-
Notifications
You must be signed in to change notification settings - Fork 0
231 lines (205 loc) · 7.65 KB
/
CICD.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
name: CICD
on:
push:
branches:
- main
pull_request:
branches:
- "**"
workflow_dispatch:
inputs:
rewrite_dependencies:
description:
If "true" or empty CICD will rewrite BL_Python dependencies,
during the build only, to use the local filesystem checkout rather than PyPI.
If "false" CICD will not rewrite the BL_Python dependencies.
type: choice
options:
- true
- false
default: "true"
required: true
use_build_cache:
description:
If "true", the workflow will use the build cache if the associated
cache key has a hit. If "false," any existing build cache will be ignored.
The workflow will save a new build cache with the same cache key regardless
of `use_build_cache` if there was not a cache hit.
type: choice
options:
- true
- false
default: "true"
required: false
jobs:
Checkout:
name: Checkout and Setup
runs-on: ubuntu-latest
outputs:
build-cache-key: ${{ steps.build-cache-key.outputs.cache_key }}
build-cache-key-run: ${{ steps.build-cache-key.outputs.cache_key_run }}
env:
PYTHON_VERSION: "3.10"
steps:
- uses: actions/checkout@v4
- id: build-cache-key
# Use the same cache between Workflow runs _except_ when the event is a workflow_dispatch.
# This should result in cache keys like "Linux-true-(true|false)-abc123" for all runs _except_ workflow_dispatch,
# and cache keys like "linux-false-(true|123)-abc123" for workflow_dispatch.
run: |
cache_key='${{ runner.os }}-${{ hashFiles('pyproject.toml', 'src/*/pyproject.toml') }}'
cache_key_run='${{ runner.os }}-${{ hashFiles('pyproject.toml', 'src/*/pyproject.toml') }}-run-id_${{ github.run_id }}-number_${{ github.run_number }}-attempt_${{ github.run_attempt }}'
echo "cache_key=$cache_key" >> $GITHUB_OUTPUT
echo "cache_key_run=$cache_key_run" >> $GITHUB_OUTPUT
- name: Restore build cache
if: ${{ success() && (github.event_name != 'workflow_dispatch' || inputs.use_build_cache == 'true') }}
uses: actions/cache/restore@v3
id: restore-build-cache
with:
path: ${{ github.workspace }}
key: ${{ steps.build-cache-key.outputs.cache_key_run }}
restore-keys: ${{ steps.build-cache-key.outputs.cache_key }}
- name: Set up Python ${{ env.PYTHON_VERSION }}
if: ${{ success() && (inputs.use_build_cache == 'false' || steps.restore-build-cache.outputs.cache-matched-key == '' )}}
uses: actions/setup-python@v4
id: install_python
with:
python-version: ${{ env.PYTHON_VERSION }}
cache: "pip"
- name: Install dependencies
if: ${{ success() && (inputs.use_build_cache == 'false' || steps.restore-build-cache.outputs.cache-matched-key == '' )}}
run: |
echo Setting up dependencies
python -m pip install -U pip
python -m pip install toml
REWRITE_DEPENDENCIES=${{ inputs.rewrite_dependencies }} \
./.github/workflows/CICD-scripts/pyproject_dependency_rewrite.py
${{ steps.install_python.outputs.python-path }} -m venv .github-venv
source .github-venv/bin/activate
echo "prefix=$(pwd)/node_modules" >> ~/.npmrc
# Note that currently pyproject.toml does not specify a version.
# As such, this will install the latest Pyright, including
# potentionally breaking changes.
npm install -g pyright
./install_all.sh -e
- name: Save build cache
if: ${{ success() && (github.event_name == 'workflow_dispatch' || steps.restore-build-cache.outputs.cache-matched-key == '') }}
uses: actions/cache/save@v3
id: save-build-cache
with:
path: ${{ github.workspace }}
key: ${{ steps.build-cache-key.outputs.cache_key_run }}
Pyright:
name: Static type checking
runs-on: ubuntu-latest
needs:
- Checkout
if: ${{( always() && !cancelled() ) }}
steps:
- uses: actions/cache/restore@v3
name: Restore repository build
id: restore-repository-build
with:
key: ${{ needs.Checkout.outputs.build-cache-key-run }}
restore-keys: ${{ needs.Checkout.outputs.build-cache-key }}
path: ${{ github.workspace }}
fail-on-cache-miss: true
- name: Test with pyright
run: |
echo Running pyright
source .github-venv/bin/activate
./node_modules/bin/pyright
Pytest:
name: Automated testing
runs-on: ubuntu-latest
needs:
- Checkout
if: ${{( always() && !cancelled() ) }}
steps:
- uses: actions/cache/restore@v3
name: Restore repository build
id: restore-repository-build
with:
key: ${{ needs.Checkout.outputs.build-cache-key-run }}
restore-keys: ${{ needs.Checkout.outputs.build-cache-key }}
path: ${{ github.workspace }}
fail-on-cache-miss: true
- name: Test with pytest and generate reports
run: |
echo Running pytest
source .github-venv/bin/activate
pytest -k "not acceptance"
coverage html
- name: Output pytest report
uses: actions/upload-artifact@v3
if: ${{ always() }}
with:
name: pytest-and-coverage-report
path: |
pytest.xml
cov.xml
.coverage
htmlcov/
retention-days: 1
if-no-files-found: error
Style:
name: Style and formatting
runs-on: ubuntu-latest
needs:
- Checkout
if: ${{( always() && !cancelled() ) }}
steps:
- uses: actions/cache/restore@v3
name: Restore repository build
id: restore-repository-build
with:
key: ${{ needs.Checkout.outputs.build-cache-key-run }}
restore-keys: ${{ needs.Checkout.outputs.build-cache-key }}
path: ${{ github.workspace }}
fail-on-cache-miss: true
- name: Check code style
run: |
source .github-venv/bin/activate
black --check src
- name: Check import order
run: |
source .github-venv/bin/activate
isort --check-only src
Final-status-check:
name: Check workflow success
runs-on: ubuntu-latest
needs:
- Checkout
- Pyright
- Pytest
- Style
# this job should run regardless of success, failure, or skips,
# but not if the workflow is canceled. `always()` ignores canceled,
# and so we check for the canceled state.
if: ${{( always() && !cancelled() ) }}
steps:
- name: Failure
# once the "needs" jobs have completed, if any of them
# failed, then the entire workflow is considered failed.
if: |
contains(toJSON(needs), '"result": "failure"')
env:
RANDOM_EOF: |
EOF`echo $RANDOM | base64`
run: |
echo One or more required jobs did not complete successfully;
jq -r 'keys[] as $job | "Job ID: \($job)'"\n"' \(.[$job] | .result)"' <<${{ env.RANDOM_EOF }}
${{ toJSON(needs) }}
${{ env.RANDOM_EOF }}
exit 1;
# TODO consider uploading the repository so errors
# can be more easily resolved.
#- name: Upload repository build
# uses: actions/upload-artifact@v3
# with:
# name: repository-build
# path: ${{ github.workspace }}
# retention-days: 1
# if-no-files-found: error
- name: Success
run: echo Workflow succeeded; exit 0;