-
Notifications
You must be signed in to change notification settings - Fork 467
141 lines (137 loc) · 3.99 KB
/
ci.yml
File metadata and controls
141 lines (137 loc) · 3.99 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
name: CI
# Since this same workflow file is used for both PRs and pushes,
# Zizmor wants to flag all uses of caches as potential cache poisoning vulnerabilities.
# I don't see a way to easily split this workflow into two separate files since
# we do want to build the package for PRs, and then publish it from that exact
# built artifact, if we're pushing to tags.
on: # zizmor: ignore[cache-poisoning]
push:
branches:
- master
- '*-maint'
tags:
- 'v*'
pull_request:
branches:
- master
- '*-maint'
permissions: {}
jobs:
lint:
name: lint
permissions:
contents: read
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
- uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867 # v7.1.6
with:
cache-dependency-glob: ".github/workflows/*.yml"
cache-suffix: pre-commit-uv
- run: uv tool install pre-commit --with pre-commit-uv --force-reinstall
- uses: actions/cache@v5
with:
path: ~/.cache/pre-commit
key: pre-commit-uv-v1-${{ hashFiles('.pre-commit-config.yaml') }}
- run: pre-commit run --all-files --show-diff-on-failure --color=always
env:
RUFF_OUTPUT_FORMAT: github
test:
name: test
permissions:
contents: read
runs-on: ${{ matrix.os }}
strategy:
matrix:
os:
- "ubuntu-24.04"
- "windows-2022"
- "macos-14"
python-version:
- "3.8"
- "3.9"
- "3.10"
- "3.11"
- "3.12"
- "3.13"
- "3.14"
- "pypy3.10"
env:
BABEL_CLDR_NO_DOWNLOAD_PROGRESS: "1"
BABEL_CLDR_QUIET: "1"
PIP_DISABLE_PIP_VERSION_CHECK: "1"
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
- uses: actions/cache@v5
with:
path: cldr
key: cldr-${{ hashFiles('scripts/*cldr*') }}
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v6
with:
python-version: ${{ matrix.python-version }}
allow-prereleases: true
cache: "pip"
cache-dependency-path: "**/setup.py"
- name: Install dependencies
run: |
python -m pip install --upgrade pip setuptools wheel
python -m pip install 'tox~=4.0' 'tox-gh-actions~=3.0'
- name: Run test via Tox
run: tox --skip-missing-interpreters
env:
COVERAGE_XML_PATH: ${{ runner.temp }}
BABEL_TOX_EXTRA_DEPS: pytest-github-actions-annotate-failures
- uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
with:
directory: ${{ runner.temp }}
flags: ${{ matrix.os }}-${{ matrix.python-version }}
token: ${{ secrets.CODECOV_TOKEN }}
verbose: true
build:
name: build
permissions:
contents: read
runs-on: ubuntu-24.04
needs: lint
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
- uses: actions/setup-python@v6
with:
python-version: "3.14"
cache: "pip"
cache-dependency-path: "**/setup.py"
- run: pip install build -e .
- run: make import-cldr
- run: python -m build
- uses: actions/upload-artifact@v6
with:
name: dist
path: dist
publish:
name: publish
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
needs:
- build
runs-on: ubuntu-latest
environment:
name: release
url: https://pypi.org/p/babel/
permissions:
id-token: write # Required for Trusted Publishing action
steps:
- uses: actions/download-artifact@v7
with:
name: dist
path: dist/
- name: Publish package distributions to PyPI
uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0
with:
verbose: true
print-hash: true