Add SECURITY.md (#418) #1956
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: pyscal | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
release: | |
types: | |
- published | |
schedule: | |
# Run CI every night and check that tests are working with latest dependencies | |
- cron: "0 0 * * *" | |
env: | |
# Default python version to be use to create docs | |
DEFAULT_PYTHON_VERSION: "3.10" | |
jobs: | |
pyscal: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
include: | |
- os: "ubuntu-latest" | |
python-version: "3.8" | |
- os: "ubuntu-latest" | |
python-version: "3.9" | |
- os: "ubuntu-latest" | |
python-version: "3.10" | |
- os: "macos-latest" | |
python-version: "3.10" | |
- os: "windows-latest" | |
python-version: "3.10" | |
steps: | |
- name: Checkout commit locally | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Set up Python ${{ matrix.python-version }} | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Install pyscal with dependencies | |
if: ${{ always() }} | |
run: | | |
pip install --upgrade pip | |
pip install .[tests] | |
- name: List all installed packages | |
if: ${{ always() }} | |
run: pip freeze | |
- name: Lint with black | |
if: ${{ always() }} | |
run: | | |
black --check --force-exclude="pyscal/version.py" pyscal/*py tests/test_*py setup.py docs/conf.py | |
- name: Lint with flake8 | |
if: ${{ always() }} | |
run: | | |
flake8 pyscal tests | |
- name: Lint with isort | |
if: ${{ always() }} | |
run: | | |
isort --check-only --profile black pyscal tests | |
- name: Check typing with mypy | |
if: ${{ always() }} | |
run: | | |
mypy pyscal | |
- name: Run tests | |
run: | | |
python -c "import pyscal" | |
pytest --strict-markers --hypothesis-profile ci tests/ | |
- name: Syntax check documentation | |
run: | | |
rstcheck -r docs | |
- name: Install font (xkcd) for documentation | |
if: ${{ matrix.os == 'ubuntu-latest' && matrix.python-version == env.DEFAULT_PYTHON_VERSION }} | |
run: | | |
sudo apt-get install -y fonts-humor-sans | |
- name: Build documentation | |
if: ${{ matrix.os == 'ubuntu-latest' && matrix.python-version == env.DEFAULT_PYTHON_VERSION }} | |
run: | | |
export SETUPTOOLS_SCM_PRETEND_VERSION=${GITHUB_REF//refs\/tags\//} | |
python docs/make_plots.py | |
sphinx-build -b html docs ./build/sphinx/html | |
- name: Build python package and publish to pypi | |
if: ${{ github.event_name == 'release' && matrix.os == 'ubuntu-latest' && matrix.python-version == env.DEFAULT_PYTHON_VERSION }} | |
env: | |
TWINE_USERNAME: __token__ | |
TWINE_PASSWORD: ${{ secrets.pyscal_pypi_token }} | |
run: | | |
export SETUPTOOLS_SCM_PRETEND_VERSION=${GITHUB_REF//refs\/tags\//} | |
python -m pip install --upgrade setuptools wheel twine | |
python setup.py sdist bdist_wheel | |
twine upload dist/* | |
- name: Update GitHub pages | |
if: ${{ github.event_name == 'release' && matrix.os == 'ubuntu-latest' && matrix.python-version == env.DEFAULT_PYTHON_VERSION }} | |
run: | | |
cp -R ./build/sphinx/html ../html | |
git config --local user.email "pyscal-github-action" | |
git config --local user.name "pyscal-github-action" | |
git fetch origin gh-pages | |
git stash # Due to make_plots.py above maybe having modified png files | |
git checkout --track origin/gh-pages | |
git clean -f -f -d -x # Double -f is intentional | |
git rm -r * | |
cp -R ../html/* . | |
git add . | |
if git diff-index --quiet HEAD; then | |
echo "No changes in documentation. Skip documentation deploy." | |
else | |
git commit -m "Update Github Pages" | |
git push "https://${{ github.actor }}:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git" gh-pages | |
fi |