From 341507b69f2a31cbe0944c7e1bb24bfca06aa02d Mon Sep 17 00:00:00 2001 From: Yeison Vargas Date: Wed, 14 Sep 2022 16:26:53 -0500 Subject: [PATCH 1/3] Adding basic github action workflow --- .github/workflows/main.yml | 107 +++++++++++++++++++++++++++++++++++++ .travis.yml | 44 --------------- appveyor.yml | 66 ----------------------- appveyor.py => binaries.py | 45 ++++++++-------- test_requirements.txt | 8 +++ 5 files changed, 139 insertions(+), 131 deletions(-) create mode 100644 .github/workflows/main.yml delete mode 100644 .travis.yml delete mode 100644 appveyor.yml rename appveyor.py => binaries.py (71%) create mode 100644 test_requirements.txt diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 00000000..08c1ef7c --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,107 @@ +name: Python package + +on: [ push ] + +jobs: + test: + runs-on: ubuntu-latest + strategy: + matrix: + python-version: [ "3.6", "3.7", "3.8", "3.9", "3.10" ] + steps: + - uses: actions/checkout@v3 + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + - name: Display Python version + run: python -c "import sys; print(sys.version)" + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install -r test_requirements.txt + - name: Test with pytest + run: | + pytest -rP tests/ --cov=dparse/ --cov-report=xml --cov-report=html + + build-binaries: + needs: test + runs-on: ${{ matrix.os }} + + if: contains(fromJson('["refs/heads/master", "refs/heads/develop", "refs/heads/binaries-fixes"]'), github.ref) || startsWith(github.ref, 'refs/tags') + + strategy: + matrix: + os: ['windows-latest', 'ubuntu-latest', 'macos-latest'] + env: + BINARY_OS: '${{ matrix.os }}' + steps: + - uses: actions/checkout@v3 + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: '3.10' + - name: Install Dependencies + run: python binaries.py install + - name: Test Safety + run: python binaries.py test + - name: Producing Binaries + run: python binaries.py dist + - uses: actions/upload-artifact@v3 + with: + name: safety-win-i686.exe + path: dist/safety-win-i686.exe + - uses: actions/upload-artifact@v3 + with: + name: safety-win-x86_64.exe + path: dist/safety-win-x86_64.exe + - uses: actions/upload-artifact@v3 + with: + name: safety-linux-i686 + path: dist/safety-linux-i686 + - uses: actions/upload-artifact@v3 + with: + name: safety-linux-x86_64 + path: dist/safety-linux-x86_64 + - uses: actions/upload-artifact@v3 + with: + name: safety-macos-x86_64 + path: dist/safety-macos-x86_64 + + + deploy-pypi: + needs: build-binaries + runs-on: ubuntu-latest + + if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags') + + steps: + - uses: actions/checkout@v3 + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: '3.10' + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install build + - name: Build package + run: python -m build + - name: Publish package + uses: pypa/gh-action-pypi-publish@27b31702a0e7fc50959f5ad993c78deac1bdfc29 + with: + user: __token__ + password: ${{ secrets.SAFETY_PYPI_API_TOKEN }} + + create-gh-release: + needs: deploy-pypi + runs-on: ubuntu-latest + if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags') + permissions: + contents: write + steps: + - uses: actions/checkout@v2 + - uses: ncipollo/release-action@v1 + with: + artifacts: "dist/safety-win-i686.exe,dist/safety-win-x86_64.exe,dist/safety-linux-i686,dist/safety-linux-x86_64,dist/safety-macos-x86_64" + token: ${{ secrets.SAFETY_GITHUB_TOKEN }} diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 02b1b4ae..00000000 --- a/.travis.yml +++ /dev/null @@ -1,44 +0,0 @@ -dist: focal - -env: - global: - - TWINE_NON_INTERACTIVE: true - # TWINE_USERNAME - - secure: uLzl+gKc867pGfuFicfHHZ18VETx4dcNLtpEHwoU+mBAwIz7geu7EtwIpzs717XX0wviCizeEJ1f/fVhs/uKnd/uHSfjL+z1/VCY5pr++O5pz2nmAbAQFIehTryF74A2NZi0LlJ+5brJcIt3/bVBsi3nhcmhNDw1eKfqDZV/wIA92Z10jE//JGp1P9qErD7sp0GRbo1NWR6MPwl/6doNK12583avVSuyKptNCKAQd6avxpzQ5PUHoklGq5Uc384VKc5hqcRoZxD3MeygvCZoclcVa+DHcHKfepmqys7A1i+/Kj48/lrlHVwLSbqE+bME0E5H0Js+4ltkEslnPuKvYgUne9tQArwNKWzdnJ6RE3Jij164QmeEbbdkmiYeNlIgq/fEsv0TaLZFEsDTM/+81DGbDwEm196nlbReSMTQ4UKYw/5bVi9k3MVAfYC87eLv8kx3Of7/vc0U3BqbJBBJFNRELCnIpWSR7Q42ycOyPjxmTaZ6rIoTBpyhWqnlQO98zrgMwE9Zkahw9cdGhnkQzPhxWzcyt0ULurN7URxgcaGMxSpajc9uYToppmT/wTWMrLVqN/8tQ6wrMKMVQ9oJTkkZayAyvdFBNwR8bMY8+K0ts5U51F2DvC32WCjdUoUpIiaEGJO37Ca7vU8kN92fLxqdF14Rm8QdWs0fzYTlkLY= - # TWINE_PASSWORD - - secure: wMkT6y9WTicPLeRCCzVxd02WHAHfegO9yJMC9yyQOJM8FqOGQmNQJMd+rS5FcryxTLBnPQgMGWXxOpy1HEUFzjmjX0OPFO9zkheD5PuMPgQpdOKMVVEEhAfr8ndVdwUKGCOXrf5PVOMkDu/dyQx9OdS9TZMWP46HWYOSI0LJ6z/u4ak0QgJszkXANSBvTOGGDvMmsiHnDyqTEFIhepZxkB1v/p2mOif/wQWRwe9cq7NRkl092QkE8PlTKm1HMu5P69n8Uz8OTrqKlmOD3S6mNr94dkNgqrui/6iRq6ofN91LENIlg32ZvMDgRpr2dmPg8IhiJtC4wDtFpkxB7vsg8MIIFiECzBBfTrOXohq/GWqEvlN0bRYkXOiexLMNHHQ+Vylt4LhI8osrjElUCp7TuBf9NBcom5lttQQNsgDGCr1zRxiGH0iRBiW/JJUQ0UFUl90E00JH8z1Np36I7oyIUolB0y/C0UFotq321MqxFUwXv1r/lNHUOwrBElNicGwIAU148tt6iAeNpEvcbXl0NMTMmzFvWQAvIZF2cjw7JX5QgxD+2cLHCOaBPLFXfm4kY6Bo44PlIJD8kdE/RxDN+4KlyBu2N7txgUf7b7s1Qsaat0sSYJzvh4XNcIXLWilPpaRS53aCQ4AyXVGHyicblsO/CmnjyLUNBlGQHQJf0J4= - -branches: - only: - - master - - develop - - /^\d+\.\d+(\.\d+)?((a|b|rc)?\d+)?$/ - -language: python - -python: - - '3.6' - - '3.7' - - '3.8' - - '3.9' - - '3.10' -install: - - pip install tox-travis - - pip install codecov -script: - - tox -after_success: - - codecov - -before_deploy: - - pip install --upgrade build - - pip install --upgrade twine - -deploy: - - provider: script - script: python3 -m build && twine upload dist/* - on: - repo: pyupio/safety - branch: master - python: 3.9 - tags: true diff --git a/appveyor.yml b/appveyor.yml deleted file mode 100644 index 3742eda9..00000000 --- a/appveyor.yml +++ /dev/null @@ -1,66 +0,0 @@ -version: 2.2.0.dev-{build} -image: - - Visual Studio 2019 - - Ubuntu - - macOS - -# Do not build feature branch with open Pull Requests -skip_branch_with_pr: true -branches: - only: - - master - - develop - - appveyor-fixes - - /^\d+\.\d+(\.\d+)?((a|b|rc)?\d+)?$/ - -# note: on macOS the binary is built using Python 3.7 (installed via Homebrew), because -# the shipped Python lacks libraries PyInstaller needs. -stack: python 3.6 - -# note: 32 bit linux binary is build using docker -for: -- - matrix: - only: - - image: Ubuntu - - services: - - docker - -environment: - PY_DIR: C:\Python36-x64 - -init: - - cmd: set PATH=%PY_DIR%;%PY_DIR%\Scripts;%PATH% - -build: off - -artifacts: - - path: "dist\\safety-win-i686.exe" - name: "safety-win-i686.exe" - - path: "dist\\safety-win-x86_64.exe" - name: "safety-win-x86_64.exe" - - path: "dist\\safety-linux-i686" - name: "safety-linux-i686" - - path: "dist\\safety-linux-x86_64" - name: "safety-linux-x86_64" - - path: "dist\\safety-macos-x86_64" - name: "safety-macos-x86_64" - -install: - - "python --version" - - "python appveyor.py install" - -test_script: - - "python appveyor.py test" - - "python appveyor.py dist" - - -deploy: - - provider: GitHub - description: 'Safety Binary Release' - auth_token: - secure: FQDI6RodnfAg03naBo+mYvDjtNmLhDSH5d11mQPrAns7Cj83JZWpQc36GsOcW+JM - on: - branch: master - APPVEYOR_REPO_TAG: true diff --git a/appveyor.py b/binaries.py similarity index 71% rename from appveyor.py rename to binaries.py index b5dfd683..0752f932 100644 --- a/appveyor.py +++ b/binaries.py @@ -1,7 +1,7 @@ -"""AppVeyor Build +"""Github Action Build -This file is used to build and distribute the safety binary on appveyor. Take -a look at the corresponding appveyor.yml as well. +This file is used to build and distribute the safety binary on Github actions. +Take a look at the corresponding main.yml as well. """ import os @@ -18,11 +18,11 @@ class environment: def __init__(self): os_mapping = { - "Visual Studio 2019": self.WIN, - "Ubuntu": self.LINUX, - "macOS": self.MACOS + "windows-latest": self.WIN, + "ubuntu-latest": self.LINUX, + "macos-latest": self.MACOS } - self.os = os_mapping[os.getenv("APPVEYOR_BUILD_WORKER_IMAGE")] + self.os = os_mapping[os.getenv("BINARY_OS")] @property def python(self): @@ -31,22 +31,23 @@ def python(self): PYTHON_BINARIES = { WIN: { - 64: "C:\\Python38-x64\\python.exe", - 32: "C:\\Python38\\python.exe", + 64: "C:\\Python39-x64\\python.exe", + 32: "C:\\Python39\\python.exe", }, # Order is important. If the 32 bit release gets built first, # you'll run into permission problems due to docker clobbering # up the current working directory. LINUX: OrderedDict([ - (64, "python"), - (32, f"docker run -t -v {os.getcwd()}:/app 32-bit-linux python3"), + (64, "python3"), + (32, + f"docker run --platform linux/386 -t " + f"-v {os.getcwd()}:/app 32-bit-linux " + f"python3"), ]), MACOS: { - # Trying to use Python 3 compatible with PyInstaller according - # https://www.appveyor.com/docs/macos-images-software/#python - 64: "~/venv3.8/bin/python", + 64: "python3", } } @@ -59,7 +60,10 @@ def run(self, command): try: print(f"RUNNING: {command}") print("-" * 80) - subprocess.run(command, shell=True, check=True) + result = subprocess.run(command, shell=True, check=True, + stdout=subprocess.PIPE) + if result: + print(result.stdout.decode('utf-8').strip()) except subprocess.CalledProcessError as e: print(f"ERROR calling '{command}'") print("-" * 20) @@ -74,13 +78,12 @@ def install(self): # - build the 32 bit binary for linux on docker # - create dist/ path to circumvent permission errors if self.os == self.LINUX: - self.run("docker build -t 32-bit-linux -f Dockerfilei386 .") + self.run("docker build --platform linux/386 " + "-t 32-bit-linux -f Dockerfilei386 .") for arch, python in self.python: - self.run(f"{python} -m pip install setuptools") self.run(f"{python} -m pip install pyinstaller") - self.run(f"{python} -m pip install pytest") - self.run(f"{python} -m pip install -e .") + self.run(f"{python} -m pip install -r test_requirements.txt") def dist(self): """Runs Pyinstaller producing a binary for every platform arch.""" @@ -92,7 +95,7 @@ def dist(self): f" --distpath {build_path}") # There seems to be no way to tell pyinstaller the binary name. - # This leads to problems with appveyors artifact collector because + # This leads to problems with artifact collector because # every binary is named the same. # # Move them around so they can be picked up correctly @@ -119,7 +122,7 @@ def test(self): if __name__ == "__main__": if len(sys.argv) <= 1 or sys.argv[1] not in ['install', 'test', 'dist']: - print("usage: appveyor.py [install|test|dist]") + print("usage: binaries.py [install|test|dist]") sys.exit(-1) env = environment() diff --git a/test_requirements.txt b/test_requirements.txt new file mode 100644 index 00000000..b556e1c6 --- /dev/null +++ b/test_requirements.txt @@ -0,0 +1,8 @@ +pytest +pytest-cov +setuptools>=19.3 +Click>=8.0.2 +requests +packaging>=21.0 +dparse>=0.6.0 +ruamel.yaml>=0.17.21 From 718bb7b5e52708e490450b83dd013bcf388e7731 Mon Sep 17 00:00:00 2001 From: Yeison Vargas Date: Wed, 14 Sep 2022 16:38:06 -0500 Subject: [PATCH 2/3] Test action only in main branches --- .github/workflows/test-insecure.yml | 4 +++- .github/workflows/test-secure.yml | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test-insecure.yml b/.github/workflows/test-insecure.yml index f5f29d28..8178539e 100644 --- a/.github/workflows/test-insecure.yml +++ b/.github/workflows/test-insecure.yml @@ -2,7 +2,9 @@ ######## set on the action step, and a further step to ensure the previous step failed (and actually fail if it _didn't_) name: Safety Action Insecure Tests -on: [push] +on: + push: + branches: [master, develop] jobs: ##### Auto mode tests diff --git a/.github/workflows/test-secure.yml b/.github/workflows/test-secure.yml index 357f2213..0bd29484 100644 --- a/.github/workflows/test-secure.yml +++ b/.github/workflows/test-secure.yml @@ -3,7 +3,9 @@ ######## fail, the pinned version might need to be updated. name: Safety Action Secure Tests -on: [push] +on: + push: + branches: [master, develop] jobs: ##### Auto mode tests From 51ad4ada3e4b89d3ec1d8b07f9847c095a638319 Mon Sep 17 00:00:00 2001 From: Yeison Vargas Date: Wed, 14 Sep 2022 16:49:01 -0500 Subject: [PATCH 3/3] Building image only on master branch --- .github/workflows/build.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 74832bc2..b0bd278d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,6 +1,8 @@ name: Safety Action Build And Publish -on: [push] +on: + push: + branches: [master] env: DOCKER_BUILDKIT: 1