v0.1.22 #21
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build, Smoke & Publish | |
| on: | |
| pull_request: | |
| push: | |
| branches: [main] | |
| release: | |
| types: [published] | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| issues: write # smoke-registry opens an issue on failure | |
| jobs: | |
| # ── macOS (ARM64 + x86_64) ───────────────────────────────── | |
| macos: | |
| runs-on: macos-latest | |
| strategy: | |
| matrix: | |
| target: [aarch64-apple-darwin, x86_64-apple-darwin] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Build wheel | |
| uses: PyO3/maturin-action@v1 | |
| with: | |
| target: ${{ matrix.target }} | |
| args: --release --out dist | |
| sccache: "true" | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: wheels-macos-${{ matrix.target }} | |
| path: dist/*.whl | |
| # ── Linux (x86_64, manylinux) ────────────────────────────── | |
| linux: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| target: [x86_64-unknown-linux-gnu] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Build wheel | |
| uses: PyO3/maturin-action@v1 | |
| with: | |
| target: ${{ matrix.target }} | |
| args: --release --out dist --interpreter python3.12 | |
| manylinux: "2_28" | |
| before-script-linux: | | |
| # Install OpenSSL dev headers for native-tls (replaces ring/rustls) | |
| if command -v dnf > /dev/null; then | |
| dnf install -y openssl-devel pkgconfig | |
| elif command -v yum > /dev/null; then | |
| yum install -y openssl-devel pkgconfig | |
| elif command -v apt-get > /dev/null; then | |
| apt-get update && apt-get install -y libssl-dev pkg-config | |
| fi | |
| # maturin_2_28 images expose pythons at /opt/python/*/bin but not on PATH | |
| ln -sf /opt/python/cp312-cp312/bin/python3 /usr/local/bin/python3 || true | |
| sccache: "true" | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: wheels-linux-${{ matrix.target }} | |
| path: dist/*.whl | |
| # ── Windows (x86_64) ───────────────────────────────────────── | |
| windows: | |
| runs-on: windows-latest | |
| strategy: | |
| matrix: | |
| target: [x86_64-pc-windows-msvc] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Build wheel | |
| uses: PyO3/maturin-action@v1 | |
| with: | |
| target: ${{ matrix.target }} | |
| args: --release --out dist | |
| sccache: "true" | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: wheels-windows-${{ matrix.target }} | |
| path: dist/*.whl | |
| # ── Source distribution ───────────────────────────────────── | |
| sdist: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Build sdist | |
| uses: PyO3/maturin-action@v1 | |
| with: | |
| command: sdist | |
| args: --out dist | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: wheels-sdist | |
| path: dist/*.tar.gz | |
| # ── Pre-publish smoke: install wheel into fresh venv on real OSes ── | |
| smoke-local: | |
| name: Smoke (local) ${{ matrix.os }} py${{ matrix.python }} | |
| needs: [macos, linux, windows] | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - os: ubuntu-latest | |
| shell: bash | |
| - os: macos-14 # arm64 | |
| shell: bash | |
| - os: macos-13 # x64 | |
| shell: bash | |
| - os: windows-latest | |
| shell: pwsh | |
| python: ["3.12"] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python }} | |
| - name: Download wheels | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: wheels-* | |
| merge-multiple: true | |
| path: wheels | |
| - name: List wheels | |
| shell: bash | |
| run: ls -lh wheels/ | |
| - name: Run smoke (local wheel) | |
| if: matrix.shell == 'bash' | |
| env: | |
| WHEEL_DIR: ${{ github.workspace }}/wheels | |
| SMOKE_SCRIPT: ${{ github.workspace }}/ci/smoke/smoke.py | |
| run: bash ci/smoke/run-local.sh | |
| - name: Run smoke (local wheel, Windows) | |
| if: matrix.shell == 'pwsh' | |
| shell: pwsh | |
| env: | |
| WHEEL_DIR: ${{ github.workspace }}/wheels | |
| SMOKE_SCRIPT: ${{ github.workspace }}/ci/smoke/smoke.py | |
| run: pwsh ci/smoke/run-local.ps1 | |
| # ── Publish to PyPI ───────────────────────────────────────── | |
| publish: | |
| name: Publish to PyPI | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'release' | |
| needs: [macos, linux, windows, sdist, smoke-local] | |
| environment: | |
| name: pypi | |
| url: https://pypi.org/p/duroxide | |
| permissions: | |
| id-token: write # trusted publishing | |
| steps: | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| pattern: wheels-* | |
| merge-multiple: true | |
| path: dist | |
| - name: List wheels | |
| run: ls -lh dist/ | |
| - name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| skip-existing: true | |
| # ── Post-publish smoke: install from real PyPI on real OSes ── | |
| smoke-registry: | |
| name: Smoke (registry) ${{ matrix.os }} py${{ matrix.python }} | |
| if: github.event_name == 'release' | |
| needs: [publish] | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - os: ubuntu-latest | |
| shell: bash | |
| - os: macos-14 | |
| shell: bash | |
| - os: macos-13 | |
| shell: bash | |
| - os: windows-latest | |
| shell: pwsh | |
| python: ["3.12"] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python }} | |
| - name: Normalize version (strip leading v) | |
| id: ver | |
| shell: bash | |
| run: | | |
| V="${{ github.event.release.tag_name }}" | |
| V="${V#v}" | |
| echo "version=$V" >> "$GITHUB_OUTPUT" | |
| - name: Run smoke (registry install) | |
| if: matrix.shell == 'bash' | |
| env: | |
| DUROXIDE_VERSION: ${{ steps.ver.outputs.version }} | |
| SMOKE_SCRIPT: ${{ github.workspace }}/ci/smoke/smoke.py | |
| run: bash ci/smoke/run-registry.sh | |
| - name: Run smoke (registry install, Windows) | |
| if: matrix.shell == 'pwsh' | |
| shell: pwsh | |
| env: | |
| DUROXIDE_VERSION: ${{ steps.ver.outputs.version }} | |
| SMOKE_SCRIPT: ${{ github.workspace }}/ci/smoke/smoke.py | |
| run: pwsh ci/smoke/run-registry.ps1 | |
| smoke-registry-report: | |
| name: Report registry smoke failure | |
| if: github.event_name == 'release' && failure() && needs.smoke-registry.result == 'failure' | |
| needs: [smoke-registry] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| const tag = context.payload.release.tag_name; | |
| const runUrl = `${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}`; | |
| await github.rest.issues.create({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| title: `Post-publish smoke FAILED for ${tag}`, | |
| body: [ | |
| `Post-publish (PyPI registry) smoke failed for release \`${tag}\`.`, | |
| ``, | |
| `Run: ${runUrl}`, | |
| ``, | |
| `Consumers installing \`duroxide==${tag.replace(/^v/,'')}\` from PyPI may be broken on one or more platforms.`, | |
| `The release has NOT been auto-yanked. Action: investigate, patch, release a new version, and yank the bad one via PyPI UI if needed.`, | |
| ].join('\n'), | |
| labels: ['bug', 'release-smoke'], | |
| }); |