setup #23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: setup | |
| on: | |
| workflow_dispatch: | |
| push: | |
| paths: | |
| - '.github/workflows/setup.yaml' | |
| env: | |
| LIBRARY_TYPE: "VENDORED" | |
| LIBRARY_SOURCE: "MALCONTENT_SAMPLES_PYPI" #CHAINGUARD_LIBRARIES or MALCONTENT_SAMPLES_PYPI | |
| # LIBRARY_SOURCE: "CHAINGUARD_LIBRARIES" #CHAINGUARD_LIBRARIES or MALCONTENT_SAMPLES_PYPI | |
| jobs: | |
| setup: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| id-token: write | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.ref }} | |
| fetch-depth: 0 | |
| - name: Setup Git | |
| run: | | |
| git config --global user.email "gha@users.noreply.github.com" | |
| git config --global user.name "github-actions" | |
| - uses: octo-sts/action@6177b4481c00308b3839969c3eca88c96a91775f # v1.0.0 | |
| id: octo-sts | |
| with: | |
| scope: chainguard-dev/libraries-ultralytics-attack-demo | |
| identity: setup | |
| - name: Reset to community ultralytics v8.3.39 | |
| run: | | |
| echo "Resetting src/ultralytics to community ultralytics v8.3.39 from GitHub" | |
| mkdir -p tmp_wheels tmp_unzip | |
| curl -L -o tmp_wheels/ultralytics-8.3.39-py3-none-any.whl \ | |
| https://files.pythonhosted.org/packages/e7/66/3c3fd38fc2350b5c376bcfc44fa682dc4282d39856d3dfc54679a8bcec7e/ultralytics-8.3.39-py3-none-any.whl | |
| rm -rf src/ultralytics || true | |
| mkdir -p src/ultralytics | |
| unzip tmp_wheels/ultralytics-8.3.39-py3-none-any.whl -d tmp_unzip | |
| mv tmp_unzip/ultralytics/* src/ultralytics/ | |
| rm -rf tmp_wheels tmp_unzip | |
| git add src/ultralytics/ | |
| git commit --allow-empty -m "Reset to community ultralytics v8.3.39 from GitHub" | |
| git push origin | |
| - name: Vendor from MALCONTENT_SAMPLES_PYPI | |
| if: env.LIBRARY_SOURCE == 'MALCONTENT_SAMPLES_PYPI' | |
| run: | | |
| echo "Vendoring from malcontent-samples-ultralytics..." | |
| rm -rf src/ultralytics || true | |
| mkdir -p src/ultralytics | |
| cp -pr malcontent-samples-ultralytics/v8.3.40/* src/ultralytics/ | |
| git add src/ultralytics/ | |
| git commit -m "Vendored ultralytics from malcontent-samples" | |
| git push origin | |
| - name: Auth for Chainguard Libraries | |
| if: env.LIBRARY_SOURCE == 'CHAINGUARD_LIBRARIES' | |
| uses: chainguard-dev/setup-chainctl@v0.3.1 | |
| with: | |
| identity: "4cf15780a13a9b6576d8b357e6524554c8c12a18/aab27dc39ad870c9" | |
| - name: Vendor from CHAINGUARD_LIBRARIES | |
| if: env.LIBRARY_SOURCE == 'CHAINGUARD_LIBRARIES' | |
| run: | | |
| echo "Vendoring ultralytics from Chainguard Libraries..." | |
| mkdir -p tmp_wheels tmp_unzip | |
| eval $(chainctl auth pull-token --library-ecosystem=python --parent=cgr-demo.com --ttl=1m --output=env) | |
| curl -L --user "$CHAINGUARD_PYTHON_IDENTITY_ID:$CHAINGUARD_PYTHON_TOKEN" \ | |
| -o tmp_wheels/ultralytics-8.3.40-py3-none-any.whl \ | |
| https://libraries.cgr.dev/python/files/15f7d141c3b76b85/cf2fb95d7a92c8aa/ultralytics/ultralytics-8.3.40-py3-none-any.whl | |
| unzip tmp_wheels/ultralytics-8.3.40-py3-none-any.whl -d tmp_unzip | |
| rm -rf src/ultralytics || true | |
| mkdir -p src/ultralytics | |
| mv tmp_unzip/ultralytics/* src/ultralytics/ | |
| rm -rf tmp_wheels tmp_unzip | |
| git add src/ultralytics/ | |
| git commit -m "Vendored ultralytics from Chainguard Libraries" | |
| git push origin |