remove dup cred_rest_client #877
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: wipac ci/cd | |
| on: | |
| push: | |
| branches: | |
| - '**' | |
| tags-ignore: | |
| - '**' | |
| jobs: | |
| py-versions: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| matrix: ${{ steps.versions.outputs.matrix }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ github.sha }} # lock to triggered commit (github.ref is dynamic) | |
| - id: versions | |
| uses: WIPACrepo/wipac-dev-py-versions-action@v2.7 | |
| ############################################################################ | |
| # LINTERS | |
| ############################################################################# | |
| flake8: | |
| needs: [ py-versions ] | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| py3: ${{ fromJSON(needs.py-versions.outputs.matrix) }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ github.sha }} # lock to triggered commit (github.ref is dynamic) | |
| - uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ matrix.py3 }} | |
| - uses: WIPACrepo/wipac-dev-flake8-action@v1.3 | |
| with: | |
| max-complexity: 20 # ideal is ~10-15 | |
| mypy: | |
| needs: [ py-versions ] | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| py3: ${{ fromJSON(needs.py-versions.outputs.matrix) }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 # setuptools-scm needs to access git tags | |
| ref: ${{ github.sha }} # lock to triggered commit (github.ref is dynamic) | |
| - uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ matrix.py3 }} | |
| - uses: WIPACrepo/wipac-dev-mypy-action@v2.0 | |
| ############################################################################ | |
| # PACKAGING | |
| ############################################################################# | |
| py-setup: | |
| if: ${{ github.actor != 'dependabot[bot]' }} # dependabot cannot access PAT | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
| ref: ${{ github.ref }} # dont lock to sha (action needs to push) | |
| - uses: WIPACrepo/wipac-dev-py-setup-action@v5.7 | |
| with: | |
| mode: PACKAGING_AND_PYPI | |
| python_min: 3.11 | |
| python_max: 3.13 | |
| pypi_name: iceprod | |
| author: WIPAC Developers | |
| author_email: developers@icecube.wisc.edu | |
| keywords_comma: "WIPAC, batch, workload" | |
| package_dirs: iceprod | |
| auto_mypy_option: True | |
| py-dependencies: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 # setuptools-scm needs to access git tags | |
| ref: ${{ github.sha }} # lock to triggered commit (github.ref is dynamic) | |
| - uses: WIPACrepo/wipac-dev-py-dependencies-action@v3.2 | |
| ############################################################################ | |
| # TESTS | |
| ############################################################################# | |
| tests: | |
| needs: [ py-versions ] | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| py3: ${{ fromJSON(needs.py-versions.outputs.matrix) }} | |
| services: | |
| mongo: | |
| image: mongo:7.0 | |
| ports: | |
| - 27017:27017 | |
| redis: | |
| image: redis:8 | |
| ports: | |
| - 6379:6379 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 # setuptools-scm needs to access git tags | |
| ref: ${{ github.sha }} # lock to triggered commit (github.ref is dynamic) | |
| - uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ matrix.py3 }} | |
| - name: Install dependencies | |
| run: | | |
| set -euo pipefail; echo "now: $(date -u +"%Y-%m-%dT%H:%M:%S.%3N")" | |
| pip install --upgrade pip wheel setuptools | |
| pip install .[tests] | |
| - name: Run Tests | |
| run: | | |
| coverage run --source iceprod,bin --parallel-mode --branch -m pytest --tb=short --log-level=info tests | |
| - name: Coverage report | |
| if: always() && steps.dependencies.outcome != 'failure' | |
| run: | | |
| coverage combine | |
| coverage report -m --fail-under=30 | |
| # TODO: adjust this to a higher coverage number | |
| docker-build: | |
| name: "Docker Image" | |
| if: ${{ github.ref != 'refs/heads/master' && github.ref != 'refs/heads/main' }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 # setuptools-scm needs to access git tags | |
| ref: ${{ github.sha }} # lock to triggered commit (github.ref is dynamic) | |
| - uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: Dockerfile | |
| push: false | |
| ############################################################################ | |
| # TAG + RELEASE | |
| ############################################################################# | |
| release-version: | |
| if: format('refs/heads/{0}', github.event.repository.default_branch) == github.ref | |
| needs: [ | |
| py-versions, | |
| flake8, | |
| mypy, | |
| py-setup, | |
| py-dependencies, | |
| tests, | |
| ] | |
| runs-on: ubuntu-latest | |
| outputs: | |
| next-version: ${{ steps.next-version.outputs.version }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 # setuptools-scm needs to access git tags | |
| ref: ${{ github.sha }} # lock to triggered commit (github.ref is dynamic) | |
| # copied from tag-and-release | |
| - name: Determine next version | |
| uses: WIPACrepo/wipac-dev-next-version-action@v1.5 | |
| id: next-version | |
| with: | |
| force-patch-if-no-commit-token: true | |
| ignore-paths: | | |
| **/README.md | |
| .github/** | |
| .gitignore | |
| tag-and-release: | |
| # only run on main/default | |
| if: format('refs/heads/{0}', github.event.repository.default_branch) == github.ref && needs.release-version.outputs.next-version != '' | |
| needs: [ | |
| py-versions, | |
| flake8, | |
| mypy, | |
| py-setup, | |
| py-dependencies, | |
| tests, | |
| release-version, | |
| ] | |
| uses: WIPACrepo/wipac-dev-workflows/.github/workflows/tag-and-release.yml@v1.16 | |
| permissions: # for GITHUB_TOKEN | |
| contents: write | |
| with: | |
| project-type: python | |
| python-version: "${{ fromJSON(needs.py-versions.outputs.matrix)[0] }}" | |
| release-artifacts: | | |
| py-dependencies-logs | |
| publish-to-pypi: true | |
| secrets: | |
| PYPI_TOKEN: ${{ secrets.PYPI_TOKEN }} | |
| image-publish: | |
| if: format('refs/heads/{0}', github.event.repository.default_branch) == github.ref && needs.release-version.outputs.next-version != '' | |
| needs: [ | |
| tag-and-release, | |
| release-version, | |
| ] | |
| uses: WIPACrepo/wipac-dev-workflows/.github/workflows/image-publish.yml@v1.16 | |
| permissions: # for GITHUB_TOKEN | |
| packages: write | |
| with: | |
| image_namespace: wipacrepo | |
| image_name: iceprod | |
| mode: CVMFS_BUILD | |
| cvmfs_dest_dir: "iceprod" | |
| build_args: | | |
| SETUPTOOLS_SCM_PRETEND_VERSION=${{ needs.release-version.outputs.next-version }} | |
| extra_build_tag: ${{ needs.release-version.outputs.next-version }} | |
| secrets: | |
| cvmfs_github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} |