Merge pull request #54 from ArieLevs/snyk-fix-add35217d917d4249e40f3b… #141
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Python package | |
on: | |
push: | |
# run only when pushed to master branch. | |
branches: | |
- master | |
# run on every publish tags. | |
tags: | |
- v* | |
paths: | |
- 'src/**' | |
- 'test/**' | |
- 'Dockerfile' | |
- 'requirements.txt' | |
- 'setup.py' | |
# run on any pr. | |
pull_request: | |
jobs: | |
test: | |
runs-on: ubuntu-latest | |
strategy: | |
max-parallel: 2 | |
matrix: | |
python-version: | |
- "3.8" # EOL 2024-10 | |
- "3.12" | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Python ${{ matrix.python-version }} | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Lint with flake8 | |
run: | | |
pip install flake8==7.0.0 | |
# stop the build if there are Python syntax errors or undefined names | |
flake8 . --count --show-source --statistics --exclude=venv | |
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide | |
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics --exclude=venv | |
- name: Test with unittest (codecov) | |
run: | | |
pip install -r requirements.txt | |
pip install coverage==7.4 | |
# discover all tests in the test directory | |
coverage run --omit 'venv/*' -m unittest discover test -vv -t . | |
# generate coverage xmo report | |
coverage xml | |
# just print coverage locally | |
coverage report --fail-under=80 | |
- name: Upload Coverage to Codecov | |
uses: codecov/[email protected] | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
flags: unittests | |
name: codecov-pybump | |
fail_ci_if_error: true | |
verbose: true | |
- name: Check distribution valid and test publish | |
run: | | |
pip install wheel twine setuptools | |
python setup.py bdist_wheel | |
twine check dist/* | |
simulate: | |
if: github.ref != 'refs/heads/master' | |
needs: test | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: '3.12' | |
- name: Check distribution valid and test publish | |
run: | | |
pip install wheel twine setuptools | |
python setup.py bdist_wheel | |
twine check dist/* | |
twine upload dist/* --skip-existing | |
env: | |
TWINE_USERNAME: ${{ secrets.PYPI_TEST_USERNAME }} | |
TWINE_PASSWORD: ${{ secrets.PYPI_TEST_PASSWORD }} | |
TWINE_REPOSITORY_URL: "https://test.pypi.org/legacy/" | |
- name: Build test docker image | |
uses: docker/build-push-action@v3 | |
with: | |
push: false | |
tags: ${{ steps.app_version_bump.outputs.app_version }},latest | |
build: | |
if: github.ref == 'refs/heads/master' | |
needs: test | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: '3.12' | |
- name: Bump version using self app | |
id: app_version_bump | |
run: | | |
pip install pybump | |
echo "app_version=$(pybump bump --level patch --file setup.py)" >> $GITHUB_OUTPUT | |
- name: Publish to global pypi | |
run: | | |
pip install wheel twine setuptools | |
python setup.py bdist_wheel | |
twine upload dist/* | |
env: | |
TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }} | |
TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }} | |
TWINE_REPOSITORY_URL: "https://upload.pypi.org/legacy/" | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Login to Docker Hub | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: docker.io/arielev/pybump | |
- name: Build and push docker image | |
uses: docker/build-push-action@v3 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
push: true | |
tags: arielev/pybump:${{ steps.app_version_bump.outputs.app_version }},arielev/pybump:latest | |
labels: ${{ steps.meta.outputs.labels }} | |
- name: Update Docker Hub Description | |
if: github.ref == 'refs/heads/master' | |
uses: peter-evans/dockerhub-description@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
readme-filepath: ./README.rst | |
repository: arielev/pybump | |
commit: | |
if: github.ref == 'refs/heads/master' | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: '3.12' | |
# currently there is no way of passing data between jobs except using artifact, | |
# this might be an option, but just do another bump for now, | |
# and anyway setup.py file will need to have some change since we checked out again | |
- name: Bump version using self app | |
id: app_version_bump | |
run: | | |
pip install pybump | |
echo "app_version=$(pybump bump --level patch --file setup.py)" >> $GITHUB_OUTPUT | |
- name: Commit new version | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
# Update version on git repo | |
git config --local user.email "[email protected]" | |
git config --local user.name "GitHub Action" | |
git add setup.py | |
git commit -m "update version to: ${{ steps.app_version_bump.outputs.app_version }} (github action)" | |
git push https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/ArieLevs/pybump HEAD:master |