cam_acq/.github/workflows/ci.yml at main · CellProfiling/cam_acq · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: CI

on:
  push:
    branches:
      - main
  pull_request:

concurrency:
  group: ${{ github.head_ref || github.run_id }}
  cancel-in-progress: true

jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
      - uses: actions/setup-python@v6
        with:
          python-version: 3.x
      - name: Install uv
        uses: astral-sh/setup-uv@v7
        with:
          enable-cache: true
      - name: Install Dependencies
        run: uv sync --all-extras --no-python-downloads
        shell: bash
      - uses: actions/cache@v5
        with:
          path: ~/.cache/pre-commit
          key: pre-commit-3|${{ env.pythonLocation }}|${{ hashFiles('.pre-commit-config.yaml') }}
      - name: Run pre-commit
        run: uv run pre-commit run --all-files --show-diff-on-failure --color=always
        shell: bash

  # Make sure commit messages follow the conventional commits convention:
  # https://www.conventionalcommits.org
  commitlint:
    name: Lint Commit Messages
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
        with:
          fetch-depth: 0
      - uses: wagoid/commitlint-github-action@v6.2.1

  test:
    strategy:
      fail-fast: false
      matrix:
        python-version:
          - "3.12"
          - "3.13"
          - "3.14"
        os:
          - ubuntu-latest
    runs-on: ${{ matrix.os }}
    steps:
      - uses: actions/checkout@v6
      - uses: actions/setup-python@v6
        id: setup-python
        with:
          python-version: ${{ matrix.python-version }}
          allow-prereleases: true
      - uses: astral-sh/setup-uv@v7
      - run: uv sync --all-extras --no-python-downloads
        shell: bash
      - run: uv run ./scripts/setup_tests.py
        shell: bash
      - run: uv run pytest
        shell: bash
      - uses: codecov/codecov-action@v5
        with:
          token: ${{ secrets.CODECOV_TOKEN }}

  release:
    needs:
      - test
      - lint
      - commitlint

    runs-on: ubuntu-latest
    environment: release
    concurrency: release
    permissions:
      id-token: write
      attestations: write
      contents: write

    steps:
      - uses: actions/checkout@v6
        with:
          fetch-depth: 0
          ref: ${{ github.sha }}

      - name: Checkout commit for release
        run: |
          git checkout -B ${{ github.ref_name }} ${{ github.sha }}

      # Do a dry run of PSR
      - name: Test release
        uses: python-semantic-release/python-semantic-release@v10
        if: github.ref_name != 'main'
        with:
          no_operation_mode: true
          github_token: noop

      # On main branch: actual PSR + upload to PyPI & GitHub
      - name: Release
        uses: python-semantic-release/python-semantic-release@v10
        if: github.ref_name == 'main'
        id: release
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}

      - name: Attest build provenance
        uses: actions/attest@v4
        if: steps.release.outputs.released == 'true'
        with:
          subject-path: "dist/*"

      - name: Publish package distributions to PyPI
        uses: pypa/gh-action-pypi-publish@release/v1
        if: steps.release.outputs.released == 'true'

      - name: Publish package distributions to GitHub Releases
        uses: python-semantic-release/publish-action@v10
        if: steps.release.outputs.released == 'true'
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          tag: ${{ steps.release.outputs.tag }}