Jussi Kukkonen
b15af9573a
Merge pull request #2290 from jku/release-refactor
...
build: Handle GH release manually
2023-02-06 15:09:25 +02:00
Jussi Kukkonen
70555f6e1b
build: shorten requirements file names
...
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2023-02-06 14:52:07 +02:00
Jussi Kukkonen
33829fdbab
build: Move requirements file to a directory
...
We already have 6 files and I'm planning to add another one: maybe it's
time to move these out of the top level directory.
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2023-02-06 14:50:47 +02:00
Jussi Kukkonen
707dc49999
build: Handle GH release manually
...
Remove dependency on softprops/action-gh-release: instead do the GitHub
release steps using the GitHub API and github-script.
The only difference should be that release name is not "<tag>-rc" first:
instead the initial release is marked as draft in the API (and shows as
draft in the UI).
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2023-02-04 17:32:56 +02:00
dependabot[bot]
f2fff33566
build(deps): bump actions/github-script from 6.3.3 to 6.4.0
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.3.3 to 6.4.0.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](d556feaca3...98814c53be
2023-01-27 10:05:30 +00:00
dependabot[bot]
4c3df14a50
build(deps): bump actions/setup-python from 4.4.0 to 4.5.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](5ccb29d877...d27e3f3d7c
2023-01-13 10:50:28 +00:00
Lukas Pühringer
fa9761bb8f
Merge pull request #2259 from theupdateframework/dependabot/github_actions/actions/checkout-3.3.0
...
build(deps): bump actions/checkout from 3.2.0 to 3.3.0
2023-01-13 11:49:36 +01:00
Lukas Pühringer
cc6171b1d7
Merge pull request #2258 from theupdateframework/dependabot/github_actions/actions/download-artifact-3.0.2
...
build(deps): bump actions/download-artifact from 3.0.1 to 3.0.2
2023-01-13 11:33:33 +01:00
dependabot[bot]
bfbfb55444
build(deps): bump actions/checkout from 3.2.0 to 3.3.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](755da8c3cf...ac59398561
2023-01-13 10:32:56 +00:00
dependabot[bot]
d156bdf82f
build(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](83fd05a356...0b7f8abb15
2023-01-09 10:10:05 +00:00
dependabot[bot]
671df68a6d
build(deps): bump actions/download-artifact from 3.0.1 to 3.0.2
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](9782bd6a98...9bc31d5ccc
2023-01-06 10:04:00 +00:00
dependabot[bot]
681c134e09
build(deps): bump actions/setup-python from 4.3.1 to 4.4.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.3.1 to 4.4.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](2c3dd9e7e2...5ccb29d877
2022-12-23 10:22:10 +00:00
dependabot[bot]
98991d8f50
build(deps): bump actions/checkout from 3.1.0 to 3.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](93ea575cb5...755da8c3cf
2022-12-13 10:04:50 +00:00
dependabot[bot]
205769d9bf
build(deps): bump actions/setup-python from 4.3.0 to 4.3.1
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.3.0 to 4.3.1.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](13ae5bb136...2c3dd9e7e2
2022-12-09 17:50:35 +00:00
Jussi Kukkonen
b6c3b66ca6
build: Change build dependency pinning strategy
...
* don't autoupgrade pip: let's consider pip to be part of platform?
* pin build and tox in new requirements-build.txt: this mostly prevents
tox from going to 4.x before we're ready
* use requirements-build.txt as constraint when installing tox or build
during CI & CD
* use requirements-build.txt in requiremenets-dev.txt
Note that coveralls is not pinned, not sure if it should be.
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2022-12-09 18:10:03 +02:00
dependabot[bot]
7f1ddebb71
build(deps): bump pypa/gh-action-pypi-publish from 1.6.1 to 1.6.4
...
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) from 1.6.1 to 1.6.4.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](5d1679fa6b...c7f29f7ade
2022-12-07 10:04:26 +00:00
dependabot[bot]
63c384d9d7
build(deps): bump pypa/gh-action-pypi-publish from 1.5.1 to 1.6.1
...
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) from 1.5.1 to 1.6.1.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](37f50c210e...5d1679fa6b
2022-12-05 10:08:50 +00:00
Jussi Kukkonen
b002860206
Github workflows: Only upload to pypi in upstream repo
...
This is not a security measure: it makes testing the CD/release workflow
(at least the non-pypi-upload parts) in a fork a little easier as the pypi
upload is skipped.
This does make testing the pypi upload even more difficult but maybe
that is acceptable?
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2022-10-31 12:14:23 +02:00
Jussi Kukkonen
327fcf8640
GitHub workflows: limit "content:write" to minimum
...
permissions can be defined on workflow and job level, but not on step level.
Currently permissions are defined at workflow level which is not ideal.
Create a new "release_candidate" job so that we can minimize the
"content:write" permission exposure.
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2022-10-31 12:13:11 +02:00
dependabot[bot]
2fa55a089c
build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.1
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](3cea537223...83fd05a356
2022-10-24 10:21:27 +00:00
dependabot[bot]
68571fb887
build(deps): bump actions/download-artifact from 3.0.0 to 3.0.1
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](fb598a63ae...9782bd6a98
2022-10-21 11:14:31 +00:00
dependabot[bot]
67a5fca932
build(deps): bump actions/github-script from 6.3.2 to 6.3.3
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.3.2 to 6.3.3.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](100527700e...d556feaca3
2022-10-14 10:16:54 +00:00
dependabot[bot]
39b823afe4
build(deps): bump actions/github-script from 6.3.1 to 6.3.2
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.3.1 to 6.3.2.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](7dff1a8764...100527700e
2022-10-12 10:19:05 +00:00
dependabot[bot]
76c0d6cec0
build(deps): bump actions/setup-python from 4.2.0 to 4.3.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](b55428b188...13ae5bb136
2022-10-11 10:29:56 +00:00
Kairo de Araujo
869d23a9f2
Fix typo CD.yml
...
Fixed typo in CD.yml: 'candidate' instead ' candidate'.
Signed-off-by: Kairo de Araujo <kdearaujo@vmware.com>
2022-10-10 09:56:25 +02:00
dependabot[bot]
9907d4d38a
build(deps): bump actions/checkout from 3.0.2 to 3.1.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](2541b1294d...93ea575cb5
2022-10-04 10:45:28 +00:00
dependabot[bot]
903ad61a8e
build(deps): bump actions/github-script from 6.2.0 to 6.3.1
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.2.0 to 6.3.1.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](c713e510db...7dff1a8764
2022-10-03 09:39:02 +00:00
dependabot[bot]
de8f97f283
build(deps): bump actions/github-script from 6.1.1 to 6.2.0
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.1.1 to 6.2.0.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](d50f485531...c713e510db
2022-08-29 10:24:16 +00:00
dependabot[bot]
e27dce0f5f
build(deps): bump actions/github-script from 6.1.0 to 6.1.1
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.1.0 to 6.1.1.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](7a5c598405...d50f485531
2022-08-15 10:19:37 +00:00
dependabot[bot]
c524984be4
build(deps): bump actions/setup-python from 4.1.0 to 4.2.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](c4e89fac7e...b55428b188
2022-08-03 10:19:48 +00:00
dependabot[bot]
6edf9191de
build(deps): bump pypa/gh-action-pypi-publish from 1.5.0 to 1.5.1
...
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](717ba43cfb...37f50c210e
2022-07-27 16:36:56 +00:00
dependabot[bot]
deb9633879
build(deps): bump actions/setup-python from 4.0.0 to 4.1.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](d09bd5e600...c4e89fac7e
2022-07-12 10:20:32 +00:00
dependabot[bot]
94b08faade
build(deps): bump actions/setup-python from 3.1.2 to 4
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 3.1.2 to 4.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](https://github.com/actions/setup-python/compare/v3.1.2...d09bd5e6005b175076f227b13d9730d56e9dcfcb )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-09 10:22:16 +00:00
Lukas Pühringer
e9d11962b9
Merge pull request #2006 from theupdateframework/dependabot/github_actions/actions/github-script-6.1.0
...
build(deps): bump actions/github-script from 6.0.0 to 6.1.0
2022-05-24 11:20:33 +02:00
dependabot[bot]
2ae099c140
build(deps): bump actions/upload-artifact from 3.0.0 to 3.1.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](6673cd052c...3cea537223
2022-05-23 10:23:02 +00:00
dependabot[bot]
78dc59bf8b
build(deps): bump actions/github-script from 6.0.0 to 6.1.0
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](9ac08808f9...7a5c598405
2022-05-13 10:17:47 +00:00
Lukas Puehringer
0b0c55b1df
Restrict cd permissions to contents: write
...
This is the minimum permission needed to create/modify GH releases.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2022-04-26 10:36:58 +02:00
Lukas Puehringer
db471a5fd5
Refactor ci/cd workflows
...
Prior to this change, ci triggered cd, depending on the event that
triggered ci. Due to the vague information about that event
available to cd, the workflow pipeline was a bit brittle.
This change disassociates ci and cd workflows to allow for an
independent configuration of trigger events.
The test jobs, which used to be defined in ci, are now in a
separate workflow file _test.yml that can be included in both ci
and cd workflows.
**Changes in ci**
- Only defines trigger events and permissions, the "meat" of ci is
defined in the called _test.yml now.
- No longer triggers on tag pushes, this was only needed for cd.
**Changes in cd**
- Now triggers directly on tag pushes instead of (cd)-workflow_run.
- Calls _test.yml, and require successful run before build/release.
(`needs: test` replaces `if: ...`)
- Changes variable names about pushed tag that triggered the event.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2022-04-26 10:36:58 +02:00
dependabot[bot]
68fd8a1cc6
build(deps): bump actions/checkout from 3.0.0 to 3.0.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...2541b1294d2704b0964813337f33b291d3f8596b )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-22 10:19:38 +00:00
Lukas Puehringer
b99d0432a7
build: minor updates in CI/CD workflow files
...
- polish code comments
- wrap long lines
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2022-04-20 16:02:25 +02:00
Lukas Puehringer
a1a71c11a1
build: update CI/CD workflow to run in series
...
- Change CI workflow to also run on push to (release) tag
- Change CD workflow to run on successful CI run, and only if a
(release) tag push triggered the CI
NOTE: Unfortunately the setup is not very robust
(see code comment in cd.yml)
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2022-04-07 12:15:39 +02:00
Lukas Puehringer
5bfe897335
build: update CD workflow to create GH release
...
- Create preliminary GitHub release (X.Y.Z-rc) in 'build' job,
using popular 3rd-party 'softprops/action-gh-release'.
- Finalize GH release in 'release' job using custom GH script.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2022-04-06 17:30:56 +02:00
Lukas Puehringer
faef040407
build: add GH workflow to build + release on PyPI
...
Add workflow with two jobs to build and publish on PyPI. The
release job waits for the build job and uses a custom release
environment, which can be configured to require review.
To share the build artifacts between the jobs and to make them
available for intermediate review, they are stored using
'actions/upload-artifact' and 'actions/download-artifact'.
https://docs.github.com/en/actions/using-workflows/storing-workflow-data-as-artifacts
To upload the build artifacts to PyPI, the PyPA recommended
'pypa/gh-action-pypi-publish' is used.
https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/
**Caveat**
The URL to grab the artifacts, e.g. for review, requires knowledge
of action ID and artifact ID, and a login token (no special
permissions). This makes it a bit cumbersome to fetch the artifacts
with a script and compare them to a local build.
https://docs.github.com/en/actions/managing-workflow-runs/downloading-workflow-artifacts
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2022-04-06 17:30:13 +02:00
