Switch test pypi release to trusted publishing #991
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: [push, pull_request] | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| python-version: [3.9, "3.10", "3.11", "3.12", "3.13"] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Cache dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ hashFiles('requirements/**') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v3 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip setuptools wheel | |
| pip install -r requirements/ci.txt | |
| - name: Lint with ruff | |
| run: | | |
| ruff check --select I | |
| ruff format --check flask_limiter tests | |
| ruff check flask_limiter tests | |
| - name: Type checking | |
| run: | | |
| mypy flask_limiter | |
| test: | |
| runs-on: ubuntu-latest | |
| name: Test (Python ${{ matrix.python-version }}, Flask ${{matrix.flask-version}}) | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| python-version: [3.9, "3.10", "3.11", "3.12", "3.13"] | |
| flask-version: ["flask>=2.3,<2.4", "flask>=3.0,<3.1", "flask>=3.1,<3.2"] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Cache dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ hashFiles('requirements/**') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v3 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip setuptools wheel | |
| pip install -r requirements/ci.txt | |
| - name: Install Flask ${{ matrix.flask-version }} | |
| run: | | |
| pip uninstall -y flask werkzeug | |
| pip install "${{ matrix.flask-version }}" | |
| - name: Test | |
| run: | | |
| pytest --cov-report=xml | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v5 | |
| env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| - name: Check Coverage | |
| run: | | |
| coverage report --fail-under=100 || (echo 'Insufficient coverage' && $(exit 1)) | |
| build_wheels: | |
| needs: [lint] | |
| name: Build wheel | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Build wheels | |
| run: | | |
| python -m pip install build | |
| python -m build --wheel | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: wheels | |
| path: ./dist/*.whl | |
| build_sdist: | |
| needs: [lint] | |
| name: Build source distribution | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Build sdist | |
| run: | | |
| pipx run build --sdist | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: src_dist | |
| path: dist/*.tar.gz | |
| upload_pypi: | |
| needs: [test, build_wheels, build_sdist] | |
| runs-on: ubuntu-latest | |
| if: github.ref == 'refs/heads/master' | |
| permissions: | |
| id-token: write | |
| steps: | |
| - uses: actions/[email protected] | |
| with: | |
| name: wheels | |
| path: dist | |
| - uses: actions/[email protected] | |
| with: | |
| name: src_dist | |
| path: dist | |
| - uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository_url: https://test.pypi.org/legacy/ | |
| skip_existing: true | |
| upload_pypi_release: | |
| needs: [test, build_wheels, build_sdist] | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') | |
| steps: | |
| - uses: actions/[email protected] | |
| with: | |
| name: wheels | |
| path: dist | |
| - uses: actions/[email protected] | |
| with: | |
| name: src_dist | |
| path: dist | |
| - uses: pypa/[email protected] | |
| with: | |
| user: __token__ | |
| password: ${{ secrets.PYPI_API_TOKEN }} | |
| github_release: | |
| needs: [upload_pypi_release] | |
| name: Create Release | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Download wheels | |
| uses: actions/[email protected] | |
| with: | |
| name: wheels | |
| path: dist | |
| - name: Download src dist | |
| uses: actions/[email protected] | |
| with: | |
| name: src_dist | |
| path: dist | |
| - name: Generate release notes | |
| run: | | |
| ./scripts/github_release_notes.sh > release_notes.md | |
| - name: Create Release | |
| uses: ncipollo/release-action@v1 | |
| with: | |
| artifacts: "dist/*" | |
| bodyFile: release_notes.md | |
| token: ${{ secrets.GITHUB_TOKEN }} |