-
Notifications
You must be signed in to change notification settings - Fork 2
187 lines (174 loc) · 5.9 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
# Based on
# https://github.com/python/typing_extensions/blob/main/.github/workflows/publish.yml and
# https://packaging.python.org/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/
name: Test builds and publish Python distribution to PyPI
on:
push:
branches: [main]
pull_request:
branches: [main]
release:
types: [published]
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
permissions:
contents: read
env:
FORCE_COLOR: 1
PIP_DISABLE_PIP_VERSION_CHECK: 1
jobs:
build:
name: Build dist
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.12
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install Poetry
run: pipx install poetry
- name: Build release
run: poetry build
- name: Upload the distribution packages
uses: actions/upload-artifact@v4
with:
name: dist
path: dist/
test-dists:
name: Test Built ${{ matrix.dist.name }} (${{ matrix.python-version }})
runs-on: ubuntu-latest
needs: build
strategy:
fail-fast: false
matrix:
python-version:
- "3.10"
- "3.12"
dist:
- name: "wheel"
extension: whl
- name: "sdist"
extension: tar.gz
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: "${{ matrix.python-version }}"
cache: pip
- name: Download release dists
uses: actions/download-artifact@v4
with:
name: dist
path: dist/
- name: Install ${{ matrix.dist.name }}
run: |
export path_to_file=$(find dist -type f -name "problem_bank_helpers-*.${{ matrix.dist.extension }}")
echo "::notice::Installing ${{ matrix.dist.name }}: $path_to_file"
python -m pip install --user $path_to_file
python -m pip list
- name: Install test dependencies
run: python -m pip install --user pytest
- name: Run tests against installed wheel
run: rm -rf src/ && pytest tests/
test-banks:
name: Test ${{ matrix.bank.name }} Problem Bank Builds (${{ matrix.python-version }})
continue-on-error: ${{ matrix.python-version == '3.12'}}
needs: build
runs-on: ubuntu-latest
strategy:
fail-fast: false # We want to know all issues, even if one fails
matrix:
python-version:
- "3.10"
- "3.12"
bank:
- name: Physics
repo: open-resources/instructor_physics_bank
- name: Data Science
repo: open-resources/instructor_datascience_bank
- name: Statistics
repo: open-resources/instructor_stats_bank
steps:
- name: Checkout ${{ matrix.bank.name }} Problem Bank
uses: actions/checkout@v4
with:
repository: ${{ matrix.bank.repo }}
token: ${{ secrets.API_TOKEN_GITHUB }}
ref: main
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: "${{ matrix.python-version }}"
cache: pip
- name: Download release dists
uses: actions/download-artifact@v4
with:
name: dist
path: dist/
- name: Install Problem Bank Dependencies
run: |
python -m pip install --upgrade --upgrade-strategy eager -r requirements.txt
python -m pip install --upgrade problem_bank_scripts
- name: Install built wheel
run: |
python -m pip install --user $(find dist -type f -name "problem_bank_helpers-*.whl")
- name: Test problem bank generates properly
run: process 'source' --instructor=True --public=True --prairielearn=True
publish:
name: Publish new release to PyPI
if: github.event_name == 'release' # only publish to PyPI on releases
# Ensure tests have passed and problem banks can be built
needs:
- test-dists
- test-banks
runs-on: ubuntu-latest
# Specifying a GitHub environment so manual approval by an approved user to create a release is required
# https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules
environment:
name: publish
url: https://pypi.org/p/problem-bank-helpers/
permissions:
# IMPORTANT: this permission is mandatory for trusted publishing
# https://docs.pypi.org/trusted-publishers/
id-token: write
steps:
- name: Download release dists
uses: actions/download-artifact@v4
with:
name: dist
path: dist/
- name: Ensure exactly one sdist and one wheel have been downloaded
run: test $(ls dist/*.tar.gz | wc -l) = 1 && test $(ls dist/*.whl | wc -l) = 1
- name: Publish to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
github-release:
name: upload dists to GitHub release
needs: publish
runs-on: ubuntu-latest
permissions:
id-token: write
attestations: write
contents: write
steps:
- name: Download release dists
uses: actions/download-artifact@v4
with:
name: dist
path: dist/
- name: Attest Build Provenance
uses: actions/attest-build-provenance@v1
with:
subject-path: 'dist/**'
- name: Upload Dists to GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
run: gh release upload '${{ github.ref_name }}' dist/** --repo '${{ github.repository }}'
push-to-question-banks:
uses: ./.github/workflows/update-dependents.yml
needs: [publish]
with:
version: ${{ github.event.release.tag_name }}
secrets: inherit