Setup and apply CI template

[noissue]
pulp · Feb 20, 2024 · a54e01a · a54e01a
1 parent 8ed1d41
commit a54e01a
Show file tree

Hide file tree

Showing 20 changed files with 318 additions and 154 deletions.
diff --git a/.ci/scripts/collect_changes.py b/.ci/scripts/collect_changes.py
@@ -4,17 +4,19 @@
 
 import toml
 from git import GitCommandError, Repo
-from pkg_resources import parse_version
+from packaging.version import parse as parse_version
 
 # Read Towncrier settings
 tc_settings = toml.load("pyproject.toml")["tool"]["towncrier"]
 
 CHANGELOG_FILE = tc_settings.get("filename", "NEWS.rst")
 START_STRING = tc_settings.get(
     "start_string",
-    "<!-- towncrier release notes start -->\n"
-    if CHANGELOG_FILE.endswith(".md")
-    else ".. towncrier release notes start\n",
+    (
+        "<!-- towncrier release notes start -->\n"
+        if CHANGELOG_FILE.endswith(".md")
+        else ".. towncrier release notes start\n"
+    ),
 )
 TITLE_FORMAT = tc_settings.get("title_format", "{name} {version} ({project_date})")
 

diff --git a/.ci/scripts/create_release_branch.sh b/.ci/scripts/create_release_branch.sh
@@ -23,6 +23,6 @@ git branch "${NEW_BRANCH}"
 # Clean changelog snippets.
 find CHANGES/ \( -name "*.feature" -o -name "*.bugfix" -o -name "*.doc" -o -name "*.translation" -o -name "*.devel" -o -name "*.misc" \) -exec git rm -f \{\} +
 
-bumpversion minor --commit --message $'Bump version to {new_version}\n\n[noissue]' --allow-dirty
+bump2version minor --commit --message $'Bump version to {new_version}\n\n[noissue]' --allow-dirty
 
 git push origin "${NEW_BRANCH}"
diff --git a/.ci/scripts/release.sh b/.ci/scripts/release.sh
@@ -20,7 +20,7 @@ then
 fi
 
 towncrier build --yes --version "${NEW_VERSION}"
-bumpversion release --commit --message "Release {new_version}" --tag --tag-name "{new_version}" --tag-message "Release {new_version}" --allow-dirty
-bumpversion patch --commit
+bump2version release --commit --message "Release {new_version}" --tag --tag-name "{new_version}" --tag-message "Release {new_version}" --allow-dirty
+bump2version patch --commit
 
 git push origin "${BRANCH}" "${NEW_VERSION}"
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -0,0 +1,36 @@
+name: "Build"
+
+on:
+  workflow_call:
+
+jobs:
+  build:
+    runs-on: "ubuntu-latest"
+    steps:
+      - uses: "actions/checkout@v4"
+      - uses: "actions/cache@v4"
+        with:
+          path: "~/.cache/pip"
+          key: "${{ runner.os }}-pip-${{ hashFiles('**/*requirements.txt', '**/*constraints.lock', '**/setup.py', '**/pyproject.toml') }}"
+          restore-keys: |
+            ${{ runner.os }}-pip-
+
+      - name: "Set up Python"
+        uses: "actions/setup-python@v5"
+        with:
+          python-version: "3.11"
+      - name: "Install python dependencies"
+        run: |
+          pip install build setuptools wheel
+      - name: "Build wheels"
+        run: |
+          make build
+      - name: "Upload wheels"
+        uses: "actions/upload-artifact@v4"
+        with:
+          name: "pulp_cli_packages"
+          path: |
+            pulp-glue-ostree/dist/
+            dist/
+          if-no-files-found: "error"
+          retention-days: 5
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -3,42 +3,43 @@ name: "CodeQL"
 on:
   push:
     branches:
-      - main
+      - "main"
   workflow_call:
 
 jobs:
   analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
+    name: "Analyze"
+    runs-on: "ubuntu-latest"
     permissions:
-      actions: read
-      contents: read
-      security-events: write
+      actions: "read"
+      contents: "read"
+      security-events: "write"
 
     steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-      - uses: actions/cache@v3
+      - name: "Checkout repository"
+        uses: "actions/checkout@v4"
+      - uses: "actions/cache@v4"
         with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-${{ hashFiles('**/*requirements.txt', '**/*constraints.lock', '**/setup.py', '**/pyproject.toml') }}
+          path: "~/.cache/pip"
+          key: "${{ runner.os }}-pip-${{ hashFiles('**/*requirements.txt', '**/*constraints.lock', '**/setup.py', '**/pyproject.toml') }}"
           restore-keys: |
             ${{ runner.os }}-pip-
-      - name: Set up Python
-        uses: actions/setup-python@v5
+
+      - name: "Set up Python"
+        uses: "actions/setup-python@v5"
         with:
-          python-version: '3.11'
-      - name: Manually install from sources
+          python-version: "3.11"
+      - name: "Manually install from sources"
         run: |
           python -m pip install -e . -e ./pulp-glue-ostree
-          echo "CODEQL_PYTHON=$(which python)" >> $GITHUB_ENV
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+          echo "CODEQL_PYTHON=$(which python)" >> "$GITHUB_ENV"
+      - name: "Initialize CodeQL"
+        uses: "github/codeql-action/init@v3"
         with:
-          languages: python
+          languages: "python"
           setup-python-dependencies: false
 
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+      - name: "Perform CodeQL Analysis"
+        uses: "github/codeql-action/analyze@v3"
         with:
           category: "/language:python"
diff --git a/.github/workflows/collect_changes.yml b/.github/workflows/collect_changes.yml
@@ -1,31 +1,31 @@
-name: Collect changes
+name: "Collect changes"
 on:
   workflow_call:
   workflow_dispatch:
 
 jobs:
   collect-changes:
-    runs-on: ubuntu-latest
+    runs-on: "ubuntu-latest"
     steps:
-      - uses: actions/checkout@v4
+      - uses: "actions/checkout@v4"
         with:
           ref: "main"
           fetch-depth: 0
-      - uses: actions/setup-python@v5
+      - uses: "actions/setup-python@v5"
         with:
           python-version: "3.11"
-      - name: Setup git
+      - name: "Setup git"
         run: |
           git config user.name pulpbot
           git config user.email [email protected]
-      - name: Collect changes
+      - name: "Collect changes"
         run: |
-          pip install GitPython toml
+          pip install GitPython packaging toml
           python3 .ci/scripts/collect_changes.py
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+      - name: "Create Pull Request"
+        uses: "peter-evans/create-pull-request@v6"
         with:
-          token: ${{ secrets.RELEASE_TOKEN }}
+          token: "${{ secrets.RELEASE_TOKEN }}"
           title: "Update Changelog"
           body: ""
           branch: "update_changes"

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -1,30 +1,37 @@
-name: Lint
+name: "Lint"
 
 on:
   workflow_call:
 
 jobs:
   lint:
-    runs-on: ubuntu-latest
+    runs-on: "ubuntu-latest"
     strategy:
       fail-fast: false
       matrix:
         python:
           - "3.8"
           - "3.11"
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/cache@v3
+      - uses: "actions/checkout@v4"
+      - uses: "actions/cache@v4"
         with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-${{ hashFiles('**/*requirements.txt', '**/*constraints.lock', '**/setup.py', '**/pyproject.toml') }}
+          path: "~/.cache/pip"
+          key: "${{ runner.os }}-pip-${{ hashFiles('**/*requirements.txt', '**/*constraints.lock', '**/setup.py', '**/pyproject.toml') }}"
           restore-keys: |
             ${{ runner.os }}-pip-
-      - name: Set up Python
-        uses: actions/setup-python@v5
+
+      - name: "Download wheels"
+        uses: "actions/download-artifact@v4"
+        with:
+          name: "pulp_cli_packages"
+      - name: "Set up Python"
+        uses: "actions/setup-python@v5"
         with:
-          python-version: ${{ matrix.python }}
-      - name: Install python dependencies
-        run: pip install -r lint_requirements.txt
-      - name: Lint code
-        run: make lint
+          python-version: "${{ matrix.python }}"
+      - name: "Install python dependencies"
+        run: |
+          pip install dist/pulp_cli_ostree-*.whl pulp-glue-ostree/dist/pulp_glue_ostree-*.whl -r lint_requirements.txt
+      - name: "Lint code"
+        run: |
+          make lint
diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
@@ -1,15 +1,19 @@
-name: pulp-cli Nightly
+name: "pulp-cli Nightly"
 
 on:
   schedule:
     - cron: "15 3 * * *"
   workflow_dispatch:
 
 jobs:
+  build:
+    uses: "./.github/workflows/build.yml"
   test:
+    needs:
+      - "build"
     uses: "./.github/workflows/test.yml"
   codeql:
     uses: "./.github/workflows/codeql.yml"
   collect_changes:
     uses: "./.github/workflows/collect_changes.yml"
-    secrets: inherit
+    secrets: "inherit"
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
@@ -1,57 +1,66 @@
-name: pulp-cli CI
+name: "pulp-cli CI"
 
 on:
   pull_request:
 
 concurrency:
-  group: main-${{ github.ref_name }}-${{ github.workflow }}
+  group: "main-${{ github.ref_name }}-${{ github.workflow }}"
   cancel-in-progress: true
 
 jobs:
+  build:
+    uses: "./.github/workflows/build.yml"
   lint:
+    needs:
+      - "build"
     uses: "./.github/workflows/lint.yml"
   test:
     needs:
-      - lint
+      - "lint"
     uses: "./.github/workflows/test.yml"
   codeql:
     needs:
-      - lint
+      - "lint"
     uses: "./.github/workflows/codeql.yml"
   check-commits:
-    runs-on: ubuntu-latest
+    runs-on: "ubuntu-latest"
     steps:
-      - uses: actions/checkout@v4
-      - run: git fetch --prune --unshallow
-      - name: Set up Python
-        uses: actions/setup-python@v5
+      - uses: "actions/checkout@v4"
+        with:
+          fetch-depth: 0
+      - name: "Set up Python"
+        uses: "actions/setup-python@v5"
         with:
           python-version: "3.11"
-      - name: Install python dependencies
-        run: pip install toml pygithub
-      - name: Check commit message
+      - name: "Install python dependencies"
+        run: |
+          pip install toml pygithub
+      - name: "Check commit message"
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GITHUB_CONTEXT: ${{ github.event.pull_request.commits_url }}
+          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+          GITHUB_CONTEXT: "${{ github.event.pull_request.commits_url }}"
         run: |
-          for sha in $(curl -H "Authorization: token $GITHUB_TOKEN" $GITHUB_CONTEXT | jq '.[].sha' | sed 's/"//g')
+          for SHA in $(curl -H "Authorization: token $GITHUB_TOKEN" "$GITHUB_CONTEXT" | jq -r '.[].sha')
           do
-            python .ci/scripts/validate_commit_message.py $sha
+            python .ci/scripts/validate_commit_message.py "$SHA"
             VALUE=$?
             if [ "$VALUE" -gt 0 ]; then
               exit "$VALUE"
             fi
           done
-        shell: bash
+        shell: "bash"
   ready-to-ship:
     # This is a dummy dependent task to have a single entry for the branch protection rules.
-    runs-on: ubuntu-latest
+    runs-on: "ubuntu-latest"
     needs:
-      - check-commits
-      - lint
-      - test
-      - codeql
+      - "check-commits"
+      - "lint"
+      - "test"
+      - "codeql"
+    if: "always()"
     steps:
-      - name: All set
+      - name: "Collect needed jobs results"
         run: |
+          echo '${{toJson(needs)}}' | jq -r 'to_entries[]|select(.value.result!="success")|.key + ": " + .value.result'
+          echo '${{toJson(needs)}}' | jq -e 'to_entries|map(select(.value.result!="success"))|length == 0'
           echo "CI says: Looks good!"