Use Dependabot to manage GitHub Actions versions (#4) #22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Configuration for running tests with GitHub Actions | |
# | |
# NOTE: Pin actions to a specific commit to avoid having the authentication | |
# token stolen if the Action is compromised. See the comments and links here: | |
# https://github.com/pypa/gh-action-pypi-publish/issues/27 | |
# | |
name: test | |
# Only build PRs, the main branch, and releases. Pushes to branches will only | |
# be built when a PR is opened. This avoids duplicated buids in PRs comming | |
# from branches in the origin repository (1 for PR and 1 for push). | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
release: | |
types: | |
- published | |
# Use bash by default in all jobs | |
defaults: | |
run: | |
# Using "-l {0}" is necessary for conda environments to be activated | |
# But this breaks on MacOS if using actions/setup-python: | |
# https://github.com/actions/setup-python/issues/132 | |
shell: bash | |
jobs: | |
############################################################################# | |
# Run tests and upload to codecov | |
test: | |
name: ${{ matrix.os }} python=${{ matrix.python }} dependencies=${{ matrix.dependencies }} | |
runs-on: ${{ matrix.os }}-latest | |
strategy: | |
# Otherwise, the workflow would stop if a single job fails. We want to | |
# run all of them to catch failures in different combinations. | |
fail-fast: false | |
matrix: | |
os: | |
- ubuntu | |
- macos | |
- windows | |
dependencies: | |
- oldest | |
- latest | |
include: | |
- dependencies: oldest | |
python: "3.8" | |
- dependencies: latest | |
python: "3.11" | |
env: | |
REQUIREMENTS: env/requirements-build.txt env/requirements-test.txt | |
# Used to tag codecov submissions | |
OS: ${{ matrix.os }} | |
PYTHON: ${{ matrix.python }} | |
steps: | |
# Checks-out your repository under $GITHUB_WORKSPACE | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
# Need to fetch more than the last commit so that setuptools_scm can | |
# create the correct version string. If the number of commits since | |
# the last release is greater than this, the version still be wrong. | |
# Increase if necessary. | |
fetch-depth: 100 | |
# The GitHub token is preserved by default but this job doesn't need | |
# to be able to push to GitHub. | |
persist-credentials: false | |
# Need the tags so that setuptools_scm can form a valid version number | |
- name: Fetch git tags | |
run: git fetch origin 'refs/tags/*:refs/tags/*' | |
- name: Setup Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ matrix.python }} | |
- name: Collect requirements | |
run: | | |
echo "Install Dependente to capture dependencies:" | |
python -m pip install dependente==0.3.0 | |
echo "" | |
echo "Capturing run-time dependencies:" | |
if [[ "${{ matrix.dependencies }}" == "oldest" ]]; then | |
dependente --source install --oldest > requirements-full.txt | |
else | |
dependente --source install > requirements-full.txt | |
fi | |
echo "" | |
echo "Capturing dependencies from:" | |
for requirement in $REQUIREMENTS | |
do | |
echo " $requirement" | |
cat $requirement >> requirements-full.txt | |
done | |
echo "" | |
echo "Collected dependencies:" | |
cat requirements-full.txt | |
- name: Get the pip cache folder | |
id: pip-cache | |
run: | | |
echo "::set-output name=dir::$(pip cache dir)" | |
- name: Setup caching for pip packages | |
uses: actions/cache@v2 | |
with: | |
path: ${{ steps.pip-cache.outputs.dir }} | |
key: ${{ runner.os }}-pip-${{ hashFiles('requirements-full.txt') }} | |
- name: Install requirements | |
run: | | |
python -m pip install --requirement requirements-full.txt | |
- name: List installed packages | |
run: python -m pip freeze | |
- name: Build source and wheel distributions | |
run: | | |
make build | |
echo "" | |
echo "Generated files:" | |
ls -lh dist/ | |
- name: Install the package | |
run: python -m pip install --no-deps dist/*.whl | |
- name: Run the tests | |
run: make test | |
- name: Convert coverage report to XML for codecov | |
run: coverage xml | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v4 | |
with: | |
file: ./coverage.xml | |
env_vars: OS,PYTHON | |
# Fail the job so we know coverage isn't being updated. Otherwise it | |
# can silently drop and we won't know. | |
fail_ci_if_error: false | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} |