196 lines
6.1 KiB
YAML
196 lines
6.1 KiB
YAML
name: Test & Release
|
|
|
|
on:
|
|
release:
|
|
types: [published]
|
|
|
|
# on:
|
|
# pull_request:
|
|
# branches:
|
|
# - master
|
|
|
|
jobs:
|
|
linux:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
matrix:
|
|
platform: [ 'x86_64-unknown-linux-gnu', 'aarch64-unknown-linux-gnu' ]
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895
|
|
with:
|
|
egress-policy: block
|
|
allowed-endpoints: >
|
|
api.github.com:443
|
|
cdn.quay.io:443
|
|
cdn01.quay.io:443
|
|
cdn02.quay.io:443
|
|
cdn03.quay.io:443
|
|
crates.io:443
|
|
files.pythonhosted.org:443
|
|
ghcr.io:443
|
|
github.com:443
|
|
index.crates.io:443
|
|
objects.githubusercontent.com:443
|
|
uploads.github.com:443
|
|
pkg-containers.githubusercontent.com:443
|
|
pypi.org:443
|
|
quay.io:443
|
|
sh.rustup.rs:443
|
|
static.crates.io:443
|
|
static.rust-lang.org:443
|
|
|
|
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
|
|
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236
|
|
with:
|
|
python-version: 3.8
|
|
architecture: x64
|
|
|
|
- uses: PyO3/maturin-action@a3013db91b2ef2e51420cfe99ee619c8e72a17e6
|
|
with:
|
|
manylinux: auto
|
|
target: ${{ matrix.platform }}
|
|
command: build
|
|
args: --release --sdist -o dist -i 3.8 3.9 3.10 3.11 3.12
|
|
|
|
- name: Upload wheels
|
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # 3.1.3
|
|
with:
|
|
name: wheels
|
|
path: dist
|
|
|
|
windows:
|
|
runs-on: windows-latest
|
|
strategy:
|
|
matrix:
|
|
target: [x64]
|
|
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12']
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895
|
|
with:
|
|
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
|
|
|
|
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
|
|
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236
|
|
with:
|
|
python-version: ${{ matrix.python-version }}
|
|
|
|
- uses: PyO3/maturin-action@a3013db91b2ef2e51420cfe99ee619c8e72a17e6
|
|
env:
|
|
PYO3_PYTHON: python${{ matrix.python-version }}
|
|
with:
|
|
command: build
|
|
args: --release -o dist
|
|
|
|
- name: Upload wheels
|
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # 3.1.3
|
|
with:
|
|
name: wheels
|
|
path: dist
|
|
|
|
macos:
|
|
runs-on: macos-latest
|
|
strategy:
|
|
matrix:
|
|
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12']
|
|
target: ['universal2', 'x86_64-apple-darwin']
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895
|
|
with:
|
|
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
|
|
|
|
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
|
|
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236
|
|
with:
|
|
python-version: ${{ matrix.python-version }}
|
|
|
|
- name: Build wheels - ${{ matrix.target }}
|
|
uses: PyO3/maturin-action@a3013db91b2ef2e51420cfe99ee619c8e72a17e6
|
|
env:
|
|
PYO3_PYTHON: python${{ matrix.python-version }}
|
|
with:
|
|
target: ${{ matrix.target }}
|
|
command: build
|
|
args: --release -o dist
|
|
|
|
- name: Upload wheels
|
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # 3.1.3
|
|
with:
|
|
name: wheels
|
|
path: dist
|
|
|
|
python-release-github:
|
|
runs-on: ubuntu-latest
|
|
needs: [ macos, windows, linux ]
|
|
permissions:
|
|
contents: write # To add assets to a release.
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.1.0
|
|
with:
|
|
disable-sudo: true
|
|
egress-policy: block
|
|
allowed-endpoints: >
|
|
api.github.com:443
|
|
github.com:443
|
|
uploads.github.com:443
|
|
static.rust-lang.org:443
|
|
|
|
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
|
with:
|
|
ref: ${{ github.head_ref }}
|
|
|
|
- uses: dtolnay/rust-toolchain@439cf607258077187679211f12aa6f19af4a0af7
|
|
with:
|
|
toolchain: 1.73.0
|
|
|
|
- name: Set up Python 3.8
|
|
uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1
|
|
with:
|
|
python-version: 3.8
|
|
|
|
- uses: actions/download-artifact@f44cd7b40bfd40b6aa1cc1b9b5b7bf03d3c67110 # v4.1.0
|
|
with:
|
|
name: wheels
|
|
path: wheels
|
|
|
|
- name: Upload release binaries
|
|
uses: alexellis/upload-assets@259de5111cb56966d046ced998941e93f91d2c93
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
with:
|
|
asset_paths: '["./wheels/tantivy-*"]'
|
|
|
|
release-pypy:
|
|
name: Release
|
|
runs-on: ubuntu-latest
|
|
needs: [ macos, windows, linux ]
|
|
permissions:
|
|
id-token: write # IMPORTANT: this permission is mandatory for trusted publishing
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895
|
|
with:
|
|
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
|
|
|
|
- uses: actions/download-artifact@f44cd7b40bfd40b6aa1cc1b9b5b7bf03d3c67110 # v4.1.0
|
|
with:
|
|
name: wheels
|
|
path: wheels
|
|
|
|
- name: Publish package distributions to Test PyPI
|
|
uses: pypa/gh-action-pypi-publish@2f6f737ca5f74c637829c0f5c3acd0e29ea5e8bf # v1.8.11
|
|
with:
|
|
repository-url: https://test.pypi.org/legacy/
|
|
packages-dir: wheels/
|
|
skip-existing: true
|
|
|
|
- name: Publish package distributions to PyPI
|
|
if: always()
|
|
uses: pypa/gh-action-pypi-publish@2f6f737ca5f74c637829c0f5c3acd0e29ea5e8bf # v1.8.11
|
|
with:
|
|
packages-dir: wheels/
|
|
skip-existing: true
|