Skip to content

Authorization: Web API protected by access token #166

Authorization: Web API protected by access token

Authorization: Web API protected by access token #166

# This workflow will install Python dependencies, run tests and lint with a variety of Python versions
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
name: CI/CD
on:
push:
pull_request:
branches: [ dev ]
# This guards against unknown PR until a community member vet it and label it.
types: [ labeled ]
jobs:
ci:
# Derived from https://docs.github.com/en/actions/guides/building-and-testing-python#starting-with-the-python-workflow-template
runs-on: ubuntu-latest # The latest 22.04 no longer supports Python 3.5, 3.6
strategy:
matrix:
# See also https://endoflife.date/python
python-version: [3.8, 3.9, "3.10", 3.11, 3.12]
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install flake8 pytest
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
- name: Lint with flake8
run: |
# stop the build if there are Python syntax errors or undefined names
#flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
#flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- name: Test with pytest
run: |
pytest
cd:
needs: ci
# Note: github.event.pull_request.draft == false WON'T WORK in "if" statement,
# because the triggered event is a push, not a pull_request.
# This means each commit will trigger a release on TestPyPI.
# Those releases will only succeed when each push has a new version number: a1, a2, a3, etc.
if: |
github.event_name == 'push' &&
(
startsWith(github.ref, 'refs/tags') ||
startsWith(github.ref, 'refs/heads/release-')
)
runs-on: ubuntu-latest
# Based on trusted publisher https://docs.pypi.org/trusted-publishers/
permissions:
id-token: write # mandatory for trusted publishing
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.9
uses: actions/setup-python@v4
with:
python-version: 3.9
- name: Build a package for release
run: |
python -m pip install build --user
python -m build --sdist --wheel --outdir dist/ .
- name: |
Publish to TestPyPI when pushing to release-* branch.
You better test with a1, a2, b1, b2 releases first.
if: startsWith(github.ref, 'refs/heads/release-')
# You need to setup Trusted Publisher first
uses: pypa/gh-action-pypi-publish@release/v1
with:
repository-url: https://test.pypi.org/legacy/
- name: Publish to PyPI
if: startsWith(github.ref, 'refs/tags')
# You need to setup Trusted Publisher first
uses: pypa/gh-action-pypi-publish@release/v1