mirror of
https://github.com/theupdateframework/python-tuf
synced 2026-05-24 10:08:28 +00:00
fd438c86fc
* This was suggested as best practice by a pylint developer * Seems better than CI randomly breaking when GitHub updates Python version (and pylint starts applying new rules that we can't follow because that would break old Python versions) Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
114 lines
3.6 KiB
YAML
114 lines
3.6 KiB
YAML
on:
|
|
workflow_call:
|
|
# Permissions inherited from caller workflow
|
|
|
|
permissions: {}
|
|
|
|
jobs:
|
|
lint-test:
|
|
name: Lint Test
|
|
runs-on: ubuntu-latest
|
|
|
|
|
|
steps:
|
|
- name: Checkout TUF
|
|
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
|
|
|
- name: Set up Python (oldest supported version)
|
|
uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1
|
|
with:
|
|
python-version: 3.8
|
|
cache: 'pip'
|
|
cache-dependency-path: 'requirements/*.txt'
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
python3 -m pip install --constraint requirements/build.txt tox coveralls
|
|
|
|
- name: Run tox
|
|
run: tox -e lint
|
|
|
|
tests:
|
|
name: Tests
|
|
needs: lint-test
|
|
continue-on-error: true
|
|
strategy:
|
|
# Run regular TUF tests on each OS/Python combination, plus
|
|
# (sslib main) on Linux/Python3.x only.
|
|
matrix:
|
|
toxenv: [py]
|
|
python-version: ["3.8", "3.9", "3.10", "3.11"]
|
|
os: [ubuntu-latest, macos-latest, windows-latest]
|
|
include:
|
|
- python-version: 3.x
|
|
os: ubuntu-latest
|
|
toxenv: with-sslib-main
|
|
experimental: true
|
|
|
|
env:
|
|
# Set TOXENV env var to tell tox which testenv (see tox.ini) to use
|
|
TOXENV: ${{ matrix.toxenv }}
|
|
|
|
runs-on: ${{ matrix.os }}
|
|
|
|
steps:
|
|
- name: Checkout TUF
|
|
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
|
|
|
- name: Set up Python ${{ matrix.python-version }}
|
|
uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1
|
|
with:
|
|
python-version: ${{ matrix.python-version }}
|
|
cache: 'pip'
|
|
cache-dependency-path: 'requirements/*.txt'
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
python3 -m pip install --constraint requirements/build.txt tox coveralls
|
|
|
|
- name: Run tox (${{ env.TOXENV }})
|
|
# See TOXENV environment variable for the testenv to be executed here
|
|
run: tox
|
|
|
|
- name: Publish on coveralls.io
|
|
# A failure to publish coverage results on coveralls should not
|
|
# be a reason for a job failure.
|
|
continue-on-error: true
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
COVERALLS_FLAG_NAME: ${{ runner.os }} / Python ${{ matrix.python-version }} / ${{ env.TOXENV }}
|
|
COVERALLS_PARALLEL: true
|
|
# Use cp workaround to publish coverage reports with relative paths
|
|
# FIXME: Consider refactoring the tests to not require the test
|
|
# aggregation script being invoked from the `tests` directory, so
|
|
# that `.coverage` is written to and .coveragrc can also reside in
|
|
# the project root directory as is the convention.
|
|
run: |
|
|
cp tests/.coverage .
|
|
coveralls --service=github --rcfile=tests/.coveragerc
|
|
|
|
coveralls-fin:
|
|
# Always run when all 'tests' jobs have finished even if they failed
|
|
# TODO: Replace always() with a 'at least one job succeeded' expression
|
|
if: always()
|
|
needs: tests
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Add requirements file to make setup-python happy
|
|
run: touch requirements.txt
|
|
|
|
- name: Set up Python
|
|
uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1
|
|
with:
|
|
python-version: '3.x'
|
|
cache: 'pip'
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
python3 -m pip install coveralls
|
|
|
|
- name: Finalize publishing on coveralls.io
|
|
continue-on-error: true
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
run: coveralls --finish
|