Skip to content

Add SECURITY.md (#418) #1956

Add SECURITY.md (#418)

Add SECURITY.md (#418) #1956

Workflow file for this run

name: pyscal
on:
push:
branches:
- main
pull_request:
branches:
- main
release:
types:
- published
schedule:
# Run CI every night and check that tests are working with latest dependencies
- cron: "0 0 * * *"
env:
# Default python version to be use to create docs
DEFAULT_PYTHON_VERSION: "3.10"
jobs:
pyscal:
runs-on: ${{ matrix.os }}
strategy:
matrix:
include:
- os: "ubuntu-latest"
python-version: "3.8"
- os: "ubuntu-latest"
python-version: "3.9"
- os: "ubuntu-latest"
python-version: "3.10"
- os: "macos-latest"
python-version: "3.10"
- os: "windows-latest"
python-version: "3.10"
steps:
- name: Checkout commit locally
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Install pyscal with dependencies
if: ${{ always() }}
run: |
pip install --upgrade pip
pip install .[tests]
- name: List all installed packages
if: ${{ always() }}
run: pip freeze
- name: Lint with black
if: ${{ always() }}
run: |
black --check --force-exclude="pyscal/version.py" pyscal/*py tests/test_*py setup.py docs/conf.py
- name: Lint with flake8
if: ${{ always() }}
run: |
flake8 pyscal tests
- name: Lint with isort
if: ${{ always() }}
run: |
isort --check-only --profile black pyscal tests
- name: Check typing with mypy
if: ${{ always() }}
run: |
mypy pyscal
- name: Run tests
run: |
python -c "import pyscal"
pytest --strict-markers --hypothesis-profile ci tests/
- name: Syntax check documentation
run: |
rstcheck -r docs
- name: Install font (xkcd) for documentation
if: ${{ matrix.os == 'ubuntu-latest' && matrix.python-version == env.DEFAULT_PYTHON_VERSION }}
run: |
sudo apt-get install -y fonts-humor-sans
- name: Build documentation
if: ${{ matrix.os == 'ubuntu-latest' && matrix.python-version == env.DEFAULT_PYTHON_VERSION }}
run: |
export SETUPTOOLS_SCM_PRETEND_VERSION=${GITHUB_REF//refs\/tags\//}
python docs/make_plots.py
sphinx-build -b html docs ./build/sphinx/html
- name: Build python package and publish to pypi
if: ${{ github.event_name == 'release' && matrix.os == 'ubuntu-latest' && matrix.python-version == env.DEFAULT_PYTHON_VERSION }}
env:
TWINE_USERNAME: __token__
TWINE_PASSWORD: ${{ secrets.pyscal_pypi_token }}
run: |
export SETUPTOOLS_SCM_PRETEND_VERSION=${GITHUB_REF//refs\/tags\//}
python -m pip install --upgrade setuptools wheel twine
python setup.py sdist bdist_wheel
twine upload dist/*
- name: Update GitHub pages
if: ${{ github.event_name == 'release' && matrix.os == 'ubuntu-latest' && matrix.python-version == env.DEFAULT_PYTHON_VERSION }}
run: |
cp -R ./build/sphinx/html ../html
git config --local user.email "pyscal-github-action"
git config --local user.name "pyscal-github-action"
git fetch origin gh-pages
git stash # Due to make_plots.py above maybe having modified png files
git checkout --track origin/gh-pages
git clean -f -f -d -x # Double -f is intentional
git rm -r *
cp -R ../html/* .
git add .
if git diff-index --quiet HEAD; then
echo "No changes in documentation. Skip documentation deploy."
else
git commit -m "Update Github Pages"
git push "https://${{ github.actor }}:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git" gh-pages
fi