Skip to content

Commit

Permalink
CI workflows
Browse files Browse the repository at this point in the history
- One check -> test -> build -> release pipeline
- Auto-update nix environment job (experimental)
  • Loading branch information
vlaci committed May 4, 2023
1 parent 3cd7acf commit 6872c8e
Show file tree
Hide file tree
Showing 3 changed files with 223 additions and 0 deletions.
164 changes: 164 additions & 0 deletions .github/workflows/CI.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,164 @@
name: CI

on:
push:
branches:
- main
- master
tags:
- "*"
pull_request:
workflow_dispatch:

permissions:
contents: read

jobs:
checks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v20
- uses: cachix/cachix-action@v12
with:
name: unblob
authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
- name: Nix Flake checks
run: nix flake check --keep-going --print-build-logs
- name: Check Nix formatting
run: nix fmt -- --check .
- name: Check Python formatting
run: nix develop -c -- black --check --diff --color .
- name: Ruff
run: nix develop -c -- ruff .

pytest:
runs-on: ${{ matrix.os }}
strategy:
matrix:
python-version: ["3.8", "3.9", "3.10", "3.11"]
os: [ubuntu-latest, macOS-latest]
steps:
- uses: actions/checkout@v3
- name: Set up PDM
uses: pdm-project/setup-pdm@v2
with:
python-version: ${{ matrix.python-version }}
enable-pep582: false
cache: true
cache-dependency-path: |
./pdm.lock
./Cargo.lock
- uses: actions-rust-lang/setup-rust-toolchain@v1
- name: Install dependencies
run: |
pdm sync -d
- name: Run Tests
run: |
pdm pytest
pyright:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up PDM
uses: pdm-project/setup-pdm@v2
with:
python-version: "3.8"
enable-pep582: false
cache: true
cache-dependency-path: |
./pdm.lock
./Cargo.lock
- uses: actions-rust-lang/setup-rust-toolchain@v1
- name: Install dependencies
run: |
pdm sync -d
- name: Type-Check
run: |
pdm pyright
# Build jobs are auto-generated by maturin v0.14.17
# To update, run
#
# maturin generate-ci --platform linux macos -- github
#
wheel-linux:
runs-on: ubuntu-latest
needs: [checks, pytest, pyright]
strategy:
matrix:
target: [x86_64, aarch64]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Build wheels
uses: PyO3/maturin-action@v1
with:
target: ${{ matrix.target }}
args: --release --out dist
sccache: "true"
manylinux: auto
- name: Upload wheels
uses: actions/upload-artifact@v3
with:
name: wheels
path: dist

wheel-macos:
runs-on: macos-latest
needs: [checks, pytest, pyright]
strategy:
matrix:
target: [x86_64, aarch64]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Build wheels
uses: PyO3/maturin-action@v1
with:
target: ${{ matrix.target }}
args: --release --out dist
sccache: "true"
- name: Upload wheels
uses: actions/upload-artifact@v3
with:
name: wheels
path: dist

sdist:
runs-on: ubuntu-latest
needs: [checks, pytest, pyright]
steps:
- uses: actions/checkout@v3
- name: Build sdist
uses: PyO3/maturin-action@v1
with:
command: sdist
args: --out dist
- name: Upload sdist
uses: actions/upload-artifact@v3
with:
name: wheels
path: dist

release:
name: Release
runs-on: ubuntu-latest
if: "startsWith(github.ref, 'refs/tags/')"
needs: [wheel-linux, wheel-macos, sdist]
steps:
- uses: actions/download-artifact@v3
with:
name: wheels
- name: Publish to PyPI
uses: PyO3/maturin-action@v1
env:
MATURIN_PYPI_TOKEN: ${{ secrets.POETRY_PYPI_TOKEN_PYPI }}
with:
command: upload
args: --skip-existing *
26 changes: 26 additions & 0 deletions .github/workflows/Update.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
name: "Update dependencies"
on:
workflow_dispatch: # allows manual triggering
schedule:
- cron: "0 0 * * 0" # runs weekly on Sunday at 00:00

jobs:
update-flake:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v20
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- uses: cachix/cachix-action@v12
with:
name: unblob
authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
- name: Update flake.lock
uses: DeterminateSystems/update-flake-lock@vX
with:
pr-title: "Update flake.lock" # Title of PR to be created
pr-labels: | # Labels to be set on the PR
dependencies
automated
33 changes: 33 additions & 0 deletions .github/workflows/check-mergeable.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
name: Check branch status

on:
pull_request:
branches:
- "**"

jobs:
check_branch_history:
name: Check - Linear history
runs-on: ubuntu-latest
steps:
- name: Checkout source code
uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha }} # otherwise, it'd create a merge commit
fetch-depth: "0"
- name: Check HEAD is rebased on ${{ github.event.pull_request.base.ref }}
run: |
git config --global user.name "$GITHUB_ACTOR"
git config --global user.email "[email protected]"
git fetch origin $GITHUB_BASE_REF
PR_HEAD_SHA=$(git rev-parse HEAD)
git rebase FETCH_HEAD
REBASED_SHA=$(git rev-parse HEAD)
echo "PR HEAD: $PR_HEAD_SHA"
echo "Rebased HEAD: $REBASED_SHA"
git range-diff FETCH_HEAD..$PR_HEAD_SHA FETCH_HEAD..$REBASED_SHA
if [[ "$REBASED_SHA" != "$PR_HEAD_SHA" ]]; then
echo "Not fast forward, aborting!"
echo "Ensure that the PR branch is rebased on $GITHUB_BASE_REF and does not contain merge commits."
exit 1
fi

0 comments on commit 6872c8e

Please sign in to comment.