Skip to content

Merge pull request #77 from onekey-sec/update_flake_lock_action #287

Merge pull request #77 from onekey-sec/update_flake_lock_action

Merge pull request #77 from onekey-sec/update_flake_lock_action #287

Workflow file for this run

name: CI
on:
push:
branches:
- main
- master
tags:
- "*"
pull_request:
workflow_dispatch:
permissions:
contents: read
jobs:
checks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v22
- uses: cachix/cachix-action@v12
with:
name: unblob
authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
- name: Check Nix formatting
run: nix fmt -- --check .
- name: Check Python formatting
run: nix develop -c -- black --check --diff --color .
- name: Ruff
run: nix develop -c -- ruff check .
build-nix:
strategy:
matrix:
include:
- os: ubuntu-latest
arch: x86_64-linux
- os: ubuntu-latest
arch: aarch64-linux
- os: macos-13
arch: x86_64-darwin
name: Build Nix - ${{ matrix.arch }}.${{ matrix.os }}
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v22
- uses: cachix/cachix-action@v12
with:
name: unblob
authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
- name: Setup emulation
if: ${{ matrix.arch == 'aarch64-linux' }}
run: |
sudo apt update
sudo apt install -q -y qemu-system-aarch64 qemu-efi binfmt-support qemu-user-static
mkdir -p ~/.config/nix
echo "system-features = aarch64-linux arm-linux" | sudo tee -a /etc/nix/nix.conf
- name: Nix Flake checks
run: |
nix flake check --keep-going --print-build-logs --option system ${{ matrix.arch }} --extra-platforms ${{ matrix.arch }}
pytest:
runs-on: ${{ matrix.os }}
strategy:
matrix:
python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13"]
os: [ubuntu-latest, macOS-latest]
steps:
- uses: actions/checkout@v3
- name: Set up PDM
uses: pdm-project/setup-pdm@v3
with:
python-version: ${{ matrix.python-version }}
enable-pep582: false
cache: true
cache-dependency-path: |
./pdm.lock
./Cargo.lock
- uses: actions-rust-lang/setup-rust-toolchain@v1
with:
cache: false
- name: Cache rust
uses: Swatinem/rust-cache@v2
with:
key: pytest-${{ matrix.os }}
- name: Install dependencies
run: |
pdm sync -v -d
- name: Run Tests
run: |
pdm pytest
pyright:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up PDM
uses: pdm-project/setup-pdm@v3
with:
python-version: "3.8"
enable-pep582: false
cache: true
cache-dependency-path: |
./pdm.lock
./Cargo.lock
- uses: actions-rust-lang/setup-rust-toolchain@v1
- name: Install dependencies
run: |
pdm sync -v -d
- name: Type-Check
run: |
pdm pyright
# Build jobs are auto-generated by maturin v0.14.17
# To update, run
#
# maturin generate-ci --platform linux macos -- github
#
wheel-linux:
runs-on: ubuntu-latest
needs: [checks, pytest, pyright]
strategy:
matrix:
include:
- target: x86_64
platform: manylinux2014
- target: aarch64
platform: manylinux2014
cross: true
- target: x86_64
platform: musllinux_1_1
- target: aarch64
platform: musllinux_1_1
cross: true
env:
CONTAINER: quay.io/pypa/${{ matrix.platform }}_${{ matrix.target }}:latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Cache rust
uses: Swatinem/rust-cache@v2
with:
key: wheel-linux-${{ matrix.target }}-${{ matrix.platform }}
- name: setup emulation
if: ${{ matrix.cross }}
run: |
sudo apt update
sudo apt install -q -y qemu-system-${{ matrix.target }} qemu-efi binfmt-support qemu-user-static
- name: Build wheels
uses: PyO3/maturin-action@v1
with:
target: ${{ matrix.target }}
container: ${{ env.CONTAINER }}
args: --verbose --release --out dist
sccache: ${{ matrix.target == 'musllinux_1_1' }}
manylinux: auto
docker-options: -e CARGO_NET_GIT_FETCH_WITH_CLI=true
- name: Upload wheels
uses: actions/upload-artifact@v4
with:
name: wheels-linux-${{ matrix.target }}-${{ matrix.platform }}
path: dist
- name: Test wheels
run: |
cat << EOF | docker run -v $PWD:/usr/src -i $CONTAINER sh -ex -
cd /usr/src
curl -sSL https://raw.githubusercontent.com/pdm-project/pdm/main/install-pdm.py | python3.10 -
export PATH=/root/.local/bin:$PATH
pdm sync -v -d --no-self -G test
pdm run python -m ensurepip
pdm run python -m pip install dist/*.whl
pdm pytest
EOF
wheel-macos:
runs-on: macos-13
needs: [checks, pytest, pyright]
strategy:
matrix:
target: [x86_64, aarch64]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Cache rust
uses: Swatinem/rust-cache@v2
with:
key: wheel-macos-${{ matrix.target }}
- name: Build wheels
uses: PyO3/maturin-action@v1
with:
target: ${{ matrix.target }}
args: --verbose --release --out dist
sccache: "true"
- name: Upload wheels
uses: actions/upload-artifact@v4
with:
name: wheels-macos-${{ matrix.target }}
path: dist
- uses: pdm-project/setup-pdm@v3
name: Setup PDM
- name: Test wheels
if: ${{ matrix.target == 'x86_64' }}
run: |
pdm sync -v -d --no-self -G test
pdm run python -m ensurepip
pdm run python -m pip install dist/*.whl
pdm pytest
sdist:
runs-on: ubuntu-latest
needs: [checks, pytest, pyright]
steps:
- uses: actions/checkout@v3
- name: Build sdist
uses: PyO3/maturin-action@v1
with:
command: sdist
args: --out dist
- name: Upload sdist
uses: actions/upload-artifact@v4
with:
name: sdist
path: dist
release:
name: Release
runs-on: ubuntu-latest
if: "startsWith(github.ref, 'refs/tags/')"
needs: [build-nix, wheel-linux, wheel-macos, sdist]
steps:
- uses: actions/download-artifact@v4
with:
merge-multiple: true
- name: Publish to PyPI
uses: PyO3/maturin-action@v1
env:
MATURIN_PYPI_TOKEN: ${{ secrets.POETRY_PYPI_TOKEN_PYPI }}
with:
command: upload
args: --skip-existing *