Convert to using reusable workflows from the `tektronix/python-packag…

…e-ci-cd` repo (#284) * ci: Fix templates for releasing * ci: Converted all workflows to use reusable workflows from the tektronix/python-package-ci-cd repository. * test: Skip running certain pre-commit hooks that fail in older Python versions * ci: Pin reusable workflows to v1.0.0 of tektronix/python-package-ci-cd
tektronix · Aug 27, 2024 · 266e6b6 · 266e6b6
1 parent 7e97cc3
commit 266e6b6
Show file tree

Hide file tree

Showing 27 changed files with 176 additions and 1,378 deletions.
diff --git a/.github/workflows/check-api-for-breaking-changes.yml b/.github/workflows/check-api-for-breaking-changes.yml
@@ -3,40 +3,8 @@ name: Check Public API for Breaking Changes
 on:
   pull_request:
     branches: [main]
-  workflow_call:
-    inputs:
-      package-name:
-        description: The name of the package to check.
-        required: true
-        type: string
 jobs:
   check-api-for-breaking-changes:
-    name: Check API for breaking changes
-    runs-on: ubuntu-latest
-    env:
-      PACKAGE_NAME: ${{ inputs.package-name || 'tm_devices' }}
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - name: Set up Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: x  # any version
-          check-latest: true
-      - name: Install package to check
-        run: |
-          pip install --upgrade .
-          pip install griffe
-      - name: Check API for breaking changes
-        continue-on-error: true
-        run: |
-          echo "## Breaking API Changes" > breaking_changes.md
-          echo "\`\`\`" >> breaking_changes.md
-          griffe check --format=verbose --against=$(git rev-parse origin/main) --search=src "$PACKAGE_NAME" 2>&1 | tee -a breaking_changes.md
-      - name: Finish writing summary file
-        run: echo "\`\`\`" >> breaking_changes.md
-      - uses: actions/upload-artifact@v4
-        with:
-          name: breaking_changes
-          path: breaking_changes.md
+    uses: tektronix/python-package-ci-cd/.github/workflows/_reusable-check-api-for-breaking-changes.yml@v1.0.0
+    with:
+      package-name: tm_devices
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -4,32 +4,16 @@ on:
   push:
     branches: [main]
   pull_request:
-    # The branches below must be a subset of the branches above
     branches: [main]
   schedule:
     - cron: 17 16 * * 4
-  workflow_call:
 jobs:
   analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
+    uses: tektronix/python-package-ci-cd/.github/workflows/_reusable-codeql-analysis.yml@v1.0.0
+    with:
+      languages-array: '["python", "javascript"]'
+      codeql-queries: security-extended,security-and-quality
     permissions:
       actions: read
       contents: read
       security-events: write
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [python, javascript]
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
-        with:
-          languages: ${{ matrix.language }}
-          queries: security-extended,security-and-quality
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
-        with:
-          category: /language:${{matrix.language}}
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -3,7 +3,6 @@ name: Pull Request Dependency Review
 on:
   pull_request:
     branches: [main]
-  workflow_call:
 permissions:
   contents: read
   pull-requests: write

diff --git a/.github/workflows/enforce-community-standards.yml b/.github/workflows/enforce-community-standards.yml
@@ -0,0 +1,10 @@
+---
+name: Enforce Open Source Community Standards
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+jobs:
+  enforce-community-standards:
+    uses: tektronix/python-package-ci-cd/.github/workflows/_reusable-enforce-community-standards.yml@v1.0.0
diff --git a/.github/workflows/package-build.yml b/.github/workflows/package-build.yml
@@ -6,68 +6,18 @@ on:
     tags: ['*']
   pull_request:
     branches: [main]
-  workflow_call:
-    inputs:
-      package-name:
-        description: The name of the package being installed.
-        required: true
-        type: string
-env:
-  PACKAGE_NAME: ${{ inputs.package-name || 'tm_devices' }}
+# Cancel running jobs for the same workflow and branch.
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
 jobs:
-  # Verify the package builds fine
-  build-package:
-    name: Build package
-    runs-on: ubuntu-latest
-    environment: package-build
+  package-build:
+    uses: tektronix/python-package-ci-cd/.github/workflows/_reusable-package-build.yml@v1.0.0
+    with:
+      package-name: tm_devices
+      python-versions-array: '["3.8", "3.9", "3.10", "3.11", "3.12"]'  # when updating this, make sure to update all workflows that use this strategy
+      operating-systems-array: '["ubuntu", "windows", "macos"]'
     permissions:
+      contents: read
       id-token: write
       attestations: write
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - uses: hynek/build-and-inspect-python-package@v2.8.0
-        id: build-pkg
-        with:
-          attest-build-provenance-github: ${{ !(github.event.pull_request.head.repo.fork || github.event.workflow_call.pull_request.head.repo.fork) && github.actor != 'dependabot[bot]' }}
-  install-package:
-    name: Install package
-    needs: build-package
-    runs-on: ${{ matrix.platform }}
-    strategy:
-      fail-fast: false
-      matrix:
-        platform: [ubuntu-latest, windows-latest, macos-latest]
-        python-version: ['3.8', '3.9', '3.10', '3.11', '3.12']  # when updating this, make sure to update all workflows that use this strategy
-    steps:
-      - name: Download built packages
-        uses: actions/download-artifact@v4
-        with:
-          name: Packages
-          path: dist
-      - name: Set up Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: ${{ matrix.python-version }}
-          check-latest: true
-      - name: Test installing wheel
-        shell: bash
-        run: pip install dist/*.whl
-      - name: Uninstall wheel
-        run: pip uninstall --yes "${{ env.PACKAGE_NAME }}"
-      - name: Test installing tarball
-        shell: bash
-        run: pip install dist/*.tar.gz
-      - name: Uninstall tarball
-        run: pip uninstall --yes "${{ env.PACKAGE_NAME }}"
-  # Check that all jobs passed
-  check-build-and-install-passed:
-    if: ${{ !cancelled() }}
-    needs: [build-package, install-package]
-    runs-on: ubuntu-latest
-    steps:
-      - name: Decide whether the needed jobs succeeded or failed
-        uses: re-actors/alls-green@release/v1
-        with:
-          jobs: ${{ toJSON(needs) }}