Bump certifi from 2024.6.2 to 2024.7.4 #214
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
on: | |
pull_request: | |
push: | |
branches: | |
- master | |
workflow_dispatch: | |
jobs: | |
test: | |
runs-on: ubuntu-latest | |
strategy: | |
# By default, GitHub will maximize the number of jobs run in parallel | |
# depending on the available runners on GitHub-hosted virtual machines. | |
# max-parallel: 8 | |
fail-fast: false | |
matrix: | |
python-version: | |
- "3.8" | |
- "3.9" | |
- "3.10" | |
- "3.11" | |
- "3.12" | |
env: | |
TOXENV: ${{ matrix.tox-env }} | |
TOX_SKIP_MISSING_INTERPRETERS: False | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Run pre-commit hook | |
uses: pre-commit/action@v3.0.1 | |
- name: Set up Python ${{ matrix.python-version }} | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Upgrade pip version | |
run: pip install -U pip | |
- name: Install test dependencies | |
run: pip install tox tox-gh-actions poetry==1.4.0 | |
- name: Run tox | |
run: tox | |
make-wheels: | |
name: Make ${{ matrix.os }} ${{ matrix.cibw_arch }} wheels | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
os: ["ubuntu-latest"] | |
cibw_arch: ["native"] | |
cibw_build: ["cp38-* cp39-* cp310-* cp311-* cp312-*"] | |
fail-fast: false | |
steps: | |
- name: "Checkout repo" | |
uses: actions/checkout@v4 | |
- name: Install poetry | |
run: pip install poetry | |
- name: "Build wheels" | |
uses: pypa/cibuildwheel@v2.20.0 | |
with: | |
output-dir: dist | |
env: | |
CIBW_MANYLINUX_X86_64_IMAGE: manylinux2014 | |
CIBW_BUILD: ${{ matrix.cibw_build }} | |
CIBW_SKIP: "*musllinux*" | |
CIBW_ARCHS: ${{ matrix.cibw_arch }} | |
CIBW_BUILD_FRONTEND: pip | |
CIBW_BEFORE_ALL_LINUX: yum install -y libffi-devel clang make | |
CIBW_BUILD_VERBOSITY: 1 | |
- name: "Upload wheel as artifact" | |
uses: actions/upload-artifact@v4 | |
with: | |
name: artifact-${{ matrix.os }}-${{ matrix.cibw_arch }}-wheel | |
path: "./**/dist/*.whl" | |
make-sdist: | |
name: Make source distribution | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install poetry | |
run: pip install poetry | |
- run: poetry build -f sdist | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: artifact-source-dist | |
path: "./**/dist/*.tar.gz" | |
publish: | |
runs-on: ubuntu-latest | |
# Note: only run, when test publishing worked | |
needs: [test, make-wheels, make-sdist] | |
if: endsWith(github.ref, '/master') | |
permissions: | |
id-token: write | |
contents: write | |
steps: | |
- name: "Checkout repo" | |
uses: actions/checkout@v4 | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
- name: Upgrade pip version | |
run: pip install -U pip | |
- name: Install poetry | |
run: pip install poetry | |
- name: Fetch version | |
id: fetch_version | |
run: echo "version_nr=$(poetry version -s)" >> $GITHUB_OUTPUT | |
- name: Download all artifacts | |
uses: actions/download-artifact@v4 | |
- name: Copy artifacts to dist/ folder | |
run: | | |
find . -name 'artifact-*' -exec unzip '{}' \; | |
mkdir -p dist/ | |
find . -name '*.tar.gz' -exec mv '{}' dist/ \; | |
find . -name '*.whl' -exec mv '{}' dist/ \; | |
ls -lR dist/ | |
- name: Test PyPI Publishing | |
# TODO separate step to test publishing before merging to main | |
# NOTE: PRs from forks fail due to: "missing or insufficient OIDC token permissions, | |
# the ACTIONS_ID_TOKEN_REQUEST_TOKEN environment variable was unset" | |
# -> test publishing cannot be triggered in PRs?! | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
with: | |
password: ${{ secrets.TEST_PYPI_DEPLOYMENT_API_KEY }} | |
repository-url: https://test.pypi.org/legacy/ | |
skip-existing: true | |
- name: Create GitHub Release | |
id: create_gh_release | |
uses: ncipollo/release-action@v1 | |
env: | |
VERSION: ${{ steps.fetch_version.outputs.version_nr }} | |
with: | |
tag: ${{env.VERSION}} | |
name: Release ${{env.VERSION}} | |
draft: false | |
prerelease: false | |
skipIfReleaseExists: true | |
- name: PyPI Publishing | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
with: | |
password: ${{ secrets.PYPI_DEPLOYMENT_API_KEY }} | |
skip-existing: true |