Skip to content
CI

chore: type check using 'ty' #217

Sign in to view logs

chore: type check using 'ty'

chore: type check using 'ty' #217

Workflow file for this run

.github/workflows/ci.yml at d0edb5b
name: CI
on:
pull_request:
push:
branches:
- main
workflow_dispatch:
concurrency:
group: ci-${{ github.ref }}
cancel-in-progress: true
jobs:
pre_commit:
runs-on: ubuntu-latest
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
with:
egress-policy: audit
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: j178/prek-action@6ad80277337ad479fe43bd70701c3f7f8aa74db3 # v2.0.3
with:
extra-args: "--all-files --skip=ty-check"
- uses: pre-commit-ci/lite-action@5d6cc0eb514c891a40562a58a8e71576c5c7fb43 # v1.1.0
if: always()
type_check:
runs-on: ${{ matrix.os }}-${{ matrix.os_version }}
strategy:
fail-fast: false
matrix:
os: [windows]
os_version: [latest]
python-version: ["3.13", "3.14"]
defaults:
run:
shell: bash
env:
UV_NO_PROGRESS: true
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
with:
egress-policy: audit
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
with:
activate-environment: true
cache-dependency-glob: "pyproject.toml"
enable-cache: true
- name: Install dependencies
run: ci/install-tools.sh --dev --tests
- name: Type check
run: ty check
build_wheel:
name: Build wheels
uses: ./.github/workflows/build.yml
needs:
- pre_commit
- type_check
testpypi:
name: Publish package to TestPyPI
needs:
- build_wheel
if: |
github.event_name != 'workflow_dispatch' &&
!(github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork)
environment:
name: ${{ github.event_name }}
url: https://test.pypi.org/p/python-msilib
permissions:
id-token: write
runs-on: ubuntu-latest
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
with:
egress-policy: audit
- name: Download all artifacts
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
path: wheelhouse
pattern: python-msilib-wheel-*
merge-multiple: true
- name: Publish package to TestPyPI
uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # v1.14.0
with:
packages-dir: wheelhouse/
repository-url: https://test.pypi.org/legacy/
skip-existing: true
verbose: true
tests:
needs:
- build_wheel
runs-on: ${{ matrix.os }}-${{ matrix.os-version }}
strategy:
matrix:
os: [windows]
os-version: [latest, 11-arm]
python-version: ["3.13", "3.14", "3.14t"]
exclude: # provisional
- os-version: 11-arm
python-version: "3.14t"
defaults:
run:
shell: bash
env:
UV_NO_PROGRESS: true
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
with:
egress-policy: audit
- name: Fetch only the required files for testing
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
sparse-checkout: |
pyproject.toml
tests
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
with:
python-version: ${{ matrix.python-version }}
- uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
with:
activate-environment: true
cache-dependency-glob: "pyproject.toml"
enable-cache: true
- name: Download the wheel
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
merge-multiple: true
pattern: python-msilib-wheel-${{ matrix.os }}*
path: wheelhouse
- name: Install dependencies
run: |
uv pip install -r pyproject.toml --upgrade --group tests
uv pip install python-msilib -f wheelhouse \
--no-build --no-deps --no-index --prerelease=allow --reinstall
- name: Generate coverage report
run: uv run --no-project coverage run
- name: Upload coverage reports
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: cov-${{ matrix.python-version }}.${{ matrix.os }}-${{ strategy.job-index }}
path: .coverage.*
include-hidden-files: true
coverage:
needs:
- tests
permissions:
actions: read
contents: write
pull-requests: write
runs-on: ubuntu-latest
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
with:
egress-policy: audit
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: true
- name: Download coverage data
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
pattern: cov-*
merge-multiple: true
- name: Coverage comment
id: coverage_comment
uses: py-cov-action/python-coverage-comment-action@63f52f4fbbffada6e8dee8ec432de7e01df9ba79 # v3.41
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
MERGE_COVERAGE_FILES: true
- name: Store Pull Request comment to be posted
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
if: steps.coverage_comment.outputs.COMMENT_FILE_WRITTEN == 'true'
with:
name: python-coverage-comment-action
path: python-coverage-comment-action.txt