Skip to content

Commit

Permalink
Use new create package action with attestation (forked repo action)
Browse files Browse the repository at this point in the history
  • Loading branch information
rmartin16 committed May 28, 2024
1 parent 22bad38 commit 56e9757
Show file tree
Hide file tree
Showing 6 changed files with 66 additions and 31 deletions.
61 changes: 40 additions & 21 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,15 @@ on:
branches:
- main
workflow_call:
inputs:
attest-package:
description: "Create GitHub provenance attestation for the package."
default: "false"
type: string
outputs:
artifact-name:
description: "Name of the uploaded artifact; use for artifact retrieval."
value: ${{ jobs.package.outputs.artifact-name }}
artifact-basename:
description: "Base name of the uploaded artifacts; use for artifact retrieval."
value: ${{ jobs.package.outputs.artifact-basename }}

env:
min_python_version: "3.8"
Expand Down Expand Up @@ -38,12 +43,11 @@ jobs:
tox-source: "./core[dev]"

package:
name: Python package
uses: beeware/.github/.github/workflows/python-package-create.yml@main
with:
tox-source: "./core[dev]"
build-subdirectory: ${{ matrix.subdir }}
distribution-path: "*/dist/*"
name: Package Toga
permissions:
id-token: write
contents: read
attestations: write
strategy:
matrix:
subdir:
Expand All @@ -58,6 +62,11 @@ jobs:
- "textual"
- "web"
- "winforms"
# uses: beeware/.github/.github/workflows/python-package-create.yml@main
uses: rmartin16/.github-beeware/.github/workflows/python-package-create.yml@hynek-build
with:
build-subdirectory: ${{ matrix.subdir }}
attest: ${{ inputs.attest-package }}

core:
name: Test core
Expand Down Expand Up @@ -94,30 +103,37 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v4.1.6
with:
fetch-depth: 0

- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5.1.0
with:
python-version: ${{ matrix.python-version }}

- name: Install dev Dependencies
run: |
# We don't actually want to install toga-core;
# we just want the dev extras so we have a known version of tox and coverage
python -m pip install ./core[dev]
- name: Install Tox
uses: rmartin16/.github-beeware/.github/actions/install-requirement@hynek-build
with:
requirements: tox
extra: dev
project-root: core
workflow-repo: rmartin16/.github-beeware
workflow-repo-ref: hynek-build

- name: Get Packages
uses: actions/download-artifact@v4.1.7
with:
pattern: ${{ needs.package.outputs.artifact-name }}-*
pattern: ${{ format('{0}-*', needs.package.outputs.artifact-basename) }}
merge-multiple: true
path: dist

- name: Test
run: |
# The $(ls ...) shell expansion is done in the Github environment;
# the value of TOGA_INSTALL_COMMAND will be a literal string without any shell expansions to perform
TOGA_INSTALL_COMMAND="python -m pip install ../$(ls core/dist/toga_core-*.whl)[dev] ../$(ls dummy/dist/toga_dummy-*.whl)" \
TOGA_INSTALL_COMMAND="python -m pip install ../$(ls dist/toga_core-*.whl)[dev] ../$(ls dist/toga_dummy-*.whl)" \
tox -e py-cov
tox -qe coverage$(tr -dc "0-9" <<< "${{ matrix.python-version }}")
mv core/.coverage core/.coverage.${{ matrix.platform }}.${{ matrix.python-version }}
Expand Down Expand Up @@ -145,11 +161,14 @@ jobs:
# https://github.com/nedbat/coveragepy/issues/1572#issuecomment-1522546425
python-version: ${{ env.min_python_version }}

- name: Install dev dependencies
run: |
# We don't actually want to install toga-core;
# we just want the dev extras so we have a known version of coverage
python -m pip install ./core[dev]
- name: Install Tox
uses: rmartin16/.github-beeware/.github/actions/install-requirement@hynek-build
with:
requirements: tox
extra: dev
project-root: core
workflow-repo: rmartin16/.github-beeware
workflow-repo-ref: hynek-build

- name: Retrieve Coverage Data
uses: actions/download-artifact@v4.1.7
Expand Down
24 changes: 14 additions & 10 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ on:
jobs:
ci:
uses: ./.github/workflows/ci.yml
with:
attest-package: "true"

docs:
name: Verify Docs Build
Expand All @@ -24,28 +26,29 @@ jobs:
permissions:
contents: write
steps:
- name: Set build variables
- name: Set Build Variables
run: |
echo "VERSION=${GITHUB_REF_NAME#v}" >> $GITHUB_ENV
echo "VERSION=${GITHUB_REF_NAME#v}" | tee -a $GITHUB_ENV
- name: Get packages
- name: Get Packages
uses: actions/download-artifact@v4.1.7
with:
pattern: ${{ needs.ci.outputs.artifact-name }}-*
pattern: ${{ format('{0}-*', needs.ci.outputs.artifact-basename) }}
merge-multiple: true
path: dist

- name: Create release
- name: Create Release
uses: ncipollo/release-action@v1.14.0
with:
name: ${{ env.VERSION }}
draft: true
artifacts: "*/dist/*"
artifacts: "dist/*"
artifactErrorsFailBuild: true

deploy-test:
name: Publish to TestPyPI
runs-on: ubuntu-latest
needs: [ci, release]
needs: [ ci, release ]
permissions:
# This permission is required for trusted publishing.
id-token: write
Expand All @@ -68,16 +71,17 @@ jobs:
- "toga_web"
- "toga_winforms"
steps:
- name: Get packages
- name: Get Packages
uses: actions/download-artifact@v4.1.7
with:
pattern: ${{ needs.ci.outputs.artifact-name }}-*
pattern: ${{ format('{0}-*', needs.ci.outputs.artifact-basename) }}
merge-multiple: true
path: staging_dist

- name: Extract ${{ matrix.package }}
run: |
mkdir dist
mv */dist/$(echo ${{ matrix.package }} | sed 's/_/?/')-[0-9]* dist
mv staging_dist/$(echo ${{ matrix.package }} | sed 's/_/?/')-[0-9]* dist
- name: Publish to TestPyPI
uses: pypa/gh-action-pypi-publish@release/v1
Expand Down
1 change: 1 addition & 0 deletions changes/2604.misc.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
``hynek/build-and-inspect-python-package`` is now used to create the Python package.
4 changes: 4 additions & 0 deletions demo/pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -119,3 +119,7 @@ build_gradle_dependencies = [
"com.google.android.material:material:1.11.0",
"androidx.swiperefreshlayout:swiperefreshlayout:1.1.0",
]

[tool.check-wheel-contents]
# WOO2: duplicated files (i.e. resource images)
ignore = "W002"
5 changes: 5 additions & 0 deletions toga/pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -81,3 +81,8 @@ dependencies = [
# Web
"toga-web == {version}; sys_platform=='emscripten'",
]

[tool.check-wheel-contents]
# WOO7: wheel library is empty
# W008: wheel is empty
ignore = "W007,W008"
2 changes: 2 additions & 0 deletions tox.ini
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,9 @@ skip_install = True
passenv = FORCE_COLOR
deps =
build==1.2.1
check-wheel-contents==0.6.0
twine==5.1.0
commands =
python -m build {posargs}
python -m twine check {posargs}{/}dist{/}*
check-wheel-contents {posargs}{/}dist{/}

0 comments on commit 56e9757

Please sign in to comment.