chore: Update Python dependencies #754

Workflow file for this run

	# Copyright (C) 2022 Sebastian Thomschke and contributors
	# SPDX-License-Identifier: AGPL-3.0-or-later
	#
	# https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions
	name: Build

	on:
	push:
	branches-ignore:
	- 'dependabot/**' # prevent GHA triggered twice (once for commit to the branch and once for opening/syncing the PR)
	- 'dependencies/pdm' # prevent GHA triggered twice (once for commit to the branch and once for opening/syncing the PR)
	tags-ignore:
	- '**'
	paths-ignore:
	- '*/.md'
	- '.github/*.yml'
	- '.github/workflows/codeql-analysis.yml'
	- '.github/workflows/update-python-deps.yml'
	pull_request:
	workflow_dispatch:
	# https://github.blog/changelog/2020-07-06-github-actions-manual-triggers-with-workflow_dispatch/

	defaults:
	run:
	shell: bash

	jobs:

	###########################################################
	build:
	###########################################################
	strategy:
	fail-fast: false
	matrix:
	include:
	- os: macos-latest
	PYTHON_VERSION: "3.10"
	PUBLISH_RELEASE: true
	- os: ubuntu-latest
	PYTHON_VERSION: "3.10"
	PUBLISH_RELEASE: false
	- os: windows-latest
	PYTHON_VERSION: "3.10"
	PUBLISH_RELEASE: false
	- os: ubuntu-latest
	PYTHON_VERSION: "3.11"
	PUBLISH_RELEASE: true
	- os: windows-latest
	PYTHON_VERSION: "3.11"
	PUBLISH_RELEASE: true

	runs-on: ${{ matrix.os }}

	steps:

	- name: Git checkout
	uses: actions/checkout@v3 #https://github.com/actions/checkout

	- uses: actions/setup-python@v4
	with:
	python-version: "${{ matrix.PYTHON_VERSION }}"

	- uses: actions/cache@v3
	with:
	path: __pypackages__
	key: ${{ runner.os }}-pypackages-${{ hashFiles('pdm.lock') }}

	- name: "Install: Python dependencies"
	run: \|
	set -eux

	python --version

	python -m pip install --upgrade pip

	# pin packaging to 21.3 for now to prevent: packaging.specifiers.InvalidSpecifier: Invalid specifier: '>=3.4.*'
	# see https://github.com/pdm-project/pdm/issues/1556
	pip install --upgrade pdm packaging==21.3

	pdm install -v

	- name: Display project metadata
	run: \|
	pdm show

	- name: Security scan
	run: \|
	pdm run scan

	- name: Check code style
	run: \|
	pdm run lint

	- name: Run unit tests
	run: \|
	pdm run utest

	- name: Run integration tests
	run: \|
	set -eux

	case "${{ matrix.os }}" in
	ubuntu-*)
	sudo apt-get install -o Acquire::Retries=3 --no-install-recommends -y xvfb
	xvfb-run pdm run itest
	;;
	*) pdm run itest
	;;
	esac

	- name: Run app from source
	run: \|
	echo "
	login:
	username: '[email protected]'
	password: 'such_a_secret'
	" > config.yaml

	set -eux

	pdm run app help
	pdm run app version
	pdm run app verify

	- name: "Install: binutils (strip)"
	if: startsWith(matrix.os, 'ubuntu')
	run: sudo apt-get --no-install-recommends install -y binutils

	- name: "Install: UPX"
	if: startsWith(matrix.os, 'windows')
	run: \|
	set -eu

	upx_download_url=$(curl -fsSL -H "Authorization: token ${{ github.token }}" https://api.github.com/repos/upx/upx/releases/latest \| grep browser_download_url \| grep win64.zip \| cut "-d\"" -f4)
	echo "Downloading [$upx_download_url]..."
	curl -fL -o /tmp/upx.zip $upx_download_url

	echo "Extracting upx zip..."
	mkdir /tmp/upx
	7z e /tmp/upx.zip -o/tmp/upx *.exe -r
	echo "$(cygpath -wa /tmp/upx)" >> $GITHUB_PATH

	/tmp/upx/upx.exe --version

	- name: Build self-contained executable
	run: \|
	set -eux

	pdm run compile

	ls -l dist

	- name: Run self-contained executable
	run: \|
	set -eux

	dist/kleinanzeigen-bot help
	dist/kleinanzeigen-bot version
	dist/kleinanzeigen-bot verify

	- name: Upload self-contained executable
	uses: actions/upload-artifact@v3
	if: github.ref == 'refs/heads/main' && matrix.PUBLISH_RELEASE
	with:
	name: artifacts-${{ matrix.os }}
	path: dist/kleinanzeigen-bot*

	- name: Build Docker image
	if: startsWith(matrix.os, 'ubuntu')
	run: \|
	set -eux

	bash docker/build-image.sh

	docker run --rm second-hand-friends/kleinanzeigen-bot help

	- name: Publish Docker image
	if: github.ref == 'refs/heads/main' && matrix.PUBLISH_RELEASE && startsWith(matrix.os, 'ubuntu')
	run: \|
	set -eux

	echo "${{ github.token }}" \| docker login https://ghcr.io -u ${{ github.actor }} --password-stdin

	image_name="second-hand-friends/kleinanzeigen-bot"
	docker image tag $image_name ghcr.io/$image_name
	docker push ghcr.io/$image_name


	###########################################################
	publish-release:
	###########################################################
	runs-on: ubuntu-latest
	needs:
	- build
	if: github.ref == 'refs/heads/main'
	concurrency: publish-latest-release # https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idconcurrency

	steps:
	- name: Git checkout
	# only required by "hub release create" to prevent "fatal: Not a git repository"
	uses: actions/checkout@v3 #https://github.com/actions/checkout

	- name: Generate GitHub access token
	uses: tibdex/github-app-token@v1 #https://github.com/tibdex/github-app-token
	id: generate_token
	# see https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#authenticating-with-github-app-generated-tokens
	with:
	# see https://github.com/organizations/Second-Hand-Friends/settings/apps/kleinanzeigen-bot-tu
	app_id: ${{ secrets.DEPS_UPDATER_APP_ID }}
	private_key: ${{ secrets.DEPS_UPDATER_PRIVATE_KEY }}

	- name: Delete untagged docker image
	continue-on-error: true
	uses: camargo/delete-untagged-action@v1
	with:
	github-token: ${{ steps.generate_token.outputs.token }}

	- name: Download build artifacts
	uses: actions/download-artifact@v3

	- name: "Delete previous 'latest' release"
	run: \|
	set -eu

	api_base_url="$GITHUB_API_URL/repos/$GITHUB_REPOSITORY"

	# delete 'latest' github release
	release_id=$(curl -fsL -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/$GITHUB_REPOSITORY/releases \| jq -r '.[] \| select(.name == "latest") \| .id')
	if [[ -n $release_id ]]; then
	echo "Deleting release [$api_base_url/releases/$release_id]..."
	curl -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -fsSL -X DELETE "$api_base_url/releases/$release_id"
	fi

	# delete 'latest' git tag
	tag_url="$api_base_url/git/refs/tags/latest"
	if curl -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -fsLo /dev/null --head "$tag_url"; then
	echo "Deleting tag [$tag_url]..."
	curl -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -fsSL -X DELETE "$tag_url"
	fi

	- name: "Create 'latest' release"
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	set -eux

	mv artifacts-macos-latest/kleinanzeigen-bot kleinanzeigen-bot-darwin-amd64
	mv artifacts-ubuntu-latest/kleinanzeigen-bot kleinanzeigen-bot-linux-amd64
	mv artifacts-windows-latest/kleinanzeigen-bot.exe kleinanzeigen-bot-windows-amd64.exe

	# https://hub.github.com/hub-release.1.html
	hub release create "latest" \
	--prerelease \
	--message "latest" \
	--attach "kleinanzeigen-bot-darwin-amd64" \
	--attach "kleinanzeigen-bot-linux-amd64" \
	--attach "kleinanzeigen-bot-windows-amd64.exe"

	- name: "Delete intermediate build artifacts"
	uses: geekyeggo/delete-artifact@v2 # https://github.com/GeekyEggo/delete-artifact/
	with:
	name: "*"
	failOnError: false

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: Update Python dependencies #754

Workflow file

chore: Update Python dependencies #754

Jobs

Run details

Workflow file for this run