From ecb33a91e64e63c7fa524de937709ffee377e9e1 Mon Sep 17 00:00:00 2001 From: Hynek Schlawack Date: Sat, 26 Oct 2024 07:36:15 +0200 Subject: [PATCH 1/6] Use baipp for building the matrix --- .github/workflows/ci.yml | 94 +++++++++++++++++++++++++++------------- 1 file changed, 65 insertions(+), 29 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c2fa363..82eeecf 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -4,6 +4,7 @@ name: CI on: push: branches: [main] + tags: ["*"] pull_request: workflow_dispatch: @@ -14,6 +15,7 @@ env: permissions: {} + jobs: lint: name: Run linters @@ -29,45 +31,54 @@ jobs: uvx --with tox-uv tox run -e lint -- --show-diff-on-failure + + build-package: + name: Build & verify package + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - uses: hynek/build-and-inspect-python-package@v2 + id: baipp + + outputs: + # Used to define the matrix for tests below. The value is based on + # packaging metadata (trove classifiers). + python-versions: ${{ steps.baipp.outputs.supported_python_classifiers_json_array }} + + tests: name: Tests on ${{ matrix.python-version }} runs-on: ubuntu-latest + needs: build-package strategy: matrix: - python-version: - - "3.8" - - "3.9" - - "3.10" - - "3.11" - - "3.12" - - "pypy-3.9" - - "pypy-3.10" + # Created by the build-and-inspect-python-package action above. + python-version: ${{ fromJson(needs.build-package.outputs.python-versions) }} steps: - - uses: actions/checkout@v4 + - name: Download pre-built packages + uses: actions/download-artifact@v4 + with: + name: Packages + path: dist + - run: | + tar xf dist/*.tar.gz --strip-components=1 + rm -rf src - uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} allow-prereleases: true - uses: hynek/setup-cached-uv@v2 - - name: Prepare tox & run tests - run: | - V=${{ matrix.python-version }} - - if [[ "$V" = pypy-* ]]; then - V=pypy3 - else - V=py$(echo $V | tr -d .) - fi - - uvx --with tox-uv \ - tox run -f "$V" - - - name: Run Mypy on API + - name: Run tests run: > - uvx --with tox-uv - tox run -e mypy-api + uvx --with tox-uv tox run + --installpkg dist/*.whl + -f py$(echo ${{ matrix.python-version }} | tr -d .)-tests - name: Upload coverage data uses: actions/upload-artifact@v4 @@ -77,8 +88,14 @@ jobs: include-hidden-files: true if-no-files-found: ignore + - name: Check public API with Mypy + run: > + uvx --with tox-uv + tox run -e mypy-api + + coverage: - name: Combine & check coverage + name: Ensure 100% test coverage needs: tests runs-on: ubuntu-latest @@ -114,12 +131,19 @@ jobs: path: htmlcov if: ${{ failure() }} + mypy-pkg: - name: Type-check package + name: Mypy Codebase runs-on: ubuntu-latest + needs: build-package steps: - - uses: actions/checkout@v4 + - name: Download pre-built packages + uses: actions/download-artifact@v4 + with: + name: Packages + path: dist + - run: tar xf dist/*.tar.gz --strip-components=1 - uses: actions/setup-python@v5 with: python-version-file: .python-version-default @@ -129,6 +153,7 @@ jobs: uvx --with tox-uv tox run -e mypy-pkg + install-dev: strategy: matrix: @@ -148,12 +173,22 @@ jobs: run: | python -Im pip install -e .[dev] python -Ic 'import service_identity; print(service_identity.__version__)' + python -Ic 'import service_identity.pyopenssl' + python -Ic 'import service_identity.cryptography' + docs: name: Build docs & run doctests + needs: build-package runs-on: ubuntu-latest + steps: - - uses: actions/checkout@v4 + - name: Download pre-built packages + uses: actions/download-artifact@v4 + with: + name: Packages + path: dist + - run: tar xf dist/*.tar.gz --strip-components=1 - uses: actions/setup-python@v5 with: # Keep in sync with tox.ini/docs & .readthedocs.yaml @@ -164,6 +199,7 @@ jobs: uvx --with tox-uv tox run -e docs + required-checks-pass: name: Ensure everything required is passing for branch protection if: always() From a96ba4cb8ca71aec0d1779b1814d3e1a0c630e3c Mon Sep 17 00:00:00 2001 From: Hynek Schlawack Date: Sat, 26 Oct 2024 07:53:41 +0200 Subject: [PATCH 2/6] fix --- .github/workflows/ci.yml | 2 +- tox.ini | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 82eeecf..0cdbef7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -78,7 +78,7 @@ jobs: run: > uvx --with tox-uv tox run --installpkg dist/*.whl - -f py$(echo ${{ matrix.python-version }} | tr -d .)-tests + -f py$(echo ${{ matrix.python-version }} | tr -d .) - name: Upload coverage data uses: actions/upload-artifact@v4 diff --git a/tox.ini b/tox.ini index 221d18c..f3015ba 100644 --- a/tox.ini +++ b/tox.ini @@ -4,7 +4,6 @@ env_list = lint, mypy-{api,pkg}, docs, - pypy3{,-pyopenssl-latest-idna}, py3{8,9,10,11,12}{,-pyopenssl}{,-oldest}{,-idna}, coverage-report From 93373cb62b2a276380491dca14818c8fa26d25e0 Mon Sep 17 00:00:00 2001 From: Hynek Schlawack Date: Sat, 26 Oct 2024 07:54:21 +0200 Subject: [PATCH 3/6] Better name --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0cdbef7..aa9fad8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -51,7 +51,7 @@ jobs: tests: - name: Tests on ${{ matrix.python-version }} + name: Tests & Mypy API on ${{ matrix.python-version }} runs-on: ubuntu-latest needs: build-package strategy: From d0b6f160c56de8f045b4e53e824554cf873b6911 Mon Sep 17 00:00:00 2001 From: Hynek Schlawack Date: Sat, 26 Oct 2024 07:56:22 +0200 Subject: [PATCH 4/6] Don't run pypi-package on PRs It already runs as part of ci.yml anyways. --- .github/workflows/pypi-package.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/pypi-package.yml b/.github/workflows/pypi-package.yml index 85e55ef..87905be 100644 --- a/.github/workflows/pypi-package.yml +++ b/.github/workflows/pypi-package.yml @@ -5,7 +5,6 @@ on: push: branches: [main] tags: ["*"] - pull_request: release: types: - published From a9e6189c5067d2de34df9b0593a8df0679ad915b Mon Sep 17 00:00:00 2001 From: Hynek Schlawack Date: Sat, 26 Oct 2024 07:58:59 +0200 Subject: [PATCH 5/6] fix --- .github/workflows/ci.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index aa9fad8..0564016 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -76,7 +76,8 @@ jobs: - name: Run tests run: > - uvx --with tox-uv tox run + uvx --with tox-uv + tox run --installpkg dist/*.whl -f py$(echo ${{ matrix.python-version }} | tr -d .) @@ -91,7 +92,9 @@ jobs: - name: Check public API with Mypy run: > uvx --with tox-uv - tox run -e mypy-api + tox run + --installpkg dist/*.whl + -e mypy-api coverage: From f6409cfc257af8042356b9fa5f7a9725638b0132 Mon Sep 17 00:00:00 2001 From: Hynek Schlawack Date: Sat, 26 Oct 2024 08:04:34 +0200 Subject: [PATCH 6/6] Explicitly forbid pytest to enter typing test dir --- pyproject.toml | 1 + 1 file changed, 1 insertion(+) diff --git a/pyproject.toml b/pyproject.toml index 8e82e69..b7823b3 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -89,6 +89,7 @@ addopts = ["-ra", "--strict-markers", "--strict-config"] xfail_strict = true testpaths = "tests" filterwarnings = ["once::Warning"] +norecursedirs = ["tests/typing"] [tool.coverage.run]