Add Prefect Cloud IP Allowlist CLI (#15087) #3201
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Docker images | |
on: | |
# On release events (also when a published release is converted from/to prerelease), push all patterns | |
release: | |
types: [released, prereleased] | |
# On each commit merged into main, push sha and branch patterns to prefect-dev | |
push: | |
branches: [main] | |
paths: | |
- "Dockerfile" | |
- ".dockerignore" | |
- "setup.py" | |
- "src/**" | |
- "tests/**" | |
- "requirements.txt" | |
- "requirements-client.txt" | |
- "MANIFEST.in" | |
- "setup.cfg" | |
- "versioneer.py" | |
- ".gitingore" | |
- ".gitattributes" | |
- ".github/workflows/docker-images.yaml" | |
- "ui/**" | |
# On workflow_dispatch, allow publishing 3-latest images | |
workflow_dispatch: | |
inputs: | |
publish_3_latest: | |
description: 'Publish 3-latest images' | |
required: false | |
type: boolean | |
default: false | |
jobs: | |
publish-docker-images: | |
name: Build and publish to DockerHub | |
runs-on: ubuntu-latest | |
environment: ${{ github.event_name == 'release' && github.event.release.prerelease && 'pre-release' || github.event_name == 'release' && 'prod' || 'dev' }} | |
strategy: | |
matrix: | |
flavor: | |
- "" | |
- "-conda" | |
- "-kubernetes" | |
python-version: | |
- "3.9" | |
- "3.10" | |
- "3.11" | |
- "3.12" | |
steps: | |
- name: Validate Prerelease Tag | |
if: ${{ github.event_name == 'release' && github.event.release.prerelease == true }} | |
run: | | |
TAG_NAME=${{ github.ref }} | |
if [[ ! "$TAG_NAME" =~ ^refs/tags/[0-9]+\.[0-9]+\.[0-9]+[a-zA-Z0-9]+$ ]]; then | |
echo "Error: Tag $TAG_NAME does not match prerelease version pattern." | |
exit 1 | |
fi | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
driver-opts: image=moby/buildkit:v0.12.5 | |
- name: Login to DockerHub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Generate tags for prefecthq/prefect-dev | |
id: metadata-dev | |
uses: docker/metadata-action@v5 | |
# do not generate the development tags on release events | |
if: ${{ github.event_name != 'release' }} | |
with: | |
images: prefecthq/prefect-dev | |
tags: | | |
type=raw,value=${{ github.ref_name }},suffix=-python${{ matrix.python-version }}${{ matrix.flavor }} | |
type=sha,suffix=-python${{ matrix.python-version }}${{ matrix.flavor }} | |
flavor: | | |
latest=false | |
- name: Determine latest tag | |
# https://stackoverflow.com/a/75079768/5511061 | |
run: | | |
echo "LATEST_TAG=$(curl -qsSL \ | |
-H "Accept: application/vnd.github+json" \ | |
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ | |
-H "X-GitHub-Api-Version: 2022-11-28" \ | |
"${{ github.api_url }}/repos/${{ github.repository }}/releases/latest" \ | |
| jq -r .tag_name)" >> $GITHUB_ENV | |
- name: Generate tags for prefecthq/prefect | |
id: metadata-prod | |
uses: docker/metadata-action@v5 | |
# generate the production tags on release events or when manually triggered for 3-latest | |
if: ${{ github.event_name == 'release' || (github.event_name == 'workflow_dispatch' && github.event.inputs.publish_3_latest == 'true') }} | |
with: | |
images: prefecthq/prefect | |
# push `latest`, `X.Y` and `X` tags only when the release is not marked as prerelease | |
# push `latest` and `X` tags only when the release is marked as latest | |
# push `3-latest` tags on latest release or manual trigger | |
tags: | | |
type=pep440,pattern={{version}},suffix=-python${{ matrix.python-version }}${{ matrix.flavor }},enable=${{ github.event_name == 'release' }} | |
type=pep440,pattern={{major}}.{{minor}},suffix=-python${{ matrix.python-version }}${{ matrix.flavor }},enable=${{ github.event_name == 'release' && github.event.release.prerelease == false }} | |
type=pep440,pattern={{major}},suffix=-python${{ matrix.python-version }}${{ matrix.flavor }},enable=${{ github.event_name == 'release' && github.event.release.prerelease == false && github.ref_name == env.LATEST_TAG }} | |
type=raw,value=3-latest${{ matrix.flavor }},enable=${{ (github.event_name == 'release' && github.event.release.prerelease == false && github.ref_name == env.LATEST_TAG && matrix.python-version == '3.12') || (github.event_name == 'workflow_dispatch' && github.event.inputs.publish_3_latest == 'true') }} | |
type=raw,value=3-latest-python${{ matrix.python-version }}${{ matrix.flavor }},enable=${{ github.event_name == 'workflow_dispatch' && github.event.inputs.publish_3_latest == 'true' }} | |
flavor: | | |
latest=false | |
- name: Build and push image | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
platforms: linux/amd64,linux/arm64 | |
build-args: | | |
PYTHON_VERSION=${{ matrix.python-version }} | |
${{ ( endsWith(matrix.flavor, 'conda') && 'BASE_IMAGE=prefect-conda' ) || '' }} | |
${{ ( endsWith(matrix.flavor, 'kubernetes') && 'PREFECT_EXTRAS=[kubernetes]' ) || '' }} | |
tags: ${{ join(steps.metadata-dev.outputs.tags) }},${{ join(steps.metadata-prod.outputs.tags) }} | |
labels: ${{ steps.metadata-dev.outputs.labels }} | |
push: true | |
pull: true | |
provenance: false |