Skip to content

Rewrite the pyOpenSSL implementation in terms of the cryptography one… #159

Rewrite the pyOpenSSL implementation in terms of the cryptography one…

Rewrite the pyOpenSSL implementation in terms of the cryptography one… #159

Workflow file for this run

---
name: CI
on:
push:
branches: [main]
pull_request:
workflow_dispatch:
env:
FORCE_COLOR: "1" # Make tools pretty.
PIP_DISABLE_PIP_VERSION_CHECK: "1"
PIP_NO_PYTHON_VERSION_WARNING: "1"
permissions: {}
jobs:
lint:
name: Run linters
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.11" # XXX: change once interrogate works on 3.12
cache: pip
- name: Install & run tox
run: |
python -Im pip install tox
python -Im tox run -e lint -- --show-diff-on-failure
tests:
name: Tests on ${{ matrix.python-version }}
runs-on: ubuntu-latest
strategy:
matrix:
python-version:
- "3.8"
- "3.9"
- "3.10"
- "3.11"
- "3.12"
- "pypy-3.9"
- "pypy-3.10"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
allow-prereleases: true
cache: pip
- name: Prepare tox & run tests
run: |
V=${{ matrix.python-version }}
if [[ "$V" = pypy-* ]]; then
V=pypy3
else
V=py$(echo $V | tr -d .)
fi
python -Im pip install tox
python -Im tox run -f "$V"
- name: Run Mypy on API
run: python -Im tox run -e mypy-api
- name: Upload coverage data
uses: actions/upload-artifact@v4
with:
name: coverage-data-${{ matrix.python-version }}
path: .coverage.*
include-hidden-files: true
if-no-files-found: ignore
coverage:
name: Combine & check coverage
needs: tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version-file: .python-version-default
cache: pip
- uses: actions/download-artifact@v4
with:
pattern: coverage-data-*
merge-multiple: true
- name: Combine coverage & fail if it's <100%
run: |
python -Im pip install coverage[toml]
python -Im coverage combine
python -Im coverage html --skip-covered --skip-empty
# Report and write to summary.
python -Im coverage report --format=markdown >> $GITHUB_STEP_SUMMARY
# Report again and fail if under 100%.
python -Im coverage report --fail-under=100
- name: Upload HTML report if check failed.
uses: actions/upload-artifact@v4
with:
name: html-report
path: htmlcov
if: ${{ failure() }}
mypy-pkg:
name: Type-check package
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version-file: .python-version-default
cache: pip
- name: Install & run tox
run: |
python -Im pip install tox
python -Im tox run -e mypy-pkg
install-dev:
strategy:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
name: Verify dev env
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version-file: .python-version-default
cache: pip
- name: Install in dev mode & import
run: |
python -Im pip install -e .[dev]
python -Ic 'import service_identity; print(service_identity.__version__)'
docs:
name: Build docs & run doctests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
# Keep in sync with tox.ini/docs & .readthedocs.yaml
python-version: "3.12"
cache: pip
- name: Install & run tox
run: |
python -Im pip install tox
python -Im tox run -e docs
required-checks-pass:
name: Ensure everything required is passing for branch protection
if: always()
needs:
- coverage
- docs
- install-dev
- lint
- mypy-pkg
runs-on: ubuntu-latest
steps:
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@release/v1
with:
jobs: ${{ toJSON(needs) }}