Merge branch 'review-nov22' of github.com:DiamondLightSource/python3-pip-skeleton into review-nov22

Author: gilesknap

.github/workflows/code.yml

@@ -24,11 +24,8 @@ jobs:
 
       - name: Lint
         run: |
-          touch requirements-lint.txt requirements.txt
-          pip install -r requirements.txt -r requirements-lint.txt -e .[dev]
+          .github/workflows/pip_install.sh lint -e .[dev]
           tox -e pre-commit,mypy
-          mkdir -p lockfiles
-          pip freeze > lockfiles/requirements-lint.txt
 
       - name: Upload lockfiles
         uses: actions/upload-artifact@v3
@@ -66,10 +63,7 @@ jobs:
           python-version: ${{ matrix.python }}
 
       - name: Install with latest dependencies
-        run: |
-          pip install .[dev]
-          mkdir -p lockfiles
-          pip freeze > lockfiles/requirements-test-${{ matrix.python }}-${{ matrix.os }}.txt
+        run: .github/workflows/pip_install.sh test-${{ matrix.python }}-${{ matrix.os }} .[dev]
 
       - name: Run tests
         run: pytest tests
@@ -105,14 +99,10 @@ jobs:
         run: |
           touch requirements.txt
           pip install -r requirements.txt dist/*.whl
-          # replace with module name if necessary
-          MODULE=$(ls src | head -1) && \
-          python -m ${MODULE} --version
+          # If more than one module in src/ replace with module name to test
+          python -m $(ls src) --version
 
-      - name: Test Publish to PyPI
-        env:
-          TWINE_USERNAME: __token__
-          TWINE_PASSWORD: ${{ secrets.PYPI_TOKEN }}
+      - name: Check for packaging errors
         run: pipx run twine check dist/*
 
       - name: Upload sdist and wheel as artifacts
@@ -193,10 +183,6 @@ jobs:
     steps:
       - uses: actions/download-artifact@v3
 
-      - name: fixup requirements files
-        # use sed to comment out the self references in requirements files
-        run: sed -i '/file:/s/^/# Requirements for /' lockfiles/requirements*.txt
-
       - name: Github Release
         # We pin to the SHA, not the tag, for security reasons.
         # https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions

.github/workflows/pip_install.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+# A script to pip install a package with dependencies from requirements{suffix}.txt
+# if requirements{suffix}.txt exists.
+# Generates the requirements{suffix}.txt file once install is complete
+
+# usage: install_with_requirements.sh suffix [remaining parameters to pip install]
+
+suffix=$1
+shift
+
+touch requirements-${suffix}.txt
+pip install -r requirements-${suffix}.txt "${@}"
+mkdir -p lockfiles
+pip freeze | sed '/file:/s/^/# Requirements for /' > lockfiles/requirements${suffix}.txt