-
Notifications
You must be signed in to change notification settings - Fork 9
476 lines (471 loc) · 17.9 KB
/
tests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
# This workflow will install Python dependencies, run tests and lint with a variety of Python versions
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
# Based on ~/code/xcookie/xcookie/rc/tests.yml.in
# Now based on ~/code/xcookie/xcookie/builders/github_actions.py
# See: https://github.com/Erotemic/xcookie
name: PurePyCI
on:
push:
pull_request:
branches: [ main ]
jobs:
lint_job:
##
# Run quick linting and typing checks.
# To disable all linting add "linter=false" to the xcookie config.
# To disable type checks add "notypes" to the xcookie tags.
##
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/[email protected]
- name: Set up Python 3.11 for linting
uses: actions/[email protected]
with:
python-version: '3.11'
- name: Install dependencies
run: |-
python -m pip install --upgrade pip
python -m pip install flake8
- name: Lint with flake8
run: |-
# stop the build if there are Python syntax errors or undefined names
flake8 ./vtool_ibeis --count --select=E9,F63,F7,F82 --show-source --statistics
build_and_test_sdist:
##
# Build the pure python package from source and test it in the
# same environment.
##
name: Build sdist
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/[email protected]
- name: Set up Python 3.11
uses: actions/[email protected]
with:
python-version: '3.11'
- name: Upgrade pip
run: |-
python -m pip install --upgrade pip
python -m pip install --prefer-binary -r requirements/tests.txt
python -m pip install --prefer-binary -r requirements/runtime.txt
python -m pip install --prefer-binary -r requirements/headless.txt
- name: Build sdist
shell: bash
run: |-
python -m pip install pip -U
python -m pip install setuptools>=0.8 wheel build
python -m build --sdist --outdir wheelhouse
- name: Install sdist
run: |-
ls -al wheelhouse
pip install --prefer-binary wheelhouse/vtool_ibeis*.tar.gz -v
- name: Test minimal loose sdist
run: |-
pwd
ls -al
# Run in a sandboxed directory
WORKSPACE_DNAME="testsrcdir_minimal_${CI_PYTHON_VERSION}_${GITHUB_RUN_ID}_${RUNNER_OS}"
mkdir -p $WORKSPACE_DNAME
cd $WORKSPACE_DNAME
# Run the tests
# Get path to installed package
MOD_DPATH=$(python -c "import vtool_ibeis, os; print(os.path.dirname(vtool_ibeis.__file__))")
echo "MOD_DPATH = $MOD_DPATH"
python -m pytest --verbose --cov=vtool_ibeis $MOD_DPATH ../tests
cd ..
- name: Test full loose sdist
run: |-
pwd
ls -al
python -m pip install --prefer-binary -r requirements/headless.txt
# Run in a sandboxed directory
WORKSPACE_DNAME="testsrcdir_full_${CI_PYTHON_VERSION}_${GITHUB_RUN_ID}_${RUNNER_OS}"
mkdir -p $WORKSPACE_DNAME
cd $WORKSPACE_DNAME
# Run the tests
# Get path to installed package
MOD_DPATH=$(python -c "import vtool_ibeis, os; print(os.path.dirname(vtool_ibeis.__file__))")
echo "MOD_DPATH = $MOD_DPATH"
python -m pytest --verbose --cov=vtool_ibeis $MOD_DPATH ../tests
cd ..
- uses: actions/[email protected]
name: Upload sdist artifact
with:
name: sdist_wheels
path: wheelhouse/*.tar.gz
build_purepy_wheels:
##
# Download and test the pure-python wheels that were build in the
# build_purepy_wheels and test them in this independent environment.
##
name: ${{ matrix.python-version }} on ${{ matrix.os }}, arch=${{ matrix.arch }} with ${{ matrix.install-extras }}
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
python-version:
- '3.11'
arch:
- auto
steps:
- name: Checkout source
uses: actions/[email protected]
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
if: runner.os == 'Linux' && matrix.arch != 'auto'
with:
platforms: all
- name: Setup Python
uses: actions/[email protected]
with:
python-version: ${{ matrix.python-version }}
- name: Build pure wheel
shell: bash
run: |-
python -m pip install setuptools>=0.8 wheel build twine
python -m build --wheel --outdir wheelhouse
python -m twine check ./wheelhouse/vtool_ibeis*.whl
- name: Show built files
shell: bash
run: ls -la wheelhouse
- uses: actions/[email protected]
name: Upload wheels artifact
with:
name: wheels
path: ./wheelhouse/vtool_ibeis*.whl
test_purepy_wheels:
name: ${{ matrix.python-version }} on ${{ matrix.os }}, arch=${{ matrix.arch }} with ${{ matrix.install-extras }}
runs-on: ${{ matrix.os }}
needs:
- build_purepy_wheels
strategy:
fail-fast: false
matrix:
# Xcookie generates an explicit list of environments that will be used
# for testing instead of using the more concise matrix notation.
include:
- python-version: '3.8'
install-extras: tests-strict,runtime-strict,headless-strict
os: ubuntu-latest
arch: auto
- python-version: '3.11'
install-extras: tests-strict,runtime-strict,optional-strict,headless-strict
os: ubuntu-latest
arch: auto
- python-version: '3.8'
install-extras: tests,optional,headless
os: ubuntu-latest
arch: auto
- python-version: '3.9'
install-extras: tests,optional,headless
os: ubuntu-latest
arch: auto
- python-version: '3.10'
install-extras: tests,optional,headless
os: ubuntu-latest
arch: auto
- python-version: '3.11'
install-extras: tests,optional,headless
os: ubuntu-latest
arch: auto
steps:
- name: Checkout source
uses: actions/[email protected]
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
if: runner.os == 'Linux' && matrix.arch != 'auto'
with:
platforms: all
- name: Setup Python
uses: actions/[email protected]
with:
python-version: ${{ matrix.python-version }}
- uses: actions/[email protected]
name: Download wheels
with:
name: wheels
path: wheelhouse
- name: Install wheel ${{ matrix.install-extras }}
shell: bash
env:
INSTALL_EXTRAS: ${{ matrix.install-extras }}
run: |-
echo "Finding the path to the wheel"
ls wheelhouse || echo "wheelhouse does not exist"
echo "Installing helpers"
pip install setuptools>=0.8 setuptools_scm wheel build -U
pip install tomli pkginfo
export WHEEL_FPATH=$(python -c "import pathlib; print(str(sorted(pathlib.Path('wheelhouse').glob('vtool_ibeis*.whl'))[-1]).replace(chr(92), chr(47)))")
export MOD_VERSION=$(python -c "from pkginfo import Wheel; print(Wheel('$WHEEL_FPATH').version)")
echo "$WHEEL_FPATH=WHEEL_FPATH"
echo "$INSTALL_EXTRAS=INSTALL_EXTRAS"
echo "$MOD_VERSION=MOD_VERSION"
pip install --prefer-binary "vtool_ibeis[$INSTALL_EXTRAS]==$MOD_VERSION" -f wheelhouse
echo "Install finished."
- name: Test wheel ${{ matrix.install-extras }}
shell: bash
env:
CI_PYTHON_VERSION: py${{ matrix.python-version }}
run: |-
echo "Creating test sandbox directory"
export WORKSPACE_DNAME="testdir_${CI_PYTHON_VERSION}_${GITHUB_RUN_ID}_${RUNNER_OS}"
echo "WORKSPACE_DNAME=$WORKSPACE_DNAME"
mkdir -p $WORKSPACE_DNAME
echo "cd-ing into the workspace"
cd $WORKSPACE_DNAME
pwd
ls -altr
# Get the path to the installed package and run the tests
export MOD_DPATH=$(python -c "import vtool_ibeis, os; print(os.path.dirname(vtool_ibeis.__file__))")
export MOD_NAME=vtool_ibeis
echo "
---
MOD_DPATH = $MOD_DPATH
---
running the pytest command inside the workspace
---
"
python -m pytest --verbose -p pytester -p no:doctest --xdoctest --cov-config ../pyproject.toml --cov-report term --durations=100 --cov="$MOD_NAME" "$MOD_DPATH" ../tests
echo "pytest command finished, moving the coverage file to the repo root"
ls -al
# Move coverage file to a new name
mv .coverage "../.coverage.$WORKSPACE_DNAME"
echo "changing directory back to th repo root"
cd ..
ls -al
- name: Combine coverage Linux
if: runner.os == 'Linux'
run: |-
echo '############ PWD'
pwd
cp .wheelhouse/.coverage* . || true
ls -al
python -m pip install coverage[toml]
echo '############ combine'
coverage combine . || true
echo '############ XML'
coverage xml -o ./coverage.xml || true
echo '### The cwd should now have a coverage.xml'
ls -altr
pwd
- uses: codecov/[email protected]
name: Codecov Upload
with:
file: ./coverage.xml
token: ${{ secrets.CODECOV_TOKEN }}
test_deploy:
name: Uploading Test to PyPi
runs-on: ubuntu-latest
if: github.event_name == 'push' && ! startsWith(github.event.ref, 'refs/tags') && ! startsWith(github.event.ref, 'refs/heads/release')
needs:
- build_and_test_sdist
- build_purepy_wheels
- test_purepy_wheels
steps:
- name: Checkout source
uses: actions/[email protected]
- uses: actions/[email protected]
name: Download wheels
with:
name: wheels
path: wheelhouse
- uses: actions/[email protected]
name: Download sdist
with:
name: sdist_wheels
path: wheelhouse
- name: Show files to upload
shell: bash
run: ls -la wheelhouse
- name: Sign and Publish
env:
TWINE_REPOSITORY_URL: https://test.pypi.org/legacy/
TWINE_USERNAME: __token__
TWINE_PASSWORD: ${{ secrets.TEST_TWINE_PASSWORD }}
CI_SECRET: ${{ secrets.CI_SECRET }}
run: |-
GPG_EXECUTABLE=gpg
$GPG_EXECUTABLE --version
openssl version
$GPG_EXECUTABLE --list-keys
echo "Decrypting Keys"
openssl enc -aes-256-cbc -pbkdf2 -md SHA512 -pass env:CI_SECRET -d -a -in dev/ci_public_gpg_key.pgp.enc | $GPG_EXECUTABLE --import
openssl enc -aes-256-cbc -pbkdf2 -md SHA512 -pass env:CI_SECRET -d -a -in dev/gpg_owner_trust.enc | $GPG_EXECUTABLE --import-ownertrust
openssl enc -aes-256-cbc -pbkdf2 -md SHA512 -pass env:CI_SECRET -d -a -in dev/ci_secret_gpg_subkeys.pgp.enc | $GPG_EXECUTABLE --import
echo "Finish Decrypt Keys"
$GPG_EXECUTABLE --list-keys || true
$GPG_EXECUTABLE --list-keys || echo "first invocation of gpg creates directories and returns 1"
$GPG_EXECUTABLE --list-keys
VERSION=$(python -c "import setup; print(setup.VERSION)")
pip install twine
pip install urllib3 requests[security] twine
GPG_KEYID=$(cat dev/public_gpg_key)
echo "GPG_KEYID = '$GPG_KEYID'"
GPG_SIGN_CMD="$GPG_EXECUTABLE --batch --yes --detach-sign --armor --local-user $GPG_KEYID"
WHEEL_PATHS=(wheelhouse/*.whl wheelhouse/*.tar.gz)
WHEEL_PATHS_STR=$(printf '"%s" ' "${WHEEL_PATHS[@]}")
echo "$WHEEL_PATHS_STR"
for WHEEL_PATH in "${WHEEL_PATHS[@]}"
do
echo "------"
echo "WHEEL_PATH = $WHEEL_PATH"
$GPG_SIGN_CMD --output $WHEEL_PATH.asc $WHEEL_PATH
$GPG_EXECUTABLE --verify $WHEEL_PATH.asc $WHEEL_PATH || echo "hack, the first run of gpg very fails"
$GPG_EXECUTABLE --verify $WHEEL_PATH.asc $WHEEL_PATH
done
ls -la wheelhouse
pip install opentimestamps-client
ots stamp wheelhouse/*.whl wheelhouse/*.tar.gz wheelhouse/*.asc
ls -la wheelhouse
twine upload --username __token__ --password "$TWINE_PASSWORD" --repository-url "$TWINE_REPOSITORY_URL" wheelhouse/*.whl wheelhouse/*.tar.gz --skip-existing --verbose || { echo "failed to twine upload" ; exit 1; }
- uses: actions/[email protected]
name: Upload deploy artifacts
with:
name: deploy_artifacts
path: |-
wheelhouse/*.whl
wheelhouse/*.zip
wheelhouse/*.tar.gz
wheelhouse/*.asc
wheelhouse/*.ots
live_deploy:
name: Uploading Live to PyPi
runs-on: ubuntu-latest
if: github.event_name == 'push' && (startsWith(github.event.ref, 'refs/tags') || startsWith(github.event.ref, 'refs/heads/release'))
needs:
- build_and_test_sdist
- build_purepy_wheels
- test_purepy_wheels
steps:
- name: Checkout source
uses: actions/[email protected]
- uses: actions/[email protected]
name: Download wheels
with:
name: wheels
path: wheelhouse
- uses: actions/[email protected]
name: Download sdist
with:
name: sdist_wheels
path: wheelhouse
- name: Show files to upload
shell: bash
run: ls -la wheelhouse
- name: Sign and Publish
env:
TWINE_REPOSITORY_URL: https://upload.pypi.org/legacy/
TWINE_USERNAME: __token__
TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }}
CI_SECRET: ${{ secrets.CI_SECRET }}
run: |-
GPG_EXECUTABLE=gpg
$GPG_EXECUTABLE --version
openssl version
$GPG_EXECUTABLE --list-keys
echo "Decrypting Keys"
openssl enc -aes-256-cbc -pbkdf2 -md SHA512 -pass env:CI_SECRET -d -a -in dev/ci_public_gpg_key.pgp.enc | $GPG_EXECUTABLE --import
openssl enc -aes-256-cbc -pbkdf2 -md SHA512 -pass env:CI_SECRET -d -a -in dev/gpg_owner_trust.enc | $GPG_EXECUTABLE --import-ownertrust
openssl enc -aes-256-cbc -pbkdf2 -md SHA512 -pass env:CI_SECRET -d -a -in dev/ci_secret_gpg_subkeys.pgp.enc | $GPG_EXECUTABLE --import
echo "Finish Decrypt Keys"
$GPG_EXECUTABLE --list-keys || true
$GPG_EXECUTABLE --list-keys || echo "first invocation of gpg creates directories and returns 1"
$GPG_EXECUTABLE --list-keys
VERSION=$(python -c "import setup; print(setup.VERSION)")
pip install twine
pip install urllib3 requests[security] twine
GPG_KEYID=$(cat dev/public_gpg_key)
echo "GPG_KEYID = '$GPG_KEYID'"
GPG_SIGN_CMD="$GPG_EXECUTABLE --batch --yes --detach-sign --armor --local-user $GPG_KEYID"
WHEEL_PATHS=(wheelhouse/*.whl wheelhouse/*.tar.gz)
WHEEL_PATHS_STR=$(printf '"%s" ' "${WHEEL_PATHS[@]}")
echo "$WHEEL_PATHS_STR"
for WHEEL_PATH in "${WHEEL_PATHS[@]}"
do
echo "------"
echo "WHEEL_PATH = $WHEEL_PATH"
$GPG_SIGN_CMD --output $WHEEL_PATH.asc $WHEEL_PATH
$GPG_EXECUTABLE --verify $WHEEL_PATH.asc $WHEEL_PATH || echo "hack, the first run of gpg very fails"
$GPG_EXECUTABLE --verify $WHEEL_PATH.asc $WHEEL_PATH
done
ls -la wheelhouse
pip install opentimestamps-client
ots stamp wheelhouse/*.whl wheelhouse/*.tar.gz wheelhouse/*.asc
ls -la wheelhouse
twine upload --username __token__ --password "$TWINE_PASSWORD" --repository-url "$TWINE_REPOSITORY_URL" wheelhouse/*.whl wheelhouse/*.tar.gz --skip-existing --verbose || { echo "failed to twine upload" ; exit 1; }
- uses: actions/[email protected]
name: Upload deploy artifacts
with:
name: deploy_artifacts
path: |-
wheelhouse/*.whl
wheelhouse/*.zip
wheelhouse/*.tar.gz
wheelhouse/*.asc
wheelhouse/*.ots
release:
name: Create Github Release
if: github.event_name == 'push' && (startsWith(github.event.ref, 'refs/tags') || startsWith(github.event.ref, 'refs/heads/release'))
runs-on: ubuntu-latest
permissions:
contents: write
needs:
- live_deploy
steps:
- name: Checkout source
uses: actions/[email protected]
- uses: actions/[email protected]
name: Download artifacts
with:
name: deploy_artifacts
path: wheelhouse
- name: Show files to release
shell: bash
run: ls -la wheelhouse
- run: 'echo "Automatic Release Notes. TODO: improve" > ${{ github.workspace }}-CHANGELOG.txt'
- name: Tag Release Commit
if: (startsWith(github.event.ref, 'refs/heads/release'))
run: |-
export VERSION=$(python -c "import setup; print(setup.VERSION)"
git tag "v$VERSION"
git push origin "v$VERSION"
- uses: softprops/action-gh-release@v1
name: Create Release
id: create_release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
body_path: ${{ github.workspace }}-CHANGELOG.txt
tag_name: ${{ github.ref }}
release_name: Release ${{ github.ref }}
body: Automatic Release
draft: true
prerelease: false
files: |-
wheelhouse/*.whl
wheelhouse/*.asc
wheelhouse/*.ots
wheelhouse/*.zip
wheelhouse/*.tar.gz
###
# Unfortunately we cant (yet) use the yaml docstring trick here
# https://github.community/t/allow-unused-keys-in-workflow-yaml-files/172120
#__doc__: |
# # How to run locally
# # https://packaging.python.org/guides/using-testpypi/
# git clone https://github.com/nektos/act.git $HOME/code/act
# chmod +x $HOME/code/act/install.sh
# (cd $HOME/code/act && ./install.sh -b $HOME/.local/opt/act)
#
# load_secrets
# unset GITHUB_TOKEN
# $HOME/.local/opt/act/act \
# --secret=EROTEMIC_TWINE_PASSWORD=$EROTEMIC_TWINE_PASSWORD \
# --secret=EROTEMIC_TWINE_USERNAME=$EROTEMIC_TWINE_USERNAME \
# --secret=EROTEMIC_CI_SECRET=$EROTEMIC_CI_SECRET \
# --secret=EROTEMIC_TEST_TWINE_USERNAME=$EROTEMIC_TEST_TWINE_USERNAME \
# --secret=EROTEMIC_TEST_TWINE_PASSWORD=$EROTEMIC_TEST_TWINE_PASSWORD