-
Notifications
You must be signed in to change notification settings - Fork 3
153 lines (147 loc) · 4.46 KB
/
ci-cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
name: CI/CD
on:
push:
branches: [ master, develop, "dev/*" ]
tags:
- '*'
pull_request:
branches: [ master, develop ]
jobs:
Test-python-27:
runs-on: ubuntu-20.04
container:
image: python:2.7.18-buster
steps:
- uses: actions/checkout@v4
- name: Install dependencies
run: |
python -m pip install -r requirements.txt && \
python -m pip install -r requirements_dev.txt
- name: Test with pytest and coverage
run: |
pytest --cov=cert_chain_resolver --cov-report=xml --cov-report=term-missing
- name: Upload coverage artifact
if: success()
uses: actions/upload-artifact@v4
with:
name: coverage-2.7
path: coverage.xml
Test:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ['3.7', '3.8', '3.9', '3.10', '3.11', '3.12']
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
python -m pip install -r requirements.txt && \
python -m pip install -r requirements_dev.txt
- name: Test with pytest and coverage
run: |
pytest --cov=cert_chain_resolver --cov-report=xml --cov-report=term-missing
- name: Upload coverage artifact
if: success()
uses: actions/upload-artifact@v4
with:
name: coverage-${{ matrix.python-version }}
path: coverage.xml
combine-coverage:
runs-on: ubuntu-latest
needs:
- Test
- Test-python-27
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: 3.12
- name: Install coverage tools
run: |
python -m pip install coverage codecov
- name: Download coverage artifacts
uses: actions/download-artifact@v4
with:
pattern: coverage-*
merge-multiple: true
- name: Combine coverage reports
run: |
ls -lashR coverage.xml
coverage combine
coverage report
coverage html --skip-covered --skip-empty
coverage report --format=markdown >> $GITHUB_STEP_SUMMARY
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
with:
file: ./coverage.xml
mypy:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ['3.12']
steps:
- uses: actions/checkout@v3
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
python -m pip install mypy -rrequirements_dev.txt -rrequirements.txt
- name: mypy static checker
run: |
mypy {cert_chain_resolver,tests}
Publish:
if: |
github.repository == 'rkoopmans/python-certificate-chain-resolver' &&
startsWith(github.ref, 'refs/tags') &&
github.event_name == 'push'
timeout-minutes: 10
needs: [Test, Test-python-27, mypy]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.12"
- name: Install dependencies
run: |
pip install -r requirements.txt
pip install build wheel
- name: Check if properly tagged
run: |
PACKAGE_VERSION="$(python -c 'from cert_chain_resolver import __version__;print(__version__)')";
CURRENT_TAG="${GITHUB_REF#refs/*/}";
if [[ "${PACKAGE_VERSION}" != "${CURRENT_TAG}" ]]; then
>&2 echo "Tag mismatch. Version in __init__.py does not match tagged commit"
>&2 echo "Skipping deploy"
exit 1;
fi
- name: Build package (sdist & wheel)
run: |
python -m build --sdist --wheel --outdir dist/
- name: Test sdist install
run: |
python -m venv sdist_env
./sdist_env/bin/pip install dist/cert_chain_resolver-*.tar.gz
- name: Test wheel install
run: |
python -m venv wheel_env
./wheel_env/bin/pip install dist/cert_chain_resolver-*.whl
- name: Publish package to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_ACCESS_TOKEN }}
packages_dir: dist/
print_hash: true