From d70e30fe284e1c945a8ed63e342e952b8f7c1e10 Mon Sep 17 00:00:00 2001 From: David Hart Date: Fri, 1 Nov 2024 15:36:11 -0600 Subject: [PATCH 01/15] ci: rename testing workflow --- .../{continuous-testing.yml => test.yml} | 158 +++++++++--------- 1 file changed, 76 insertions(+), 82 deletions(-) rename .github/workflows/{continuous-testing.yml => test.yml} (92%) diff --git a/.github/workflows/continuous-testing.yml b/.github/workflows/test.yml similarity index 92% rename from .github/workflows/continuous-testing.yml rename to .github/workflows/test.yml index 603bcdd..0e5cee2 100644 --- a/.github/workflows/continuous-testing.yml +++ b/.github/workflows/test.yml @@ -1,82 +1,76 @@ -name: Tests - -on: - push: - paths: - - examples/** - - src/** - - tests/** - - setup.py - - pyproject.toml - - .github/workflows/* - branches-ignore: - - 'main' - - 'staging' - pull_request: - branches-ignore: - - 'main' - - 'staging' - -permissions: - contents: read - -jobs: - quick-test: - runs-on: ubuntu-latest - steps: - - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 - with: - disable-sudo: true - egress-policy: block - allowed-endpoints: > - api.codecov.io:443 - api.github.com:443 - cli.codecov.io:443 - codecov.io:443 - files.pythonhosted.org:443 - github.com:443 - pypi.org:443 - storage.googleapis.com:443 - uploader.codecov.io:443 - - - name: Check out the commit - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - - name: Set up Python - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 - with: - python-version: '3.12' - - - name: Install dependencies - run: | - python3 -m pip install --upgrade pip - python3 -m pip install -r requirements.txt - python3 -m pip install gcovr==5.0 - - - name: Build test - run: python3 -m pip install -e .[formats,examples,tests] - - - name: Get C++ coverage - run: | - export CPPFLAGS="-coverage" - python3 setup.py build_ext --inplace --force - echo '### Run tests' >> $GITHUB_STEP_SUMMARY - echo '```bash' >> $GITHUB_STEP_SUMMARY - python3 -m pytest --nbmake --disable-warnings --cov=sansmic --cov=tests --no-header --color=auto examples/ tests/ | tee -a $GITHUB_STEP_SUMMARY - find src -type f -name '*.cpp' | xargs -I{} gcov -o build/temp*/src/ext_modules/libsansmic {} - echo ' ' >> $GITHUB_STEP_SUMMARY - gcovr --txt -s -k | tee -a $GITHUB_STEP_SUMMARY - echo '```' >> $GITHUB_STEP_SUMMARY - - - name: Upload coverage reports to Codecov - if: success() || failure() - uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 - with: - token: ${{ secrets.CODECOV_TOKEN }} - flags: ${{ inputs.os }} - - - name: Test uninstall - if: success() || failure() - # Allow upload to codecov to fail but not fail all tests - run: python3 -m pip uninstall -y sansmic +name: Test + +on: + push: + paths: + - examples/** + - src/** + - tests/** + - setup.py + - pyproject.toml + - .github/workflows/* + pull_request: + +permissions: + contents: read + +jobs: + quick-test: + runs-on: ubuntu-latest + steps: + - name: Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + disable-sudo: true + egress-policy: block + allowed-endpoints: > + api.codecov.io:443 + api.github.com:443 + cli.codecov.io:443 + codecov.io:443 + files.pythonhosted.org:443 + github.com:443 + pypi.org:443 + storage.googleapis.com:443 + uploader.codecov.io:443 + + - name: Check out the commit + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: Set up Python + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + with: + python-version: '3.12' + + - name: Install dependencies + run: | + python3 -m pip install --upgrade pip + python3 -m pip install -r requirements.txt + python3 -m pip install gcovr==5.0 + + - name: Build test + run: python3 -m pip install -e .[formats,examples,tests] + + - name: Get C++ coverage + run: | + export CPPFLAGS="-coverage" + python3 setup.py build_ext --inplace --force + echo '### Run tests' >> $GITHUB_STEP_SUMMARY + echo '```bash' >> $GITHUB_STEP_SUMMARY + python3 -m pytest --nbmake --disable-warnings --cov=sansmic --cov=tests --no-header --color=auto examples/ tests/ | tee -a $GITHUB_STEP_SUMMARY + find src -type f -name '*.cpp' | xargs -I{} gcov -o build/temp*/src/ext_modules/libsansmic {} + echo ' ' >> $GITHUB_STEP_SUMMARY + gcovr --txt -s -k | tee -a $GITHUB_STEP_SUMMARY + echo '```' >> $GITHUB_STEP_SUMMARY + + - name: Upload coverage reports to Codecov + if: success() || failure() + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 + with: + token: ${{ secrets.CODECOV_TOKEN }} + flags: ${{ inputs.os }} + + - name: Test uninstall + if: success() || failure() + # Allow upload to codecov to fail but not fail all tests + run: python3 -m pip uninstall -y sansmic From a17267f4e34fc91256c18d65b30ed050334bb866 Mon Sep 17 00:00:00 2001 From: David Hart Date: Fri, 1 Nov 2024 15:42:45 -0600 Subject: [PATCH 02/15] ci: update semantic-release to allow full release via workflow dispatch --- .github/workflows/semantic-release.yml | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml index 3ee8fd5..d17052f 100644 --- a/.github/workflows/semantic-release.yml +++ b/.github/workflows/semantic-release.yml @@ -3,9 +3,19 @@ name: Semantic Release on: push: branches: - - staging - main + workflow_dispatch: + inputs: + releaseType: + description: 'The type of release' + required: false + default: 'prerelease' + type: choice + options: + - prerelease + - release + permissions: contents: read @@ -13,7 +23,7 @@ jobs: release: runs-on: ubuntu-latest concurrency: release - if: ${{ github.repository == 'sandialabs/sansmic' }} # do not run everywhere + # if: ${{ github.repository == 'sandialabs/sansmic' }} # do not run everywhere permissions: id-token: write @@ -50,7 +60,8 @@ jobs: git_committer_email: "actions@users.noreply.github.com" build: false changelog: true - commit: true - push: true - tag: true + commit: false + push: false + tag: false + prerelease: ${{ ! (inputs.releaseType == 'release') }} vcs_release: false From a5dd8066e0e49e05cd7393f7b69f7e15874964ea Mon Sep 17 00:00:00 2001 From: David Hart Date: Fri, 1 Nov 2024 15:43:38 -0600 Subject: [PATCH 03/15] ci: update semantic-release to allow full release via workflow dispatch --- .github/workflows/semantic-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml index d17052f..58a2915 100644 --- a/.github/workflows/semantic-release.yml +++ b/.github/workflows/semantic-release.yml @@ -4,6 +4,7 @@ on: push: branches: - main + - development/ci-actions workflow_dispatch: inputs: From c4751fcea57372026e83a55c3d4f958381de8875 Mon Sep 17 00:00:00 2001 From: David Hart Date: Sun, 3 Nov 2024 18:03:08 -0700 Subject: [PATCH 04/15] ci: check semantic-release workflow --- .github/workflows/semantic-release.yml | 41 ++++++++++++++++++++++---- 1 file changed, 35 insertions(+), 6 deletions(-) diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml index 58a2915..335303f 100644 --- a/.github/workflows/semantic-release.yml +++ b/.github/workflows/semantic-release.yml @@ -3,8 +3,6 @@ name: Semantic Release on: push: branches: - - main - - development/ci-actions workflow_dispatch: inputs: @@ -16,6 +14,12 @@ on: options: - prerelease - release + force: + description: "Force a bump to a specific version" + required: false + default: null + type: choice + options: ["prerelease", "patch", "minor", "major"] permissions: contents: read @@ -23,8 +27,14 @@ permissions: jobs: release: runs-on: ubuntu-latest - concurrency: release - # if: ${{ github.repository == 'sandialabs/sansmic' }} # do not run everywhere + concurrency: semanticRelease + # Only run if this is the primary origin main branch + # debug if: ${{ github.ref == 'refs/heads/main' && github.repository == 'sandialabs/sansmic' }} + outputs: + is_prerelease: ${{ steps.semVer.outputs.is_prerelease }} + released: ${{ steps.semVer.outputs.released }} + version: ${{ steps.semVer.outputs.version }} + tag: ${{ steps.semVer.outputs.tag }} permissions: id-token: write @@ -36,6 +46,12 @@ jobs: with: egress-policy: audit + - name: Debug + run: | + echo "## Inputs" >> $GITHUB_STEP_SUMMARY + echo ${{ inputs.releaseType }} | tee $GITHUB_STEP_SUMMARY + echo ${{ inputs.force }} | tee $GITHUB_STEP_SUMMARY + - name: Setup | Checkout Repository at workflow sha uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: @@ -52,7 +68,7 @@ jobs: echo "short_sha=$(git rev-parse --short HEAD)\n" >> $GITHUB_OUTPUT - name: Action | Semantic Release - Update version - id: release + id: semVer # Adjust tag with desired version if applicable. uses: python-semantic-release/python-semantic-release@c1bcfdbb994243ac7cf419365d5894d6bfb2950e # v9.12.0 with: @@ -64,5 +80,18 @@ jobs: commit: false push: false tag: false - prerelease: ${{ ! (inputs.releaseType == 'release') }} + prerelease: ${{ ! (inputs.releaseType == 'releaseType') }} + force: ${{ input.force }} vcs_release: false + + - name: Action | Output changelog + run: | + echo "" >> $GITHUB_STEP_SUMMARY + echo "## Results of python-semantic-version" >> $GITHUB_STEP_SUMMARY + echo "Released " ${{ steps.semVer.outputs.released }} >> $GITHUB_STEP_SUMMARY + echo "Prerelease " ${{ steps.semVer.outputs.is_prerelease }} >> $GITHUB_STEP_SUMMARY + echo "Version " ${{ steps.semVer.outputs.version }} >> $GITHUB_STEP_SUMMARY + echo "Tag " ${{ steps.semVer.outputs.tag }} >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "## Changelog" >> $GITHUB_STEP_SUMMARY + git diff CHANGELOG.md >> $GITHUB_STEP_SUMMARY From 5cb0092999eb34884aa7cceb39a278bb80187798 Mon Sep 17 00:00:00 2001 From: David Hart Date: Sun, 3 Nov 2024 18:06:13 -0700 Subject: [PATCH 05/15] ci: fix typo in workflow --- .github/workflows/semantic-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml index 335303f..46e2e9e 100644 --- a/.github/workflows/semantic-release.yml +++ b/.github/workflows/semantic-release.yml @@ -81,7 +81,7 @@ jobs: push: false tag: false prerelease: ${{ ! (inputs.releaseType == 'releaseType') }} - force: ${{ input.force }} + force: ${{ inputs.force }} vcs_release: false - name: Action | Output changelog From fe8e5ac9ef0380daa1415d93c1328bd4d1fc7987 Mon Sep 17 00:00:00 2001 From: David Hart Date: Sun, 3 Nov 2024 19:12:09 -0700 Subject: [PATCH 06/15] ci: add build after check release --- .github/workflows/semantic-release.yml | 101 ++++++++++++++++++++++--- 1 file changed, 89 insertions(+), 12 deletions(-) diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml index 46e2e9e..7430363 100644 --- a/.github/workflows/semantic-release.yml +++ b/.github/workflows/semantic-release.yml @@ -25,7 +25,7 @@ permissions: contents: read jobs: - release: + check_release: runs-on: ubuntu-latest concurrency: semanticRelease # Only run if this is the primary origin main branch @@ -35,38 +35,31 @@ jobs: released: ${{ steps.semVer.outputs.released }} version: ${{ steps.semVer.outputs.version }} tag: ${{ steps.semVer.outputs.tag }} - permissions: id-token: write contents: write - steps: - name: Harden Runner uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 with: egress-policy: audit - - name: Debug run: | echo "## Inputs" >> $GITHUB_STEP_SUMMARY echo ${{ inputs.releaseType }} | tee $GITHUB_STEP_SUMMARY echo ${{ inputs.force }} | tee $GITHUB_STEP_SUMMARY - - name: Setup | Checkout Repository at workflow sha uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 ref: ${{ github.sha }} - - name: Setup | Force correct release branch on workflow sha run: | git checkout -B ${{ github.ref_name }} ${{ github.sha }} - - name: Setup | Get short commit SHA id: vars run: | echo "short_sha=$(git rev-parse --short HEAD)\n" >> $GITHUB_OUTPUT - - name: Action | Semantic Release - Update version id: semVer # Adjust tag with desired version if applicable. @@ -80,10 +73,9 @@ jobs: commit: false push: false tag: false - prerelease: ${{ ! (inputs.releaseType == 'releaseType') }} + prerelease: ${{ ! (inputs.releaseType == 'release') }} force: ${{ inputs.force }} vcs_release: false - - name: Action | Output changelog run: | echo "" >> $GITHUB_STEP_SUMMARY @@ -93,5 +85,90 @@ jobs: echo "Version " ${{ steps.semVer.outputs.version }} >> $GITHUB_STEP_SUMMARY echo "Tag " ${{ steps.semVer.outputs.tag }} >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "## Changelog" >> $GITHUB_STEP_SUMMARY - git diff CHANGELOG.md >> $GITHUB_STEP_SUMMARY + + make_sdist: + name: Make source distribution package + needs: + - check_release + if: ${{ steps.semVer.outputs.released == 'true' }} + runs-on: ubuntu-latest + steps: + - name: Setup | Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + - name: Setup | Checkout Code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-depth: 0 # Optional, use if you use setuptools_scm + submodules: true # Optional, use if you have submodules + - name: Action | Build SDist + run: pipx run build --sdist + - name: Action | Upload Artifacts + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + with: + name: cibw-sdist + path: dist/*.tar.gz + + build_wheels: + name: Build binary wheel for ${{ matrix.os }} + needs: + - check_release + if: ${{ steps.semVer.outputs.released == 'true' }} + runs-on: ${{ matrix.os }} + strategy: + matrix: + # macos-13 is an intel runner, macos-14 is apple silicon + os: [ubuntu-latest, windows-latest, macos-13, macos-14] + steps: + - name: Setup | Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + - name: Setup | Checkout Code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: Action | Build Wheels + uses: pypa/cibuildwheel@7940a4c0e76eb2030e473a5f864f291f63ee879b # v2.21.0 + - name: Action | Upload Artifacts + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + with: + name: cibw-wheels-${{ matrix.os }}-${{ strategy.job-index }} + path: ./wheelhouse/*.whl + + build_win_exe: + name: Build standalone Windows executable + needs: + - check_release + if: ${{ steps.semVer.outputs.released == 'true' }} + runs-on: [windows-latest] + continue-on-error: true + steps: + - name: Setup | Install python + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + with: + python-version: '3.12' + - name: Setup | Checkout Code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: Setup | Install Dependencies + run: | + pip install -r requirements.txt -r requirements-exe.txt + pip install . + python setup.py build_ext -i + - name: Setup | Get the sansmic version number + id: vars + run: | + python -c "import sansmic; print('sansmic_version='+sansmic.__version__)" >> $Env:GITHUB_ENV + echo "sha_short=$(git rev-parse --short HEAD)" >> $Env:GITHUB_ENV + - name: Action | Run PyInstaller + run: | + pyinstaller --collect-all sansmic --collect-all click --hidden-import sansmic --hidden-import click --hidden-import pandas --hidden-import pybind11 --hidden-import numpy --hidden-import h5py --hidden-import pyyaml --hidden-import lasio -n sansmic --add-binary src/python/sansmic/libsansmic.cp312-win_amd64.pyd:sansmic src/python/sansmic/app.py + - name: Action | Create examples + run: | + mkdir dist/sansmic/examples + sansmic-convert tests/baseline.dat dist/sansmic/examples/baseline.toml + Compress-Archive -Path dist/sansmic -DestinationPath dist/sansmic-${{ jobs.check_release.outputs.version }}-standalone-win_amd64.zip + - name: Action | Upload Artifacts + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + with: + name: standalone-executable + path: ./dist/sansmic-*-standalone-win_amd64.zip From a069c185ac6a9065eb7fdf4a15dd860ffb956ac3 Mon Sep 17 00:00:00 2001 From: David Hart Date: Mon, 4 Nov 2024 08:17:35 -0700 Subject: [PATCH 07/15] ci: fix if statement --- .github/workflows/semantic-release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml index 7430363..9fafcb0 100644 --- a/.github/workflows/semantic-release.yml +++ b/.github/workflows/semantic-release.yml @@ -90,7 +90,7 @@ jobs: name: Make source distribution package needs: - check_release - if: ${{ steps.semVer.outputs.released == 'true' }} + if: ${{ jobs.check_release.outputs.released == 'true' }} runs-on: ubuntu-latest steps: - name: Setup | Harden Runner @@ -114,7 +114,7 @@ jobs: name: Build binary wheel for ${{ matrix.os }} needs: - check_release - if: ${{ steps.semVer.outputs.released == 'true' }} + if: ${{ jobs.check_release.outputs.released == 'true' }} runs-on: ${{ matrix.os }} strategy: matrix: @@ -139,7 +139,7 @@ jobs: name: Build standalone Windows executable needs: - check_release - if: ${{ steps.semVer.outputs.released == 'true' }} + if: ${{ jobs.check_release.outputs.released == 'true' }} runs-on: [windows-latest] continue-on-error: true steps: From 01f5ad0817bf44d4162ce4e7dc775aea76ac34ce Mon Sep 17 00:00:00 2001 From: David Hart Date: Mon, 4 Nov 2024 08:20:35 -0700 Subject: [PATCH 08/15] ci: use correct context --- .github/workflows/semantic-release.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml index 9fafcb0..14ab6ff 100644 --- a/.github/workflows/semantic-release.yml +++ b/.github/workflows/semantic-release.yml @@ -90,7 +90,7 @@ jobs: name: Make source distribution package needs: - check_release - if: ${{ jobs.check_release.outputs.released == 'true' }} + if: ${{ needs.check_release.outputs.released == 'true' }} runs-on: ubuntu-latest steps: - name: Setup | Harden Runner @@ -114,7 +114,7 @@ jobs: name: Build binary wheel for ${{ matrix.os }} needs: - check_release - if: ${{ jobs.check_release.outputs.released == 'true' }} + if: ${{ needs.check_release.outputs.released == 'true' }} runs-on: ${{ matrix.os }} strategy: matrix: @@ -139,7 +139,7 @@ jobs: name: Build standalone Windows executable needs: - check_release - if: ${{ jobs.check_release.outputs.released == 'true' }} + if: ${{ needs.check_release.outputs.released == 'true' }} runs-on: [windows-latest] continue-on-error: true steps: @@ -166,7 +166,7 @@ jobs: run: | mkdir dist/sansmic/examples sansmic-convert tests/baseline.dat dist/sansmic/examples/baseline.toml - Compress-Archive -Path dist/sansmic -DestinationPath dist/sansmic-${{ jobs.check_release.outputs.version }}-standalone-win_amd64.zip + Compress-Archive -Path dist/sansmic -DestinationPath dist/sansmic-${{ needs.check_release.outputs.version }}-standalone-win_amd64.zip - name: Action | Upload Artifacts uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: From 2e1b0fdb08f2dbd48372f0402d072355e50d21d0 Mon Sep 17 00:00:00 2001 From: David Hart Date: Mon, 4 Nov 2024 08:58:43 -0700 Subject: [PATCH 09/15] ci: clean workflow jobs for clarity --- .github/workflows/codeql.yml | 2 + .github/workflows/continuous-integration.yml | 30 ----- .../{test.yml => test-continuous.yml} | 19 +-- .github/workflows/test-matrix.yml | 110 ++++++++++++++++++ 4 files changed, 122 insertions(+), 39 deletions(-) delete mode 100644 .github/workflows/continuous-integration.yml rename .github/workflows/{test.yml => test-continuous.yml} (92%) create mode 100644 .github/workflows/test-matrix.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index fd5c569..038c289 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -14,6 +14,8 @@ on: - '**/*.py' - '**/*.cpp' - '**/*.hpp' + - '**/*.c' + - '**/*.h' pull_request: branches: [ "main" ] schedule: diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml deleted file mode 100644 index 51faca0..0000000 --- a/.github/workflows/continuous-integration.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: PR Testing | main and staging - -on: - pull_request: - paths: - - examples/** - - src/** - - tests/** - - setup.py - branches: - - main - - staging - workflow_dispatch: - -permissions: - contents: read - -jobs: - full-suite: - strategy: - fail-fast: false - matrix: - version: ["3.9", "3.10", "3.11", "3.12"] - os: [windows-latest, macOS-13, macOS-latest, ubuntu-latest] - uses: ./.github/workflows/pytest.yml - with: - version: ${{ matrix.version }} - os: ${{ matrix.os }} - secrets: - coverage_token: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/test.yml b/.github/workflows/test-continuous.yml similarity index 92% rename from .github/workflows/test.yml rename to .github/workflows/test-continuous.yml index 0e5cee2..aa0c252 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test-continuous.yml @@ -1,21 +1,22 @@ -name: Test +name: Tests on: push: paths: - - examples/** - - src/** - - tests/** - - setup.py - - pyproject.toml - - .github/workflows/* - pull_request: + - '**/*.py' + - '**/*.cpp' + - '**/*.hpp' + - '**/*.ipynb' + - '**/*.c' + - '**/*.h' + - '**/*.toml' + - '!docs/conf.py' permissions: contents: read jobs: - quick-test: + test: runs-on: ubuntu-latest steps: - name: Harden Runner diff --git a/.github/workflows/test-matrix.yml b/.github/workflows/test-matrix.yml new file mode 100644 index 0000000..6deecc3 --- /dev/null +++ b/.github/workflows/test-matrix.yml @@ -0,0 +1,110 @@ +name: Test Matrix + +on: + pull_request: + paths: + - '**/*.py' + - '**/*.cpp' + - '**/*.hpp' + - '**/*.ipynb' + - '**/*.c' + - '**/*.h' + - '**/*.toml' + - '!docs/conf.py' + + workflow_dispatch: + inputs: + skip_coverage: + default: true + required: false + type: boolean + +permissions: + contents: read + +jobs: + test-all-versions-oses: + strategy: + fail-fast: false + matrix: + version: ["3.9", "3.10", "3.11", "3.12"] + os: [windows-latest, macOS-13, macOS-latest, ubuntu-latest] + runs-on: ${{ matrix.os }} + steps: + - name: Setup | Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + disable-sudo: true + egress-policy: block + allowed-endpoints: > + api.codecov.io:443 + api.github.com:443 + cli.codecov.io:443 + codecov.io:443 + files.pythonhosted.org:443 + github.com:443 + pypi.org:443 + storage.googleapis.com:443 + uploader.codecov.io:443 + + - name: Setup | Check out the commit + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: Setup | Set up Python + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + with: + python-version: ${{ matrix.version }} + + - name: Setup | Install dependencies + run: | + python3 -m pip install --upgrade pip + + - name: Action | Test editable build + run: python3 -m pip install -e .[formats,examples,tests] + + - name: Action | Test without coverage on Python 3.9 or if requested + if: ${{ (github.event == 'workflow_dispatch' && inputs.skip_coverage) || (matrix.os != 'ubuntu-latest' && matrix.version == '3.9') }} + run: | + python3 -m pytest --nbmake --disable-warnings --no-header --color=auto examples/ tests/ >> $GITHUB_STEP_SUMMARY + + - name: Action | Coverage and testing Linux - Python and C++ coverage + if: ${{ (github.event == 'pull_request' || ! inputs.skip_coverage ) && matrix.os == 'ubuntu-latest' && matrix.version != '3.9'}} + run: | + export CPPFLAGS="-coverage" + python3 -m pip install setuptools pybind11 gcovr + python3 setup.py build_ext --inplace --force + echo '### Run tests' >> $GITHUB_STEP_SUMMARY + echo '```bash' >> $GITHUB_STEP_SUMMARY + python3 -m pytest --nbmake --disable-warnings --cov=sansmic --cov=tests --no-header --color=auto examples/ tests/ | tee -a $GITHUB_STEP_SUMMARY + find src -type f -name '*.cpp' | xargs -I{} gcov -o build/temp*/src/ext_modules/libsansmic {} + gcovr --txt | tee -a $GITHUB_STEP_SUMMARY + echo '```' >> $GITHUB_STEP_SUMMARY + + - name: Action | Coverage and testing on MacOS - Python coverage only + if: ${{ (github.event == 'pull_request' || ! inputs.skip_coverage ) && matrix.os != 'windows-latest' && matrix.os != 'ubuntu-latest' }} + run: | + echo '### Run tests' >> $GITHUB_STEP_SUMMARY + echo '```bash' >> $GITHUB_STEP_SUMMARY + python3 -m pytest --nbmake --disable-warnings --cov=sansmic --cov=tests --no-header --color=auto examples/ tests/ | tee -a $GITHUB_STEP_SUMMARY + echo '```' >> $GITHUB_STEP_SUMMARY + + - name: Action | Coverage and testing on Windows - Python coverage only + if: ${{ (github.event == 'pull_request' || ! inputs.skip_coverage ) && matrix.os == 'windows-latest' }} + shell: powershell + run: | + echo '### Run tests' >> $Env:GITHUB_STEP_SUMMARY + echo '```bash' >> $Env:GITHUB_STEP_SUMMARY + python3 -m pytest --nbmake --disable-warnings --cov=sansmic --cov=tests --no-header --color=auto examples/ tests/ >> $Env:GITHUB_STEP_SUMMARY + echo '```' >> $Env:GITHUB_STEP_SUMMARY + + - name: Action | Upload coverage reports to Codecov + if: ${{ (github.event == 'pull_request' || ! inputs.skip_coverage) && success() || failure() }} + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 + with: + token: ${{ secrets.CODECOV_TOKEN }} + flags: ${{ matrix.os }} + + - name: Action | Test uninstall process + if: success() || failure() + # Allow upload to codecov to fail but not fail all tests + run: python3 -m pip uninstall -y sansmic From 78243c1fda92b9d47fa597156b1fee1be949e730 Mon Sep 17 00:00:00 2001 From: David Hart Date: Mon, 4 Nov 2024 10:00:15 -0700 Subject: [PATCH 10/15] ci: update continuous release workflow --- .github/workflows/semantic-release.yml | 173 +++++++++++++++++++++++-- 1 file changed, 164 insertions(+), 9 deletions(-) diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml index 14ab6ff..6f778f9 100644 --- a/.github/workflows/semantic-release.yml +++ b/.github/workflows/semantic-release.yml @@ -17,15 +17,17 @@ on: force: description: "Force a bump to a specific version" required: false - default: null + default: "" type: choice - options: ["prerelease", "patch", "minor", "major"] + options: ["", "prerelease", "patch", "minor", "major"] permissions: contents: read jobs: check_release: + name: >- + 🔖❓ - Check if release needed runs-on: ubuntu-latest concurrency: semanticRelease # Only run if this is the primary origin main branch @@ -76,7 +78,7 @@ jobs: prerelease: ${{ ! (inputs.releaseType == 'release') }} force: ${{ inputs.force }} vcs_release: false - - name: Action | Output changelog + - name: Action | Output version info run: | echo "" >> $GITHUB_STEP_SUMMARY echo "## Results of python-semantic-version" >> $GITHUB_STEP_SUMMARY @@ -87,7 +89,8 @@ jobs: echo "" >> $GITHUB_STEP_SUMMARY make_sdist: - name: Make source distribution package + name: >- + 🏗️📑📦 - Make source distribution package needs: - check_release if: ${{ needs.check_release.outputs.released == 'true' }} @@ -107,11 +110,12 @@ jobs: - name: Action | Upload Artifacts uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: - name: cibw-sdist + name: dist-cibw-sdist path: dist/*.tar.gz build_wheels: - name: Build binary wheel for ${{ matrix.os }} + name: >- + 🏗️🎡📦 - Build Python wheel for ${{ matrix.os }} needs: - check_release if: ${{ needs.check_release.outputs.released == 'true' }} @@ -132,11 +136,12 @@ jobs: - name: Action | Upload Artifacts uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: - name: cibw-wheels-${{ matrix.os }}-${{ strategy.job-index }} + name: dist-cibw-wheels-${{ matrix.os }}-${{ strategy.job-index }} path: ./wheelhouse/*.whl build_win_exe: - name: Build standalone Windows executable + name: >- + 🏗️🖥️💽 - Build standalone executable for Windows needs: - check_release if: ${{ needs.check_release.outputs.released == 'true' }} @@ -170,5 +175,155 @@ jobs: - name: Action | Upload Artifacts uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: - name: standalone-executable + name: dist-exec-windows-latest path: ./dist/sansmic-*-standalone-win_amd64.zip + + cut_release: + name: >- + 🔖✔️ - Create tag and vcs release + runs-on: ubuntu-latest + needs: + - check_release + - build_win_exe + - make_sdist + - build_wheels + environment: + name: release + concurrency: semanticRelease + # Only run if this is the primary origin main branch + # debug if: ${{ github.ref == 'refs/heads/main' && github.repository == 'sandialabs/sansmic' }} + + permissions: + id-token: write + contents: write + + steps: + - name: Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + + - name: Debug + run: | + echo "## Inputs" >> $GITHUB_STEP_SUMMARY + echo ${{ inputs.releaseType }} | tee $GITHUB_STEP_SUMMARY + echo ${{ inputs.force }} | tee $GITHUB_STEP_SUMMARY + + - name: Setup | Checkout Repository at workflow sha + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-depth: 0 + ref: ${{ github.sha }} + + - name: Setup | Force correct release branch on workflow sha + run: | + git checkout -B ${{ github.ref_name }} ${{ github.sha }} + + - name: Setup | Get short commit SHA + id: vars + run: | + echo "short_sha=$(git rev-parse --short HEAD)\n" >> $GITHUB_OUTPUT + + - name: Setup | Download all the dists + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + with: + pattern: dist-* + path: dist + merge-multiple: true + + - name: Action | Sign the dists with Sigstore + uses: sigstore/gh-action-sigstore-python@f514d46b907ebcd5bedc05145c03b69c1edd8b46 # v3.0.0 + with: + inputs: >- + ./dist/*.zip + ./dist/*.tar.gz + ./dist/*.whl + + - name: Action | Semantic Release - Update version + id: semVer + # Adjust tag with desired version if applicable. + uses: python-semantic-release/python-semantic-release@c1bcfdbb994243ac7cf419365d5894d6bfb2950e # v9.12.0 + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + git_committer_name: "github-actions" + git_committer_email: "actions@users.noreply.github.com" + build: false + changelog: false + commit: false + push: true + tag: true + prerelease: ${{ ! (inputs.releaseType == 'release') }} + force: ${{ inputs.force }} + vcs_release: true + + - name: Action | Output version info + run: | + echo "" >> $GITHUB_STEP_SUMMARY + echo "## Results of python-semantic-version" >> $GITHUB_STEP_SUMMARY + echo "Released " ${{ steps.semVer.outputs.released }} >> $GITHUB_STEP_SUMMARY + echo "Prerelease " ${{ steps.semVer.outputs.is_prerelease }} >> $GITHUB_STEP_SUMMARY + echo "Version " ${{ steps.semVer.outputs.version }} >> $GITHUB_STEP_SUMMARY + echo "Tag " ${{ steps.semVer.outputs.tag }} >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + + publish-to-testpypi: + name: >- + 📤📦 - Publish Python distribution to TestPyPI + needs: [cut_release] + runs-on: ubuntu-latest + if: ${{ startsWith(github.ref, 'refs/tags/') && github.repository == 'sandialabs/sansmic' }} # only publish to PyPI on tag pushes + + environment: + name: testpypi + url: https://test.pypi.org/p/sansmic + + permissions: + id-token: write # IMPORTANT: mandatory for trusted publishing + + steps: + - name: Setup | Download all the dists + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + with: + pattern: dist-cibw-* + path: dist + merge-multiple: true + + - name: Action | Publish distribution 📦 to TestPyPI + uses: pypa/gh-action-pypi-publish@fb13cb306901256ace3dab689990e13a5550ffaa # release/v1 + with: + skip-existing: true + print-hash: true + verbose: true + attestations: true + repository-url: https://test.pypi.org/legacy/ + + publish-to-pypi: + name: >- + 📡📦 - Publish Python distribution to PyPI + if: ${{ startsWith(github.ref, 'refs/tags/') && github.repository == 'sandialabs/sansmic' }} # only publish to PyPI on tag pushes + needs: [publish-to-testpypi] + environment: + name: release + url: https://pypi.org/p/sansmic + permissions: + id-token: write + runs-on: ubuntu-latest + + steps: + - name: Setup | Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + + - name: Setup | Download all the dists + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + with: + pattern: dist-cibw-* + path: dist + merge-multiple: true + + - name: Setup | Publish distribution 📦 to PyPI + uses: pypa/gh-action-pypi-publish@fb13cb306901256ace3dab689990e13a5550ffaa # release/v1 + with: + attestations: true + print-hash: true From f0513e8960684c454b91a171581da953a97ebeb4 Mon Sep 17 00:00:00 2001 From: David Hart Date: Mon, 4 Nov 2024 10:27:19 -0700 Subject: [PATCH 11/15] ci: split publishing to pypi from cutting release --- .github/workflows/release.yml | 136 +------------------------ .github/workflows/semantic-release.yml | 71 ++----------- .github/workflows/test-continuous.yml | 1 + .github/workflows/test-matrix.yml | 1 + 4 files changed, 12 insertions(+), 197 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2f73d56..3de41d2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,57 +1,13 @@ -name: Build - Publish - Release +name: Publish on: release: types: [released] - + permissions: contents: read jobs: - build_executable: - name: Build standalone executable for Windows - runs-on: [windows-latest] - continue-on-error: true - env: - sansmic_version: 0.0.0+local - sha_short: unreal - - steps: - - name: Setup | Install python - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 - with: - python-version: '3.12' - - - name: Setup | Checkout Code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - - name: Setup | Install Dependencies - run: | - pip install -r requirements.txt -r requirements-exe.txt - pip install . - python setup.py build_ext -i - - - name: Setup | Get the sansmic version number - id: vars - run: | - python -c "import sansmic; print('sansmic_version='+sansmic.__version__)" >> $Env:GITHUB_ENV - echo "sha_short=$(git rev-parse --short HEAD)" >> $Env:GITHUB_ENV - - - name: Action | Run PyInstaller - run: | - pyinstaller --collect-all sansmic --collect-all click --hidden-import sansmic --hidden-import click --hidden-import pandas --hidden-import pybind11 --hidden-import numpy --hidden-import h5py --hidden-import pyyaml --hidden-import lasio -n sansmic --add-binary src/python/sansmic/libsansmic.cp312-win_amd64.pyd:sansmic src/python/sansmic/app.py - - - name: Action | Create examples - run: | - mkdir dist/sansmic/examples - sansmic-convert tests/baseline.dat dist/sansmic/examples/baseline.toml - - - name: Action | Upload Artifacts - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 - with: - name: "sansmic-${{ env.sansmic_version }}-standalone-win_amd64" - path: ./dist/sansmic - build_wheels: name: Build distribution 📦 on ${{ matrix.os }} runs-on: ${{ matrix.os }} @@ -164,91 +120,3 @@ jobs: with: attestations: true print-hash: true - - github-release: - name: >- - Sign the Python 🐍 distribution 📦 with Sigstore - and upload them to GitHub Release - needs: - - publish-to-pypi - runs-on: ubuntu-latest - if: ${{ startsWith(github.ref, 'refs/tags/') && github.repository == 'sandialabs/sansmic' }} # only publish to PyPI on tag pushes - - permissions: - contents: write # IMPORTANT: mandatory for making GitHub Releases - id-token: write # IMPORTANT: mandatory for sigstore - - steps: - - name: Setup | Download all the dists - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 - with: - pattern: cibw-* - path: dist - merge-multiple: true - - - name: Action | Sign the dists with Sigstore - uses: sigstore/gh-action-sigstore-python@f514d46b907ebcd5bedc05145c03b69c1edd8b46 # v3.0.0 - with: - inputs: >- - ./dist/*.tar.gz - ./dist/*.whl - - # - name: Action | Create GitHub Release - # env: - # GITHUB_TOKEN: ${{ github.token }} - # run: >- - # gh release create - # '${{ github.ref_name }}' - # --repo '${{ github.repository }}' - # --notes "" - - - name: Action | Upload artifact signatures to GitHub Release - if: success() || failure() - env: - GITHUB_TOKEN: ${{ github.token }} - # Upload to GitHub Release using the `gh` CLI. - # `dist/` contains the built packages, and the - # sigstore-produced signatures and certificates. - run: >- - gh release upload - '${{ github.ref_name }}' dist/** - --repo '${{ github.repository }}' - - release-standalone: - needs: - - github-release - - build_executable - name: >- - Sign the standalone with Sigstore and upload to GitHub Release - runs-on: ubuntu-latest - permissions: - contents: write # IMPORTANT: mandatory for making GitHub Releases - id-token: write # IMPORTANT: mandatory for sigstore - if: ${{ startsWith(github.ref, 'refs/tags/') && github.repository == 'sandialabs/sansmic' }} - steps: - - name: Setup | Download the standalone executable - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 - with: - pattern: sansmic-*-standalone-win_amd64 - path: dist/ - merge-multiple: false - - - name: Zip up dist directory - run: | - cd dist - zip -r ../sansmic-${{ env.sansmic_version }}-standalone-win_amd64.zip * - cd .. - - - name: Action | Sign the dists with Sigstore - uses: sigstore/gh-action-sigstore-python@f514d46b907ebcd5bedc05145c03b69c1edd8b46 # v3.0.0 - with: - inputs: >- - ./sansmic-${{ env.sansmic_version }}-standalone-win_amd64.zip - - - name: Action | Upload artifact signatures to GitHub Release - env: - GITHUB_TOKEN: ${{ github.token }} - run: >- - gh release upload - '${{ github.ref_name }}' sansmic-${{ env.sansmic_version }}-standalone-win_amd64.zip - --repo '${{ github.repository }}' diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml index 6f778f9..9326ad2 100644 --- a/.github/workflows/semantic-release.yml +++ b/.github/workflows/semantic-release.yml @@ -254,7 +254,14 @@ jobs: tag: true prerelease: ${{ ! (inputs.releaseType == 'release') }} force: ${{ inputs.force }} - vcs_release: true + vcs_release: false + + - name: Publish | Upload to GitHub Release Assets + uses: python-semantic-release/publish-action@v9.8.9 + if: steps.semVer.outputs.released == 'true' + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + tag: ${{ steps.semVer.outputs.tag }} - name: Action | Output version info run: | @@ -265,65 +272,3 @@ jobs: echo "Version " ${{ steps.semVer.outputs.version }} >> $GITHUB_STEP_SUMMARY echo "Tag " ${{ steps.semVer.outputs.tag }} >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - - publish-to-testpypi: - name: >- - 📤📦 - Publish Python distribution to TestPyPI - needs: [cut_release] - runs-on: ubuntu-latest - if: ${{ startsWith(github.ref, 'refs/tags/') && github.repository == 'sandialabs/sansmic' }} # only publish to PyPI on tag pushes - - environment: - name: testpypi - url: https://test.pypi.org/p/sansmic - - permissions: - id-token: write # IMPORTANT: mandatory for trusted publishing - - steps: - - name: Setup | Download all the dists - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 - with: - pattern: dist-cibw-* - path: dist - merge-multiple: true - - - name: Action | Publish distribution 📦 to TestPyPI - uses: pypa/gh-action-pypi-publish@fb13cb306901256ace3dab689990e13a5550ffaa # release/v1 - with: - skip-existing: true - print-hash: true - verbose: true - attestations: true - repository-url: https://test.pypi.org/legacy/ - - publish-to-pypi: - name: >- - 📡📦 - Publish Python distribution to PyPI - if: ${{ startsWith(github.ref, 'refs/tags/') && github.repository == 'sandialabs/sansmic' }} # only publish to PyPI on tag pushes - needs: [publish-to-testpypi] - environment: - name: release - url: https://pypi.org/p/sansmic - permissions: - id-token: write - runs-on: ubuntu-latest - - steps: - - name: Setup | Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 - with: - egress-policy: audit - - - name: Setup | Download all the dists - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 - with: - pattern: dist-cibw-* - path: dist - merge-multiple: true - - - name: Setup | Publish distribution 📦 to PyPI - uses: pypa/gh-action-pypi-publish@fb13cb306901256ace3dab689990e13a5550ffaa # release/v1 - with: - attestations: true - print-hash: true diff --git a/.github/workflows/test-continuous.yml b/.github/workflows/test-continuous.yml index aa0c252..a36c88d 100644 --- a/.github/workflows/test-continuous.yml +++ b/.github/workflows/test-continuous.yml @@ -10,6 +10,7 @@ on: - '**/*.c' - '**/*.h' - '**/*.toml' + - '.github/workflows/test-continuous.yml' # run if this file is changed - '!docs/conf.py' permissions: diff --git a/.github/workflows/test-matrix.yml b/.github/workflows/test-matrix.yml index 6deecc3..3823dbd 100644 --- a/.github/workflows/test-matrix.yml +++ b/.github/workflows/test-matrix.yml @@ -10,6 +10,7 @@ on: - '**/*.c' - '**/*.h' - '**/*.toml' + - '.github/workflows/test-matrix.yml' # run if this file is changed - '!docs/conf.py' workflow_dispatch: From 143d9232a78e019aa3be0754cd1de78d65a51f3b Mon Sep 17 00:00:00 2001 From: David Hart Date: Mon, 4 Nov 2024 10:33:13 -0700 Subject: [PATCH 12/15] ci: re-enable limits on semantic release run --- .github/workflows/semantic-release.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml index 9326ad2..6a18bf3 100644 --- a/.github/workflows/semantic-release.yml +++ b/.github/workflows/semantic-release.yml @@ -3,6 +3,7 @@ name: Semantic Release on: push: branches: + - main workflow_dispatch: inputs: @@ -31,7 +32,7 @@ jobs: runs-on: ubuntu-latest concurrency: semanticRelease # Only run if this is the primary origin main branch - # debug if: ${{ github.ref == 'refs/heads/main' && github.repository == 'sandialabs/sansmic' }} + if: ${{ github.ref == 'refs/heads/main' && github.repository == 'sandialabs/sansmic' }} outputs: is_prerelease: ${{ steps.semVer.outputs.is_prerelease }} released: ${{ steps.semVer.outputs.released }} @@ -72,8 +73,8 @@ jobs: git_committer_email: "actions@users.noreply.github.com" build: false changelog: true - commit: false - push: false + commit: true + push: true tag: false prerelease: ${{ ! (inputs.releaseType == 'release') }} force: ${{ inputs.force }} From dcc99add2d98313344dedb270b126209168cc25f Mon Sep 17 00:00:00 2001 From: David Hart Date: Mon, 4 Nov 2024 10:34:38 -0700 Subject: [PATCH 13/15] ci: remove redundant workflow --- .github/workflows/pytest.yml | 106 ----------------------------------- 1 file changed, 106 deletions(-) delete mode 100644 .github/workflows/pytest.yml diff --git a/.github/workflows/pytest.yml b/.github/workflows/pytest.yml deleted file mode 100644 index 1e8b564..0000000 --- a/.github/workflows/pytest.yml +++ /dev/null @@ -1,106 +0,0 @@ -name: Use pytest to run tests - -on: - workflow_call: - inputs: - version: - required: false - default: '3.12' - type: string - os: - required: false - default: 'ubuntu-latest' - type: string - verbose: - default: false - required: false - type: boolean - secrets: - coverage_token: - required: false - -permissions: - contents: read - -jobs: - run-pytest-coverage: - name: pytest and coverarge - runs-on: ${{ inputs.os }} - steps: - - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 - with: - disable-sudo: true - egress-policy: block - allowed-endpoints: > - api.codecov.io:443 - api.github.com:443 - cli.codecov.io:443 - codecov.io:443 - files.pythonhosted.org:443 - github.com:443 - pypi.org:443 - storage.googleapis.com:443 - uploader.codecov.io:443 - - - name: Check out the commit - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - - name: Set up Python - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 - with: - python-version: ${{ inputs.version }} - - - name: Install dependencies - run: | - python3 -m pip install --upgrade pip - - - name: Build test - run: python3 -m pip install -e .[formats,examples,tests] - - - name: Test with pytest (quiet) - if: ${{ ! inputs.verbose && (inputs.os != 'ubuntu-latest' || inputs.version == '3.9') }} - run: | - python3 -m pytest --nbmake --disable-warnings --cov=sansmic --cov=tests --no-header --color=auto examples/ tests/ - - - name: Full coverage test on linux - if: inputs.os == 'ubuntu-latest' && inputs.version != '3.9' - run: | - export CPPFLAGS="-coverage" - python3 -m pip install setuptools pybind11 gcovr - python3 setup.py build_ext --inplace --force - echo '### Run tests' >> $GITHUB_STEP_SUMMARY - echo '```bash' >> $GITHUB_STEP_SUMMARY - python3 -m pytest --nbmake --disable-warnings --cov=sansmic --cov=tests --no-header --color=auto examples/ tests/ | tee -a $GITHUB_STEP_SUMMARY - find src -type f -name '*.cpp' | xargs -I{} gcov -o build/temp*/src/ext_modules/libsansmic {} - gcovr --txt | tee -a $GITHUB_STEP_SUMMARY - echo '```' >> $GITHUB_STEP_SUMMARY - - - name: Test with pytest (non-windows, verbose) - if: inputs.verbose && inputs.os != 'windows-latest' && inputs.os != 'ubuntu-latest' - run: | - echo '### Run tests' >> $GITHUB_STEP_SUMMARY - echo '```bash' >> $GITHUB_STEP_SUMMARY - python3 -m pytest --nbmake --disable-warnings --cov=sansmic --cov=tests --no-header --color=auto examples/ tests/ | tee -a $GITHUB_STEP_SUMMARY - echo '```' >> $GITHUB_STEP_SUMMARY - - - name: Test with pytest (windows, verbose) - if: inputs.verbose && inputs.os == 'windows-latest' - shell: powershell - run: | - echo '### Run tests' >> $Env:GITHUB_STEP_SUMMARY - echo '```bash' >> $Env:GITHUB_STEP_SUMMARY - python3 -m pytest --nbmake --disable-warnings --cov=sansmic --cov=tests --no-header --color=auto examples/ tests/ >> $Env:GITHUB_STEP_SUMMARY - echo '```' >> $Env:GITHUB_STEP_SUMMARY - - - name: Upload coverage reports to Codecov - if: success() || failure() - uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 - with: - token: ${{ secrets.coverage_token }} - flags: ${{ inputs.os }} - - - name: Test uninstall - if: success() || failure() - # Allow upload to codecov to fail but not fail all tests - run: python3 -m pip uninstall -y sansmic From 362a075e5904832d989ddbd3dc109df01079e611 Mon Sep 17 00:00:00 2001 From: David Hart Date: Mon, 4 Nov 2024 11:10:32 -0700 Subject: [PATCH 14/15] ci: add workflow restricitions --- .github/workflows/semantic-release.yml | 7 +++---- pyproject.toml | 11 +---------- 2 files changed, 4 insertions(+), 14 deletions(-) diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml index 6a18bf3..1a9489b 100644 --- a/.github/workflows/semantic-release.yml +++ b/.github/workflows/semantic-release.yml @@ -10,9 +10,10 @@ on: releaseType: description: 'The type of release' required: false - default: 'prerelease' + default: '' type: choice options: + - '' - prerelease - release force: @@ -191,8 +192,6 @@ jobs: environment: name: release concurrency: semanticRelease - # Only run if this is the primary origin main branch - # debug if: ${{ github.ref == 'refs/heads/main' && github.repository == 'sandialabs/sansmic' }} permissions: id-token: write @@ -255,7 +254,7 @@ jobs: tag: true prerelease: ${{ ! (inputs.releaseType == 'release') }} force: ${{ inputs.force }} - vcs_release: false + vcs_release: true - name: Publish | Upload to GitHub Release Assets uses: python-semantic-release/publish-action@v9.8.9 diff --git a/pyproject.toml b/pyproject.toml index 57c78ca..49d2e61 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -95,15 +95,6 @@ version_variables = [ [tool.semantic_release.branches.release] match = "main" -prerelease = false - -[tool.semantic_release.branches.candidate] -match = "staging" -prerelease_token = "rc" -prerelease = true - -[tool.semantic_release.branches.check-only] -match = "(?!main|master|staging)" [tool.semantic_release.changelog] template_dir = "templates" @@ -146,7 +137,7 @@ allowed_tags = [ "release", # A push to main ] minor_tags = ["feat", "release(feat)"] -patch_tags = ["fix", "perf", "refactor", "release"] +patch_tags = ["fix", "perf", "refactor"] default_bump_level = 0 [tool.semantic_release.remote] From 0300c0959816d5737c35bbddf26ffb035c06989b Mon Sep 17 00:00:00 2001 From: David Hart Date: Mon, 4 Nov 2024 11:13:57 -0700 Subject: [PATCH 15/15] docs: update badges --- .github/workflows/gh-pages.yml | 2 +- README.md | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml index e802405..c9fbba4 100644 --- a/.github/workflows/gh-pages.yml +++ b/.github/workflows/gh-pages.yml @@ -1,5 +1,5 @@ # Deploy Sphinx content to GitHub Pages -name: Deploy Sphinx documentation +name: Docs on: # Runs on pushes targeting the default branch diff --git a/README.md b/README.md index 5b21fa4..978d41a 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ ![Lines of code](https://sloc.xyz/github/sandialabs/sansmic/?category=code) +[![Test Matrix](https://github.com/sandialabs/sansmic/actions/workflows/test-matrix.yml/badge.svg?branch=main)](https://github.com/sandialabs/sansmic/actions/workflows/test-matrix.yml) [![codecov](https://codecov.io/github/sandialabs/sansmic/graph/badge.svg?token=oDeMIUHoqg)](https://codecov.io/github/sandialabs/sansmic) -[![Continuous Integration - Full Test Target Suite](https://github.com/sandialabs/sansmic/actions/workflows/continuous-integration.yml/badge.svg)](https://github.com/sandialabs/sansmic/actions/workflows/continuous-integration.yml) [![Deploy Sphinx documentation](https://github.com/sandialabs/sansmic/actions/workflows/gh-pages.yml/badge.svg?branch=main)](https://github.com/sandialabs/sansmic/actions/workflows/gh-pages.yml) [![pypi](https://img.shields.io/pypi/v/sansmic.svg?maxAge=3600)](https://pypi.org/project/sansmic/) @@ -39,7 +39,7 @@ It can also be installed by downloading a wheel from the [releases] in this repository, or by cloning this repository and building it yourself. Finally, a standalone executable has been created that will be added to each release for Windows users that are unable -due to install Python on their corporate computers (see the releases +due to install Python on their corporate computers (see the releases on the right side of the page). @@ -81,13 +81,13 @@ If you use sansmic for a publication, please use the following citation: [doi:10.11578/dc.20240911.9](https://doi.org/10.11578/dc.20240911.9) The list of current contributors is located in the [AUTHORS](AUTHORS.md) file. -If you would like to contribute, please read the +If you would like to contribute, please read the [guide to contributing](CONTRIBUTING.md). ### License & Copyright See [LICENSE](LICENSE) and [COPYRIGHT](COPYRIGHT.md). -[Sandia National Laboratories](https://www.sandia.gov) +[Sandia National Laboratories](https://www.sandia.gov) is a multimission laboratory managed and operated by National Technology & Engineering Solutions of Sandia, LLC, a wholly owned subsidiary of Honeywell International Inc., for