-
Notifications
You must be signed in to change notification settings - Fork 8
145 lines (110 loc) · 3.82 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
# Run all tests, linters, code analysis and other QA tasks on
# every push to main and PRs.
#
# To SSH into the runner to debug a failure, add the following step before
# the failing step
# - uses: lhotari/action-upterm@v1
# with:
# limit-access-to-actor: true
name: CI
on:
workflow_dispatch:
pull_request:
push:
branches:
- main
tags:
- '*'
# Prevent multiple jobs running after fast subsequent pushes
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
tests:
name: Tests
strategy:
matrix:
python: ["python3.9", "python3.10", "python3.11"]
runner: ["ubuntu-latest", "macos-13"]
include:
- runner: "ubuntu-latest"
arch: "x86_64-linux"
- runner: "macos-13"
arch: "x86_64-darwin"
runs-on: ${{ matrix.runner }}
steps:
- name: Convert matrix python version to nix python version
run: echo "PYTHON=$(echo ${{ matrix.python }} | tr -d .)" >> $GITHUB_ENV
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v22
- uses: cachix/cachix-action@v12
with:
name: oceansprint
authToken: '${{ secrets.CACHIX_AUTH_TOKEN_PUBLIC }}'
- name: Run linters and unit tests the Nix way
run: |
nix build .#checks.${{ matrix.arch }}.ci-$(echo $PYTHON)
docker_linux:
name: Docker on Linux
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Build Docker image with nix env for tesh development
run: docker build -t tesh .
- name: Start a container
run: docker run -d --rm -v .:/tesh --name tesh -it tesh
- name: Make git happy so that pre-commit checks in `make lint` work
run: docker exec tesh git config --global --add safe.directory /tesh
- name: Run all tests
run: docker exec tesh nix develop -c make tests
docker_macos:
name: Docker on macOS
runs-on: macos-13
steps:
- uses: actions/checkout@v3
- name: Install & start Docker
run: |
brew install docker colima
colima start
- name: Build Docker image with nix env for tesh development
run: docker build -t tesh .
- name: Start a container
run: docker run -d --rm -v .:/tesh --name tesh -it tesh
- name: Make git happy so that pre-commit checks in `make lint` work
run: docker exec tesh git config --global --add safe.directory /tesh
- name: Run all tests
run: docker exec tesh nix develop -c make tests
release:
name: Release
needs: tests
# To test publishing to testpypi:
# * comment out "verify git tag matches pyproject.toml version"
# * uncomment "with: repository-url: https://test.pypi.org/legacy/"
if:
github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
runs-on: ubuntu-latest
environment: release
permissions:
id-token: write
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v22
- uses: cachix/cachix-action@v12
with:
name: oceansprint
authToken: '${{ secrets.CACHIX_AUTH_TOKEN_PUBLIC }}'
- name: Verify git tag matches pyproject.toml version
run: |
GIT_VERSION=$GITHUB_REF_NAME
nix develop -c bash -c "poetry version --short > poetry_version.txt"
POETRY_VERSION=`cat poetry_version.txt`
echo $GIT_VERSION
echo $POETRY_VERSION
[[ "$GIT_VERSION" == "$POETRY_VERSION" ]] && exit 0 || exit 1
- name: Build tesh wheel
run: |
nix develop -c poetry build
- name: Upload wheel to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
# with:
# repository-url: https://test.pypi.org/legacy/