Skip to content

Build cryptography #139

Build cryptography

Build cryptography #139

Workflow file for this run

name: Build and upload wheels
on: [push, pull_request]
env:
CIBW_BUILD: 'cp38-* cp39-* cp310-* cp311-* cp312-*'
CIBW_SKIP: '*-musllinux_*'
concurrency:
# Group runs by PR, but keep runs on the default branch separate
# because we do not want to cancel wheel uploads
group: pr-${{ github.ref == 'refs/heads/main' && github.run_number || github.ref }}
cancel-in-progress: true
jobs:
setup:
runs-on: ubuntu-latest
outputs:
recipes_found: ${{ steps.recipes_changes.outputs.recipes_found }}
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
# The range of commits to check for changes is:
# - `origin/main...` for all events happening on a feature branch
# - for events on the main branch we compare against the sha before the event
# (note that this does not work for feature branch events since we want all
# commits on the feature branch and not just the commits of the last event)
# - for pull requests we compare against the 1st ancestor, given the current
# HEAD is the merge between the PR branch and the base branch
- name: Set commit range
id: commit_range_step
run: |
if [ "${{ github.event_name }}" = 'push' -a "${{github.ref}}" != 'refs/heads/main' ]; then
# push to a feature branch
git fetch origin main
commit_range='origin/main...'
elif [ "${{ github.event_name }}" = 'push' -a "${{ github.ref }}" = 'refs/heads/main' ]; then
# push to the main branch, e.g. merge
commit_range="${{ github.event.before }}.."
else
# pull request
commit_range='HEAD~..'
fi
echo "commit_range=$commit_range" >> $GITHUB_OUTPUT
- name: Detect changes to recipes/
id: recipes_changes
run: |
touch duplicated_recipe_folders.txt
while read op path; do
case "$op" in
A|M)
echo "${path}" | cut -d '/' -f1,2 >> duplicated_recipe_folders.txt
;;
esac
done < <(git diff --color=never --name-status '${{ steps.commit_range_step.outputs.commit_range }}' -- recipes/)
sort -u duplicated_recipe_folders.txt > recipe_list.txt
cat recipe_list.txt
if [ -s recipe_list.txt ]; then
recipes_found=true
else
recipes_found=false
fi
echo "recipes_found=$recipes_found" >> $GITHUB_OUTPUT
- uses: actions/upload-artifact@v3
with:
name: recipe_list
path: recipe_list.txt
build:
needs: setup
if: ${{ needs.setup.outputs.recipes_found == 'true' }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: '3.11'
- uses: actions/download-artifact@v3
with:
name: recipe_list
path: ../workflow_artifacts/
- name: Install required Python packages
run: python -m pip install build cibuildwheel PyYAML requests
- name: Build wheels
run: |
while read -r folder; do
python3 wheel_builder.py "$folder";
done < ../workflow_artifacts/recipe_list.txt
- uses: actions/upload-artifact@v3
with:
name: wheelhouse
path: wheelhouse/
deploy:
name: Deploy Wheels
needs: build
if: ${{ github.ref == 'refs/heads/main' && github.event_name == 'push' && github.repository_owner == 'galaxyproject' }}
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@v3
with:
name: wheelhouse
path: wheelhouse/
- uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Setup deploy environment
run: python3 -m pip install s3pypi
- name: Deploy wheels
run: s3pypi upload ./wheelhouse/* --bucket "$S3_BUCKET" --region "$S3_REGION" --put-root-index --index.html --s3-put-args 'ACL=public-read' --force
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
S3_BUCKET: galaxy-wheels
S3_REGION: us-east-2