Initial build & publish rules with GH Actions

oauthlib · Aug 24, 2023 · 9139b72 · 9139b72
1 parent a8d29ff
commit 9139b72
Show file tree

Hide file tree

Showing 5 changed files with 77 additions and 102 deletions.
diff --git a/.github/workflows/python-build.yml b/.github/workflows/python-build.yml
@@ -0,0 +1,40 @@
+name: Python Tests
+run-name: Run Tests by ${{ github.actor }}
+on: [push]
+jobs:
+  tests:
+    env:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    strategy:
+      matrix:
+        python: ["3.8", "3.9", "3.10", "3.11"]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up Python ${{ matrix.python }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python }}
+      - name: Check out repository code
+        uses: actions/checkout@v3
+      - name: Install prereq
+        run: pip install tox coveralls
+      - name: Run python tests
+        run: tox -e ${{ matrix.python }}
+      - name: Coveralls
+        run: coveralls
+  docs:
+    strategy:
+      matrix:
+        toxenv: ["docs", "readme"]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.11"
+      - name: Check out repository code
+        uses: actions/checkout@v3
+      - name: Install prereq
+        run: pip install tox
+      - name: Run python tests
+        run: tox -e ${{ matrix.toxenv }}
diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml
@@ -1,39 +1,32 @@
-# This workflow will upload a Python Package using Twine when a release is created
-# For more information see: https://help.github.com/en/actions/language-and-framework-guides/using-python-with-github-actions#publishing-to-package-registries
-
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
-
-name: Upload Python Package
-
+name: Production deploy
 on:
-  release:
-    types: [published]
-
-permissions:
-  contents: read
-
+  workflow_run:
+    workflows: ["Python Tests"]
+    types:
+      - completed
 jobs:
-  deploy:
-
+  pypi-publish:
+    if: |
+      ${{ github.event.workflow_run.conclusion == 'success' }} &&
+      ${{ github.ref_type == 'tag' }}
+    name: Upload release to PyPI
     runs-on: ubuntu-latest
-
+    environment:
+      name: pypi
+      url: https://pypi.org/p/oauthlib
+    permissions:
+      id-token: write  # IMPORTANT: this permission is mandatory for trusted publishing
     steps:
-    - uses: actions/checkout@v3
-    - name: Set up Python
-      uses: actions/setup-python@v4
+    - name: Check out repository code
+      uses: actions/checkout@v3
+    - uses: actions/setup-python@v4
       with:
-        python-version: '3.x'
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip setuptools
-        pip install build
-    - name: Build package
-      run: python -m build
-    - name: Publish package
-      uses: pypa/gh-action-pypi-publish@27b31702a0e7fc50959f5ad993c78deac1bdfc29
-      with:
-        user: __token__
-        password: ${{ secrets.PYPI_API_TOKEN }}
+        python-version: '3.10'
+    - name: Install prereq
+      run: pip install wheel
+    - name: Build python package
+      run: python setup.py build
+    - name: Package python package
+      run: python setup.py sdist bdist_wheel
+    - name: Publish package distributions to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1
diff --git a/.travis.yml b/.travis.yml
diff --git a/Makefile b/Makefile
@@ -81,4 +81,4 @@ dance:
 
 .DEFAULT_GOAL := all
 .PHONY: clean test bottle dance django flask requests
-all: clean test bottle dance django flask requests
+all: test bottle dance django flask requests
diff --git a/tox.ini b/tox.ini
@@ -1,39 +1,39 @@
+# require tox>=4
 [tox]
-envlist = py36,py37,py38,py39,py310,py311,pypy3,docs,readme,bandit,isort
+envlist = py38,py39,py310,py311,pypy3,docs,readme,bandit,isort
 
 [testenv]
 deps=
     -rrequirements-test.txt
 commands=
     pytest --cov=oauthlib tests/
 
-
 # tox -e docs to mimic readthedocs build.
 # as of today, RTD is using python3.7 and doesn't run "setup.py install"
 [testenv:docs]
-basepython=python3.7
+basepython=python3.11
 skipsdist=True
 deps=
         sphinx
         sphinx_rtd_theme
 changedir=docs
-whitelist_externals=make
+allowlist_externals=make
 commands=make clean html
 
 # tox -e readme to mimic PyPI long_description check
 [testenv:readme]
-basepython=python3.8
+basepython=python3.11
 deps=twine>=1.12.0
-whitelist_externals=echo
+allowlist_externals=echo
 commands=
-        twine check .tox/dist/*
+        twine check .tox/.pkg/dist/*
 
 [testenv:bandit]
-basepython=python3.8
+basepython=python3.11
 skipsdist=True
 deps=bandit
 commands=bandit -b bandit.json -r oauthlib/
-whitelist_externals=bandit
+allowlist_externals=bandit
 
 [testenv:isort]
 basepython = python3.8