Update dependencies in lockfile #5697
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# SPDX-FileCopyrightText: Contributors to the Fedora Project | |
# | |
# SPDX-License-Identifier: MIT | |
name: CI & Build | |
on: [push, pull_request, workflow_dispatch] | |
jobs: | |
python-smoketests-ci: | |
strategy: | |
fail-fast: false | |
runs-on: ubuntu-latest | |
container: fedorapython/fedora-python-tox:latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install absolufy | |
run: | | |
python3 -m pip install absolufy-imports | |
# Alembic imports its env.py file in a way that it can’t do relative imports from outside the | |
# fmn/database/migrations directory, therefore it has to use absolute imports. | |
- name: Enforce relative imports in package (except Alembic migrations) | |
run: > | |
find fmn -name \*.py -a \! -path fmn/database/migrations/env.py -a \! -path fmn/core/collectd.py -print0 | |
| xargs -0 absolufy-imports --never | |
- name: Preserve absolute import in files that are called externally | |
run: > | |
absolufy-imports fmn/database/migrations/env.py fmn/core/collectd.py | |
backend-ci: | |
strategy: | |
fail-fast: false | |
runs-on: ubuntu-latest | |
container: fedorapython/fedora-python-tox:latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Mark the directory as safe for git | |
run: git config --global --add safe.directory $PWD | |
- name: Install RPM dependencies | |
run: | | |
dnf install -y krb5-devel libpq-devel gettext | |
- name: Install base Python dependencies | |
run: | | |
python3 -m pip install --upgrade tox | |
python3 -m pip install --upgrade "poetry>=1.5.0" | |
poetry --version | |
- name: execute tox | |
run: tox -- -v | |
frontend-ci: | |
strategy: | |
fail-fast: false | |
runs-on: ubuntu-latest | |
container: fedorapython/fedora-python-tox:latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install the API | |
run: | | |
dnf install -y krb5-devel libpq-devel gettext | |
python3 -m pip install --upgrade poetry | |
poetry install --extras api --extras database --extras sqlite | |
- name: Install npm & npx | |
run: dnf install -y npm | |
- name: Regenerate the typescript types | |
run: | | |
poetry run python generate-typescript-types.py | |
- name: install frontend | |
run: | | |
pushd frontend/ | |
npm install | |
popd | |
- name: run eslint | |
run: | | |
pushd frontend/ | |
npm run lint-check | |
popd | |
- name: run type-check | |
run: | | |
pushd frontend/ | |
npm run type-check | |
popd | |
- name: run unit tests | |
run: | | |
pushd frontend/ | |
npm run test:unit -- run | |
popd | |
- name: run check-unused | |
run: | | |
pushd frontend/ | |
npm run check-unused | |
popd | |
# https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/ | |
build: | |
name: Build distribution 📦 | |
runs-on: ubuntu-latest | |
needs: | |
- backend-ci | |
- frontend-ci | |
outputs: | |
release-notes: ${{ steps.extract-changelog.outputs.markdown }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: "3.x" | |
- name: Install pypa/build | |
run: python3 -m pip install build --user | |
- name: Build a binary wheel and a source tarball | |
run: python3 -m build | |
- name: Store the distribution packages | |
uses: actions/upload-artifact@v4 | |
with: | |
name: python-package-distributions | |
path: dist/ | |
- name: Extract changelog section | |
id: extract-changelog | |
uses: sean0x42/markdown-extract@v2 | |
with: | |
file: docs/changelog.md | |
pattern: '\[[[:digit:].]+\]\([[:alnum:]:/.-]+\)\s-\s[[:digit:]-]+' | |
no-print-matched-heading: true | |
- name: Show the changelog | |
env: | |
CHANGELOG: ${{ steps.extract-changelog.outputs.markdown }} | |
run: echo "$CHANGELOG" | |
publish-to-pypi: | |
name: Publish to PyPI 🚀 | |
# only publish to PyPI on final tag pushes | |
if: startsWith(github.ref, 'refs/tags/') && !contains(github.ref, 'rc') | |
needs: | |
- build | |
runs-on: ubuntu-latest | |
environment: | |
name: pypi | |
url: https://pypi.org/p/fmn | |
permissions: | |
id-token: write # IMPORTANT: mandatory for trusted publishing | |
steps: | |
- name: Download all the dists | |
uses: actions/download-artifact@v4 | |
with: | |
name: python-package-distributions | |
path: dist/ | |
- name: Publish distribution to PyPI | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
github-release: | |
name: Create a GitHub Release 📢 | |
needs: | |
- publish-to-pypi | |
- build | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write # IMPORTANT: mandatory for making GitHub Releases | |
id-token: write # IMPORTANT: mandatory for sigstore | |
steps: | |
- name: Download all the dists | |
uses: actions/download-artifact@v4 | |
with: | |
name: python-package-distributions | |
path: dist/ | |
- name: Sign the dists with Sigstore | |
uses: sigstore/[email protected] | |
with: | |
inputs: >- | |
./dist/*.tar.gz | |
./dist/*.whl | |
- name: Release | |
uses: softprops/action-gh-release@v2 | |
with: | |
files: dist/* | |
fail_on_unmatched_files: true | |
body: ${{ needs.build.outputs.release-notes }} |