LSMTool/.gitlab-ci.yml at master · darafferty/LSMTool · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
default:
  image:
    name: $CI_REGISTRY_IMAGE/ci-build-runner:$CI_COMMIT_REF_SLUG
    pull_policy: always
  cache:
    paths:
      - .cache/pip
      # Do not cache .tox, to recreate virtualenvs for every step

stages:
  - prepare
  - lint
  # check if this needs to be a separate step
  # - build_extensions
  - test
  - package
  - deploy

# Caching of dependencies to speed up builds
variables:
  PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip"

# Job templates from Gitlab that scan for security issues or leaked secrets
include:
  - template: Security/SAST.gitlab-ci.yml
  - template: Security/Dependency-Scanning.gitlab-ci.yml
  - template: Security/Secret-Detection.gitlab-ci.yml

# Prepare image to run ci on, image will be used in most jobs
trigger_prepare:
  stage: prepare
  trigger:
    strategy: depend
    include: .prepare.gitlab-ci.yml

run_lint:
  stage: lint
  before_script: &install_dependencies
    # WCSLib is required for installing SoFiA which isn't distributed as a
    # binary wheel
    - apt-get update -y
    - apt install wcslib-dev -y
  script:
    - tox -e lint
  allow_failure: true

# Basic setup for all Python versions for which we don't have a base image
.run_unit_test_version_base:
  before_script:
    - *install_dependencies
    - python --version # For debugging
    - python -m pip install --upgrade pip
    - python -m pip install --upgrade tox twine

# Run all unit tests for Python versions except the base image
# The base image is used for the highest Python version
run_unit_tests:
  stage: test
  extends: .run_unit_test_version_base
  image: python:3.${PY_VERSION}
  script:
    - tox -e py3${PY_VERSION}
  parallel:
    matrix: # use the matrix for testing
      - PY_VERSION: [10, 11, 12, 13]

# Run code coverage on the base image thus also performing unit tests
run_unit_tests_coverage:
  stage: test
  extends: .run_unit_test_version_base
  script:
   - tox -e coverage
  coverage: '/TOTAL.+?(\d+(?:\.\d+)?%)$/'
  artifacts:
    reports:
      coverage_report:
        coverage_format: cobertura
        path: coverage.xml
    paths:
      - htmlcov/*


# Build and package the project
package_files:
  stage: package
  artifacts:
    expire_in: 1w
    paths:
      - dist/*
  before_script:
    - *install_dependencies
  script:
    - tox -e build

# Build the sphinx documentation
package_docs:
  stage: package
  artifacts:
    expire_in: 1w
    paths:
      - docs/build/*
  before_script:
    - *install_dependencies
  script:
    - tox -e docs

.deploy_package:
  stage: deploy
  needs:
    - package_files
  image: python:3.12
  before_script:
    - pip install tox
  script:
    - tox -e deploy
  rules:
    # Only deploy when building a release tag, or when requested explicitly.
    - if: '$CI_COMMIT_TAG && $CI_COMMIT_REF_PROTECTED == "true"'

deploy_on_gitlab:
  extends: .deploy_package
  environment: gitlab
  variables:
    TWINE_USERNAME: gitlab-ci-token
    TWINE_PASSWORD: ${CI_JOB_TOKEN}
    TWINE_REPOSITORY_URL: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/pypi

deploy_on_test_pypi:
  extends: .deploy_package
  environment: pypi-test
  variables:
    TWINE_USERNAME: __token__
    TWINE_PASSWORD: ${TESTPYPI_TOKEN}
    TWINE_REPOSITORY_URL: https://test.pypi.org/legacy/

deploy_on_pypi:
  extends: .deploy_package
  environment: pypi
  variables:
    TWINE_USERNAME: __token__
    TWINE_PASSWORD: ${PYPI_TOKEN}
    TWINE_REPOSITORY_URL: https://upload.pypi.org/legacy/