Prepare for 25.0.0 release (#1411) #1144
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
pull_request: {} | |
push: {} | |
jobs: | |
linux: | |
runs-on: ${{ matrix.PYTHON.OS || 'ubuntu-22.04' }} | |
strategy: | |
fail-fast: false | |
matrix: | |
PYTHON: | |
# Base builds | |
- {VERSION: "3.7", TOXENV: "py37"} | |
- {VERSION: "3.8", TOXENV: "py38"} | |
- {VERSION: "3.9", TOXENV: "py39"} | |
- {VERSION: "3.10", TOXENV: "py310"} | |
- {VERSION: "3.11", TOXENV: "py311"} | |
- {VERSION: "3.12", TOXENV: "py312"} | |
- {VERSION: "3.13-dev", TOXENV: "py313"} | |
- {VERSION: "pypy-3.9", TOXENV: "pypy3"} | |
- {VERSION: "pypy-3.10", TOXENV: "pypy3"} | |
- {VERSION: "3.11", TOXENV: "py311-useWheel", OS: "windows-2022" } | |
# -cryptographyMain | |
- {VERSION: "3.7", TOXENV: "py37-cryptographyMain"} | |
- {VERSION: "3.8", TOXENV: "py38-cryptographyMain"} | |
- {VERSION: "3.9", TOXENV: "py39-cryptographyMain"} | |
- {VERSION: "3.10", TOXENV: "py310-cryptographyMain"} | |
- {VERSION: "3.11", TOXENV: "py311-cryptographyMain"} | |
- {VERSION: "3.12", TOXENV: "py312-cryptographyMain"} | |
- {VERSION: "3.13-dev", TOXENV: "py313-cryptographyMain"} | |
- {VERSION: "pypy-3.9", TOXENV: "pypy3-cryptographyMain"} | |
- {VERSION: "pypy-3.10", TOXENV: "pypy3-cryptographyMain"} | |
# -cryptographyMinimum | |
- {VERSION: "3.7", TOXENV: "py37-cryptographyMinimum"} | |
- {VERSION: "3.8", TOXENV: "py38-cryptographyMinimum"} | |
- {VERSION: "3.9", TOXENV: "py39-cryptographyMinimum"} | |
- {VERSION: "3.10", TOXENV: "py310-cryptographyMinimum"} | |
- {VERSION: "3.11", TOXENV: "py311-cryptographyMinimum"} | |
- {VERSION: "3.12", TOXENV: "py312-cryptographyMinimum"} | |
- {VERSION: "3.13-dev", TOXENV: "py313-cryptographyMinimum"} | |
- {VERSION: "pypy-3.10", TOXENV: "pypy3-cryptographyMinimum"} | |
# Cryptography wheels | |
- {VERSION: "3.9", TOXENV: "py39-cryptographyMinimum-useWheel"} | |
- {VERSION: "3.9", TOXENV: "py39-useWheel"} | |
# Random order | |
- {VERSION: "3.9", TOXENV: "py39-randomorder"} | |
# Meta | |
- {VERSION: "3.9", TOXENV: "check-manifest"} | |
- {VERSION: "3.11", TOXENV: "lint"} | |
- {VERSION: "3.11", TOXENV: "py311-mypy"} | |
- {VERSION: "3.9", TOXENV: "docs"} | |
name: "${{ matrix.PYTHON.TOXENV }}${{ matrix.PYTHON.OS && format(' on {0}', matrix.PYTHON.OS) || '' }}" | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.PYTHON.VERSION }} | |
- run: python -m pip install tox | |
- run: tox -v | |
env: | |
TOXENV: ${{ matrix.PYTHON.TOXENV }} | |
- uses: ./.github/actions/upload-coverage | |
linux-docker: | |
runs-on: ubuntu-latest | |
container: ghcr.io/pyca/cryptography-runner-${{ matrix.TEST.CONTAINER }} | |
strategy: | |
fail-fast: false | |
matrix: | |
TEST: | |
# cryptographyMain used since there's no wheel | |
- {CONTAINER: "ubuntu-rolling", TOXENV: "py312-cryptographyMain"} | |
name: "${{ matrix.TEST.TOXENV }} on ${{ matrix.TEST.CONTAINER }}" | |
steps: | |
- uses: actions/checkout@v4 | |
- run: /venv/bin/pip install tox | |
- run: /venv/bin/tox -v | |
env: | |
TOXENV: ${{ matrix.TEST.TOXENV }} | |
RUSTUP_HOME: /root/.rustup | |
- uses: ./.github/actions/upload-coverage | |
linux-downstream: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
DOWNSTREAM: | |
- twisted | |
- certbot | |
- certbot-josepy | |
PYTHON: | |
- 3.12 | |
name: "Downstream tests for ${{ matrix.DOWNSTREAM }}" | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.PYTHON }} | |
- run: ./.github/downstream.d/${{ matrix.DOWNSTREAM }}.sh install | |
- run: pip install . | |
- run: ./.github/downstream.d/${{ matrix.DOWNSTREAM }}.sh run | |
all-green: | |
runs-on: ubuntu-latest | |
needs: [linux, linux-docker, linux-downstream] | |
if: ${{ always() }} | |
timeout-minutes: 3 | |
steps: | |
- name: Decide whether the needed jobs succeeded or failed | |
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # v1.2.2 | |
with: | |
jobs: ${{ toJSON(needs) }} | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
timeout-minutes: 3 | |
with: | |
persist-credentials: false | |
- name: Setup python | |
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 | |
with: | |
python-version: '3.12' | |
timeout-minutes: 3 | |
- run: pip install coverage[toml] | |
- name: Download coverage data | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
with: | |
pattern: coverage-data-* | |
merge-multiple: true | |
- name: Combine coverage and fail if it's too low | |
id: combinecoverage | |
run: | | |
set +e | |
python -m coverage combine | |
echo "## Python Coverage" >> $GITHUB_STEP_SUMMARY | |
python -m coverage report -m --fail-under=98 > COV_REPORT | |
COV_EXIT_CODE=$? | |
cat COV_REPORT | |
if [ $COV_EXIT_CODE -ne 0 ]; then | |
echo "🚨 Python Coverage failed. Coverage too low." | tee -a $GITHUB_STEP_SUMMARY | |
fi | |
echo '```' >> $GITHUB_STEP_SUMMARY | |
cat COV_REPORT >> $GITHUB_STEP_SUMMARY | |
echo '```' >> $GITHUB_STEP_SUMMARY | |
exit $COV_EXIT_CODE | |
- name: Create coverage HTML | |
run: python -m coverage html | |
if: ${{ failure() && steps.combinecoverage.outcome == 'failure' }} | |
- name: Upload HTML report. | |
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 | |
with: | |
name: _html-report | |
path: htmlcov | |
if-no-files-found: ignore |