-
Notifications
You must be signed in to change notification settings - Fork 0
161 lines (133 loc) · 4.22 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
name: CI
"on":
merge_group: {}
pull_request: {}
push:
branches-ignore:
# These should always correspond to pull requests, so ignore them for
# the push trigger and let them be triggered by the pull_request
# trigger, avoiding running the workflow twice. This is a minor
# optimization so there's no need to ensure this is comprehensive.
- "dependabot/**"
- "gh-readonly-queue/**"
- "renovate/**"
- "tickets/**"
- "u/**"
tags:
- "*"
release:
types: [published]
jobs:
lint:
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Run pre-commit
uses: pre-commit/[email protected]
test:
runs-on: ubuntu-latest
timeout-minutes: 10
strategy:
matrix:
python:
- "3.12"
steps:
- uses: actions/checkout@v4
- name: Run tox
uses: lsst-sqre/run-tox@v1
with:
python-version: ${{ matrix.python }}
tox-envs: "py,coverage-report,typing"
tox-requirements: "requirements/tox.txt"
build:
runs-on: ubuntu-latest
needs: [lint, test]
timeout-minutes: 10
# Only do Docker builds of tagged releases and pull requests from ticket
# branches. This will still trigger on pull requests from untrusted
# repositories whose branch names match our tickets/* branch convention,
# but in this case the build will fail with an error since the secret
# won't be set.
if: >
startsWith(github.ref, 'refs/tags/')
|| startsWith(github.head_ref, 'tickets/')
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: lsst-sqre/build-and-push-to-ghcr@v1
id: build
with:
image: ${{ github.repository }}
# TODO: set token
github_token: ${{ secrets.GITHUB_TOKEN }}
docs:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # full history for setuptools_scm
- name: Install Graphviz
run: sudo apt-get install graphviz
- name: Run tox
uses: lsst-sqre/run-tox@v1
with:
python-version: "3.12"
tox-envs: "docs"
# Add docs-linkcheck when the docs and PyPI package are published
# tox-envs: "docs,docs-linkcheck"
# Only attempt documentation uploads for tagged releases and pull
# requests from ticket branches in the same repository. This avoids
# version clutter in the docs and failures when a PR doesn't have access
# to secrets.
- name: Upload to LSST the Docs
uses: lsst-sqre/ltd-upload@v1
with:
project: "sasquatch-backpack"
dir: "docs/_build/html"
username: ${{ secrets.LTD_USERNAME }}
password: ${{ secrets.LTD_PASSWORD }}
if: >
github.event_name != 'merge_group'
&& (github.event_name != 'pull_request'
|| startsWith(github.head_ref, 'tickets/'))
test-packaging:
name: Test packaging
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # full history for setuptools_scm
- name: Build and publish
uses: lsst-sqre/build-and-publish-to-pypi@v2
with:
python-version: "3.12"
upload: false
pypi:
# This job requires set up:
# 1. Set up a trusted publisher for PyPI
# 2. Set up a "pypi" environment in the repository
# See https://github.com/lsst-sqre/build-and-publish-to-pypi
name: Upload release to PyPI
runs-on: ubuntu-latest
needs: [lint, test, docs, test-packaging]
environment:
name: pypi
url: https://pypi.org/p/sasquatch-backpack
permissions:
id-token: write
if: github.event_name == 'release' && github.event.action == 'published'
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # full history for setuptools_scm
- name: Build and publish
uses: lsst-sqre/build-and-publish-to-pypi@v2
with:
python-version: "3.12"