🤖 Update infrastructure file(s) (#174) #402
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Tests | |
on: | |
# https://docs.github.com/en/webhooks-and-events/webhooks/webhook-events-and-payloads#push | |
push: | |
branches: | |
- main | |
- feature/** | |
- '[0-9].*.x' # e.g., 1.3.x | |
# https://docs.github.com/en/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request | |
pull_request: | |
# https://docs.github.com/en/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_dispatch | |
workflow_dispatch: | |
concurrency: | |
# Concurrency group that uses the workflow name and PR number if available | |
# or commit SHA as a fallback. If a new build is triggered under that | |
# concurrency group while a previous build is running it will be canceled. | |
# Repeated pushes to a PR will cancel all previous builds, while multiple | |
# merges to main will not cancel. | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} | |
cancel-in-progress: true | |
jobs: | |
# detect whether any code changes are included in this PR | |
changes: | |
runs-on: ubuntu-latest | |
permissions: | |
# necessary to detect changes | |
# https://github.com/dorny/paths-filter#supported-workflows | |
pull-requests: read | |
outputs: | |
code: ${{ steps.filter.outputs.code }} | |
steps: | |
- name: Checkout Source | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
# dorny/paths-filter needs git clone for non-PR events | |
# https://github.com/dorny/paths-filter#supported-workflows | |
if: github.event_name != 'pull_request' | |
- name: Filter Changes | |
uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 | |
id: filter | |
with: | |
filters: | | |
code: | |
- 'conda_content_trust/**' | |
- 'tests/**' | |
- '*.py' | |
- 'recipe/**' | |
- '.github/workflows/tests.yml' | |
# test suite | |
tests: | |
# only run test suite if there are code changes | |
needs: changes | |
if: needs.changes.outputs.code == 'true' | |
runs-on: ${{ matrix.runner }} | |
defaults: | |
run: | |
shell: bash -l {0} | |
strategy: | |
fail-fast: false | |
matrix: | |
runner: [ubuntu-latest, macos-13, windows-latest] | |
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12'] | |
steps: | |
- name: Checkout Source | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Hash + Timestamp | |
shell: bash # use bash to run date command | |
run: echo "HASH=${{ runner.os }}-${{ runner.arch }}-Py${{ matrix.python-version }}-$(date -u "+%Y%m")" >> $GITHUB_ENV | |
- name: Cache Conda | |
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
with: | |
path: ~/conda_pkgs_dir | |
key: cache-${{ env.HASH }} | |
- name: Setup Miniconda | |
uses: conda-incubator/setup-miniconda@d2e6a045a86077fb6cad6f5adf368e9076ddaa8d # v3.1.0 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Conda Install | |
run: > | |
conda install | |
--yes | |
--channel=defaults | |
--file tests/requirements.txt | |
- name: Import GPG Keys | |
run: gpg --import tests/testdata/test_key_* | |
- name: Conda Info | |
# view test env info (not base) | |
run: python -m conda info --verbose | |
- name: Conda Config | |
run: conda config --show-sources | |
- name: Conda List | |
run: conda list --show-channel-urls | |
- name: Run Tests | |
run: pytest --cov=conda_content_trust | |
- name: Upload Coverage | |
uses: codecov/codecov-action@5c47607acb93fed5485fdbf7232e8a31425f672a # v5.0.2 | |
with: | |
flags: ${{ runner.os }},${{ runner.arch }},${{ matrix.python-version }} | |
# canary builds | |
build: | |
name: Canary Build | |
needs: [tests] | |
# only build canary build if | |
# - prior steps succeeded, | |
# - this is the main repo, and | |
# - we are on the main, feature, or release branch | |
if: >- | |
always() | |
&& !github.event.repository.fork | |
&& ( | |
github.ref_name == 'main' | |
|| startsWith(github.ref_name, 'feature/') | |
|| endsWith(github.ref_name, '.x') | |
) | |
strategy: | |
matrix: | |
include: | |
- runner: ubuntu-latest | |
subdir: noarch | |
runs-on: ${{ matrix.runner }} | |
steps: | |
# Clean checkout of specific git ref needed for package metadata version | |
# which needs env vars GIT_DESCRIBE_TAG and GIT_BUILD_STR: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
ref: ${{ github.ref }} | |
clean: true | |
fetch-depth: 0 | |
# Explicitly use Python 3.11 since each of the OSes has a different default Python | |
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 | |
with: | |
python-version: '3.11' | |
- name: Detect label | |
shell: python | |
run: | | |
from pathlib import Path | |
from re import match | |
from os import environ | |
if "${{ github.ref_name }}" == "main": | |
# main branch commits are uploaded to the dev label | |
label = "dev" | |
elif "${{ github.ref_name }}".startswith("feature/"): | |
# feature branch commits are uploaded to a custom label | |
label = "${{ github.ref_name }}" | |
else: | |
# release branch commits are added to the rc label | |
# see https://github.com/conda/infrastructure/issues/760 | |
_, name = "${{ github.repository }}".split("/") | |
label = f"rc-{name}-${{ github.ref_name }}" | |
Path(environ["GITHUB_ENV"]).write_text(f"ANACONDA_ORG_LABEL={label}") | |
- name: Create and upload canary build | |
uses: conda/actions/canary-release@15f883f14f4232f83658e3609c3316d58905138f # v24.8.0 | |
env: | |
# Run conda-build in isolated activation to properly package conda | |
_CONDA_BUILD_ISOLATED_ACTIVATION: 1 | |
with: | |
package-name: ${{ github.event.repository.name }} | |
subdir: ${{ matrix.subdir }} | |
anaconda-org-channel: conda-canary | |
anaconda-org-label: ${{ env.ANACONDA_ORG_LABEL }} | |
anaconda-org-token: ${{ secrets.ANACONDA_ORG_CONDA_CANARY_TOKEN }} |