Skip to content
Test

Switch to ty (#37) #117

Sign in to view logs

Switch to ty (#37)

Switch to ty (#37) #117

Workflow file for this run

.github/workflows/test.yml at 3bf40bb
name: Test
on:
push:
branches:
- main
pull_request:
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
permissions: {}
jobs:
test:
name: Unit tests
runs-on: ubuntu-slim
permissions:
contents: read
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: setup uv
uses: astral-sh/setup-uv@eac588ad8def6316056a12d4907a9d4d84ff7a3b # v7.3.0
- run: make test
integration-invalid-paths-xfail:
name: "Integration test (xfail): invalid paths input"
runs-on: ubuntu-slim
permissions:
contents: read
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: attest with invalid paths (expected to fail)
id: attest
uses: ./
with:
paths: ""
continue-on-error: true
- name: assert failure
run: |
if [ "${OUTCOME}" != "failure" ]; then
echo "Expected failure, got '${OUTCOME}'"
exit 1
fi
env:
OUTCOME: ${{ steps.attest.outcome }}
integration-insufficient-perms-xfail:
name: "Integration test (xfail): insufficient permissions for attestations"
runs-on: ubuntu-slim
permissions:
contents: read
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: setup-uv
uses: astral-sh/setup-uv@eac588ad8def6316056a12d4907a9d4d84ff7a3b # v7.3.0
with:
python-version: "3.14"
- name: generate package
working-directory: /tmp
run: |
uv init --lib fakepkg
- name: version package
working-directory: /tmp/fakepkg
run: |
version="0.0.$(uv run python -m random -i 4294967296)"
uv version "${version}"
- name: build package
working-directory: /tmp/fakepkg
run: uv build
- name: attest (expected to fail)
id: attest
uses: ./
with:
paths: /tmp/fakepkg/dist/*
continue-on-error: true
- name: assert failure
run: |
if [ "${OUTCOME}" != "failure" ]; then
echo "Expected failure, got '${OUTCOME}'"
exit 1
fi
env:
OUTCOME: ${{ steps.attest.outcome }}
integration-testpypi:
name: "Integration test: publish to TestPyPI with attestations"
runs-on: ubuntu-slim
permissions:
contents: read
id-token: write # for Trusted Publishing + attest-action
environment:
name: testpypi
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: setup-uv
uses: astral-sh/setup-uv@eac588ad8def6316056a12d4907a9d4d84ff7a3b # v7.3.0
with:
python-version: "3.14"
- name: generate package
working-directory: /tmp
run: |
uv init --lib astral-attest-action-test-pypi
- name: version package
working-directory: /tmp/astral-attest-action-test-pypi
run: |
version="0.0.$(uv run python -m random -i 4294967296)"
uv version "${version}"
- name: build package
working-directory: /tmp/astral-attest-action-test-pypi
run: uv build
- name: attest
uses: ./
with:
paths: /tmp/astral-attest-action-test-pypi/dist/*
# NOTE: This should be switched to use `uv publish` once we release
# a version that includes attestation uploading support.
- name: publish to TestPyPI
working-directory: /tmp/astral-attest-action-test-pypi
run: uv publish --trusted-publishing=always --publish-url https://test.pypi.org/legacy/
all-tests-pass:
name: All tests pass
runs-on: ubuntu-slim
needs:
- test
- integration-invalid-paths-xfail
- integration-insufficient-perms-xfail
- integration-testpypi
steps:
- name: All tests pass
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # v1.2.2
with:
jobs: ${{ toJSON(needs) }}