python updates and security fixes #201
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# run test suites | |
name: Tests | |
on: | |
- pull_request | |
- push | |
- release | |
- workflow_dispatch | |
# cancel the current workflow if another commit was pushed on the same PR or reference | |
# uses the GitHub workflow name to avoid collision with other workflows running on the same PR/reference | |
concurrency: | |
group: "${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}" | |
cancel-in-progress: true | |
jobs: | |
# see: https://github.com/fkirc/skip-duplicate-actions | |
skip_duplicate: | |
continue-on-error: true | |
runs-on: ubuntu-latest | |
outputs: | |
should_skip: ${{ steps.skip_duplicate.outputs.should_skip && ! contains(github.ref, 'refs/tags') }} | |
steps: | |
- id: skip_check | |
uses: fkirc/skip-duplicate-actions@master | |
with: | |
concurrent_skipping: "same_content" | |
skip_after_successful_duplicate: "true" | |
do_not_skip: '["pull_request", "workflow_dispatch", "schedule", "release"]' | |
# see: https://github.com/actions/setup-python | |
tests: | |
needs: skip_duplicate | |
if: ${{ needs.skip_duplicate.outputs.should_skip != 'true' }} | |
runs-on: ${{ matrix.os }} | |
continue-on-error: ${{ matrix.allow-failure }} | |
env: | |
# override make command to install directly in active python | |
CONDA_CMD: "" | |
services: | |
# Label used to access the service container | |
mongodb: | |
image: mongo:3.4.23 # DockerHub | |
ports: | |
- "27017:27017" | |
strategy: | |
matrix: | |
os: [ubuntu-latest] | |
python-version: ["3.9", "3.10", "3.11", "3.12"] | |
allow-failure: [false] | |
test-case: [test-local] | |
include: | |
# linter tests | |
- os: ubuntu-latest | |
python-version: 3.11 | |
allow-failure: false | |
test-case: lint | |
# coverage test | |
- os: ubuntu-latest | |
python-version: 3.11 | |
allow-failure: false | |
test-case: coverage | |
# smoke test of Docker image | |
- os: ubuntu-latest | |
python-version: None # doesn't matter which one (in docker), but match default of repo | |
allow-failure: false | |
test-case: docker-test | |
# deprecated versions | |
- os: ubuntu-latest | |
python-version: 3.8 # EOL 2024-10 | |
allow-failure: false | |
test-case: test-local | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: "0" | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
if: ${{ matrix.python-version != 'None' }} | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Install Dependencies | |
if: ${{ matrix.python-version != 'None' }} | |
# install package and dependencies directly, | |
# skip sys/conda setup to use active python | |
run: make install develop | |
- name: Display Packages | |
if: ${{ matrix.python-version != 'None' }} | |
run: pip freeze | |
- name: Display Environment Variables | |
run: | | |
hash -r | |
env | sort | |
- name: Run Tests | |
run: make --no-keep-going ${{ matrix.test-case }} | |
- name: Stop Workers | |
if: ${{ matrix.python-version == 'None' }} | |
run: make docker-stop | |
- name: Upload coverage report | |
uses: codecov/codecov-action@v4.0.1 | |
if: ${{ success() && matrix.test-case == 'coverage' }} | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: ./coverage/coverage.xml | |
fail_ci_if_error: true | |
verbose: true | |
deploy_pypi: | |
needs: tests | |
# Don't match master branch for upload to avoid duplicate error, even if the tag is usually applied on master. | |
if: ${{ success() && github.event_name == 'push' && contains(github.ref, 'refs/tags') }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: "0" | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: "3.11" | |
- name: Build Distribution Package | |
run: make develop dist | |
- name: Push Package to PyPi | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
with: | |
user: __token__ | |
password: ${{ secrets.PYPI_API_TOKEN }} | |
verbose: true # For debugging 'twine upload' if a problem occurs. |