mirror of
https://github.com/theupdateframework/python-tuf
synced 2026-05-24 10:08:28 +00:00
a1a71c11a1
- Change CI workflow to also run on push to (release) tag
- Change CD workflow to run on successful CI run, and only if a
(release) tag push triggered the CI
NOTE: Unfortunately the setup is not very robust
(see code comment in cd.yml)
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
101 lines
3.3 KiB
YAML
101 lines
3.3 KiB
YAML
name: CI
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- develop
|
|
tags:
|
|
# TODO: Should we restrict to vX.Y.Z tags?
|
|
- v*
|
|
|
|
pull_request:
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
tests:
|
|
name: Tests
|
|
strategy:
|
|
fail-fast: false
|
|
# Run regular TUF tests on each OS/Python combination, plus special tests
|
|
# (sslib master) and linters on Linux/Python3.x only.
|
|
matrix:
|
|
python-version: ["3.7", "3.8", "3.9", "3.10"]
|
|
os: [ubuntu-latest, macos-latest, windows-latest]
|
|
toxenv: [py]
|
|
include:
|
|
- python-version: 3.x
|
|
os: ubuntu-latest
|
|
toxenv: with-sslib-master
|
|
experimental: true
|
|
- python-version: 3.x
|
|
os: ubuntu-latest
|
|
toxenv: lint
|
|
|
|
env:
|
|
# Set TOXENV env var to tell tox which testenv (see tox.ini) to use
|
|
# NOTE: The Python 2.7 runner has two Python versions on the path (see
|
|
# setup-python below), so we tell tox explicitly to use the 'py27'
|
|
# testenv. For all other runners the toxenv configured above suffices.
|
|
TOXENV: ${{ matrix.toxenv }}
|
|
|
|
runs-on: ${{ matrix.os }}
|
|
|
|
steps:
|
|
- name: Checkout TUF
|
|
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
|
|
|
|
- name: Set up Python ${{ matrix.python-version }}
|
|
uses: actions/setup-python@0ebf233433c08fb9061af664d501c3f3ff0e9e20
|
|
with:
|
|
python-version: ${{ matrix.python-version }}
|
|
cache: 'pip'
|
|
cache-dependency-path: 'requirements*.txt'
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
python3 -m pip install --upgrade pip
|
|
python3 -m pip install --upgrade tox coveralls
|
|
|
|
- name: Run tox (${{ env.TOXENV }})
|
|
# See TOXENV environment variable for the testenv to be executed here
|
|
run: tox
|
|
|
|
- name: Publish on coveralls.io
|
|
# A failure to publish coverage results on coveralls should not
|
|
# be a reason for a job failure.
|
|
continue-on-error: true
|
|
# TODO: Maybe make 'lint' a separate job instead of case handling here
|
|
if: ${{ env.TOXENV != 'lint' }}
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
COVERALLS_FLAG_NAME: ${{ runner.os }} / Python ${{ matrix.python-version }} / ${{ env.TOXENV }}
|
|
COVERALLS_PARALLEL: true
|
|
# Use cp workaround to publish coverage reports with relative paths
|
|
# FIXME: Consider refactoring the tests to not require the test
|
|
# aggregation script being invoked from the `tests` directory, so
|
|
# that `.coverage` is written to and .coveragrc can also reside in
|
|
# the project root directory as is the convention.
|
|
run: |
|
|
cp tests/.coverage .
|
|
coveralls --service=github --rcfile=tests/.coveragerc
|
|
|
|
coveralls-fin:
|
|
# Always run when all 'tests' jobs have finished even if they failed
|
|
# TODO: Replace always() with a 'at least one job succeeded' expression
|
|
if: always()
|
|
needs: tests
|
|
runs-on: ubuntu-latest
|
|
container: python:3-slim
|
|
steps:
|
|
- name: Install dependencies
|
|
run: |
|
|
python3 -m pip install --upgrade pip
|
|
python3 -m pip install --upgrade coveralls
|
|
- name: Finalize publishing on coveralls.io
|
|
continue-on-error: true
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
run: coveralls --finish
|