commit: 35ac52e512e00bc17362a5359bdbc606acc5753e
Author: Brian Harring <ferringb <AT> gmail <DOT> com>
AuthorDate: Mon Dec 1 00:58:39 2025 +0000
Commit: Brian Harring <ferringb <AT> gmail <DOT> com>
CommitDate: Wed Jan 21 19:00:34 2026 +0000
URL:
https://gitweb.gentoo.org/proj/pkgcore/pkgdev.git/commit/?id=35ac52e5
chore: pull in the reusable test and release work
Signed-off-by: Brian Harring <ferringb <AT> gmail.com>
.github/workflows/doc.yml | 1 +
.github/workflows/release.yml | 134 +++++++++++++++++++++++++++++-------------
.github/workflows/test.yml | 22 ++++++-
3 files changed, 113 insertions(+), 44 deletions(-)
diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml
index 1252d17..7a500db 100644
--- a/.github/workflows/doc.yml
+++ b/.github/workflows/doc.yml
@@ -43,6 +43,7 @@ jobs:
path: build/sphinx/html
deploy:
+ if: github.repository == 'pkgcore/pkgdev'
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 989cb71..7cc4449 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -2,77 +2,129 @@ name: release
on:
push:
- branches: [deploy]
+ branches: [release-test-pypi, release-test-github, release-test-full]
tags: [v*]
workflow_dispatch:
+
jobs:
- build-and-deploy:
+ build:
runs-on: ubuntu-latest
- environment: release
-
- permissions:
- id-token: write # Used to authenticate to PyPI via OIDC
-
- contents: write # Used to authenticate github release publish
+ outputs:
+ release-artifact-id: ${{ steps.upload-release.outputs.artifact-id }}
+ wheel-artifact-id: ${{ steps.upload-wheel.outputs.artifact-id }}
+ artifact-runner: ${{ github.job }}
steps:
- name: Checkout code
- uses: actions/checkout@v4
+ uses: actions/checkout@v5
- name: Reject any VCS dependencies
- shell: python
- run: |
- import re, tomllib
- manifest = tomllib.load(open('pyproject.toml', 'rb'))
- deps = manifest['build-system']['requires']
- deps.extend(manifest['project']['dependencies'])
- if rejects := list(filter(re.compile(r'@[^+]+').search, deps)):
- rejects = " \n".join(sorted(rejects))
- raise Exception(f'VCS dependencies were detected in
[build-system]:\n {rejects}')
+ continue-on-error: ${{ github.ref_type == 'branch' && github.ref_name !=
'release-test-full' }}
+ uses: pkgcore/gh-actions/reject-python-vcs-deps@main
- name: Set up Python 3.13
uses: actions/setup-python@v5
with:
python-version: "3.13"
+ cache: 'pip'
+ cache-dependency-path: pyproject.toml
- name: Install dependencies
run: |
python -m pip install --upgrade pip
- pip install build ".[test,doc]"
-
- - name: Test with pytest
- env:
- PY_COLORS: 1 # forcibly enable pytest colors
- run: pytest
+ pip install build ".[doc]"
- - name: Build sdist
+ - name: Build the release
run: |
- git clean -fxd
- make man
- make sdist
-
- - name: Build wheel
- run: make wheel
+ make release
- name: Output dist file info
run: |
sha512sum dist/*
+ echo ::group::Release contents
tar -ztf dist/*.tar.gz | sort
+ echo ::endgroup::
+ echo ::group::All generated content in dist
+ find .
+ echo ::endgroup::
+
+ - name: Upload wheel
+ id: upload-wheel
+ uses: actions/upload-artifact@v5
+ with:
+ name: wheel-release
+ path: dist/*.whl
+ if-no-files-found: error
- - uses: actions/upload-artifact@v4
+ - name: Upload release source
+ id: upload-release
+ uses: actions/upload-artifact@v5
with:
- name: results
- path: dist/*
+ name: release-source
+ path: dist/*.tar.gz
+ if-no-files-found: error
+
+ test:
+ needs: [build]
+ uses: ./.github/workflows/test.yml
+ with:
+ release-artifact-id: ${{ needs.build.outputs.release-artifact-id }}
+ disable-format-check: true
- - name: publish
- uses: pypa/gh-action-pypi-publish@release/v1
- if: startsWith(github.ref, 'refs/tags/')
+ publish:
+ if: github.ref_type == 'tag'
+ needs: [build, test]
+ environment: release
+ permissions:
+ id-token: write # Used to authenticate to PyPI via OIDC
+ contents: write # release uploads
+ runs-on: ubuntu-latest
- - name: Create GitHub release
- uses: softprops/action-gh-release@v1
- if: startsWith(github.ref, 'refs/tags/')
+ steps:
+ - &common_download_artifacts
+ name: Download artifacts
+ uses: actions/download-artifact@v5
+ with:
+ merge-multiple: true # store both in the root, not in named directories
+ artifact-ids: ${{ needs.build.outputs.release-artifact-id }},${{
needs.build.outputs.wheel-artifact-id }}
+
+ - name: Publish github source
+ uses: softprops/action-gh-release@v2
with:
- files: dist/*.tar.gz
+ files: '*.tar.*'
+ fail_on_unmatched_files: true
+
+ - name: Publish to PyPi server
+ uses: pypa/gh-action-pypi-publish@release/v1.13
+ with:
+ packages-dir: .
+
+ test-publish:
+ # use the full form to ensure insane tags and errors in 'on' filter still
don't kick.
+ if: github.ref_type == 'branch'
+ needs: [build, test]
+ environment: test-release
+ permissions:
+ id-token: write # Used to authenticate to PyPI via OIDC
+ contents: write # release uploads-
+ runs-on: ubuntu-latest
+
+ steps:
+ - *common_download_artifacts
+ - name: Publish github source
+ uses: softprops/action-gh-release@v2
+ if: github.ref_name == 'release-test-github' || github.ref_name ==
'release-test-full'
+ with:
+ files: '*.tar.*'
fail_on_unmatched_files: true
draft: true
+
+ - name: Publish to Test PyPi server
+ if: github.ref_name == 'release-test-pypi' || github.ref_name ==
'release-test-full'
+ uses: pypa/gh-action-pypi-publish@release/v1.13
+ with:
+ packages-dir: .
+ repository-url: https://test.pypi.org/legacy/
+ # attestations are bound in a way re-releasing isn't possible.
Disable for tests.
+ attestations: false
\ No newline at end of file
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 0528f2e..dca8f41 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -2,9 +2,20 @@ name: test
on:
push:
- branches-ignore: [deploy]
+ branches-ignore: [release-test-*]
pull_request:
- branches: [main]
+ branches: [master]
+ workflow_call:
+ inputs:
+ release-artifact-id:
+ required: false
+ type: string
+ default: ''
+ description: The artifact-id to run the tests against.
+ disable-format-check:
+ type: string
+ default: ''
+ description: Disable ruff format check if it is a non empty value
jobs:
test:
@@ -26,7 +37,10 @@ jobs:
steps:
- name: Checkout code
- uses: actions/checkout@v4
+ uses: pkgcore/gh-actions/get-source@main
+ with:
+ artifact-id: ${{ inputs.release-artifact-id }}
+
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
@@ -67,6 +81,7 @@ jobs:
lint:
runs-on: ubuntu-latest
+ if: inputs.disable-format-check == ''
steps:
- name: Checkout code
uses: actions/checkout@v4
@@ -86,6 +101,7 @@ jobs:
format:
runs-on: ubuntu-latest
+ if: inputs.disable-format-check == ''
steps:
- name: Checkout code
uses: actions/checkout@v4
