Skip to content

build(deps): bump cryptography in /dask-gateway-server (#810) #499

build(deps): bump cryptography in /dask-gateway-server (#810)

build(deps): bump cryptography in /dask-gateway-server (#810) #499

# This is a GitHub workflow defining a set of jobs with a set of steps.
# ref: https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions
#
name: Build and publish Python packages
# Always test build of packages, but only publish to PyPI on pushed tag
on:
pull_request:
paths:
- "dask-gateway/**"
- "dask-gateway-server/**"
- ".github/workflows/build-publish-python-packages.yaml"
push:
paths:
- "dask-gateway/**"
- "dask-gateway-server/**"
- ".github/workflows/build-publish-python-packages.yaml"
branches: ["main"]
tags: ["**"]
workflow_dispatch:
jobs:
# Builds sdist (.tar.gz) and wheels (.whl) for the Python packages.
#
# - dask-gateway's wheel is platform and CPU architecture independent
# - dask-gateway-server's wheel is platform dependent (linux/mac) and CPU
# architecture dependent (amd64/arm64) because of the compiled Golang
# binary.
#
# Golang cross platform (GOOS env) and cross architecture (GOARCH env)
# compilation is used to produce different artifacts independent of the job's
# platform and CPU architecture.
#
build:
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
# GOOS and GOARCH options available:
# https://go.dev/doc/install/source#environment
#
include:
- package: dask-gateway
upload_sdist: true
- package: dask-gateway-server
GOOS: linux
GOARCH: amd64
upload_sdist: true
- package: dask-gateway-server
GOOS: linux
GOARCH: arm64
upload_sdist: false
- package: dask-gateway-server
GOOS: darwin
GOARCH: amd64
upload_sdist: false
- package: dask-gateway-server
GOOS: darwin
GOARCH: arm64
upload_sdist: false
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Install build package
run: |
pip install build
pip list
- name: Build sdist and wheel
env:
GOOS: "${{ matrix.GOOS }}"
GOARCH: "${{ matrix.GOARCH }}"
working-directory: ${{ matrix.package }}
run: |
python -m build --sdist --wheel .
ls -alh ./dist
sha256sum ./dist/* | tee SHA256SUMS
- name: Upload sdist artifact
if: matrix.upload_sdist
uses: actions/upload-artifact@v4
with:
name: ${{ format('{0}_{1}', matrix.package, 'sdist') }}
path: ${{ matrix.package }}/dist/*.tar.gz
if-no-files-found: error
- name: Upload wheel artifact
uses: actions/upload-artifact@v4
with:
name: ${{ format('{0}_{1}-{2}-{3}', matrix.package, 'wheel', matrix.GOOS, matrix.GOARCH) }}
path: ${{ matrix.package }}/dist/*.whl
if-no-files-found: error
publish:
needs: build
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
package:
- dask-gateway
- dask-gateway-server
steps:
- name: Download built source distributions and wheels
uses: actions/download-artifact@v4
with:
pattern: ${{ matrix.package }}_*
path: ${{ matrix.package }}/dist
merge-multiple: true
- name: Inspect built source distributions and wheels
working-directory: ${{ matrix.package }}
run: |
ls -alh ./dist
sha256sum ./dist/* | tee SHA256SUMS
# Because we have two separate deploy tokens for the dask-gateway and
# dask-gateway-server packages, we define two separate steps to pick out
# the relevant secret depending on matrix.package.
- name: Publish to PyPI (dask-gateway)
uses: pypa/gh-action-pypi-publish@release/v1
if: >-
startsWith(github.ref, 'refs/tags/')
&& matrix.package == 'dask-gateway'
with:
user: __token__
password: "${{ secrets.pypi_token__dask_gateway }}"
packages_dir: ${{ matrix.package }}/dist
- name: Publish to PyPI (dask-gateway-server)
uses: pypa/gh-action-pypi-publish@release/v1
if: >-
startsWith(github.ref, 'refs/tags/')
&& matrix.package == 'dask-gateway-server'
with:
user: __token__
password: "${{ secrets.pypi_token__dask_gateway_server }}"
packages_dir: ${{ matrix.package }}/dist