Skip to content

Setup Trusted Publisher deployment to PyPI #69

Setup Trusted Publisher deployment to PyPI

Setup Trusted Publisher deployment to PyPI #69

Workflow file for this run

# Run tests on Windows, Linux, and Mac
#
# NOTE: Pin actions to a specific commit to avoid having the authentication
# token stolen if the Action is compromised. See the comments and links here:
# https://github.com/pypa/gh-action-pypi-publish/issues/27
#
name: test
# Only build PRs, the master main, and releases. Pushes to branches will only
# be built when a PR is opened. This avoids duplicated buids in PRs comming
# from branches in the origin repository (1 for PR and 1 for push).
on:
pull_request:
push:
branches:
- main
release:
types:
- published
# Use bash by default in all jobs
defaults:
run:
shell: bash
jobs:
#############################################################################
# Run tests
test:
name: ${{ matrix.os }} python=${{ matrix.python }} dependencies=${{ matrix.dependencies }}
runs-on: ${{ matrix.os }}-latest
strategy:
# Otherwise, the workflow would stop if a single job fails. We want to
# run all of them to catch failures in different combinations.
fail-fast: false
matrix:
os:
- ubuntu
- macos
- windows
dependencies:
- latest
- oldest
include:
- dependencies: oldest
python: "3.7"
- dependencies: latest
python: "3.12"
env:
# Used to tag codecov submissions
OS: ${{ matrix.os }}
PYTHON: ${{ matrix.python }}
DEPENDENCIES: ${{ matrix.dependencies }}
steps:
# Checks-out your repository under $GITHUB_WORKSPACE
- name: Checkout
uses: actions/checkout@v4
with:
# Need to fetch more than the last commit so that setuptools-scm can
# create the correct version string. If the number of commits since
# the last release is greater than this, the version still be wrong.
# Increase if necessary.
fetch-depth: 100
# The GitHub token is preserved by default but this job doesn't need
# to be able to push to GitHub.
persist-credentials: false
# Need the tags so that setuptools-scm can form a valid version number
- name: Fetch git tags
run: git fetch origin 'refs/tags/*:refs/tags/*'
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python }}
- name: Install the build requirements
run: |
python -m pip install --requirement env/requirements-build.txt
- name: Install the testing requirements
run: |
python -m pip install --requirement env/requirements-test.txt
- name: Build source and wheel distributions
run: |
make build
echo ""
echo "Generated files:"
ls -lh dist/
- name: Install the package and requirements
run: python -m pip install `ls dist/*.whl`
- name: Install the oldest supported version of dependencies
if: matrix.dependencies == 'oldest'
run: |
dependente --source install --oldest > requirements-oldest.txt
python -m pip install --requirement requirements-oldest.txt
- name: List installed packages
run: python -m pip freeze
- name: Run the command line program (Bash)
run: dependente --help
- name: Run the command line program (Windows CMD)
if: matrix.os == 'windows'
run: dependente --help
shell: cmd
- name: Run the command line program (Powershell)
if: matrix.os == 'windows'
run: dependente --help
shell: pwsh
- name: Parse our own dependencies
run: dependente --source=install,build
- name: Parse our own dependencies (Windows CMD)
if: matrix.os == 'windows'
run: dependente --source=install,build
shell: cmd
- name: Parse our own dependencies (Powershell)
if: matrix.os == 'windows'
run: dependente --source=install,build
shell: pwsh
- name: Run the tests
run: make test
- name: Convert coverage report to XML for codecov
run: coverage xml
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
with:
file: ./coverage.xml
env_vars: OS,PYTHON,DEPENDENCIES
# Don't mark the job as failed if the upload fails for some reason.
# It does sometimes but shouldn't be the reason for running
# everything again unless something else is broken.
fail_ci_if_error: false
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}