pypiserver/.github/workflows/ci.yml

253 lines
7.7 KiB
YAML
Raw Normal View History

# Run tests
name: CI
on:
# This will run when any branch or tag is pushed
push:
branches:
- "master"
2022-04-26 02:12:49 +02:00
tags:
- "v**"
# Allowing to run on fork and other pull requests
pull_request:
jobs:
test-python:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
python-version: ["3.7", "3.8", "3.9", "3.10", "pypy3.9", "3.11"] # "3.12-dev"
steps:
- uses: actions/checkout@v3
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
pip install --upgrade setuptools
pip install tox==3.27.*
- name: Run tests
run: tox -e py
check:
# These checks only need to be done once, not for every python version we
# support
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
# Use the current version of Python
python-version: "3.x"
- name: Install dependencies
run: |
pip install -r "requirements/dev.pip"
pip install types-pkg_resources # one of mypy required stubs
- name: Check types
# individual mypy files for now, until we get the rest
# of the project typechecking
run: >-
mypy
docker/test_docker.py
pypiserver/config.py
tests/test_init.py
- name: Check formatting
run: black --diff --check .
- name: Validate README
id: validate_readme
Feature/markdown conversion (#503) * feat: markdown conversion logo and badges * feat: markdown conversion fix logo path * feat: markdown table changes * feat: markdown table alignment * feat: markdown check toc * feat: markdown toc additions * feat: markdown quickstart section * feat: dependabot more details section in quick start * feat: dependabot correct bold * feat: markdown client side config, pip * feat: markdown typo in title * feat: markdown typo in configuring pip * feat: markdown apache like authentication section an initial cut to view the markdown in github * feat: markdown typo in markdown link * feat: markdown remove trailing colon * feat: markdown typo in shell markdown * feat: markdown standardize on 4 space indent in shell code block * feat: markdown complete markdown for section up to alternate installation methods * feat: markdown add more of the contents to test with * feat: markdown contents * feat: markdown contents * feat: markdown contents * feat: markdown dquote> dquote> recipes * feat: markdown dquote> dquote> recipes * feat: markdown dquote> dquote> up to licensing * feat: markdown dquote> dquote> contents * Update README.md Missing exclamation mark * Update README.md missing link * Update README.md remove duplicated text * Update README.md bold differences it Table of contents * Update README.md additional bold changes in table of contents * Update README.md broken link * Update README.md typo in link fix * Update README.md change code block to text as shell highlighting was showing some items in red * Update README.md code block shell to text * Update README.md correct pypi-server update section * feat: markdown dquote> dquote> link back to TOC title * Update README.md change link to TOC title * Update README.md link test * Update README.md link update * Update README.md link update * Update README.md link update * feat: markdown links * Update README.md change the level of indent for uploading packages remotely * Update README.md add link to python-pam * feat: markdown apache link to TOC not working. * Update README.md grammar * Update README.md typo bold * feat: markdown undo bolded text in TOC and titles as linking does not work * feat: markdown remove bold from TOC * feat: feature more link issues * feat: markdown fixing broken links * feat: markdown change text slightly as markdown only links to plain text * feat: markdown typo * feat: markdown more link typos * Update README.md typo in link * Update README.md link will not work with braces in the titles * feat: markdown run mdformat and apply changes, :) lint! * feat: markdown - check via mdformat - remove old check script - update test-requirements.txt * feat: markdown correct the errors in the mdformat run command * feat: markdown for testing remove all the actual jobs * feat: markdown re-run mdformat * feat: markdown put the jobs back in after testing the mdformat cmd for passing and failing via workflow dispatch * feat: markdown remove references to README.md * feat: markdown change action to workflow dispatch for testing * feat: markdown - update docker igore - alter unit test to look for version number after md changes * feat: markdown black linting * feat: markdown update comments * feat: markdown update bumpver to look at md rather than rst file * feat: markdown replace workflow dispatch with pull request to get ready for the final PR * feat: markdown-delete-original delete the original rst file * feat: markdown-delete-original change ci to workflow dispatch for testing * feat: markdown-delete-original revert workflow dispatch * feat: markdown-badge-links set the links back to the original URLs. * feat: markdown-badge-links fix brackets * feat: markdown update the version and date * feat: markdown conversion markdown changes to conform to mdformat tooling.
2023-08-15 11:16:30 +02:00
run: mdformat --check README.md
continue-on-error: true
- name: check mdformat result
run: |
if [ "${{ steps.validate_readme.outcome }}" == "failure" ]; then
echo "copy readme to /tmp/pypiserver"
mkdir -p /tmp/pypiserver
cp README.md /tmp/pypiserver
echo "README.md is not formatted correctly. Please run 'mdformat README.md' and commit the result."
mdformat /tmp/pypiserver/README.md
diff -u README.md /tmp/pypiserver/README.md
exit 1
else
echo "README.md is formatted correctly."
fi
# Full-flow docker tests, again not python version dependent
Docker improvements (#365) * Docker improvements This addresses much of what was brought up in #359. Specifically, it: - Significantly improves testing for the Docker image, adding a `docker/test_docker.py` file using the regular pytest machinery to set up and run docker images for testing - Hopefully addresses a variety of permissions issues, by being explicit about what access pypiserver needs and asking for it, only erroring if that access is not available - Requires RX permissions on `/data` (R to read files, X to list files and to be able to cd into the directory. This is important since `/data` is the `WORKDIR`) - Requires RWX permissions on `/data/packages`, so that we can list packages, write packages, and read packages. - When running in the default configuration (as root on Linux or as the pypiserver-named rootish user on Mac), with no volumes mounted, these requirements are all satisfied - Volume mounts still must be readable by the pypiserver user (UID 9898) in order for the container to run. However, we now error early if this is not the case, and direct users to a useful issue. - If the container is run as a non-root, non-pypiserver user (e.g. because someone ran `docker run --user=<user_id>`, we try to run pypiserver as that user). Provided that user has access to the necessary directories, it should run fine. - Fixes issues with running help and similar commands - Updates the Docker image to use `PYPISERVER_PORT` for port specification, while still falling back to `PORT` for backwards compatibility - Moves some docker-related things into a `/docker` directory - Adds a `Makefile` for building a test fixture package sdist and wheel, so that test code can call `make mypkg` and not need to worry about it potentially building multiple times The only issue #359 raises that's not addressed here is the one of running pypiserver in the Docker container using some non-default server for performance. I would like to do some benchmarking before deciding on what to do there.
2021-02-06 18:28:15 +01:00
# We _could_ test this on MacOS, but it takes forever to get docker
# installed. I'm going to say for now probably 99% of people using
# the docker image will be doing so from a linux system, e.g. for
# a k8s deploy, and I've verified manually that things work on
# MacOS, so /shrug.
test-docker:
runs-on: "ubuntu-latest"
steps:
- uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
# Use the current version of Python
python-version: "3.x"
- name: Install test dependencies
run: pip install -r "requirements/test.pip"
- name: Install package
run: pip install -r "requirements/exe.pip"
- name: Run tests
run: "pytest docker/test_docker.py"
tests:
runs-on: "ubuntu-latest"
needs:
- "check"
Docker improvements (#365) * Docker improvements This addresses much of what was brought up in #359. Specifically, it: - Significantly improves testing for the Docker image, adding a `docker/test_docker.py` file using the regular pytest machinery to set up and run docker images for testing - Hopefully addresses a variety of permissions issues, by being explicit about what access pypiserver needs and asking for it, only erroring if that access is not available - Requires RX permissions on `/data` (R to read files, X to list files and to be able to cd into the directory. This is important since `/data` is the `WORKDIR`) - Requires RWX permissions on `/data/packages`, so that we can list packages, write packages, and read packages. - When running in the default configuration (as root on Linux or as the pypiserver-named rootish user on Mac), with no volumes mounted, these requirements are all satisfied - Volume mounts still must be readable by the pypiserver user (UID 9898) in order for the container to run. However, we now error early if this is not the case, and direct users to a useful issue. - If the container is run as a non-root, non-pypiserver user (e.g. because someone ran `docker run --user=<user_id>`, we try to run pypiserver as that user). Provided that user has access to the necessary directories, it should run fine. - Fixes issues with running help and similar commands - Updates the Docker image to use `PYPISERVER_PORT` for port specification, while still falling back to `PORT` for backwards compatibility - Moves some docker-related things into a `/docker` directory - Adds a `Makefile` for building a test fixture package sdist and wheel, so that test code can call `make mypkg` and not need to worry about it potentially building multiple times The only issue #359 raises that's not addressed here is the one of running pypiserver in the Docker container using some non-default server for performance. I would like to do some benchmarking before deciding on what to do there.
2021-02-06 18:28:15 +01:00
- "test-docker"
- "test-python"
steps:
- name: "Everything is good!"
run: "echo true"
# RELEASES
## PYPI
2022-04-26 02:12:49 +02:00
build-wheel-and-push-to-pypi:
runs-on: ubuntu-latest
needs:
- "tests"
# only if a tag is pushed
if: startsWith(github.event.ref, 'refs/tags/v')
steps:
- uses: actions/checkout@master
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: 3.x
- name: Build distribution _wheel_.
run: |
2022-05-01 22:36:06 +02:00
./bin/package.sh
- name: Publish distribution 📦 to PyPI.
uses: pypa/gh-action-pypi-publish@release/v1
with:
password: ${{ secrets.PYPI_API_TOKEN }}
print-hash: true
## DOCKER (DOCKER HUB & CONTAINER REGISTRY)
# figure out which docker tags we need to push
docker-determine-tags:
runs-on: "ubuntu-latest"
needs:
- "tests"
env:
STABLE_IMAGES: '["pypiserver/pypiserver", "ghcr.io/pypiserver/pypiserver"]'
FLEXIBLE_IMAGES: '["pypiserver/pypiserver"]'
outputs:
tags: "${{ steps.tags.outputs.tags }}"
has_tags: "${{ steps.has_tags.outputs.has_tags }}"
images: ${{ contains(steps.tags.outputs.tags, 'unstable') && env.FLEXIBLE_IMAGES || env.STABLE_IMAGES }}
steps:
- uses: "actions/checkout@v3"
- uses: "actions/setup-python@v4"
with:
python-version: "3.x"
# This script prints a JSON array of needed docker tags, depending on the
# ref. That array is then used to construct the matrix of the
# deploy-docker job
- name: "Get expected docker tags"
id: "tags"
run: >-
echo "::set-output name=tags::$(bin/ci_helper.py ${{ github.ref }} docker_tags)"
# This is needed because GH actions will fail on an empty matrix, so
# we need to be sure the `if` condition is false on the next job if
# the matrix will be empty. The script prints 'true' if the array is
# not empty, or 'false' otherwise.
- name: "Determine whether any tags are needed"
id: "has_tags"
run: >-
echo "::set-output name=has_tags::$(bin/ci_helper.py ${{ github.ref }} has_tags)"
# Deploy any needed docker tags
deploy-docker:
runs-on: "ubuntu-latest"
needs:
- "docker-determine-tags"
if: "${{ fromJson(needs.docker-determine-tags.outputs.has_tags) }}"
strategy:
matrix:
tag: "${{ fromJson(needs.docker-determine-tags.outputs.tags) }}"
image: "${{ fromJson(needs.docker-determine-tags.outputs.images) }}"
steps:
- uses: "actions/checkout@v3"
- name: "Cache Docker layers"
uses: "actions/cache@v3"
with:
path: "/tmp/.buildx-cache"
key: "${{ runner.os }}-buildx-${{ github.sha }}"
restore-keys: |
${{ runner.os }}-buildx-
- name: "Login to Docker Hub"
uses: "docker/login-action@v1"
with:
username: "${{ secrets.DOCKER_HUB_USER }}"
password: "${{ secrets.DOCKER_HUB_TOKEN }}"
- name: "Login to GitHub Container Registry"
uses: "docker/login-action@v2"
with:
registry: "ghcr.io"
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: "Set up Docker Buildx"
id: "buildx"
uses: "docker/setup-buildx-action@v1"
- name: "Build and push"
id: "docker_build"
uses: "docker/build-push-action@v2"
with:
context: "./"
file: "./Dockerfile"
builder: "${{ steps.buildx.outputs.name }}"
push: true
tags: "${{ matrix.image }}:${{ matrix.tag }}"
cache-from: "type=local,src=/tmp/.buildx-cache"
cache-to: "type=local,dest=/tmp/.buildx-cache"
- name: "Image digest"
run: "echo ${{ steps.docker_build.outputs.digest }}"
- name: "Docker Hub Description"
uses: peter-evans/dockerhub-description@v3
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
repository: pypiserver/pypiserver
## GITHUB RELEASE DRAFT
create_release:
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
runs-on: "ubuntu-latest"
needs:
- "tests"
steps:
- uses: actions/checkout@v3
- uses: softprops/action-gh-release@v1
with:
body: 👋 This is a draft release. Please update it manually.
prerelease: false
draft: true
files: |
CHANGES.rst