Skip to content

Use Cargo workspace #343

Use Cargo workspace

Use Cargo workspace #343

Workflow file for this run

name: CI
on:
push:
branches:
- main
- master
tags:
- '*'
pull_request:
workflow_dispatch:
release:
types:
- published
permissions:
contents: read
jobs:
sdist:
runs-on: ubuntu-latest
name: sdists
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
persist-credentials: false
- name: Install the latest version of uv
uses: astral-sh/setup-uv@38f3f104447c67c051c4a08e39b64a148898af3a # v4.2.0
with:
enable-cache: true
cache-dependency-glob: pyproject.toml
- name: Make sdist (rfc3161_client)
run: uv build --sdist
- name: Upload sdist
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
with:
name: rfc3161-sdist
path: dist/rfc3161_client*
linux:
runs-on: ubuntu-latest
strategy:
matrix:
platform:
- target: x86_64
- target: x86
- target: aarch64
- target: armv7
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
persist-credentials: false
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5
with:
python-version: 3.x
- name: Build wheels
uses: PyO3/maturin-action@ea5bac0f1ccd0ab11c805e2b804bfcb65dac2eab # v1
with:
target: ${{ matrix.platform.target }}
args: --release --out dist --find-interpreter
sccache: 'true'
manylinux: auto
before-script-linux: |
if command -v yum 2>&1 >/dev/null
then
yum update
yum install -y perl-core cpanminus devtoolset-10-libatomic-devel
# Workaround for OpenSSL not building on Centos 7 (manylinux2014)
# Remove once `openssl-src` builds OpenSSL > 3.3.2 by default
# Ref: https://github.com/openssl/openssl/pull/25367#issuecomment-2327177830
cpanm --verbose --notest install Sub::Util
fi
- name: Upload wheels
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
with:
name: wheels-linux-${{ matrix.platform.target }}
path: dist
musllinux:
runs-on: ubuntu-latest
strategy:
matrix:
platform:
- target: x86_64
- target: x86
- target: aarch64
- target: armv7
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
persist-credentials: false
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5
with:
python-version: 3.x
- name: Build wheels
uses: PyO3/maturin-action@ea5bac0f1ccd0ab11c805e2b804bfcb65dac2eab # v1
with:
target: ${{ matrix.platform.target }}
args: --release --out dist --find-interpreter
sccache: 'true'
manylinux: musllinux_1_2
- name: Upload wheels
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
with:
name: wheels-musllinux-${{ matrix.platform.target }}
path: dist
windows:
needs: [sdist]
runs-on: windows-latest
strategy:
fail-fast: false
matrix:
WINDOWS:
- {ARCH: 'x86', WINDOWS: 'win32', RUST_TRIPLE: 'i686-pc-windows-msvc'}
- {ARCH: 'x64', WINDOWS: 'win64', RUST_TRIPLE: 'x86_64-pc-windows-msvc'}
name: ${{ matrix.WINDOWS.WINDOWS }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
persist-credentials: false
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: rfc3161-sdist
- name: Install the latest version of uv
uses: astral-sh/setup-uv@38f3f104447c67c051c4a08e39b64a148898af3a # v4.2.0
with:
enable-cache: true
cache-dependency-glob: pyproject.toml
# We cannot use `uv python install` because it doesn't allow to install python
# version for another architecture
- name: Setup python
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: 3.x
architecture: ${{ matrix.WINDOWS.ARCH }}
- uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8
with:
toolchain: stable
target: ${{ matrix.WINDOWS.RUST_TRIPLE }}
- uses: dawidd6/action-download-artifact@80620a5d27ce0ae443b965134db88467fc607b43 # v7
with:
repo: pyca/infra
workflow: build-windows-openssl.yml
branch: main
workflow_conclusion: success
name: "openssl-${{ matrix.WINDOWS.WINDOWS }}"
path: "C:/openssl-${{ matrix.WINDOWS.WINDOWS }}/"
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Configure OpenSSL
run: |
echo "OPENSSL_DIR=C:/openssl-${{ matrix.WINDOWS.WINDOWS }}" >> $GITHUB_ENV
echo "OPENSSL_STATIC=1" >> $GITHUB_ENV
echo "OPENSSL_NO_VENDOR=1" >> $GITHUB_ENV
shell: bash
- run: mkdir wheelhouse
- name: Build wheel
run: |
uv build --wheel rfc3161*.tar.gz -o wheelhouse/
shell: bash
- name: Test Install
run: |
uv venv
source ./.venv/Scripts/activate
uv pip install wheelhouse/rfc3161_client*.whl
python -c "import rfc3161_client"
shell: bash
- name: Upload wheels
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
with:
name: "wheels-windows-${{ matrix.WINDOWS.ARCH }}"
path: wheelhouse
macos:
runs-on: ${{ matrix.platform.runner }}
strategy:
matrix:
platform:
- runner: macos-13
target: x86_64
- runner: macos-14
target: aarch64
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
persist-credentials: false
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5
with:
python-version: 3.x
- name: Build wheels
uses: PyO3/maturin-action@ea5bac0f1ccd0ab11c805e2b804bfcb65dac2eab # v1
env:
# Do not build OpenSSL on MacOS, since it's already installed
# and we don't need to cross-compile.
OPENSSL_NO_VENDOR: 1
with:
target: ${{ matrix.platform.target }}
args: --release --out dist --find-interpreter
sccache: 'true'
- name: Upload wheels
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
with:
name: wheels-macos-${{ matrix.platform.target }}
path: dist
publish:
name: Publish Python distributions to PyPI
runs-on: ubuntu-latest
if: github.event_name == 'release' && github.event.action == 'published'
needs: [linux, musllinux, windows, macos, sdist]
environment:
name: pypi
url: https://pypi.org/p/rfc3161-client
permissions:
# Used to sign the release's artifacts with sigstore-python.
# Used to publish to PyPI with Trusted Publishing.
id-token: write
steps:
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
path: dist/
merge-multiple: true
- name: Publish distributions
uses: pypa/gh-action-pypi-publish@15c56dba361d8335944d31a2ecd17d700fc7bcbc # release/v1
with:
attestations: true