Skip to content

Add the ability to define app permissions #3807

Add the ability to define app permissions

Add the ability to define app permissions #3807

Workflow file for this run

name: CI
on:
pull_request:
push:
branches:
- main
workflow_call:
outputs:
artifact-name:
description: "Name of the uploaded artifact; use for artifact retrieval."
value: ${{ jobs.package.outputs.artifact-name }}
# Cancel active CI runs for a PR before starting another run
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
defaults:
run:
shell: bash # https://github.com/beeware/briefcase/pull/912
env:
FORCE_COLOR: "1"
jobs:
pre-commit:
name: Pre-commit checks
uses: beeware/.github/.github/workflows/pre-commit-run.yml@main
towncrier:
name: Check towncrier
uses: beeware/.github/.github/workflows/towncrier-run.yml@main
package:
name: Python package
uses: beeware/.github/.github/workflows/python-package-create.yml@main
with:
tox-factors: -with-automation
unit-tests:
name: Unit tests
needs: [ pre-commit, towncrier, package ]
runs-on: ${{ matrix.platform }}-latest
continue-on-error: ${{ matrix.experimental }}
strategy:
fail-fast: false
matrix:
platform: [ "macos", "ubuntu", "windows" ]
python-version: [ "3.8", "3.9", "3.10", "3.11", "3.12" ]
include:
- experimental: false
# Allow dev Python to fail without failing entire job
#- python-version: "3.13-dev"
# experimental: true
steps:
- name: Checkout
uses: actions/[email protected]
with:
fetch-depth: 0
- name: Set up Python
uses: actions/[email protected]
with:
python-version: ${{ matrix.python-version }}
- name: Get Packages
uses: actions/[email protected]
with:
name: ${{ needs.package.outputs.artifact-name }}
path: dist
- name: Install dev Dependencies
run: |
python -m pip install --upgrade pip
python -m pip install --upgrade setuptools build wheel
# Utility script installs tox as defined in pyproject.toml
python -m install_requirement tox --extra dev
- name: Test
id: test
env:
COVERAGE_FILE: ".coverage.${{ matrix.platform }}.${{ matrix.python-version }}"
run: tox -e py --installpkg dist/briefcase-*.whl
- name: Store Coverage Data
if: always() && contains('success,failure', steps.test.outcome)
uses: actions/[email protected]
with:
name: coverage-data-${{ matrix.platform }}-${{ matrix.python-version }}
path: ".coverage.*"
if-no-files-found: ignore
- name: Report Platform Coverage
id: coverage
if: always() && contains('success,failure', steps.test.outcome)
# coverage reporting must use the same Python version used to produce coverage
run: tox -qe coverage$(tr -dc "0-9" <<< "${{ matrix.python-version }}")
coverage:
name: Project coverage
runs-on: ubuntu-latest
needs: unit-tests
if: always() && contains('success,failure', needs.unit-tests.result)
steps:
- name: Checkout
uses: actions/[email protected]
with:
fetch-depth: 0
- name: Setup Python
uses: actions/[email protected]
with:
# Use minimum version of python for coverage to avoid phantom branches
# https://github.com/nedbat/coveragepy/issues/1572#issuecomment-1522546425
python-version: "3.8"
- name: Install dev Dependencies
run: |
python -m pip install --upgrade pip
python -m pip install --upgrade setuptools build wheel
# Utility script installs tox as defined in pyproject.toml
python -m install_requirement tox --extra dev
- name: Retrieve Coverage Data
uses: actions/[email protected]
with:
pattern: coverage-data-*
merge-multiple: true
- name: Platform Coverage Reports
id: platform-coverage
run: >
tox p --parallel-no-spinner -qe
coverage-ci-platform-linux,coverage-ci-platform-macos,coverage-ci-platform-windows
- name: Project Coverage Report
id: project-coverage
if: always() || contains('success,failure', needs.platform-coverage.result)
run: tox -qe coverage-ci-project-html
- name: Upload Project Coverage HTML Report
if: always() && steps.project-coverage.outcome == 'failure'
uses: actions/[email protected]
with:
name: html-coverage-report-project
path: htmlcov
verify-projects:
name: Verify project
needs: unit-tests
uses: beeware/.github/.github/workflows/app-create-verify.yml@main
with:
runner-os: ${{ matrix.runner-os }}
framework: ${{ matrix.framework }}
strategy:
fail-fast: false
matrix:
framework: [ "toga", "pyside6", "ppb", "pygame" ]
runner-os: [ "macos-latest", "ubuntu-22.04", "windows-latest" ]
verify-apps:
name: Build app
needs: unit-tests
uses: beeware/.github/.github/workflows/app-build-verify.yml@main
with:
# This *must* be the version of Python that is the system Python on the
# Ubuntu version used to run Linux tests. We use a fixed ubuntu-22.04
# rather than `-latest` because at some point, `-latest` will become
# `-24.04`, but it will be a soft changeover, which will cause havoc with
# the hard Python version requirement for local system packages.
python-version: "3.10"
runner-os: ${{ matrix.runner-os }}
framework: ${{ matrix.framework }}
strategy:
fail-fast: false
matrix:
framework: [ "toga", "pyside6", "ppb", "pygame" ]
runner-os: [ "macos-latest", "ubuntu-22.04", "windows-latest" ]