-
Notifications
You must be signed in to change notification settings - Fork 12
185 lines (160 loc) · 6.15 KB
/
tests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
name: Tests
on:
# https://docs.github.com/en/webhooks-and-events/webhooks/webhook-events-and-payloads#push
push:
branches:
- main
- feature/**
- '[0-9].*.x' # e.g., 1.3.x
# https://docs.github.com/en/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request
pull_request:
# https://docs.github.com/en/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_dispatch
workflow_dispatch:
concurrency:
# Concurrency group that uses the workflow name and PR number if available
# or commit SHA as a fallback. If a new build is triggered under that
# concurrency group while a previous build is running it will be canceled.
# Repeated pushes to a PR will cancel all previous builds, while multiple
# merges to main will not cancel.
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
jobs:
# detect whether any code changes are included in this PR
changes:
runs-on: ubuntu-latest
permissions:
# necessary to detect changes
# https://github.com/dorny/paths-filter#supported-workflows
pull-requests: read
outputs:
code: ${{ steps.filter.outputs.code }}
steps:
- name: Checkout Source
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
# dorny/paths-filter needs git clone for non-PR events
# https://github.com/dorny/paths-filter#supported-workflows
if: github.event_name != 'pull_request'
- name: Filter Changes
uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
id: filter
with:
filters: |
code:
- 'conda_content_trust/**'
- 'tests/**'
- '*.py'
- 'recipe/**'
- '.github/workflows/tests.yml'
# test suite
tests:
# only run test suite if there are code changes
needs: changes
if: needs.changes.outputs.code == 'true'
runs-on: ${{ matrix.runner }}
defaults:
run:
shell: bash -l {0}
strategy:
fail-fast: false
matrix:
runner: [ubuntu-latest, macos-13, windows-latest]
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12']
steps:
- name: Checkout Source
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Hash + Timestamp
shell: bash # use bash to run date command
run: echo "HASH=${{ runner.os }}-${{ runner.arch }}-Py${{ matrix.python-version }}-$(date -u "+%Y%m")" >> $GITHUB_ENV
- name: Cache Conda
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/conda_pkgs_dir
key: cache-${{ env.HASH }}
- name: Setup Miniconda
uses: conda-incubator/setup-miniconda@d2e6a045a86077fb6cad6f5adf368e9076ddaa8d # v3.1.0
with:
python-version: ${{ matrix.python-version }}
- name: Conda Install
run: >
conda install
--yes
--channel=defaults
--file tests/requirements.txt
- name: Import GPG Keys
run: gpg --import tests/testdata/test_key_*
- name: Conda Info
# view test env info (not base)
run: python -m conda info --verbose
- name: Conda Config
run: conda config --show-sources
- name: Conda List
run: conda list --show-channel-urls
- name: Run Tests
run: pytest --cov=conda_content_trust
- name: Upload Coverage
uses: codecov/codecov-action@5c47607acb93fed5485fdbf7232e8a31425f672a # v5.0.2
with:
flags: ${{ runner.os }},${{ runner.arch }},${{ matrix.python-version }}
# canary builds
build:
name: Canary Build
needs: [tests]
# only build canary build if
# - prior steps succeeded,
# - this is the main repo, and
# - we are on the main, feature, or release branch
if: >-
always()
&& !github.event.repository.fork
&& (
github.ref_name == 'main'
|| startsWith(github.ref_name, 'feature/')
|| endsWith(github.ref_name, '.x')
)
strategy:
matrix:
include:
- runner: ubuntu-latest
subdir: noarch
runs-on: ${{ matrix.runner }}
steps:
# Clean checkout of specific git ref needed for package metadata version
# which needs env vars GIT_DESCRIBE_TAG and GIT_BUILD_STR:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ github.ref }}
clean: true
fetch-depth: 0
# Explicitly use Python 3.11 since each of the OSes has a different default Python
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.11'
- name: Detect label
shell: python
run: |
from pathlib import Path
from re import match
from os import environ
if "${{ github.ref_name }}" == "main":
# main branch commits are uploaded to the dev label
label = "dev"
elif "${{ github.ref_name }}".startswith("feature/"):
# feature branch commits are uploaded to a custom label
label = "${{ github.ref_name }}"
else:
# release branch commits are added to the rc label
# see https://github.com/conda/infrastructure/issues/760
_, name = "${{ github.repository }}".split("/")
label = f"rc-{name}-${{ github.ref_name }}"
Path(environ["GITHUB_ENV"]).write_text(f"ANACONDA_ORG_LABEL={label}")
- name: Create and upload canary build
uses: conda/actions/canary-release@15f883f14f4232f83658e3609c3316d58905138f # v24.8.0
env:
# Run conda-build in isolated activation to properly package conda
_CONDA_BUILD_ISOLATED_ACTIVATION: 1
with:
package-name: ${{ github.event.repository.name }}
subdir: ${{ matrix.subdir }}
anaconda-org-channel: conda-canary
anaconda-org-label: ${{ env.ANACONDA_ORG_LABEL }}
anaconda-org-token: ${{ secrets.ANACONDA_ORG_CONDA_CANARY_TOKEN }}