-
Notifications
You must be signed in to change notification settings - Fork 0
150 lines (128 loc) · 4.18 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
name: CI
# Main CI pipeline of the repository.
#
# Overview:
# Lint --> test doc build -\
# \-> test code ---> deploy docs (*) -> release (**)
#
# (*): only on push of primary branches + release tags
# (**): only for release version tags (vX.Y.Z)
on:
push:
branches: [main]
tags: ["v*.*.*"]
pull_request:
types: [opened, reopened, synchronize, ready_for_review]
jobs:
lint:
# run general checks that do not require installing the package
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install poetry
run: pipx install poetry
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Install poe, pre-commit and safety
run: pip install poethepoet pre-commit safety
# NOTE: using custom cache, to include pre-commit linters + deps
- uses: actions/cache@v3
with:
path: |
~/.cache/pre-commit
~/.cache/pip
key: ${{ hashFiles('.pre-commit-config.yaml') }}-pre-commit
- name: Check that all static analysis tools run without errors
run: poetry run poe lint --all-files
- name: Scan dependencies for known vulnerabilities
run: safety check -r pyproject.toml
test-build-docs:
# make sure that documentation is buildable
# (better to know that before e.g. a PR is merged)
needs: lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install poetry
run: pipx install poetry
- uses: actions/setup-python@v4
with:
python-version: "3.10"
cache: "poetry"
- name: Check that documentation builds without errors
run: |
poetry install --with docs
poetry run poe docs
test:
# run tests with different OS and Python combinations
needs: lint
strategy:
fail-fast: true
matrix:
os: [ "ubuntu-latest" ]
python-version: [ "3.8", "3.9", "3.10" ]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v3
- name: Install poetry
run: pipx install poetry
- uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
cache: "poetry"
- name: Check that tests complete without errors
run: |
poetry install
poetry run poe test
docs:
# build + deploy documentation (only on push event for certain branches+tags)
needs: [test, test-build-docs]
if: github.event_name == 'push'
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@v3
- name: Install poetry
run: pipx install poetry
- uses: actions/setup-python@v4
with:
python-version: "3.10"
cache: "poetry"
- name: Install project with mkdocs and plugins
run: poetry install --with docs
- name: Configure Git user (Github Actions Bot)
run: |
git config --local user.name "github-actions[bot]"
git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
- name: Check out or initialize gh-pages branch
run: |
if git fetch origin gh-pages:gh-pages
then
echo "Found existing gh-pages branch."
else
echo "Creating new gh-pages branch and initializing mike."
poetry run mike deploy -u ${{ github.ref_name }} latest
poetry run mike set-default latest
fi
- name: Build and deploy documentation to gh-pages
run: |
SET_LATEST=""
if [[ "${{ github.ref_name }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+*$ ]]; then
# if a new release tag is pushed, mark the built documentation as 'latest'
SET_LATEST="latest"
fi
poetry run mike deploy -u --push ${{ github.ref_name }} $SET_LATEST
publish:
# if a version tag is pushed + tests + docs completed -> do release
needs: docs
if: startswith(github.ref, 'refs/tags/v')
permissions:
contents: write # for GitHub release
id-token: write # for PyPI release
uses: "./.github/workflows/release.yml"
with:
to_github: true
to_test_pypi: false
to_pypi: true