From 8ee00944586bb2595a2dcad9fb829847dd6f5f19 Mon Sep 17 00:00:00 2001 From: Hynek Schlawack Date: Sat, 26 Oct 2024 08:07:35 +0200 Subject: [PATCH] Use baipp for building the CI matrix (#73) * Use baipp for building the matrix * fix * Better name * Don't run pypi-package on PRs It already runs as part of ci.yml anyways. * fix * Explicitly forbid pytest to enter typing test dir --- .github/workflows/ci.yml | 97 +++++++++++++++++++++--------- .github/workflows/pypi-package.yml | 1 - pyproject.toml | 1 + tox.ini | 1 - 4 files changed, 69 insertions(+), 31 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c2fa363..0564016 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -4,6 +4,7 @@ name: CI on: push: branches: [main] + tags: ["*"] pull_request: workflow_dispatch: @@ -14,6 +15,7 @@ env: permissions: {} + jobs: lint: name: Run linters @@ -29,45 +31,55 @@ jobs: uvx --with tox-uv tox run -e lint -- --show-diff-on-failure + + build-package: + name: Build & verify package + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - uses: hynek/build-and-inspect-python-package@v2 + id: baipp + + outputs: + # Used to define the matrix for tests below. The value is based on + # packaging metadata (trove classifiers). + python-versions: ${{ steps.baipp.outputs.supported_python_classifiers_json_array }} + + tests: - name: Tests on ${{ matrix.python-version }} + name: Tests & Mypy API on ${{ matrix.python-version }} runs-on: ubuntu-latest + needs: build-package strategy: matrix: - python-version: - - "3.8" - - "3.9" - - "3.10" - - "3.11" - - "3.12" - - "pypy-3.9" - - "pypy-3.10" + # Created by the build-and-inspect-python-package action above. + python-version: ${{ fromJson(needs.build-package.outputs.python-versions) }} steps: - - uses: actions/checkout@v4 + - name: Download pre-built packages + uses: actions/download-artifact@v4 + with: + name: Packages + path: dist + - run: | + tar xf dist/*.tar.gz --strip-components=1 + rm -rf src - uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} allow-prereleases: true - uses: hynek/setup-cached-uv@v2 - - name: Prepare tox & run tests - run: | - V=${{ matrix.python-version }} - - if [[ "$V" = pypy-* ]]; then - V=pypy3 - else - V=py$(echo $V | tr -d .) - fi - - uvx --with tox-uv \ - tox run -f "$V" - - - name: Run Mypy on API + - name: Run tests run: > uvx --with tox-uv - tox run -e mypy-api + tox run + --installpkg dist/*.whl + -f py$(echo ${{ matrix.python-version }} | tr -d .) - name: Upload coverage data uses: actions/upload-artifact@v4 @@ -77,8 +89,16 @@ jobs: include-hidden-files: true if-no-files-found: ignore + - name: Check public API with Mypy + run: > + uvx --with tox-uv + tox run + --installpkg dist/*.whl + -e mypy-api + + coverage: - name: Combine & check coverage + name: Ensure 100% test coverage needs: tests runs-on: ubuntu-latest @@ -114,12 +134,19 @@ jobs: path: htmlcov if: ${{ failure() }} + mypy-pkg: - name: Type-check package + name: Mypy Codebase runs-on: ubuntu-latest + needs: build-package steps: - - uses: actions/checkout@v4 + - name: Download pre-built packages + uses: actions/download-artifact@v4 + with: + name: Packages + path: dist + - run: tar xf dist/*.tar.gz --strip-components=1 - uses: actions/setup-python@v5 with: python-version-file: .python-version-default @@ -129,6 +156,7 @@ jobs: uvx --with tox-uv tox run -e mypy-pkg + install-dev: strategy: matrix: @@ -148,12 +176,22 @@ jobs: run: | python -Im pip install -e .[dev] python -Ic 'import service_identity; print(service_identity.__version__)' + python -Ic 'import service_identity.pyopenssl' + python -Ic 'import service_identity.cryptography' + docs: name: Build docs & run doctests + needs: build-package runs-on: ubuntu-latest + steps: - - uses: actions/checkout@v4 + - name: Download pre-built packages + uses: actions/download-artifact@v4 + with: + name: Packages + path: dist + - run: tar xf dist/*.tar.gz --strip-components=1 - uses: actions/setup-python@v5 with: # Keep in sync with tox.ini/docs & .readthedocs.yaml @@ -164,6 +202,7 @@ jobs: uvx --with tox-uv tox run -e docs + required-checks-pass: name: Ensure everything required is passing for branch protection if: always() diff --git a/.github/workflows/pypi-package.yml b/.github/workflows/pypi-package.yml index 85e55ef..87905be 100644 --- a/.github/workflows/pypi-package.yml +++ b/.github/workflows/pypi-package.yml @@ -5,7 +5,6 @@ on: push: branches: [main] tags: ["*"] - pull_request: release: types: - published diff --git a/pyproject.toml b/pyproject.toml index 8e82e69..b7823b3 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -89,6 +89,7 @@ addopts = ["-ra", "--strict-markers", "--strict-config"] xfail_strict = true testpaths = "tests" filterwarnings = ["once::Warning"] +norecursedirs = ["tests/typing"] [tool.coverage.run] diff --git a/tox.ini b/tox.ini index 221d18c..f3015ba 100644 --- a/tox.ini +++ b/tox.ini @@ -4,7 +4,6 @@ env_list = lint, mypy-{api,pkg}, docs, - pypy3{,-pyopenssl-latest-idna}, py3{8,9,10,11,12}{,-pyopenssl}{,-oldest}{,-idna}, coverage-report