Rooba
/
mitmproxy
mirror of https://github.com/mitmproxy/mitmproxy.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mitmproxy/.github/workflows/main.yml

292 lines
9.3 KiB
YAML
Raw Blame History

name: CI
on: [ push, pull_request ]
permissions:
contents: read
jobs:
lint-pr:
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false
- uses: TrueBrain/actions-flake8@c2deca24d388aa5aedd6478332aa9df4600b5eac # v2.1
# mirrored at https://github.com/mitmproxy/mitmproxy/settings/actions
lint-local:
if: github.event_name == 'push'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false
- uses: actions/setup-python@v2
with:
python-version: '3.10'
- run: pip install tox
- run: tox -e flake8
filename-matching:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false
- uses: actions/setup-python@v2
with:
python-version: '3.10'
- run: pip install tox
- run: tox -e filename_matching
mypy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false
- uses: actions/setup-python@v2
with:
python-version: '3.10'
- run: pip install tox
- run: tox -e mypy
individual-coverage:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false
fetch-depth: 0
- uses: actions/setup-python@v2
with:
python-version: '3.9' # there's a weird bug on 3.10 where some lines are not counted as covered.
- run: pip install tox
- run: tox -e individual_coverage
test:
strategy:
fail-fast: false
matrix:
include:
- os: ubuntu-latest
py: "3.10"
- os: windows-latest
py: "3.10"
- os: macos-latest
py: "3.10"
- os: ubuntu-latest
py: 3.9
runs-on: ${{ matrix.os }}
steps:
- run: printenv
- uses: actions/checkout@v2
with:
persist-credentials: false
fetch-depth: 0
- uses: actions/setup-python@v2
with:
python-version: ${{ matrix.py }}
- run: pip install tox
- run: tox -e py
if: matrix.os != 'ubuntu-latest'
- name: Run tox -e py (without internet)
run: |
# install dependencies (requires internet connectivity)
tox -e py --notest
# run tests with loopback only. We need to sudo for unshare, which means we need an absolute path for tox.
sudo unshare --net -- sh -c "ip link set lo up; $(which tox) -e py"
if: matrix.os == 'ubuntu-latest'
- uses: codecov/codecov-action@a1ed4b322b4b38cb846afb5a0ebfa17086917d27
# mirrored below and at https://github.com/mitmproxy/mitmproxy/settings/actions
with:
file: ./coverage.xml
name: ${{ matrix.os }}
build:
strategy:
fail-fast: false
matrix:
include:
- image: macos-11
platform: macos
- image: windows-2019
platform: windows
- image: ubuntu-18.04 # Old Ubuntu version for old glibc
platform: linux
runs-on: ${{ matrix.image }}
env:
CI_BUILD_KEY: ${{ secrets.CI_BUILD_KEY }}
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false
fetch-depth: 0
- uses: actions/setup-python@v2
with:
python-version: '3.10'
- if: matrix.platform == 'windows'
uses: actions/cache@v2
with:
path: release/installbuilder/setup
key: installbuilder
- run: pip install -e .[dev]
- if: matrix.platform == 'linux'
run: python -u release/build.py standalone-binaries wheel
- if: matrix.platform == 'windows'
run: python -u release/build.py standalone-binaries installbuilder-installer msix-installer
- if: matrix.platform == 'macos'
run: python -u release/build.py standalone-binaries
- if: matrix.platform == 'windows' # separate artifact because we don't want it on the snapshot server.
uses: actions/upload-artifact@v3
with:
name: msix-installer
path: release/dist/*.msix
- uses: actions/upload-artifact@v3
with:
# artifacts must have different names, see https://github.com/actions/upload-artifact/issues/24
name: binaries.${{ matrix.platform }}
path: |
release/dist
!release/dist/*.msix
test-web-ui:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false
- run: git rev-parse --abbrev-ref HEAD
- uses: actions/setup-node@v2
with:
node-version: '14'
- name: Cache Node.js modules
uses: actions/cache@v2
with:
# npm cache files are stored in `~/.npm` on Linux/macOS
path: ~/.npm
key: ${{ runner.OS }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.OS }}-node-
${{ runner.OS }}-
- working-directory: ./web
run: npm ci
- working-directory: ./web
run: npm test
- uses: codecov/codecov-action@a1ed4b322b4b38cb846afb5a0ebfa17086917d27
# mirrored above and at https://github.com/mitmproxy/mitmproxy/settings/actions
with:
file: ./web/coverage/coverage-final.json
name: web
docs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false
- uses: actions/setup-python@v2
with:
python-version: '3.10'
- run: |
wget -q https://github.com/gohugoio/hugo/releases/download/v0.92.1/hugo_extended_0.92.1_Linux-64bit.deb
echo "a9440adfd3ecce40089def287dee4e42ffae252ba08c77d1ac575b880a079ce6 hugo_extended_0.92.1_Linux-64bit.deb" | sha256sum -c
sudo dpkg -i hugo*.deb
- run: pip install -e .[dev]
- run: ./docs/build.py
- uses: actions/upload-artifact@v3
with:
name: docs
path: docs/public
# Separate from everything else because slow.
build-and-deploy-docker:
if: github.repository == 'mitmproxy/mitmproxy' && (
github.ref == 'refs/heads/main'
|| github.ref == 'refs/heads/citest'
|| startsWith(github.ref, 'refs/tags/')
)
environment: deploy-docker
needs:
- test
- test-web-ui
- build
- docs
runs-on: ubuntu-latest
env:
DOCKER_USERNAME: mitmbot
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false
- uses: actions/setup-python@v2
with:
python-version: '3.10'
- uses: actions/download-artifact@v2
with:
name: binaries.linux
path: release/dist
- uses: docker/setup-qemu-action@27d0a4f181a40b142cce983c5393082c365d1480 # v1.2.0
- uses: docker/setup-buildx-action@b1f1f719c7cd5364be7c82e366366da322d01f7c # v1.6.0
- run: python release/build-and-deploy-docker.py
deploy:
# This action has access to our AWS keys, so we are extra careful here.
# In particular, we don't blindly `pip install` anything to minimize the risk of supply chain attacks.
if: github.repository == 'mitmproxy/mitmproxy' && github.event_name == 'push'
environment: deploy
needs:
- test
- test-web-ui
- build
- docs
runs-on: ubuntu-latest
env:
TWINE_USERNAME: mitmproxy
TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-west-2
MSFT_APP_ID: 9NWNDLQMNZD7
MSFT_TENANT_ID: ${{ secrets.MSFT_TENANT_ID }}
MSFT_CLIENT_ID: ${{ secrets.MSFT_CLIENT_ID }}
MSFT_CLIENT_SECRET: ${{ secrets.MSFT_CLIENT_SECRET }}
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false
- uses: actions/setup-python@v2
with:
python-version: '3.10'
- run: sudo apt-get update
- run: sudo apt-get install -y twine awscli
- uses: actions/download-artifact@v3
with:
name: docs
path: docs/public
- uses: actions/download-artifact@v3
with:
name: binaries.windows
path: release/dist
- uses: actions/download-artifact@v3
with:
name: binaries.linux
path: release/dist
- uses: actions/download-artifact@v3
with:
name: binaries.macos
path: release/dist
- run: ls docs/public
- run: ls release/dist
- run: ./release/deploy.py
# We don't want the MSIX installer on the snapshot server, so we get it only now.
- if: github.ref == 'refs/heads/citest' || startsWith(github.ref, 'refs/tags/')
uses: actions/download-artifact@v3
with:
name: msix-installer
path: release/dist/
- if: github.ref == 'refs/heads/citest'
run: ./release/deploy-microsoft-store.py release/dist/*.msix
env:
MSFT_APP_FLIGHT: 174ca570-8cae-4444-9858-c07293f1f13a
- if: startsWith(github.ref, 'refs/tags/')
run: ./release/deploy-microsoft-store.py release/dist/*.msix
Reference in New Issue View Git Blame Copy Permalink