Rooba
/
proxy.py
mirror of https://github.com/abhinavsingh/proxy.py.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
proxy.py/.github/workflows/test-library.yml

994 lines
29 KiB
YAML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
name: lib
on: # yamllint disable-line rule:truthy
push:
branches:
- master
- develop
pull_request:
workflow_dispatch:
inputs:
release-version:
# github.event_name == 'workflow_dispatch'
# && github.event.inputs.release-version
description: >-
Target PEP440-compliant version to release.
Please, don't prepend `v`.
required: true
release-commitish:
# github.event_name == 'workflow_dispatch'
# && github.event.inputs.release-commitish
default: ''
description: >-
The commit to be released to PyPI and tagged
in Git as `release-version`. Normally, you
should keep this empty.
YOLO:
default: false
description: >-
Flag whether test results should block the
release (true/false). Only use this under
extraordinary circumstances to ignore the
test failures and cut the release regardless.
concurrency:
group: >-
${{
github.workflow
}}-${{
github.event.pull_request.number || github.sha
}}
cancel-in-progress: true
jobs:
pre-setup:
name: ⚙️ Pre-set global build settings
runs-on: ubuntu-latest
defaults:
run:
shell: python
outputs:
dist-version: >-
${{
steps.request-check.outputs.release-requested == 'true'
&& github.event.inputs.release-version
|| steps.scm-version.outputs.dist-version
}}
is-untagged-devel: >-
${{ steps.untagged-check.outputs.is-untagged-devel || false }}
release-requested: >-
${{
steps.request-check.outputs.release-requested || false
}}
cache-key-files: >-
${{ steps.calc-cache-key-files.outputs.files-hash-key }}
git-tag: ${{ steps.git-tag.outputs.tag }}
sdist-artifact-name: ${{ steps.artifact-name.outputs.sdist }}
wheel-artifact-name: ${{ steps.artifact-name.outputs.wheel }}
container-version: v${{ steps.container.outputs.version }}
container-platforms: ${{ steps.container.outputs.platforms }}
steps:
- name: Switch to using Python 3.9 by default
uses: actions/setup-python@v2
with:
python-version: 3.9
- name: >-
Mark the build as untagged '${{
github.event.repository.default_branch
}}' branch build
id: untagged-check
if: >-
github.event_name == 'push' &&
github.ref == format(
'refs/heads/{0}', github.event.repository.default_branch
)
run: >-
print('::set-output name=is-untagged-devel::true')
- name: Mark the build as "release request"
id: request-check
if: github.event_name == 'workflow_dispatch'
run: >-
print('::set-output name=release-requested::true')
- name: Check out src from Git
if: >-
steps.request-check.outputs.release-requested != 'true'
uses: actions/checkout@v2
with:
fetch-depth: 0
ref: ${{ github.event.inputs.release-commitish }}
- name: >-
Calculate Python interpreter version hash value
for use in the cache key
if: >-
steps.request-check.outputs.release-requested != 'true'
id: calc-cache-key-py
run: |
from hashlib import sha512
from sys import version
hash = sha512(version.encode()).hexdigest()
print(f'::set-output name=py-hash-key::{hash}')
- name: >-
Calculate dependency files' combined hash value
for use in the cache key
if: >-
steps.request-check.outputs.release-requested != 'true'
id: calc-cache-key-files
run: |
print(
"::set-output name=files-hash-key::${{
hashFiles(
'setup.cfg', 'tox.ini', 'pyproject.toml',
'.pre-commit-config.yaml', 'pytest.ini'
)
}}",
)
- name: Get pip cache dir
id: pip-cache-dir
if: >-
steps.request-check.outputs.release-requested != 'true'
run: >-
echo "::set-output name=dir::$(python -m pip cache dir)"
shell: bash
- name: Set up pip cache
if: >-
steps.request-check.outputs.release-requested != 'true'
uses: actions/cache@v2.1.7
with:
path: ${{ steps.pip-cache-dir.outputs.dir }}
key: >-
${{ runner.os }}-pip-${{
steps.calc-cache-key-py.outputs.py-hash-key }}-${{
steps.calc-cache-key-files.outputs.files-hash-key }}
restore-keys: |
${{ runner.os }}-pip-${{
steps.calc-cache-key-py.outputs.py-hash-key
}}-
${{ runner.os }}-pip-
${{ runner.os }}-
- name: Drop Git tags from HEAD for non-release requests
if: >-
steps.request-check.outputs.release-requested != 'true'
run: >-
git tag --points-at HEAD
|
xargs git tag --delete
shell: bash
- name: Set up versioning prerequisites
if: >-
steps.request-check.outputs.release-requested != 'true'
run: >-
python -m
pip install
--user
setuptools-scm
shell: bash
- name: Set the current dist version from Git
if: steps.request-check.outputs.release-requested != 'true'
id: scm-version
run: |
import setuptools_scm
ver = setuptools_scm.get_version(
${{
steps.untagged-check.outputs.is-untagged-devel == 'true'
&& 'local_scheme="no-local-version"' || ''
}}
)
print('::set-output name=dist-version::{ver}'.format(ver=ver))
- name: Set the target Git tag
id: git-tag
run: >-
print('::set-output name=tag::v${{
steps.request-check.outputs.release-requested == 'true'
&& github.event.inputs.release-version
|| steps.scm-version.outputs.dist-version
}}')
- name: Set the expected dist artifact names
id: artifact-name
run: |
print('::set-output name=sdist::proxy.py-${{
steps.request-check.outputs.release-requested == 'true'
&& github.event.inputs.release-version
|| steps.scm-version.outputs.dist-version
}}.tar.gz')
print('::set-output name=wheel::proxy.py-${{
steps.request-check.outputs.release-requested == 'true'
&& github.event.inputs.release-version
|| steps.scm-version.outputs.dist-version
}}-py3-none-any.whl')
- name: Calculate container attributes
id: container
shell: bash
run: >-
VER=$(echo '${{
steps.request-check.outputs.release-requested == 'true'
&& github.event.inputs.release-version
|| steps.scm-version.outputs.dist-version
}}' | tr + .);
PLATFORMS="linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x";
echo "::set-output name=version::$VER";
echo "::set-output name=platforms::$PLATFORMS"
build:
name: 👷 dists ${{ needs.pre-setup.outputs.git-tag }}
needs:
- pre-setup # transitive, for accessing settings
runs-on: Ubuntu-latest
env:
PY_COLORS: 1
TOX_PARALLEL_NO_SPINNER: 1
TOXENV: cleanup-dists,build-dists
steps:
- name: Switch to using Python v3.10
uses: actions/setup-python@v2
with:
python-version: '3.10'
- name: >-
Calculate Python interpreter version hash value
for use in the cache key
id: calc-cache-key-py
run: |
from hashlib import sha512
from sys import version
hash = sha512(version.encode()).hexdigest()
print(f'::set-output name=py-hash-key::{hash}')
shell: python
- name: Get pip cache dir
id: pip-cache
run: >-
echo "::set-output name=dir::$(pip cache dir)"
- name: Set up pip cache
uses: actions/cache@v2.1.7
with:
path: ${{ steps.pip-cache.outputs.dir }}
key: >-
${{ runner.os }}-pip-${{
steps.calc-cache-key-py.outputs.py-hash-key
}}-${{
hashFiles('tox.ini')
}}
restore-keys: |
${{ runner.os }}-pip-${{
steps.calc-cache-key-py.outputs.py-hash-key
}}-
${{ runner.os }}-pip-
- name: Install tox
run: >-
python -m
pip install
--user
tox
- name: Grab the source from Git
uses: actions/checkout@v2
with:
fetch-depth: 0
ref: ${{ github.event.inputs.release-commitish }}
- name: Pre-populate the tox env
run: >-
python -m
tox
--parallel auto
--parallel-live
--skip-missing-interpreters false
--notest
- name: Setup git user as [bot]
if: >-
fromJSON(needs.pre-setup.outputs.is-untagged-devel)
|| fromJSON(needs.pre-setup.outputs.release-requested)
uses: fregante/setup-git-user@v1.0.1
- name: >-
Tag the release in the local Git repo
as ${{ needs.pre-setup.outputs.git-tag }}
for setuptools-scm to set the desired version
if: >-
fromJSON(needs.pre-setup.outputs.is-untagged-devel)
|| fromJSON(needs.pre-setup.outputs.release-requested)
run: >-
git tag
-m '${{ needs.pre-setup.outputs.git-tag }}'
'${{ needs.pre-setup.outputs.git-tag }}'
--
${{ github.event.inputs.release-commitish }}
- name: Build dists
run: >-
python -m
tox
--parallel auto
--parallel-live
--skip-missing-interpreters false
--skip-pkg-install
- name: Verify that the artifacts with expected names got created
run: >-
ls -1
'dist/${{ needs.pre-setup.outputs.sdist-artifact-name }}'
'dist/${{ needs.pre-setup.outputs.wheel-artifact-name }}'
- name: Store the distribution packages
uses: actions/upload-artifact@v2
with:
name: python-package-distributions
# NOTE: Exact expected file names are specified here
# NOTE: as a safety measure — if anything weird ends
# NOTE: up being in this dir or not all dists will be
# NOTE: produced, this will fail the workflow.
path: |
dist/${{ needs.pre-setup.outputs.sdist-artifact-name }}
dist/${{ needs.pre-setup.outputs.wheel-artifact-name }}
retention-days: 30 # Defaults to 90
lint:
name: 🧹 ${{ matrix.toxenv }}
needs:
- build
- pre-setup # transitive, for accessing settings
runs-on: Ubuntu-latest
strategy:
matrix:
toxenv:
- lint
- metadata-validation
- build-docs
- doctest-docs
- linkcheck-docs
- spellcheck-docs
fail-fast: false
env:
PY_COLORS: 1
TOX_PARALLEL_NO_SPINNER: 1
TOXENV: ${{ matrix.toxenv }}
steps:
- name: Switch to using Python v3.10
uses: actions/setup-python@v2
with:
python-version: '3.10'
- name: >-
Calculate Python interpreter version hash value
for use in the cache key
id: calc-cache-key-py
run: |
from hashlib import sha512
from sys import version
hash = sha512(version.encode()).hexdigest()
print(f'::set-output name=py-hash-key::{hash}')
shell: python
- name: Get pip cache dir
id: pip-cache
run: >-
echo "::set-output name=dir::$(pip cache dir)"
- name: Set up pip cache
uses: actions/cache@v2.1.7
with:
path: ${{ steps.pip-cache.outputs.dir }}
key: >-
${{ runner.os }}-pip-${{
steps.calc-cache-key-py.outputs.py-hash-key
}}-${{
hashFiles('tox.ini')
}}
restore-keys: |
${{ runner.os }}-pip-${{
steps.calc-cache-key-py.outputs.py-hash-key
}}-
${{ runner.os }}-pip-
- name: Install tox
run: >-
python -m
pip install
--user
tox
- name: Grab the source from Git
uses: actions/checkout@v2
with:
ref: ${{ github.event.inputs.release-commitish }}
- name: Make the env clean of non-test files
if: matrix.toxenv == 'metadata-validation'
run: |
shopt -s extglob
rm -rf !tox.ini
shell: bash
- name: Download all the dists
if: matrix.toxenv == 'metadata-validation'
uses: actions/download-artifact@v2
with:
name: python-package-distributions
path: dist/
- name: >-
Pre-populate tox envs: `${{ env.TOXENV }}`
run: >-
python -m
tox
--parallel auto
--parallel-live
--skip-missing-interpreters false
--notest
- name: >-
Run tox envs: `${{ env.TOXENV }}`
run: >-
python -m
tox
--parallel auto
--parallel-live
--skip-missing-interpreters false
--skip-pkg-install
test:
name: 🧪 🐍${{ matrix.python }} @ ${{ matrix.os }}
needs:
- build
- pre-setup # transitive, for accessing settings
runs-on: ${{ matrix.os }}-latest
strategy:
fail-fast: false
# max-parallel: 4
matrix:
os:
- macOS
- Ubuntu
- Windows
python:
# NOTE: The latest and the lowest supported Pythons are prioritized
# NOTE: to improve the responsiveness. It's nice to see the most
# NOTE: important results first.
- '3.10'
- 3.6
- 3.9
- 3.8
- 3.7
continue-on-error: >-
${{
(
needs.pre-setup.outputs.release-requested == 'true' &&
!toJSON(github.event.inputs.YOLO)
) && true || false
}}
env:
PY_COLORS: 1
TOX_PARALLEL_NO_SPINNER: 1
TOXENV: python
steps:
- name: Switch to using Python v${{ matrix.python }}
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python }}
- name: >-
Calculate Python interpreter version hash value
for use in the cache key
id: calc-cache-key-py
run: |
from hashlib import sha512
from sys import version
hash = sha512(version.encode()).hexdigest()
print(f'::set-output name=py-hash-key::{hash}')
shell: python
- name: Get pip cache dir
id: pip-cache
run: >-
echo "::set-output name=dir::$(pip cache dir)"
- name: Set up pip cache
uses: actions/cache@v2.1.7
with:
path: ${{ steps.pip-cache.outputs.dir }}
key: >-
${{ runner.os }}-pip-${{
steps.calc-cache-key-py.outputs.py-hash-key
}}-${{
hashFiles('tox.ini', 'requirements**.txt')
}}
restore-keys: |
${{ runner.os }}-pip-${{
steps.calc-cache-key-py.outputs.py-hash-key
}}-
${{ runner.os }}-pip-
- name: Install tox
run: >-
python -m
pip install
--user
tox
- name: Grab the source from Git
uses: actions/checkout@v2
with:
ref: ${{ github.event.inputs.release-commitish }}
- name: Download all the dists
uses: actions/download-artifact@v2
with:
name: python-package-distributions
path: dist/
- name: Pre-populate the testing env
run: >-
python -m
tox
--parallel auto
--parallel-live
--skip-missing-interpreters false
--installpkg 'dist/${{ needs.pre-setup.outputs.wheel-artifact-name }}'
--notest
shell: bash
- name: Run the testing
run: >-
python -m
tox
--parallel auto
--parallel-live
--skip-missing-interpreters false
--skip-pkg-install
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v2
with:
flags: pytest, GHA, Python ${{ matrix.python }}, ${{ runner.os }}
verbose: true
analyze:
runs-on: ubuntu-latest
name: 🛡️ Analyze
# schedule:
# - cron: '0 14 * * 1'
strategy:
fail-fast: false
matrix:
# Override automatic language detection by changing the below list
# Supported options are
# ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
language: ['python', 'javascript']
# Learn more...
# https://docs.github.com/en/github
# /finding-security-vulnerabilities-and-errors-in-your-code
# /configuring-code-scanning#overriding-automatic-language-detection
steps:
- name: Checkout repository
uses: actions/checkout@v2
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a
# config file. By default, queries listed here will override any
# specified in a config file. Prefix the list here with "+" to use
# these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually
# (see below)
# - name: Autobuild
# uses: github/codeql-action/autobuild@v1
# Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
# ✏️ If the Autobuild fails above, remove it and uncomment the following
# three lines and modify them (or add more) to build your code if your
# project uses a compiled language
# - run: |
# make bootstrap
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
brew:
runs-on: ${{ matrix.os }}-latest
name: 🍺 🐍${{ matrix.python }} @ ${{ matrix.os }}
strategy:
matrix:
os: [macOS]
python: ['3.10']
# max-parallel: 1
fail-fast: false
steps:
- uses: actions/checkout@v2
- name: Setup Python
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python }}
- name: Brew
run: |
brew install ./helper/homebrew/develop/proxy.rb
- name: Verify
run: |
proxy -h
dashboard:
runs-on: ${{ matrix.os }}-latest
name: 📊 Node ${{ matrix.node }} @ ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu, windows, macOS]
node: ['10.x', '11.x', '12.x']
# max-parallel: 4
fail-fast: false
steps:
- uses: actions/checkout@v2
- name: Setup Node
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node }}
- name: Install Dependencies
run: |
cd dashboard
npm install
cd ..
- name: Build Dashboard
run: |
cd dashboard
npm run build
cd ..
developer:
runs-on: ${{ matrix.os }}-latest
name: 🧑‍💻 👩‍💻 👨‍💻 Developer setup ${{ matrix.node }} @ ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu, macOS]
python: ['3.10']
fail-fast: false
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Setup Python
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python }}
- name: Install Pip Dependencies
run: |
make lib-dep
- name: Run essentials
run: |
./write-scm-version.sh
python3 check.py
make https-certificates
make sign-https-certificates
make ca-certificates
python3 -m proxy --version
check: # This job does nothing and is only used for the branch protection
if: always()
needs:
- analyze
- test
- lint
- dashboard
- brew
- developer
runs-on: Ubuntu-latest
steps:
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@release/v1
with:
jobs: ${{ toJSON(needs) }}
docker:
runs-on: Ubuntu-latest
permissions:
packages: write
if: success()
needs:
- check
- pre-setup # transitive, for accessing settings
name: 🐳 containerize
strategy:
fail-fast: false
steps:
- name: Checkout
uses: actions/checkout@v2
with:
ref: ${{ github.event.inputs.release-commitish }}
- name: Download all the dists
uses: actions/download-artifact@v2
with:
name: python-package-distributions
path: dist/
- name: Login to GHCR
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
# See https://github.com/docker/buildx/issues/850#issuecomment-996408167
with:
version: v0.7.0
buildkitd-flags: --debug
config: .github/buildkitd.toml
install: true
- name: Enable Multiarch # This slows down arm build by 4-5x
run: |
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- name: Create builder
run: |
docker buildx create --name proxypybuilder
docker buildx use proxypybuilder
docker buildx inspect
docker buildx ls
- name: Build, run & test container
run: >-
CONTAINER_TAG="abhinavsingh/proxy.py:${{
needs.pre-setup.outputs.container-version
}}";
docker buildx build
--load
--build-arg PROXYPY_PKG_PATH='dist/${{
needs.pre-setup.outputs.wheel-artifact-name
}}'
-t $CONTAINER_TAG .
&&
docker run
-d
-p 8899:8899
$CONTAINER_TAG
--hostname 0.0.0.0
--enable-web-server
&&
./tests/integration/test_integration.sh 8899
- name: Push to GHCR
run: >-
REGISTRY_URL="ghcr.io/abhinavsingh/proxy.py";
CONTAINER_TAG=$REGISTRY_URL:${{
needs.pre-setup.outputs.container-version
}};
docker buildx build
--push
--platform ${{
needs.pre-setup.outputs.container-platforms
}}
--build-arg SKIP_OPENSSL=1
--build-arg PROXYPY_PKG_PATH='dist/${{
needs.pre-setup.outputs.wheel-artifact-name
}}'
-t $CONTAINER_TAG .
- name: Tag latest on GHCR
if: >-
github.event_name == 'push' &&
(
github.ref == format(
'refs/heads/{0}', github.event.repository.default_branch
) ||
github.ref == 'refs/heads/master'
)
run: >-
REGISTRY_URL="ghcr.io/abhinavsingh/proxy.py";
LATEST_TAG=$REGISTRY_URL:latest;
docker buildx build
--push
--platform ${{
needs.pre-setup.outputs.container-platforms
}}
--build-arg SKIP_OPENSSL=1
--build-arg PROXYPY_PKG_PATH='dist/${{
needs.pre-setup.outputs.wheel-artifact-name
}}'
-t $LATEST_TAG .
- name: Push openssl to GHCR
run: >-
REGISTRY_URL="ghcr.io/abhinavsingh/proxy.py";
CONTAINER_TAG=$REGISTRY_URL:${{
needs.pre-setup.outputs.container-version
}}-openssl;
docker buildx build
--push
--platform ${{
needs.pre-setup.outputs.container-platforms
}}
--build-arg PROXYPY_PKG_PATH='dist/${{
needs.pre-setup.outputs.wheel-artifact-name
}}'
-t $CONTAINER_TAG .
- name: Tag openssl on GHCR
if: >-
github.event_name == 'push' &&
(
github.ref == format(
'refs/heads/{0}', github.event.repository.default_branch
) ||
github.ref == 'refs/heads/master'
)
run: >-
REGISTRY_URL="ghcr.io/abhinavsingh/proxy.py";
LATEST_TAG=$REGISTRY_URL:openssl;
docker buildx build
--push
--platform ${{
needs.pre-setup.outputs.container-platforms
}}
--build-arg PROXYPY_PKG_PATH='dist/${{
needs.pre-setup.outputs.wheel-artifact-name
}}'
-t $LATEST_TAG .
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: abhinavsingh
password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
# TODO: openssl image is not published on DockerHub
- name: Push to DockerHub
run: >-
REGISTRY_URL="abhinavsingh/proxy.py";
CONTAINER_TAG=$REGISTRY_URL:${{
needs.pre-setup.outputs.container-version
}};
docker buildx build
--push
--platform ${{
needs.pre-setup.outputs.container-platforms
}}
--build-arg SKIP_OPENSSL=1
--build-arg PROXYPY_PKG_PATH='dist/${{
needs.pre-setup.outputs.wheel-artifact-name
}}'
-t $CONTAINER_TAG .
publish-pypi:
name: Publish 🐍📦 ${{ needs.pre-setup.outputs.git-tag }} to PyPI
needs:
- check
- pre-setup # transitive, for accessing settings
if: >-
fromJSON(needs.pre-setup.outputs.release-requested)
runs-on: Ubuntu-latest
environment:
name: release
url: >-
https://pypi.org/project/proxy.py/${{
needs.pre-setup.outputs.dist-version
}}
steps:
- name: Download all the dists
uses: actions/download-artifact@v2
with:
name: python-package-distributions
path: dist/
- name: >-
Publish 🐍📦 ${{ needs.pre-setup.outputs.git-tag }} to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
password: ${{ secrets.PYPI_TOKEN }}
publish-testpypi:
name: Publish 🐍📦 ${{ needs.pre-setup.outputs.git-tag }} to TestPyPI
needs:
- check
- pre-setup # transitive, for accessing settings
if: >-
fromJSON(needs.pre-setup.outputs.is-untagged-devel)
|| fromJSON(needs.pre-setup.outputs.release-requested)
runs-on: Ubuntu-latest
environment:
name: release-testpypi
url: >-
https://test.pypi.org/project/proxy.py/${{
needs.pre-setup.outputs.dist-version
}}
steps:
- name: Download all the dists
uses: actions/download-artifact@v2
with:
name: python-package-distributions
path: dist/
- name: >-
Publish 🐍📦 ${{ needs.pre-setup.outputs.git-tag }} to TestPyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
password: ${{ secrets.TESTPYPI_API_TOKEN }}
repository_url: https://test.pypi.org/legacy/
post-release-repo-update:
name: >-
Publish post-release Git tag
for ${{ needs.pre-setup.outputs.git-tag }}
needs:
- publish-pypi
- pre-setup # transitive, for accessing settings
runs-on: Ubuntu-latest
steps:
- name: Fetch the src snapshot
uses: actions/checkout@v2
with:
fetch-depth: 1
ref: ${{ github.event.inputs.release-commitish }}
- name: Setup git user as [bot]
uses: fregante/setup-git-user@v1.0.1
- name: >-
Tag the release in the local Git repo
as v${{ needs.pre-setup.outputs.git-tag }}
run: >-
git tag
-m '${{ needs.pre-setup.outputs.git-tag }}'
'${{ needs.pre-setup.outputs.git-tag }}'
--
${{ github.event.inputs.release-commitish }}
- name: >-
Push ${{ needs.pre-setup.outputs.git-tag }} tag corresponding
to the just published release back to GitHub
run: >-
git push --atomic origin '${{ needs.pre-setup.outputs.git-tag }}'
publish-github-release:
name: >-
Publish a GitHub Release for
${{ needs.pre-setup.outputs.git-tag }}
needs:
- post-release-repo-update
- pre-setup # transitive, for accessing settings
runs-on: Ubuntu-latest
permissions:
contents: write
discussions: write
steps:
- name: Download all the dists
uses: actions/download-artifact@v2
with:
name: python-package-distributions
path: dist/
- name: >-
Publish a GitHub Release for
${{ needs.pre-setup.outputs.git-tag }}
uses: ncipollo/release-action@v1.9.0
with:
allowUpdates: false
artifactErrorsFailBuild: false
artifacts: |
dist/${{ needs.pre-setup.outputs.sdist-artifact-name }}
dist/${{ needs.pre-setup.outputs.wheel-artifact-name }}
artifactContentType: raw # Because whl and tgz are of different types
# body/bodyFile: # FIXME: Use once Towncrier is integrated.
commit: ${{ github.event.inputs.release-commitish }}
discussionCategory: Announcements
draft: false
name: ${{ needs.pre-setup.outputs.git-tag }}
# omitBody: false
omitBodyDuringUpdate: true
omitName: false
omitNameDuringUpdate: true
omitPrereleaseDuringUpdate: true
prerelease: false
removeArtifacts: false
replacesArtifacts: false
tag: ${{ needs.pre-setup.outputs.git-tag }}
token: ${{ secrets.GITHUB_TOKEN }}
...
Reference in New Issue View Git Blame Copy Permalink