Skip to content

Bump actions/attest-build-provenance from 1.4.1 to 1.4.2 #1336

Bump actions/attest-build-provenance from 1.4.1 to 1.4.2

Bump actions/attest-build-provenance from 1.4.1 to 1.4.2 #1336

Workflow file for this run

name: CI
on:
pull_request: {}
push:
branches:
- main
tags:
- '*'
jobs:
macos:
runs-on: ${{ matrix.MACOS }}
strategy:
fail-fast: false
matrix:
PYTHON:
- {VERSION: "3.7", TOXENV: "py37"}
- {VERSION: "3.12", TOXENV: "py312"}
MACOS:
- macos-13
- macos-latest
exclude:
# We only test latest Python on arm64. py37 won't work since there's
# no universal2 binary
- PYTHON: {VERSION: "3.7", TOXENV: "py37"}
MACOS: macos-latest
name: "Python ${{ matrix.PYTHON.VERSION }} on ${{ matrix.MACOS }}"
steps:
- uses: actions/checkout@v4.1.7
- name: Setup python
id: setup-python
uses: actions/setup-python@v5.1.1
with:
python-version: ${{ matrix.PYTHON.VERSION }}
- uses: actions/cache@v4.0.2
timeout-minutes: 5
with:
path: |
~/Library/Caches/pip/
~/.cargo/registry/cache/
~/.cargo/registry/src/
~/.cargo/git/db/
src/_bcrypt/target/
key: ${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- run: pip install tox
- run: tox
env:
TOXENV: ${{ matrix.PYTHON.TOXENV }}
CARGO_TARGET_DIR: ${{ format('{0}/src/_bcrypt/target/', github.workspace) }}
windows:
runs-on: windows-latest
strategy:
matrix:
WINDOWS:
- {ARCH: 'x86', WINDOWS: 'win32', RUST_TRIPLE: 'i686-pc-windows-msvc'}
- {ARCH: 'x64', WINDOWS: 'win64', RUST_TRIPLE: 'x86_64-pc-windows-msvc'}
PYTHON:
- {VERSION: "3.7", TOXENV: "py37"}
- {VERSION: "3.12", TOXENV: "py312"}
name: "Python ${{ matrix.PYTHON.VERSION }} on ${{ matrix.WINDOWS.WINDOWS }}"
steps:
- uses: actions/checkout@v4.1.7
- name: Setup python
id: setup-python
uses: actions/setup-python@v5.1.1
with:
python-version: ${{ matrix.PYTHON.VERSION }}
architecture: ${{ matrix.WINDOWS.ARCH }}
- uses: actions/cache@v4.0.2
timeout-minutes: 5
with:
path: |
~/AppData/Local/pip/Cache/
~/.cargo/bin/
~/.cargo/registry/cache/
~/.cargo/registry/src/
~/.cargo/git/db/
src/_bcrypt/target/
key: ${{ runner.os }}-${{ matrix.WINDOWS.ARCH }}-${{ steps.setup-python.outputs.python-version }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- run: pip install tox
- run: tox
env:
TOXENV: ${{ matrix.PYTHON.TOXENV }}
CARGO_TARGET_DIR: ${{ format('{0}/src/_bcrypt/target/', github.workspace) }}
linux:
runs-on: ubuntu-22.04
strategy:
matrix:
PYTHON:
- {VERSION: "3.12", TOXENV: "pep8,packaging"}
- {VERSION: "3.12", TOXENV: "mypy"}
- {VERSION: "3.7", TOXENV: "py37"}
- {VERSION: "3.8", TOXENV: "py38"}
- {VERSION: "3.9", TOXENV: "py39"}
- {VERSION: "3.10", TOXENV: "py310"}
- {VERSION: "3.11", TOXENV: "py311"}
- {VERSION: "3.12", TOXENV: "py312"}
- {VERSION: "3.13-dev", TOXENV: "py313"}
- {VERSION: "pypy-3.9", TOXENV: "pypy3"}
- {VERSION: "pypy-3.10", TOXENV: "pypy3"}
# MSRV
- {VERSION: "3.12", TOXENV: "py312", RUST_VERSION: "1.64.0"}
- {VERSION: "3.12", TOXENV: "py312", RUST_VERSION: "beta"}
- {VERSION: "3.12", TOXENV: "py312", RUST_VERSION: "nightly"}
name: "${{ matrix.PYTHON.TOXENV }} on linux, Rust ${{ matrix.PYTHON.RUST_VERSION || 'stable' }}"
steps:
- uses: actions/checkout@v4.1.7
- name: Setup python
id: setup-python
uses: actions/setup-python@v5.1.1
with:
python-version: ${{ matrix.PYTHON.VERSION }}
- uses: actions/cache@v4.0.2
timeout-minutes: 5
with:
path: |
~/.cache/pip/
~/.cargo/bin/
~/.cargo/registry/cache/
~/.cargo/registry/src/
~/.cargo/git/db/
src/_bcrypt/target/
key: ${{ runner.os }}-${{ matrix.PYTHON.VERSION }}-${{ steps.setup-python.outputs.python-version }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8
with:
toolchain: ${{ matrix.PYTHON.RUST_VERSION || 'stable' }}
- run: pip install tox
- run: tox
env:
TOXENV: ${{ matrix.PYTHON.TOXENV }}
CARGO_TARGET_DIR: ${{ format('{0}/src/_bcrypt/target/', github.workspace) }}
linux-distros:
runs-on: ${{ matrix.IMAGE.RUNNER }}
container: ghcr.io/pyca/cryptography-runner-${{ matrix.IMAGE.IMAGE }}
strategy:
matrix:
IMAGE:
- {IMAGE: "alpine", TOXENV: "py312", RUNNER: "ubuntu-latest"}
- {IMAGE: "alpine:aarch64", TOXENV: "py312", RUNNER: [self-hosted, Linux, ARM64]}
- {IMAGE: "ubuntu-rolling:aarch64", TOXENV: "py312", RUNNER: [self-hosted, Linux, ARM64]}
name: "${{ matrix.IMAGE.TOXENV }} on ${{ matrix.IMAGE.IMAGE }}"
steps:
- name: Ridiculous alpine workaround for actions support on arm64
run: |
# This modifies /etc/os-release so the JS actions
# from GH can't detect that it's on alpine:aarch64. It will
# then use a glibc nodejs, which works fine when gcompat
# is installed in the container (which it is)
sed -i "s:ID=alpine:ID=NotpineForGHA:" /etc/os-release
if: matrix.IMAGE.IMAGE == 'alpine:aarch64'
- uses: actions/checkout@v4.1.7
with:
persist-credentials: false
- run: /venv/bin/pip install tox
- run: '/venv/bin/tox'
env:
TOXENV: ${{ matrix.IMAGE.TOXENV }}
RUSTUP_HOME: /root/.rustup
CARGO_TARGET_DIR: ${{ format('{0}/src/_bcrypt/target/', github.workspace) }}
all-green: # This job does nothing and is only used for the branch protection
if: always()
needs:
- macos
- windows
- linux
- linux-distros
runs-on: ubuntu-latest
steps:
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe
with:
jobs: ${{ toJSON(needs) }}