-
Notifications
You must be signed in to change notification settings - Fork 202
133 lines (124 loc) · 5.19 KB
/
python-package.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
# This workflow will install Python dependencies, run tests and lint with a variety of Python versions
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
name: CI/CD
on:
push:
pull_request:
branches: [ dev ]
# This guards against unknown PR until a community member vet it and label it.
types: [ labeled ]
jobs:
ci:
env:
# Fake a TRAVIS env so that the pre-existing test cases would behave like before
TRAVIS: true
LAB_APP_CLIENT_ID: ${{ secrets.LAB_APP_CLIENT_ID }}
LAB_APP_CLIENT_SECRET: ${{ secrets.LAB_APP_CLIENT_SECRET }}
LAB_APP_CLIENT_CERT_BASE64: ${{ secrets.LAB_APP_CLIENT_CERT_BASE64 }}
LAB_APP_CLIENT_CERT_PFX_PATH: lab_cert.pfx
LAB_OBO_CLIENT_SECRET: ${{ secrets.LAB_OBO_CLIENT_SECRET }}
LAB_OBO_CONFIDENTIAL_CLIENT_ID: ${{ secrets.LAB_OBO_CONFIDENTIAL_CLIENT_ID }}
LAB_OBO_PUBLIC_CLIENT_ID: ${{ secrets.LAB_OBO_PUBLIC_CLIENT_ID }}
# Derived from https://docs.github.com/en/actions/guides/building-and-testing-python#starting-with-the-python-workflow-template
runs-on: ubuntu-latest # It switched to 22.04 shortly after 2022-Nov-8
strategy:
matrix:
python-version: [3.7, 3.8, 3.9, "3.10", "3.11", "3.12"]
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
# It automatically takes care of pip cache, according to
# https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#about-caching-workflow-dependencies
with:
python-version: ${{ matrix.python-version }}
cache: 'pip'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install flake8 pytest
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
- name: Populate lab cert.pfx
# https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#storing-base64-binary-blobs-as-secrets
run: echo $LAB_APP_CLIENT_CERT_BASE64 | base64 -d > $LAB_APP_CLIENT_CERT_PFX_PATH
- name: Test with pytest
run: pytest --benchmark-skip
- name: Lint with flake8
run: |
# stop the build if there are Python syntax errors or undefined names
#flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
#flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
cb:
# Benchmark only after the correctness has been tested by CI,
# and then run benchmark only once (sampling with only one Python version).
needs: ci
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.9
uses: actions/setup-python@v5
with:
python-version: 3.9
cache: 'pip'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
- name: Setup an updatable cache for Performance Baselines
uses: actions/cache@v4
with:
path: .perf.baseline
key: ${{ runner.os }}-performance-${{ hashFiles('tests/test_benchmark.py') }}
restore-keys: ${{ runner.os }}-performance-
- name: Run benchmark
run: pytest --benchmark-only --benchmark-json benchmark.json --log-cli-level INFO tests/test_benchmark.py
- name: Render benchmark result
uses: benchmark-action/github-action-benchmark@v1
with:
tool: 'pytest'
output-file-path: benchmark.json
fail-on-alert: true
- name: Publish Gibhub Pages
run: git push origin gh-pages
cd:
needs: ci
# Note: github.event.pull_request.draft == false WON'T WORK in "if" statement,
# because the triggered event is a push, not a pull_request.
# This means each commit will trigger a release on TestPyPI.
# Those releases will only succeed when each push has a new version number: a1, a2, a3, etc.
if: |
github.event_name == 'push' &&
(
startsWith(github.ref, 'refs/tags') ||
startsWith(github.ref, 'refs/heads/release-')
)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.9
uses: actions/setup-python@v5
with:
python-version: 3.9
cache: 'pip'
- name: Build a package for release
run: |
python -m pip install build --user
python -m build --sdist --wheel --outdir dist/ .
- name: |
Publish to TestPyPI when pushing to release-* branch.
You better test with a1, a2, b1, b2 releases first.
uses: pypa/[email protected]
if: startsWith(github.ref, 'refs/heads/release-')
with:
user: __token__
password: ${{ secrets.TEST_PYPI_API_TOKEN }}
repository_url: https://test.pypi.org/legacy/
- name: Publish to PyPI when tagged
if: startsWith(github.ref, 'refs/tags')
uses: pypa/[email protected]
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}