Skip to content

Update test time action (#1219) #3868

Update test time action (#1219)

Update test time action (#1219) #3868

Workflow file for this run

name: PyPI
on:
push:
branches:
- main
- auto-release
pull_request:
branches: [main]
release:
types: [published]
# Cancels all previous workflow runs for pull requests that have not completed.
concurrency:
# The concurrency group contains the workflow name and the branch name for pull requests
# or the commit hash for any other events.
group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref || github.sha }}
cancel-in-progress: true
jobs:
# The job to build precompiled pypi wheels.
make_sdist:
name: Make SDist
runs-on: ubuntu-latest
permissions:
# write id-token and attestations are required to attest build provenance
id-token: write
attestations: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
submodules: true
persist-credentials: false
- name: Build SDist
run: pipx run build --sdist
- name: Attest GitHub build provenance
uses: actions/attest-build-provenance@v2
# Don't attest from forks
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
with:
subject-path: dist/*.tar.gz
- uses: actions/upload-artifact@v4
with:
name: sdist
path: dist/*.tar.gz
run_checks:
name: Build & inspect our package.
# Note: the resulting builds are not actually published.
# This is purely for additional testing and diagnostic purposes.
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
persist-credentials: false
- uses: hynek/build-and-inspect-python-package@v2
build_wheels:
name: Build wheels for ${{ matrix.platform }}
runs-on: ${{ matrix.platform }}
permissions:
# write id-token and attestations are required to attest build provenance
id-token: write
attestations: write
strategy:
matrix:
platform:
- macos-latest
- windows-latest
- ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
persist-credentials: false
- name: Build wheels
uses: pypa/[email protected]
- name: Attest GitHub build provenance
uses: actions/attest-build-provenance@v2
# Don't attest from forks
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
with:
subject-path: ./wheelhouse/*.whl
- uses: actions/upload-artifact@v4
with:
name: wheels-${{ matrix.platform }}
path: ./wheelhouse/*.whl
build_universal_wheel:
name: Build universal wheel for Pyodide
runs-on: ubuntu-latest
permissions:
# write id-token and attestations are required to attest build provenance
id-token: write
attestations: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.11'
- name: Install dependencies
run: pip install numpy versioneer wheel
- name: Build universal wheel
run: |
PYODIDE=1 python setup.py bdist_wheel --universal
- name: Attest GitHub build provenance
uses: actions/attest-build-provenance@v2
# Don't attest from forks
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
with:
subject-path: dist/*.whl
- uses: actions/upload-artifact@v4
with:
name: universal_wheel
path: dist/*.whl
check_dist:
name: Check dist
needs: [make_sdist,build_wheels]
runs-on: ubuntu-22.04
steps:
- uses: actions/download-artifact@v4
with:
name: sdist
path: dist
- uses: actions/download-artifact@v4
with:
pattern: wheels-*
path: dist
merge-multiple: true
- name: Check SDist
run: |
mkdir -p test-sdist
cd test-sdist
python -m venv venv-sdist
venv-sdist/bin/python -m pip install ../dist/pytensor-*.tar.gz
# check import
venv-sdist/bin/python -c "import pytensor;print(pytensor.__version__)"
# check import cython module
venv-sdist/bin/python -c 'from pytensor.scan import scan_perform; print(scan_perform.get_version())'
- run: pipx run twine check --strict dist/*
upload_pypi:
name: Upload to PyPI on release
# Use the `release` GitHub environment to protect the Trusted Publishing (OIDC)
# workflow by requiring signoff from a maintainer.
environment: release
permissions:
# write id-token is required for trusted publishing (OIDC)
id-token: write
needs: [check_dist]
runs-on: ubuntu-latest
# Don't publish from forks
if: github.repository_owner == 'pymc-devs' && github.event_name == 'release' && github.event.action == 'published'
steps:
- uses: actions/download-artifact@v4
with:
name: sdist
path: dist
- uses: actions/download-artifact@v4
with:
pattern: wheels-*
path: dist
merge-multiple: true
- uses: actions/download-artifact@v4
with:
name: universal_wheel
path: dist
- uses: pypa/[email protected]
# Implicitly attests that the packages were uploaded in the context of this workflow.