-
Notifications
You must be signed in to change notification settings - Fork 0
175 lines (164 loc) · 5.46 KB
/
build-python.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
name: Build Python Package
on:
push:
branches: [ main ]
tags: [ 'v*' ]
# Trigger the workflow on any pull request
# pull_request:
# schedule:
# - cron: '0 6 * * *' # Daily 6AM UTC build
jobs:
pre-deploy:
name: Pre-Deploy
runs-on: ubuntu-latest
# Run only on pushing a tag
if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
steps:
- name: Dummy
run: |
echo "Pre deploy step"
echo "Ref name from github.ref ${{ github.ref }}"
echo "Tag name from GITHUB_REF_NAME: $GITHUB_REF_NAME"
echo "Tag name from github.ref_name: ${{ github.ref_name }}"
build-tarball:
permissions:
contents: read # to fetch code (actions/checkout)
name: Tarball
runs-on: ubuntu-latest
needs: pre-deploy
defaults:
run:
working-directory: ./python
steps:
- name: Checkout
uses: actions/checkout@v4
with:
submodules: true
- name: Setup Python
uses: actions/setup-python@v5
- name: Update pip, wheel, setuptools, build, twine
run: >
sudo apt-get install libssl-dev &&
python -m pip install -U pip wheel setuptools build twine
- name: Make sdist
run: |
python -m build --sdist
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: dist
path: ./python/dist
build-wheels:
name: Build wheels on ${{ matrix.os }} ${{ matrix.qemu }}
runs-on: ${{ matrix.os }}
needs: pre-deploy
strategy:
fail-fast: false
matrix:
os: [ windows-latest, macos-13, macos-14, ubuntu-latest ]
qemu: [ '' ]
include:
# Split ubuntu job for the sake of speed-up
- os: ubuntu-latest
qemu: aarch64
- os: ubuntu-latest
qemu: ppc64le
- os: ubuntu-latest
qemu: s390x
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
if: ${{ matrix.qemu }}
uses: docker/setup-qemu-action@v3
with:
platforms: all
id: qemu
- name: Prepare emulation
run: |
if [[ -n "${{ matrix.qemu }}" ]]; then
# Build emulated architectures only if QEMU is set,
# use default "auto" otherwise
echo "CIBW_ARCHS_LINUX=${{ matrix.qemu }}" >> $GITHUB_ENV
fi
shell: bash
- name: Cache openssl for windows
if: ${{ contains(matrix.os, 'win') }}
id: cache
uses: actions/cache@v4
with:
path: |
C:/Program Files/OpenSSL
C:/Program Files (x86)/OpenSSL-Win32
key: openssl-cache-for-windows
- name: Install openssl on windows
if: ${{ contains(matrix.os, 'win') && steps.cache.outputs.cache-hit != 'true' }}
run: |
choco upgrade --no-progress -y chocolatey -version 1.4.0 --allow-downgrade &&
choco install --no-progress -y openssl &&
choco install --no-progress --allow-multiple -y --forceX86 --version 1.1.1.2100 openssl
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: 3.x
- name: Update pip, wheel, setuptools, cibuildwheel
run: |
python -m pip install -U pip wheel setuptools cibuildwheel
# Fucking cibuildwheel doesn't contain a real cross-compilation toolchain, at least Linux requires qemu
- name: Build wheels
run: cd ./python && python -m cibuildwheel --output-dir wheelhouse
env:
# CIBW_BUILD_VERBOSITY: 3
CIBW_BEFORE_BUILD_WINDOWS: ${{ github.workspace }}/.github/switch-openssl.bat
CIBW_ENVIRONMENT_WINDOWS: >
OPENSSL_INCLUDE_DIR="./openssl/include"
OPENSSL_LIBRARY_DIR="./openssl/lib"
OPENSSL_LIBRARIES="libcrypto Crypt32 ws2_32 Advapi32 User32"
CIBW_TEST_COMMAND: python {project}/tests/test.py
- uses: actions/upload-artifact@v3
with:
name: dist
path: ./python/wheelhouse/*.whl
deploy:
name: Deploy
needs: [ build-tarball, build-wheels ]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
submodules: true
# Remove old release drafts by using the curl request for the available releases with a draft flag
- name: Remove Old Release Drafts
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh api repos/{owner}/{repo}/releases \
--jq '.[] | select(.draft == true) | .id' \
| xargs -I '{}' gh api -X DELETE repos/{owner}/{repo}/releases/{}
- name: Login
run: |
echo "${{ secrets.GITHUB_TOKEN }}" | gh auth login --with-token
- name: Download distributions
uses: actions/download-artifact@v3
with:
name: dist
path: dist
- name: Collected dists
run: |
tree dist
- name: Sign the dists with Sigstore
uses: sigstore/gh-action-sigstore-python@v2.1.1
with:
inputs: >-
./dist/*.tar.gz
./dist/*.whl
- name: Create Release Draft
uses: softprops/action-gh-release@v2
with:
draft: true
body: |
## What's Changed
# dist/ contains the built packages, which smoketest-artifacts/
# contains the signatures and certificates.
files: dist/**