-
Notifications
You must be signed in to change notification settings - Fork 10
172 lines (161 loc) · 5.43 KB
/
bindings-python.yml
File metadata and controls
172 lines (161 loc) · 5.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
# SPDX-License-Identifier: MPL-2.0
#
# libpathrs: safe path resolution on Linux
# Copyright (C) 2019-2025 SUSE LLC
# Copyright (C) 2026 Aleksa Sarai <cyphar@cyphar.com>
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at https://mozilla.org/MPL/2.0/.
on:
push:
branches: [ main ]
tags:
- 'v*'
pull_request:
branches: [ main ]
release:
types: [ published ]
schedule:
- cron: '0 0 * * *'
env:
PYTHON_DIST: ${{ github.workspace }}/.tmp/python3-pathrs-${{ github.run_id }}-${{ github.run_attempt }}
name: bindings-python
jobs:
ruff:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: astral-sh/ruff-action@v3
with:
args: "--version"
- run: ruff check
- run: ruff format --check --diff
mypy:
permissions:
contents: read
pull-requests: read
checks: write # allow the action to annotate code
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
# Set up python venv.
- uses: actions/setup-python@v6
- name: install mypy
run: >-
python3 -m pip install --user mypy
- uses: tsuyoshicho/action-mypy@v5
with:
github_token: ${{ secrets.github_token }}
reporter: github-check
workdir: contrib/bindings/python/pathrs
fail_on_error: true
build-pyproject:
strategy:
fail-fast: false
matrix:
python-version: ["3.9", "3.10", "3.11", "3.12", "3.13", "3.x"]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
# Build and install libpathrs.so.
- uses: dtolnay/rust-toolchain@stable
- name: build libpathrs
run: make release
- name: install libpathrs
run: sudo ./install.sh --libdir=/usr/lib
# Set up python venv.
- uses: actions/setup-python@v6
with:
python-version: ${{ matrix.python-version }}
- name: install pypa/build
run: >-
python3 -m pip install --user build twine
# Build and install our bindings.
- name: build python-pathrs bindings
run: make -C contrib/bindings/python dist
- run: twine check contrib/bindings/python/dist/*
- name: install python-pathrs bindings
run: make -C contrib/bindings/python install
# Verify that the crate and python bindings have the same version.
# TODO: Move this to a "make check" we can run locally as well.
- name: check crate and python binding versions match
run: |
CRATE_VERSION="$(cargo metadata --no-deps --format-version=1 | jq -rM '.packages[] | select(.name == "pathrs") | "\(.name)-\(.version)"')"
PY_VERSION="$(python3 -c 'import importlib.metadata; print("pathrs-" + importlib.metadata.version("pathrs"))')"
echo "rust crate version: $CRATE_VERSION";
echo "python module version: $PY_VERSION";
[[ "$CRATE_VERSION" == "$PY_VERSION" ]] || exit 1
# Include the dist/ in our artefacts.
- name: upload python-pathrs bindings dist/
uses: actions/upload-artifact@v7
with:
name: python-${{ matrix.python-version }}-pathrs-dist
path: contrib/bindings/python/dist/
smoke-test:
strategy:
fail-fast: false
matrix:
python-version: ["3.9", "3.10", "3.11", "3.12", "3.13", "3.x"]
needs:
- build-pyproject
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
# Build and install libpathrs.so.
- uses: dtolnay/rust-toolchain@stable
- name: build libpathrs
run: make release
- name: install libpathrs
run: sudo ./install.sh --libdir=/usr/lib
# Set up python venv.
- uses: actions/setup-python@v6
with:
python-version: ${{ matrix.python-version }}
# Download the pre-built python dist.
- name: download built python-pathrs
uses: actions/download-artifact@v8
with:
name: python-${{ matrix.python-version }}-pathrs-dist
path: ${{ env.PYTHON_DIST }}
- name: install python-pathrs
run: |-
python3 -m pip install ${{ env.PYTHON_DIST }}/*.whl
# Run smoke-tests.
- run: make -C examples/python smoke-test
python-complete:
needs:
- ruff
- mypy
- build-pyproject
- smoke-test
runs-on: ubuntu-latest
steps:
- run: echo "Python CI jobs completed successfully."
# TODO: Should we move this to a separate workflow?
release-pypi:
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
needs:
- build-pyproject
- python-complete
runs-on: ubuntu-latest
environment:
name: release-pypi
url: "https://pypi.org/p/pathrs"
permissions:
id-token: write
steps:
- name: download built python-pathrs
uses: actions/download-artifact@v8
with:
name: python-3.x-pathrs-dist
path: ${{ env.PYTHON_DIST }}
# PyPI doesn't let us upload our native wheel because we aren't building
# using the restrictive manylinux set of libraries (because we depend on
# libpathrs.so).
- name: remove wheel from python-pathrs
run: rm -fv ${{ env.PYTHON_DIST }}/*.whl
- name: upload python-pathrs to pypi
uses: pypa/gh-action-pypi-publish@release/v1
with:
packages-dir: ${{ env.PYTHON_DIST }}