196 lines
6.1 KiB
YAML
196 lines
6.1 KiB
YAML
name: Test & Release
|
|
|
|
on:
|
|
release:
|
|
types: [published]
|
|
|
|
# on:
|
|
# pull_request:
|
|
# branches:
|
|
# - master
|
|
|
|
jobs:
|
|
linux:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
matrix:
|
|
platform: [ 'x86_64-unknown-linux-gnu', 'aarch64-unknown-linux-gnu' ]
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142
|
|
with:
|
|
egress-policy: block
|
|
allowed-endpoints: >
|
|
api.github.com:443
|
|
cdn.quay.io:443
|
|
cdn01.quay.io:443
|
|
cdn02.quay.io:443
|
|
cdn03.quay.io:443
|
|
crates.io:443
|
|
files.pythonhosted.org:443
|
|
ghcr.io:443
|
|
github.com:443
|
|
index.crates.io:443
|
|
objects.githubusercontent.com:443
|
|
uploads.github.com:443
|
|
pkg-containers.githubusercontent.com:443
|
|
pypi.org:443
|
|
quay.io:443
|
|
sh.rustup.rs:443
|
|
static.crates.io:443
|
|
static.rust-lang.org:443
|
|
|
|
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
|
|
- uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c
|
|
with:
|
|
python-version: 3.8
|
|
architecture: x64
|
|
|
|
- uses: PyO3/maturin-action@6c040287d49afcbdb94da54484e3e17051e60e53
|
|
with:
|
|
manylinux: auto
|
|
target: ${{ matrix.platform }}
|
|
command: build
|
|
args: --release --sdist -o dist -i 3.8 3.9 3.10 3.11 3.12
|
|
|
|
- name: Upload wheels
|
|
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # 4.3.1
|
|
with:
|
|
name: wheels
|
|
path: dist
|
|
|
|
windows:
|
|
runs-on: windows-latest
|
|
strategy:
|
|
matrix:
|
|
target: [x64]
|
|
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12']
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142
|
|
with:
|
|
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
|
|
|
|
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
|
|
- uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c
|
|
with:
|
|
python-version: ${{ matrix.python-version }}
|
|
|
|
- uses: PyO3/maturin-action@6c040287d49afcbdb94da54484e3e17051e60e53
|
|
env:
|
|
PYO3_PYTHON: python${{ matrix.python-version }}
|
|
with:
|
|
command: build
|
|
args: --release -o dist
|
|
|
|
- name: Upload wheels
|
|
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # 4.3.1
|
|
with:
|
|
name: wheels
|
|
path: dist
|
|
|
|
macos:
|
|
runs-on: macos-latest
|
|
strategy:
|
|
matrix:
|
|
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12']
|
|
target: ['universal2', 'x86_64-apple-darwin']
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142
|
|
with:
|
|
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
|
|
|
|
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
|
|
- uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c
|
|
with:
|
|
python-version: ${{ matrix.python-version }}
|
|
|
|
- name: Build wheels - ${{ matrix.target }}
|
|
uses: PyO3/maturin-action@6c040287d49afcbdb94da54484e3e17051e60e53
|
|
env:
|
|
PYO3_PYTHON: python${{ matrix.python-version }}
|
|
with:
|
|
target: ${{ matrix.target }}
|
|
command: build
|
|
args: --release -o dist
|
|
|
|
- name: Upload wheels
|
|
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # 4.3.1
|
|
with:
|
|
name: wheels
|
|
path: dist
|
|
|
|
python-release-github:
|
|
runs-on: ubuntu-latest
|
|
needs: [ macos, windows, linux ]
|
|
permissions:
|
|
contents: write # To add assets to a release.
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.1.0
|
|
with:
|
|
disable-sudo: true
|
|
egress-policy: block
|
|
allowed-endpoints: >
|
|
api.github.com:443
|
|
github.com:443
|
|
uploads.github.com:443
|
|
static.rust-lang.org:443
|
|
|
|
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
|
with:
|
|
ref: ${{ github.head_ref }}
|
|
|
|
- uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248
|
|
with:
|
|
toolchain: 1.73.0
|
|
|
|
- name: Set up Python 3.8
|
|
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
|
|
with:
|
|
python-version: 3.8
|
|
|
|
- uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
|
|
with:
|
|
name: wheels
|
|
path: wheels
|
|
|
|
- name: Upload release binaries
|
|
uses: alexellis/upload-assets@13926a61cdb2cb35f5fdef1c06b8b591523236d3
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
with:
|
|
asset_paths: '["./wheels/tantivy-*"]'
|
|
|
|
release-pypy:
|
|
name: Release
|
|
runs-on: ubuntu-latest
|
|
needs: [ macos, windows, linux ]
|
|
permissions:
|
|
id-token: write # IMPORTANT: this permission is mandatory for trusted publishing
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142
|
|
with:
|
|
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
|
|
|
|
- uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
|
|
with:
|
|
name: wheels
|
|
path: wheels
|
|
|
|
- name: Publish package distributions to Test PyPI
|
|
uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14
|
|
with:
|
|
repository-url: https://test.pypi.org/legacy/
|
|
packages-dir: wheels/
|
|
skip-existing: true
|
|
|
|
- name: Publish package distributions to PyPI
|
|
if: always()
|
|
uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14
|
|
with:
|
|
packages-dir: wheels/
|
|
skip-existing: true
|