Skip to content

Use PyPi token for authentication on CI deploy job #55

Use PyPi token for authentication on CI deploy job

Use PyPi token for authentication on CI deploy job #55

Workflow file for this run

name: Extension-Template
on:
push:
branches: [ master ]
pull_request:
types: [ assigned, opened, reopened, synchronize, ready_for_review ]
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-20.04
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.7.12 # Patch version must be specified to avoid any cache confusion, since the cache key depends on the full Python version. Any potentiel difference in patches between jobs will lead to a cache not found error.
- name: Cache build
id: restore-build
uses: actions/cache@v2
with:
path: ${{ env.pythonLocation }}
key: build-${{ env.pythonLocation }}-${{ hashFiles('setup.py') }}-${{ github.sha }} # Cache the entire build Python environment
restore-keys: |
build-${{ env.pythonLocation }}-${{ hashFiles('setup.py') }}
build-${{ env.pythonLocation }}-
- name: Build package
run: make build
- name: Cache release
id: restore-release
uses: actions/cache@v2
with:
path: dist
key: release-${{ env.pythonLocation }}-${{ hashFiles('setup.py') }}-${{ github.sha }}
lint-files:
runs-on: ubuntu-20.04
needs: [ build ]
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0 # Fetch all the tags
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.7.12
- name: Cache build
id: restore-build
uses: actions/cache@v2
with:
path: ${{ env.pythonLocation }}
key: build-${{ env.pythonLocation }}-${{ hashFiles('setup.py') }}-${{ github.sha }}
- run: make check-syntax-errors
- run: make check-style
- name: Lint Python files
run: "${GITHUB_WORKSPACE}/.github/lint-changed-python-files.sh"
- name: Lint YAML tests
run: "${GITHUB_WORKSPACE}/.github/lint-changed-yaml-tests.sh"
test-yaml:
runs-on: ubuntu-20.04
needs: [ build ]
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.7.12
- name: Cache build
id: restore-build
uses: actions/cache@v2
with:
path: ${{ env.pythonLocation }}
key: build-${{ env.pythonLocation }}-${{ hashFiles('setup.py') }}-${{ github.sha }}
- run: openfisca test openfisca_extension_template/tests --country-package openfisca_country_template --extensions openfisca_extension_template
test-api:
runs-on: ubuntu-20.04
needs: [ build ]
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.7.12
- name: Cache build
id: restore-build
uses: actions/cache@v2
with:
path: ${{ env.pythonLocation }}
key: build-${{ env.pythonLocation }}-${{ hashFiles('setup.py') }}-${{ github.sha }}
- name: Test the Web API
run: "${GITHUB_WORKSPACE}/.github/test-api.sh"
check-version-and-changelog:
runs-on: ubuntu-20.04
needs: [ lint-files, test-yaml, test-api ] # Last job to run
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0 # Fetch all the tags
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.7.12
- name: Check version number has been properly updated
run: "${GITHUB_WORKSPACE}/.github/is-version-number-acceptable.sh"
# GitHub Actions does not have a halt job option, to stop from deploying if no functional changes were found.
# We build a separate job to substitute the halt option.
# The `deploy` job is dependent on the output of the `check-for-functional-changes`job.
check-for-functional-changes:
runs-on: ubuntu-20.04
if: github.ref == 'refs/heads/master' # Only triggered for the `master` branch
needs: [ check-version-and-changelog ]
outputs:
status: ${{ steps.stop-early.outputs.status }}
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0 # Fetch all the tags
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.7.12
- id: stop-early
run: if "${GITHUB_WORKSPACE}/.github/has-functional-changes.sh" ; then echo "::set-output name=status::success" ; fi
deploy:
runs-on: ubuntu-20.04
needs: [ check-for-functional-changes ]
if: needs.check-for-functional-changes.outputs.status == 'success'
env:
PYPI_TOKEN_OPENFISCA_BOT: ${{ secrets.PYPI_TOKEN_OPENFISCA_BOT }}
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0 # Fetch all the tags
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.7.12
- name: Cache build
id: restore-build
uses: actions/cache@v2
with:
path: ${{ env.pythonLocation }}
key: build-${{ env.pythonLocation }}-${{ hashFiles('setup.py') }}-${{ github.sha }}
- name: Cache release
id: restore-release
uses: actions/cache@v2
with:
path: dist
key: release-${{ env.pythonLocation }}-${{ hashFiles('setup.py') }}-${{ github.sha }}
- name: Upload a Python package to PyPi
run: twine upload dist/* --username __token__ --password $PYPI_TOKEN_OPENFISCA_BOT
- name: Publish a git tag
run: "${GITHUB_WORKSPACE}/.github/publish-git-tag.sh"