From 4dec2083cb542041e59c673aa9be5c6ca1f33ca3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Bompard?= Date: Thu, 11 Apr 2024 11:46:23 +0200 Subject: [PATCH] Setup Github CI MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Aurélien Bompard --- .cico.pipeline | 1 - .github/renovate.json | 4 + .github/workflows/label-when-deployed.yml | 26 ++++ .github/workflows/main.yml | 163 +++++++++++++++++++--- tox.ini | 22 +-- 5 files changed, 186 insertions(+), 30 deletions(-) delete mode 100644 .cico.pipeline create mode 100644 .github/renovate.json create mode 100644 .github/workflows/label-when-deployed.yml diff --git a/.cico.pipeline b/.cico.pipeline deleted file mode 100644 index 7631029..0000000 --- a/.cico.pipeline +++ /dev/null @@ -1 +0,0 @@ -fedoraInfraTox { } diff --git a/.github/renovate.json b/.github/renovate.json new file mode 100644 index 0000000..90af9bc --- /dev/null +++ b/.github/renovate.json @@ -0,0 +1,4 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["local>fedora-infra/shared:renovate-config"] +} diff --git a/.github/workflows/label-when-deployed.yml b/.github/workflows/label-when-deployed.yml new file mode 100644 index 0000000..63b65d0 --- /dev/null +++ b/.github/workflows/label-when-deployed.yml @@ -0,0 +1,26 @@ +name: Apply labels when deployed + +on: + push: + branches: + - staging + - stable + +jobs: + label: + name: Apply labels + runs-on: ubuntu-latest + + steps: + - name: Staging deployment + uses: fedora-infra/label-when-in-branch@v1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + branch: staging + label: deployed:staging + - name: Production deployment + uses: fedora-infra/label-when-in-branch@v1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + branch: stable + label: deployed:prod diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 5e4dd8f..48a7f4c 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,28 +1,155 @@ -name: Running Fedora Badges test cases on GitHub Actions +name: Test & Build + on: push: branches: + - stable - develop + tags: pull_request: branches: + - stable - develop + jobs: - fedora-badges: + + # checks: + # name: Checks + # runs-on: ubuntu-latest + # container: fedorapython/fedora-python-tox:latest + # steps: + # - uses: actions/checkout@v4 + + # - name: Install dependencies + # run: | + # dnf install -y pre-commit git libpq-devel krb5-devel + # pip install poetry>=1.2 + + # - name: Mark the working directory as safe for Git + # run: git config --global --add safe.directory $PWD + + # - name: Install the project + # run: poetry install + + # - name: Run pre-commit checks + # run: pre-commit run --all-files + + unit-tests: + name: Unit tests runs-on: ubuntu-latest + container: fedorapython/fedora-python-tox:latest steps: - - name: "What was the triggering event for this job?" - run: echo "The job was automatically triggered by a ${{ github.event_name }} event." - - name: "What is the job running on?" - run: echo "This job is now running on a ${{ runner.os }} server." - - name: "Which branch of the repository are running the job on?" - run: echo "The job is running on ${{ github.ref }} branch of ${{ github.repository }} repository." - - name: "Checkout the branch code into the container" - uses: actions/checkout@v2 - - name: "Install libkrb5-dev on Ubuntu as one of the recurring dependencies" - run: sudo apt install libkrb5-dev -y - - name: "Install the dependencies locally" - run: pip3 install -r requirements.txt - - name: "Run Tox tests on the cloned repository" - run: python3 setup.py test - - name: "What was the job outcome status?" - run: echo "This job's status is ${{ job.status }}." + - uses: actions/checkout@v4 + + - name: Install dependencies + run: | + dnf install -y libpq-devel krb5-devel + pip install poetry>=1.2 + + - name: Run the tests + run: tox -e ${{ matrix.pyver }} + + strategy: + matrix: + pyver: + - py310 + - py311 + - py312 + + + # https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/ + build: + name: Build distribution 📦 + runs-on: ubuntu-latest + needs: + # - checks + - unit-tests + # outputs: + # release-notes: ${{ steps.extract-changelog.outputs.markdown }} + + steps: + + - uses: actions/checkout@v4 + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: "3.x" + + - name: Install pypa/build + run: python3 -m pip install build --user + + - name: Build a binary wheel and a source tarball + run: python3 -m build + + - name: Store the distribution packages + uses: actions/upload-artifact@v3 + with: + name: python-package-distributions + path: dist/ + + # - name: Extract changelog section + # id: extract-changelog + # uses: sean0x42/markdown-extract@v2 + # with: + # file: docs/release_notes.md + # pattern: 'Version\s+\[[[:word:].-]+\]\(.*\)' + # no-print-matched-heading: true + # - name: Show the changelog + # env: + # CHANGELOG: ${{ steps.extract-changelog.outputs.markdown }} + # run: echo "$CHANGELOG" + + + publish-to-pypi: + name: Publish to PyPI 🚀 + if: startsWith(github.ref, 'refs/tags/') && !contains(github.ref, 'rc') # only publish to PyPI on final tag pushes + needs: + - build + runs-on: ubuntu-latest + environment: + name: pypi + url: https://pypi.org/p/fedbadges + permissions: + id-token: write # IMPORTANT: mandatory for trusted publishing + + steps: + - name: Download all the dists + uses: actions/download-artifact@v3 + with: + name: python-package-distributions + path: dist/ + + - name: Publish distribution to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 + + + github-release: + name: Create a GitHub Release 📢 + needs: + - publish-to-pypi + runs-on: ubuntu-latest + permissions: + contents: write # IMPORTANT: mandatory for making GitHub Releases + id-token: write # IMPORTANT: mandatory for sigstore + + steps: + - name: Download all the dists + uses: actions/download-artifact@v3 + with: + name: python-package-distributions + path: dist/ + + - name: Sign the dists with Sigstore + uses: sigstore/gh-action-sigstore-python@v2.1.1 + with: + inputs: >- + ./dist/*.tar.gz + ./dist/*.whl + + - name: Release + uses: softprops/action-gh-release@v2 + with: + files: dist/* + fail_on_unmatched_files: true + generate_release_notes: true + # body: ${{ needs.build.outputs.release-notes }} diff --git a/tox.ini b/tox.ini index f2aa2ed..a04b9e0 100644 --- a/tox.ini +++ b/tox.ini @@ -1,5 +1,5 @@ [tox] -envlist = py310 +envlist = py310,py311,py312 isolated_build = True [testenv] @@ -19,13 +19,13 @@ commands = poetry run coverage xml poetry run coverage html -[testenv:docs] -changedir = docs -allowlist_externals = - {[testenv]allowlist_externals} - mkdir - rm -commands= - mkdir -p _static - rm -rf _build - poetry run sphinx-build -W -b html -d {envtmpdir}/doctrees . _build/html +# [testenv:docs] +# changedir = docs +# allowlist_externals = +# {[testenv]allowlist_externals} +# mkdir +# rm +# commands= +# mkdir -p _static +# rm -rf _build +# poetry run sphinx-build -W -b html -d {envtmpdir}/doctrees . _build/html