Conda Packages #163
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| push: | |
| # Run full workflow on tags | |
| tags: | |
| - "pixi-build-cmake-v[0-9]+.[0-9]+.[0-9]+" | |
| - "pixi-build-python-v[0-9]+.[0-9]+.[0-9]+" | |
| - "pixi-build-rattler-build-v[0-9]+.[0-9]+.[0-9]+" | |
| - "pixi-build-rust-v[0-9]+.[0-9]+.[0-9]+" | |
| - "pixi-build-mojo-v[0-9]+.[0-9]+.[0-9]+" | |
| - "pixi-build-ros-v[0-9]+.[0-9]+.[0-9]+" | |
| - "py-pixi-build-backend-v[0-9]+.[0-9]+.[0-9]+" | |
| pull_request: | |
| paths: | |
| - .github/workflows/build-upload.yml | |
| workflow_dispatch: | |
| inputs: | |
| push_to_channel: | |
| description: "Push packages to conda channel after build" | |
| required: false | |
| default: true | |
| type: boolean | |
| package_name: | |
| description: "Build specific package only (optional)" | |
| required: false | |
| type: string | |
| name: "Conda Packages" | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref_name }} | |
| cancel-in-progress: true | |
| permissions: | |
| id-token: write | |
| contents: read | |
| attestations: write | |
| jobs: | |
| generate-matrix: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| matrix: ${{ steps.set_version.outputs.matrix }} | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 | |
| - uses: prefix-dev/setup-pixi@194d461b21b6c5717c722ffc597fa91ed2ff29fa # v0.9.1 | |
| - name: Extract versions | |
| id: set_version | |
| run: | | |
| # extract names and versions from cargo metadata | |
| # and generate a matrix entries for the build job | |
| echo "Package name input: '${{ github.event.inputs.package_name }}'" | |
| if [ -n "${{ github.event.inputs.package_name }}" ]; then | |
| echo "Building specific package: ${{ github.event.inputs.package_name }}" | |
| MATRIX_JSON=$(pixi run generate-matrix --package "${{ github.event.inputs.package_name }}") | |
| else | |
| echo "Building all packages" | |
| MATRIX_JSON=$(pixi run generate-matrix) | |
| fi | |
| echo "Generated matrix: $MATRIX_JSON" | |
| echo "matrix=$MATRIX_JSON" >> $GITHUB_OUTPUT | |
| build: | |
| needs: generate-matrix | |
| env: | |
| REPO_NAME: "prefix-dev/pixi-build-backends" | |
| strategy: | |
| matrix: | |
| bins: ${{ fromJSON(needs.generate-matrix.outputs.matrix) }} | |
| fail-fast: false | |
| runs-on: ${{ matrix.bins.os }} | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 | |
| - uses: prefix-dev/setup-pixi@194d461b21b6c5717c722ffc597fa91ed2ff29fa # v0.9.1 | |
| with: | |
| environments: build | |
| - name: Enable long paths (Windows) | |
| if: ${{ matrix.bins.os == 'windows-latest' }} | |
| run: | | |
| git config --global core.longpaths true | |
| shell: bash | |
| - name: Set environment variable for recipe version | |
| shell: bash | |
| run: | | |
| echo "${{ matrix.bins.env_name }}=${{ matrix.bins.version }}" >> $GITHUB_ENV | |
| - name: Build ${{ matrix.bins.bin }} | |
| shell: bash | |
| env: | |
| RATTLER_BUILD_ENABLE_GITHUB_INTEGRATION: "true" | |
| RATTLER_BUILD_COLOR: "always" | |
| run: | | |
| pixi run build-recipe-ci $RUNNER_TEMP recipe/${{ matrix.bins.bin }}/recipe.yaml ${{ matrix.bins.target }} | |
| - uses: actions/attest@daf44fb950173508f38bd2406030372c1d1162b1 # v3.0.0 | |
| id: attest | |
| with: | |
| subject-path: "${{ runner.temp }}/**/*.conda" | |
| predicate-type: "https://schemas.conda.org/attestations-publish-1.schema.json" | |
| predicate: "{\"targetChannel\": \"https://prefix.dev/pixi-build-backends\"}" | |
| - name: Generate attestation for conda package | |
| shell: bash | |
| run: | | |
| # Convert Windows paths to Unix-style for bash compatibility | |
| RUNNER_TEMP_UNIX=$(echo "${{ runner.temp }}" | sed 's|\\|/|g') | |
| BUNDLE_PATH_UNIX=$(echo "${{ steps.attest.outputs.bundle-path }}" | sed 's|\\|/|g') | |
| # Find the actual conda package file (search recursively) | |
| CONDA_PACKAGE=$(find "$RUNNER_TEMP_UNIX" -name "*.conda" -type f | head -1) | |
| if [ -n "$CONDA_PACKAGE" ]; then | |
| # Extract just the filename without path | |
| PACKAGE_NAME=$(basename "$CONDA_PACKAGE") | |
| # Create signature filename by replacing .conda with .sig | |
| SIG_NAME="${PACKAGE_NAME%.conda}.sig" | |
| # Get the directory where the conda package is located | |
| PACKAGE_DIR=$(dirname "$CONDA_PACKAGE") | |
| # Move the attestation bundle to the same directory as the conda package | |
| mv "$BUNDLE_PATH_UNIX" "$PACKAGE_DIR/$SIG_NAME" | |
| echo "Created attestation: $PACKAGE_DIR/$SIG_NAME" | |
| else | |
| echo "Error: No conda package found in $RUNNER_TEMP_UNIX" | |
| exit 1 | |
| fi | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 | |
| with: | |
| name: conda-packages-${{ matrix.bins.bin }}-${{ matrix.bins.target }} | |
| path: | | |
| ${{ runner.temp }}/**/*.conda | |
| ${{ runner.temp }}/**/*.sig | |
| aggregate: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| target: [linux-64, linux-aarch64, linux-ppc64le, win-64, osx-64, osx-arm64] | |
| steps: | |
| - name: Download conda package artifacts for ${{ matrix.target }} | |
| uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5 | |
| with: | |
| pattern: conda-packages-*-${{ matrix.target }} | |
| path: conda-artifacts-${{ matrix.target }} | |
| merge-multiple: true | |
| - name: Upload aggregated conda packages for ${{ matrix.target }} | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 | |
| with: | |
| name: conda-packages-${{ matrix.target }} | |
| path: conda-artifacts-${{ matrix.target }}/**/*.conda | |
| upload: | |
| needs: aggregate | |
| runs-on: ubuntu-latest | |
| if: ${{ (startsWith(github.ref, 'refs/tags') || github.event.inputs.push_to_channel == 'true') && github.repository == 'prefix-dev/pixi-build-backends' }} | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 | |
| - name: Download all conda packages | |
| uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5 | |
| with: | |
| pattern: conda-packages-* | |
| path: conda-packages | |
| merge-multiple: true | |
| run-id: ${{ github.run_id }} | |
| - uses: prefix-dev/setup-pixi@194d461b21b6c5717c722ffc597fa91ed2ff29fa # v0.9.1 | |
| with: | |
| environments: build | |
| - name: Upload packages | |
| shell: bash | |
| run: | | |
| for file in conda-packages/**/*.conda; do | |
| echo "Uploading ${file}" | |
| # Find corresponding attestation file | |
| ATTESTATION_FILE="${file%.conda}.sig" | |
| if [ -f "$ATTESTATION_FILE" ]; then | |
| echo "Found attestation: $ATTESTATION_FILE" | |
| pixi run -e build rattler-build upload prefix -c pixi-build-backends "$file" --attestation "$ATTESTATION_FILE" | |
| else | |
| echo "Warning: No attestation found for $file" | |
| pixi run -e build rattler-build upload prefix -c pixi-build-backends "$file" | |
| fi | |
| done |