-
Notifications
You must be signed in to change notification settings - Fork 0
201 lines (186 loc) · 7 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
# GitHub Actions configuration **EXAMPLE**,
# MODIFY IT ACCORDING TO YOUR NEEDS!
# Reference: https://docs.github.com/en/actions
name: Test and Publish Python 🐍 distribution 📦 to PyPI and TestPyPI
on:
push:
# Avoid using all the resources/limits available by checking only
# relevant branches and tags. Other branches can be checked via PRs.
branches: [main]
tags: ["v[0-9]*", "[0-9]+.[0-9]+*"] # Match tags that resemble a version
pull_request: # Run in every PR
workflow_dispatch: # Allow manually triggering the workflow
schedule:
# Run roughly every 15 days at 00:00 UTC
# (useful to check if updates on dependencies break the package)
- cron: "0 0 1,16 * *"
permissions:
contents: read
concurrency:
group: >-
${{ github.workflow }}-${{ github.ref_type }}-
${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
jobs:
prepare:
runs-on: ubuntu-latest
outputs:
wheel-distribution: ${{ steps.wheel-distribution.outputs.path }}
steps:
- uses: actions/checkout@v4
with: { fetch-depth: 0 } # deep clone for setuptools-scm
- uses: actions/setup-python@v5
id: setup-python
with: { python-version: "3.11" }
- name: Run static analysis and format checkers
run: pipx run pre-commit run --all-files --show-diff-on-failure
- name: Build package distribution files 📦
run: >-
pipx run --python '${{ steps.setup-python.outputs.python-path }}'
tox -e clean,build
- name: Record the path of wheel distribution
id: wheel-distribution
run: echo "path=$(ls dist/*.whl)" >> $GITHUB_OUTPUT
- name: Store the distribution files for use in other stages
# `tests` and `publish` will use the same pre-built distributions,
# so we make sure to release the exact same package that was tested
uses: actions/upload-artifact@v3
with:
name: python-distribution-files
path: dist/
retention-days: 1
test:
needs: prepare
strategy:
matrix:
python:
# - "3.8" # oldest Python supported by PSF
- "3.10" # Required by rhysd/action-setup-vim@v1 on ubuntu-latest
# - "3.11" # newest Python that is stable
platform:
- ubuntu-latest
# - macos-latest
# - windows-latest
runs-on: ${{ matrix.platform }}
steps:
- uses: actions/checkout@v4
- uses: nikeee/setup-pandoc@v1
with:
pandoc-version: '3.1.3' # Compatible with tests for reference_citation.py
- uses: actions/setup-python@v5
id: setup-python
with:
python-version: ${{ matrix.python }}
- uses: rhysd/action-setup-vim@v1
- name: Retrieve pre-built distribution files
uses: actions/download-artifact@v3
with: { name: python-distribution-files, path: dist/ }
- name: Run tests
run: >-
pipx run --python '${{ steps.setup-python.outputs.python-path }}'
tox --installpkg '${{ needs.prepare.outputs.wheel-distribution }}'
-- -rFEx --durations 10 --color yes -vv # pytest args
- name: Generate coverage report
run: pipx run coverage lcov -o coverage.lcov
- name: Upload partial coverage report
uses: coverallsapp/github-action@master
with:
path-to-lcov: coverage.lcov
github-token: ${{ secrets.GITHUB_TOKEN }}
flag-name: ${{ matrix.platform }} - py${{ matrix.python }}
parallel: true
finalize:
needs: test
runs-on: ubuntu-latest
steps:
- name: Finalize coverage report
uses: coverallsapp/github-action@master
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
parallel-finished: true
publish-to-testpypi:
name: Publish Python 🐍 distribution 📦 to TestPyPI
needs: finalize
if: ${{ github.event_name == 'push' && contains(github.ref, 'refs/tags/') }}
runs-on: ubuntu-latest
environment:
name: testpypi
url: https://test.pypi.org/p/panvimwiki
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
- name: Retrieve pre-built distribution files
uses: actions/download-artifact@v3
with: { name: python-distribution-files, path: dist/ }
- name: Publish distribution 📦 to TestPyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
repository-url: https://test.pypi.org/legacy/
publish-to-pypi:
name: >-
Publish Python 🐍 distribution 📦 to PyPI
needs: [finalize, publish-to-testpypi]
if: ${{ github.event_name == 'push' && contains(github.ref, 'refs/tags/') }}
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/p/panvimwiki # Replace <package-name> with your PyPI project name
permissions:
# contents: write
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
# - uses: actions/checkout@v4
# - uses: actions/setup-python@v5
# with: {python-version: "3.11"}
- name: Retrieve pre-built distribution files
uses: actions/download-artifact@v3
with: { name: python-distribution-files, path: dist/ }
- name: Publish distribution 📦 to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
# - name: Publish Package
# env:
# # TODO: Set your PYPI_TOKEN as a secret using GitHub UI
# # - https://pypi.org/help/#apitoken
# # - https://docs.github.com/en/actions/security-guides/encrypted-secrets
# TWINE_REPOSITORY: pypi
# TWINE_USERNAME: __token__
# TWINE_PASSWORD: ${{ secrets.PYPI_TOKEN }}
# run: pipx run tox -e publish
github-release:
name: >-
Sign the Python 🐍 distribution 📦 with Sigstore
and upload them to GitHub Release
needs:
- publish-to-pypi
runs-on: ubuntu-latest
permissions:
contents: write # IMPORTANT: mandatory for making GitHub Releases
id-token: write # IMPORTANT: mandatory for sigstore
steps:
- name: Download all the dists
uses: actions/download-artifact@v3
with: { name: python-distribution-files, path: dist/ }
- name: Sign the dists with Sigstore
uses: sigstore/gh-action-sigstore-python@v2.1.0
with:
inputs: >-
./dist/*.tar.gz
./dist/*.whl
- name: Create GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
run: >-
gh release create
'${{ github.ref_name }}'
--repo '${{ github.repository }}'
--notes ""
- name: Upload artifact signatures to GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
# Upload to GitHub Release using the `gh` CLI.
# `dist/` contains the built packages, and the
# sigstore-produced signatures and certificates.
run: >-
gh release upload
'${{ github.ref_name }}' dist/**
--repo '${{ github.repository }}'