Use a fully locked test environment #1401
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: CI | |
on: | |
merge_group: | |
push: | |
branches: [main] | |
tags: ["*"] | |
pull_request: | |
workflow_dispatch: | |
env: | |
FORCE_COLOR: "1" | |
PIP_DISABLE_PIP_VERSION_CHECK: "1" | |
PIP_NO_PYTHON_VERSION_WARNING: "1" | |
permissions: {} | |
jobs: | |
build-package: | |
name: Build & verify package | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
persist-credentials: false | |
- uses: hynek/build-and-inspect-python-package@v2 | |
id: baipp | |
outputs: | |
# Used to define the matrix for tests below. The value is based on | |
# packaging metadata (trove classifiers). | |
supported-python-versions: ${{ steps.baipp.outputs.supported_python_classifiers_json_array }} | |
tests: | |
name: Tests & Mypy on ${{ matrix.python-version }} | |
runs-on: ubuntu-latest | |
needs: build-package | |
strategy: | |
fail-fast: false | |
matrix: | |
# Created by the build-and-inspect-python-package action above. | |
python-version: ${{ fromJson(needs.build-package.outputs.supported-python-versions) }} | |
steps: | |
- name: Download pre-built packages | |
uses: actions/download-artifact@v4 | |
with: | |
name: Packages | |
path: dist | |
- run: tar xf dist/*.tar.gz --strip-components=1 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
allow-prereleases: true | |
- uses: hynek/setup-cached-uv@v2 | |
- name: Prepare tox | |
env: | |
V: ${{ matrix.python-version }} | |
run: | | |
DO_MYPY=1 | |
if [[ "$V" == "3.8" || "$V" == "3.9" ]]; then | |
DO_MYPY=0 | |
fi | |
echo DO_MYPY=$DO_MYPY >>$GITHUB_ENV | |
echo TOX_PYTHON=py$(echo $V | tr -d .) >>$GITHUB_ENV | |
- run: > | |
uvx --with=tox-uv | |
tox run | |
-e $TOX_PYTHON-mypy | |
if: env.DO_MYPY == '1' | |
- name: Remove src to ensure tests run against wheel | |
run: rm -rf src | |
- run: > | |
uvx --with=tox-uv | |
tox run | |
--installpkg dist/*.whl | |
-e $TOX_PYTHON-tests | |
- name: Upload coverage data | |
uses: actions/upload-artifact@v4 | |
with: | |
name: coverage-data-${{ matrix.python-version }} | |
path: .coverage.* | |
include-hidden-files: true | |
if-no-files-found: ignore | |
tests-pypy: | |
name: Tests on ${{ matrix.python-version }} | |
runs-on: ubuntu-latest | |
needs: build-package | |
strategy: | |
fail-fast: false | |
matrix: | |
python-version: | |
- pypy-3.10 | |
steps: | |
- name: Download pre-built packages | |
uses: actions/download-artifact@v4 | |
with: | |
name: Packages | |
path: dist | |
- run: | | |
tar xf dist/*.tar.gz --strip-components=1 | |
rm -rf src # ensure tests run against wheel | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
allow-prereleases: true | |
- uses: hynek/setup-cached-uv@v2 | |
- run: > | |
uvx --with=tox-uv | |
tox run | |
--installpkg dist/*.whl | |
-e pypy3-tests | |
coverage: | |
name: Combine & check coverage | |
runs-on: ubuntu-latest | |
needs: tests | |
steps: | |
- name: Download pre-built packages | |
uses: actions/download-artifact@v4 | |
with: | |
name: Packages | |
path: dist | |
- run: tar xf dist/*.tar.gz --strip-components=1 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version-file: .python-version-default | |
- uses: hynek/setup-cached-uv@v2 | |
- name: Download coverage data | |
uses: actions/download-artifact@v4 | |
with: | |
pattern: coverage-data-* | |
merge-multiple: true | |
- name: Combine coverage & fail if it's <100%. | |
run: | | |
uv tool install coverage | |
coverage combine | |
coverage html --skip-covered --skip-empty | |
# Report and write to summary. | |
coverage report --format=markdown >> $GITHUB_STEP_SUMMARY | |
# Report again and fail if under 100%. | |
coverage report --fail-under=100 | |
- name: Upload HTML report if check failed. | |
uses: actions/upload-artifact@v4 | |
with: | |
name: html-report | |
path: htmlcov | |
if: ${{ failure() }} | |
docs: | |
name: Build docs & run doctests | |
runs-on: ubuntu-latest | |
needs: build-package | |
steps: | |
- name: Download pre-built packages | |
uses: actions/download-artifact@v4 | |
with: | |
name: Packages | |
path: dist | |
- run: tar xf dist/*.tar.gz --strip-components=1 | |
- uses: actions/setup-python@v5 | |
with: | |
# Keep in sync with tox/docs and .readthedocs.yaml. | |
python-version: "3.13" | |
- uses: hynek/setup-cached-uv@v2 | |
- run: uvx --with=tox-uv tox run -e docs,changelog | |
pyright: | |
name: Check types using pyright | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: actions/setup-python@v5 | |
with: | |
python-version-file: .python-version-default | |
- uses: hynek/setup-cached-uv@v2 | |
- run: uvx --with=tox-uv tox run -e pyright | |
install-dev: | |
name: Verify dev env | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: actions/setup-python@v5 | |
with: | |
python-version-file: .python-version-default | |
- uses: hynek/setup-cached-uv@v2 | |
- run: uv venv --python $(cat .python-version-default) | |
- run: uv pip install -e .[dev] | |
- name: Ensure we can import attr and attrs packages | |
run: | | |
source .venv/bin/activate | |
python -Ic 'import attr; print(attr.__version__)' | |
python -Ic 'import attrs; print(attrs.__version__)' | |
# Ensure everything required is passing for branch protection. | |
required-checks-pass: | |
if: always() | |
needs: | |
- coverage | |
- tests-pypy | |
- docs | |
- install-dev | |
- pyright | |
runs-on: ubuntu-latest | |
steps: | |
- name: Decide whether the needed jobs succeeded or failed | |
uses: re-actors/alls-green@release/v1 | |
with: | |
jobs: ${{ toJSON(needs) }} |