-
Notifications
You must be signed in to change notification settings - Fork 31
134 lines (128 loc) · 5.31 KB
/
python-package.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
# This workflow will install Python dependencies, run tests and lint with a variety of Python versions
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
name: CI
on:
push:
pull_request:
branches: [ dev ]
# This guards against unknown PR until a community member vet it and label it.
types: [ labeled ]
jobs:
ci:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
python-version: [3.7, 3.8, 3.9, "3.10", 3.11, 3.12]
os: [ubuntu-latest, windows-latest, macos-latest]
exclude: # https://github.com/actions/runner-images/issues/9770#issuecomment-2085623315
# ubuntu-latest dropped Python 3.7 since late 2024
- python-version: "3.7"
os: ubuntu-latest
# Apple Silicon ARM64 does not support Python < v3.8
- python-version: "3.7"
os: macos-latest
include: # https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#using-environment-variables-in-a-matrix
- # Run those legacy versions on macos13 runner which uses Intel CPUs
python-version: 3.7
toxenv: "py37"
os: macos-13
- python-version: 3.8
toxenv: "py38"
- python-version: 3.9
toxenv: "py39"
- python-version: "3.10"
toxenv: "py310"
- python-version: 3.11
toxenv: "py311"
- python-version: 3.12
toxenv: "py312"
- python-version: 3.9
os: ubuntu-latest
lint: "true"
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
cache: 'pip'
- name: Install Linux dependencies for Python 2
if: ${{ matrix.os == 'ubuntu-latest' && matrix.python-version == '2.7' }}
run: |
sudo apt update
sudo apt install python-dev libgirepository1.0-dev libcairo2-dev gir1.2-secret-1 gnome-keyring
- name: Install Linux dependencies for Python 3
if: ${{ matrix.os == 'ubuntu-latest' && matrix.python-version != '2.7' }}
run: |
sudo apt update
# girepository-2.0 becomes necessary since PyGobject 3.51 https://pygobject.gnome.org/changelog.html#pre-release
sudo apt install -y python3-dev libgirepository-2.0-dev libcairo2-dev gir1.2-secret-1 gnome-keyring
# The line above is different than the PyGObject install instructions:
# https://pygobject.gnome.org/getting_started.html#ubuntu-logo-ubuntu-debian-logo-debian
# because we chose to specify the exact dependencies (secret and keyring)
# rather than using the much larger gtk.
- name: Install Python dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Lint
if: ${{ matrix.lint == 'true' }}
run: |
pylint msal_extensions
# stop the build if there are Python syntax errors or undefined names
#flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
#flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- name: Test on Linux with encryption
if: ${{ matrix.os == 'ubuntu-latest' }}
run: |
# Don't know why, but the pytest and "." have to be re-installed again for them to be used
echo "echo secret_placeholder | gnome-keyring-daemon --unlock; pip install pytest .; pytest" > linux_test.sh
chmod +x linux_test.sh
sudo dbus-run-session -- ./linux_test.sh
- name: Test on other platforms without encryption
if: ${{ matrix.os != 'ubuntu-latest' }}
env:
TOXENV: ${{ matrix.toxenv }}
run: |
tox
cd:
needs: ci
# Note: github.event.pull_request.draft == false WON'T WORK in "if" statement,
# because the triggered event is a push, not a pull_request.
# This means each commit will trigger a release on TestPyPI.
# Those releases will only succeed when each push has a new version number: a1, a2, a3, etc.
if: |
github.event_name == 'push' &&
(
startsWith(github.ref, 'refs/tags') ||
startsWith(github.ref, 'refs/heads/release-')
)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.9
uses: actions/setup-python@v5
with:
python-version: 3.9
cache: 'pip'
- name: Build a package for release
run: |
python -m pip install build --user
python -m build --sdist --wheel --outdir dist/ .
- name: |
Publish to TestPyPI when pushing to release-* branch.
You better test with a1, a2, b1, b2 releases first.
uses: pypa/[email protected]
if: startsWith(github.ref, 'refs/heads/release-')
with:
user: __token__
password: ${{ secrets.TEST_PYPI_API_TOKEN }}
repository_url: https://test.pypi.org/legacy/
- name: Publish to PyPI when tagged
if: startsWith(github.ref, 'refs/tags')
uses: pypa/[email protected]
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}