Minor private cloud api improvements #2160
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: [push, pull_request] | |
jobs: | |
test: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
os: [ubuntu-22.04, ubuntu-20.04, macos-13, windows-latest] | |
python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Set up Python | |
uses: actions/setup-python@v2 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Install dependencies | |
run: | | |
pip install setuptools==69.5.1 wheel | |
pip install -r requirements.txt | |
- name: Run tests | |
run: python -m pytest -s -rs | |
release: | |
runs-on: ubuntu-latest | |
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags') | |
needs: test | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Set up Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: '3.8' | |
- name: Install packaging dependencies | |
run: pip install wheel | |
- name: Update version | |
run: sed -i 's/__version__ = "0.0.0-dev"/__version__ = "'"${GITHUB_REF##*/}"'"/g' lean/__init__.py | |
- name: Build package | |
run: python setup.py sdist bdist_wheel | |
- name: Publish package to PyPI | |
uses: pypa/gh-action-pypi-publish@master | |
with: | |
user: __token__ | |
password: ${{ secrets.PYPI_API_TOKEN }} | |
portable: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
os: [ubuntu-22.04, macos-13, windows-latest] | |
python-version: ["3.10"] | |
# on a new tag (release), after 'test' and 'release' have ended we will run this | |
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags') | |
needs: [test, release] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Set up Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: '3.10' | |
- name: Wait for pip release, sleep in seconds | |
run: sleep 900 | |
shell: bash | |
- name: Setup Portable | |
run: pip install pyinstaller lean==${GITHUB_REF##*/} | |
shell: bash | |
- name: Create Portable Windows & Linux | |
if: matrix.os == 'windows-latest' || matrix.os == 'ubuntu-22.04' | |
run: | | |
mkdir portable | |
cd portable | |
pyinstaller ../scripts/main.spec | |
shell: bash | |
- name: Create Portable Macos | |
if: matrix.os == 'macos-13' | |
env: | |
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} | |
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }} | |
KEYCHAIN_PASSWORD: 'KEYCHAINPASSWORD' | |
run: | | |
echo $MACOS_CERTIFICATE | base64 --decode > certificate.p12 | |
security create-keychain -p $KEYCHAIN_PASSWORD build.keychain | |
security default-keychain -s build.keychain | |
security unlock-keychain -p $KEYCHAIN_PASSWORD build.keychain | |
security import certificate.p12 -k build.keychain -P $MACOS_CERTIFICATE_PWD -T /usr/bin/codesign | |
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $KEYCHAIN_PASSWORD build.keychain | |
security find-identity -v | |
mkdir portable | |
cd portable | |
pyinstaller ../scripts/main.spec | |
cd dist/lean-cli | |
mkdir ./lean | |
/usr/bin/codesign --deep --force --timestamp -o runtime -s CY5GJ9682W ./lean-cli -v | |
find . -iname '*.so' -or -iname '*.dylib'| while read libfile; do /usr/bin/codesign --timestamp --deep -o runtime --force -s CY5GJ9682W "${libfile}"; done; | |
shell: bash | |
- name: Get OS Name Without Version | |
run: echo "OS_NAME=$(echo ${{ matrix.os }} | sed 's/-.*//')" >> $GITHUB_ENV | |
shell: bash | |
- name: Zip package and notarize Macos | |
if: matrix.os == 'macos-13' | |
env: | |
APPLE_ID: ${{ secrets.APPLE_ID }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
run: | | |
xcrun notarytool store-credentials --apple-id "$APPLE_ID" --password "$APPLE_PASSWORD" --team-id "$APPLE_TEAM_ID" "QC_APPLE" | |
cd portable/dist/lean-cli | |
ditto -c -k --keepParent . ../lean-latest-${{env.OS_NAME}}.zip | |
cd .. | |
xcrun notarytool submit lean-latest-${{env.OS_NAME}}.zip --keychain-profile "QC_APPLE" --wait | |
- name: Zip package Windows | |
if: matrix.os == 'windows-latest' | |
run: | | |
cd portable/dist/lean-cli | |
mkdir ./lean | |
7z a -tzip ../lean-latest-${{env.OS_NAME}}.zip . | |
shell: bash | |
- name: Zip package Ubuntu | |
if: matrix.os == 'ubuntu-22.04' | |
run: | | |
cd portable/dist/lean-cli | |
mkdir ./lean | |
zip -r ../lean-latest-${{env.OS_NAME}}.zip . | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_KEY }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET }} | |
aws-region: us-west-1 | |
- name: Publish To S3 | |
run: | | |
aws s3 cp portable/dist/lean-latest-${{env.OS_NAME}}.zip s3://${{ secrets.AWS_BUCKET }}/ --content-type "application/zip" | |
shell: bash | |
# only update version file once. | |
- name: Update version information | |
if: matrix.os == 'ubuntu-22.04' | |
run: | | |
echo '{ "version": "'${GITHUB_REF##*/}'" }' > portable/latest.json | |
aws s3 cp portable/latest.json s3://${{ secrets.AWS_BUCKET }}/ --content-type "text/plain" | |
aws cloudfront create-invalidation --distribution-id EATCOTHB6KFQP --paths /${{ secrets.AWS_BUCKET }}/latest.json | |
shell: bash | |
- name: Cleanup | |
run: | | |
rm -rf portable | |
shell: bash | |
invalidate: | |
runs-on: ubuntu-22.04 | |
needs: portable | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Set up Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: '3.10' | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_KEY }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET }} | |
aws-region: us-west-1 | |
- name: Invalidate Lean Executable zips | |
run: | | |
aws cloudfront create-invalidation --distribution-id EATCOTHB6KFQP --paths /${{ secrets.AWS_BUCKET }}/lean-latest-ubuntu.zip | |
aws cloudfront create-invalidation --distribution-id EATCOTHB6KFQP --paths /${{ secrets.AWS_BUCKET }}/lean-latest-macos.zip | |
aws cloudfront create-invalidation --distribution-id EATCOTHB6KFQP --paths /${{ secrets.AWS_BUCKET }}/lean-latest-windows.zip | |
shell: bash |