputs.WHEEL_FILE }}
asset_name: ${{ steps.branch_name.outputs.WHEEL_FILE }}
asset_content_type: application/x-wheel+zip
if: success()
- name: Upload Release Asset Source Dist
uses: actions/upload-release-asset@v1
uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 # v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
asset_path: ${{ steps.branch_name.outputs.SRC_DIST_FILE }}
asset_name: ${{ steps.branch_name.outputs.SRC_DIST_FILE }}
asset_content_type: application/tar+gzip
if: success()
- name: Slack Notify
uses: 8398a7/action-slack@v3.8.0
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
if: failure()

notify:

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}
runs-on: ubuntu-20.04
needs: [publish-github, publish-docker]
steps:
- name: Slack Notify
uses: 8398a7/action-slack@v3.8.0
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took
Expand Down
Loading