forked from streamlit/streamlit
-
Notifications
You must be signed in to change notification settings - Fork 0
235 lines (207 loc) · 7.71 KB
/
python-versions.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
name: Python Versions
on:
push:
branches:
- "develop"
- "feature/**"
pull_request:
types: [opened, synchronize, reopened]
# Allows workflow to be called from other workflows
workflow_call:
inputs:
ref:
required: true
type: string
force-canary:
description: |
Forces the current build to be canary.
Canary builds test all Python versions and do not use constraints.
default: false
type: boolean
constraints-branch:
description: "The name of the branch from which the constraints files will be downloaded or compared with."
default: "constraints-develop"
type: string
secrets:
PARAMETER_PASSWORD:
description: "Token passed from caller workflows for snowflake integration tests"
required: true
# Avoid duplicate workflows on same branch
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}-python
cancel-in-progress: true
defaults:
run:
shell: bash --login -eo pipefail {0}
env:
FORCE_COLOR: "1"
jobs:
build_info:
runs-on: ubuntu-latest
name: "Build info"
steps:
- name: Checkout Streamlit code
uses: actions/checkout@v3
with:
ref: ${{ inputs.ref }}
persist-credentials: false
submodules: "recursive"
fetch-depth: 2
- name: Set Python version vars
id: build_info
uses: ./.github/actions/build_info
with:
force-canary: ${{ inputs.force-canary || false }}
outputs:
PYTHON_VERSIONS: ${{ steps.build_info.outputs.PYTHON_VERSIONS }}
PYTHON_MIN_VERSION: ${{ steps.build_info.outputs.PYTHON_MIN_VERSION }}
PYTHON_MAX_VERSION: ${{ steps.build_info.outputs.PYTHON_MAX_VERSION }}
USE_CONSTRAINTS_FILE: ${{ steps.build_info.outputs.USE_CONSTRAINTS_FILE }}
py_version:
needs:
- build_info
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
python_version: "${{ fromJson(needs.build_info.outputs.PYTHON_VERSIONS) }}"
# TODO: Should we add developer-friendly name for this job also?
# This will unfortunately require a branch protection update.
env:
PYTHON_VERSION: >-
${{
(
matrix.python_version == 'min' && needs.build_info.outputs.PYTHON_MIN_VERSION ||
(matrix.python_version == 'max' && needs.build_info.outputs.PYTHON_MAX_VERSION || matrix.python_version)
)
}}
USE_CONSTRAINTS_FILE: "${{ fromJson(needs.build_info.outputs.USE_CONSTRAINTS_FILE )}}"
CONSTRAINTS_BRANCH: ${{ inputs.constraints-branch || 'constraints-develop' }}
steps:
- name: Checkout Streamlit code
uses: actions/checkout@v3
with:
ref: ${{ inputs.ref }}
persist-credentials: false
submodules: "recursive"
- name: Set up Python ${{ env.PYTHON_VERSION }}
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Setup virtual env
uses: ./.github/actions/make_init
- name: Run make develop
run: make develop
- name: Run Linters
run: |
PRE_COMMIT_NO_CONCURRENCY=true pre-commit run --show-diff-on-failure --color=always --all-files
- name: Run Type Checkers
run: scripts/mypy --report
- name: Run Python Tests
run: make pytest
- name: Run Integration Tests
run: make integration-tests
- name: CLI Smoke Tests
run: make cli-smoke-tests
- name: Set CONSTRAINTS_FILE env variable
if: ${{ always() }}
run: |
mkdir -p /tmp/constraints
echo "CONSTRAINTS_FILE=/tmp/constraints/constraints-${PYTHON_VERSION}.txt" >> $GITHUB_ENV
- name: Generate constraint file for Python ${{ env.PYTHON_VERSION }}
if: ${{ always() }}
run: |
pip freeze | grep -v "\-e git" | tee "${CONSTRAINTS_FILE}"
- name: Diff constraint file
if: ${{ always() }}
run: |
CONSTRAINT_URL="https://raw.githubusercontent.com/${GITHUB_REPOSITORY}/${CONSTRAINTS_BRANCH}/constraints-${PYTHON_VERSION}.txt"
diff -y <(echo "Old"; curl -s "${CONSTRAINT_URL}") <(echo "New"; cat "${CONSTRAINTS_FILE}") || true
- name: Upload constraints file
uses: actions/upload-artifact@v3
with:
name: constraints
path: ${{ env.CONSTRAINTS_FILE }}
if-no-files-found: error
py_constraint:
needs:
- py_version
permissions:
# Additional permission needed to upload constraints
contents: write
runs-on: ubuntu-latest
if: |
github.repository == 'streamlit/streamlit' && (
(github.event_name == 'push' && github.ref_name == 'develop') ||
(github.event_name == 'schedule')
)
name: Upload constraints
env:
TARGET_BRANCH: constraints-${{ github.ref_name }}
steps:
- name: Checkout branch "${{ env.TARGET_BRANCH }}"
uses: actions/checkout@v3
with:
ref: ${{ env.TARGET_BRANCH }}
# Save the access token to the local git config, so
# later git commands can work.
persist-credentials: true
- uses: actions/download-artifact@v3
with:
name: constraints
path: .
- name: Commit and push constraint files
run: |
git add .
git config --local user.email "[email protected]"
git config --local user.name "Automated GitHub Actions commit"
if ! git diff --cached --color --exit-code --ignore-matching-lines="^#.*"
then
git commit --all --message "Updating constraints. Github run id:${GITHUB_RUN_ID}
This update in constraints is automatically committed by the CI based on
'${GITHUB_REF}' in the '${GITHUB_REPOSITORY}' repository with commit sha ${GITHUB_SHA}.
The action that build those constraints can be found at https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}/
"
git push "origin" "HEAD:${TARGET_BRANCH}";
else
echo "No changes"
fi
env:
TARGET_BRANCH: constraints-${{ github.ref_name }}
py_snowflake:
runs-on: ubuntu-latest
# Runs triggered by PRs from forks or by dependabot won't run this job, since that PR wouldn't have secrets access
# See: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions
# Runs triggered by Release/RC are workflow_dispatch events ; Nightly is a schedule event
if: |
github.repository == 'streamlit/streamlit' && (
(github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]') ||
(github.event_name == 'push') ||
(github.event_name == 'workflow_dispatch') ||
(github.event_name == 'schedule')
)
name: >
Python 3.8: Python tests for Snowflake
steps:
- name: Checkout Streamlit code
uses: actions/checkout@v3
with:
ref: ${{ inputs.ref }}
persist-credentials: false
submodules: "recursive"
- name: Set up Python 3.8
uses: actions/setup-python@v4
with:
python-version: "3.8"
- name: Decrypt credentials
run: ./.github/scripts/decrypt_credentials.sh
env:
PARAMETER_PASSWORD: ${{ secrets.PARAMETER_PASSWORD }}
- name: Setup virtual env
uses: ./.github/actions/make_init
- name: Run make develop
run: make develop
- name: Run Type Checkers
run: scripts/mypy --report
- name: Run Python Tests for Snowflake
run: make pytest-snowflake