Skip to content

Bump pypa/gh-action-pypi-publish from 1.9.0 to 1.10.0 #498

Bump pypa/gh-action-pypi-publish from 1.9.0 to 1.10.0

Bump pypa/gh-action-pypi-publish from 1.9.0 to 1.10.0 #498

Workflow file for this run

# Run tests and upload to Codecov with GitHub Actions
#
# NOTE: Pin actions to a specific commit to avoid having the authentication
# token stolen if the Action is compromised. See the comments and links here:
# https://github.com/pypa/gh-action-pypi-publish/issues/27
#
name: test
# Only build PRs, the main branch, and releases. Pushes to branches will only
# be built when a PR is opened. This avoids duplicated buids in PRs comming
# from branches in the origin repository (1 for PR and 1 for push).
on:
pull_request:
push:
branches:
- main
release:
types:
- published
# Use bash by default in all jobs
defaults:
run:
shell: bash
jobs:
#############################################################################
# Run tests
test:
name: ${{ matrix.os }} python=${{ matrix.python }} dependencies=${{ matrix.dependencies }}
if: ${{ github.repository_owner == 'fatiando' || github.event_name != 'schedule' }}
runs-on: ${{ matrix.os }}
strategy:
# Otherwise, the workflow would stop if a single job fails. We want to
# run all of them to catch failures in different combinations.
fail-fast: false
matrix:
os:
- ubuntu-latest
- macos-latest
- windows-latest
dependencies:
- oldest
- latest
- optional
include:
- dependencies: oldest
python: "3.7"
- dependencies: latest
python: "3.11"
- dependencies: optional
python: "3.11"
# test on macos-13 (x86) using oldest dependencies and python 3.7
- os: macos-13
dependencies: oldest
python: "3.7"
exclude:
# don't test on macos-latest (arm64) with oldest dependencies
- os: macos-latest
dependencies: oldest
env:
REQUIREMENTS: env/requirements-build.txt env/requirements-test.txt
# Used to tag codecov submissions
OS: ${{ matrix.os }}
PYTHON: ${{ matrix.python }}
DEPENDENCIES: ${{ matrix.dependencies }}
steps:
# Cancel any previous run of the test job
# We pin the commit hash corresponding to v0.5.0, and not pinning the tag
# because we are giving full access through the github.token.
- name: Cancel Previous Runs
uses: styfle/[email protected]
with:
access_token: ${{ github.token }}
# Checks-out your repository under $GITHUB_WORKSPACE
- name: Checkout
uses: actions/checkout@v4
with:
# Need to fetch more than the last commit so that setuptools-scm can
# create the correct version string. If the number of commits since
# the last release is greater than this, the version still be wrong.
# Increase if necessary.
fetch-depth: 100
# The GitHub token is preserved by default but this job doesn't need
# to be able to push to GitHub.
persist-credentials: false
# Need the tags so that setuptools-scm can form a valid version number
- name: Fetch git tags
run: git fetch origin 'refs/tags/*:refs/tags/*'
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python }}
- name: Collect requirements
run: |
echo "Install Dependente to capture dependencies:"
python -m pip install dependente==0.3.0
echo ""
dependente_args="--source install"
if [[ "${{ matrix.dependencies }}" == "oldest" ]]; then
dependente_args="--oldest --source install,extras"
fi
if [[ "${{ matrix.dependencies }}" == "optional" ]]; then
dependente_args="--source install,extras"
fi
echo "Capturing run-time dependencies:"
dependente $dependente_args > requirements-full.txt
echo ""
echo "Capturing dependencies from:"
for requirement in $REQUIREMENTS
do
echo " $requirement"
cat $requirement >> requirements-full.txt
done
echo ""
echo "Collected dependencies:"
cat requirements-full.txt
- name: Get the pip cache folder
id: pip-cache
run: |
echo "::set-output name=dir::$(pip cache dir)"
- name: Setup caching for pip packages
uses: actions/cache@v4
with:
path: ${{ steps.pip-cache.outputs.dir }}
key: ${{ runner.os }}-pip-${{ hashFiles('requirements-full.txt') }}
- name: Install requirements
run: |
python -m pip install --requirement requirements-full.txt
- name: Build source and wheel distributions
run: |
make build
echo ""
echo "Generated files:"
ls -lh dist/
- name: Install the package
run: python -m pip install --no-deps dist/*.whl
- name: List installed packages
run: python -m pip freeze
- name: Run the tests
run: make test
- name: Convert coverage report to XML for codecov
run: coverage xml
- name: Upload coverage report as an artifact
uses: actions/upload-artifact@v4
with:
name: coverage_${{ matrix.os }}_${{ matrix.dependencies }}
path: ./coverage.xml
#############################################################################
# Upload coverage report to codecov
codecov-upload:
runs-on: ubuntu-latest
needs: test
steps:
- name: Download coverage report artifacts
# Download coverage reports from every runner.
# Maximum coverage is achieved by combining reports from every runner.
# Each coverage file will live in its own folder with the same name as
# the artifact.
uses: actions/download-artifact@v4
with:
pattern: coverage_*
- name: List all downloaded artifacts
run: ls -l -R .
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v4
with:
# Upload all coverage report files
files: ./coverage_*/coverage.xml
# Fail the job so we know coverage isn't being updated. Otherwise it
# can silently drop and we won't know.
fail_ci_if_error: true
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}