-
-
Notifications
You must be signed in to change notification settings - Fork 5
95 lines (92 loc) · 3.46 KB
/
build.yml
File metadata and controls
95 lines (92 loc) · 3.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
name: build
on:
pull_request:
push:
branches: [main]
concurrency:
# serialize runs on the default branch
group: ${{ github.event_name == 'push' && github.workflow || github.sha }}${{ github.workflow }}
jobs:
image:
strategy:
matrix:
include:
- {arch: amd64, os: ubuntu-latest}
- {arch: arm64, os: ubuntu-24.04-arm}
runs-on: ${{ matrix.os }}
permissions:
packages: write
steps:
- uses: actions/checkout@v3
- run: docker login --username '${{ github.actor }}' --password-stdin ghcr.io <<< '${{ secrets.GITHUB_TOKEN }}'
- run: |
docker buildx build \
--cache-from ghcr.io/getsentry/pypi-manylinux-${{ matrix.arch }}-ci:latest \
--cache-to type=inline \
--platform linux/${{ matrix.arch }} \
--tag ghcr.io/getsentry/pypi-manylinux-${{ matrix.arch }}-ci:${{ github.sha }} \
${{ github.ref == 'refs/heads/main' && format('--tag ghcr.io/getsentry/pypi-manylinux-{0}-ci:latest', matrix.arch) || '' }} \
--push \
docker
linux:
needs: [image]
strategy:
fail-fast: false
matrix:
include:
- {arch: amd64, os: ubuntu-latest}
- {arch: arm64, os: ubuntu-24.04-arm}
runs-on: ${{ matrix.os }}
container: ghcr.io/getsentry/pypi-manylinux-${{ matrix.arch }}-ci:${{ github.sha }}
steps:
- uses: actions/checkout@v3
- run: python3 -um build --pypi-url https://pypi.devinfra.sentry.io
- run: python3 -um validate --index-url https://pypi.devinfra.sentry.io/simple
- uses: actions/upload-artifact@v4
with:
name: dist-linux-${{ matrix.arch }}
path: dist/*
macos:
strategy:
matrix:
runs-on: [macos-15]
runs-on: ${{ matrix.runs-on }}
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: astral-sh/setup-uv@884ad927a57e558e7a70b92f2bccf9198a4be546 # v6
- run: python3 -u docker/install-pythons --dest pythons
- run: |
echo "$PWD/pythons/cp311-cp311/bin" >> "$GITHUB_PATH"
echo "$PWD/pythons/cp312-cp312/bin" >> "$GITHUB_PATH"
echo "$PWD/pythons/cp313-cp313/bin" >> "$GITHUB_PATH"
echo "$PWD/pythons/cp314-cp314/bin" >> "$GITHUB_PATH"
echo "$PWD/venv/bin" >> "$GITHUB_PATH"
- run: python3 -um venv venv && pip install -r docker/requirements.txt
- run: python3 -um build --pypi-url https://pypi.devinfra.sentry.io
- run: python3 -um validate --index-url https://pypi.devinfra.sentry.io/simple
- uses: actions/upload-artifact@v4
with:
name: dist-${{ matrix.runs-on }}
path: dist/*
collect-and-deploy:
needs: [linux, macos]
if: github.event_name != 'pull_request'
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: '3.11'
- run: pip install -r docker/requirements.txt
- uses: actions/download-artifact@v4
with:
path: dist
- run: python3 -um make_index --pypi-url https://pypi.devinfra.sentry.io --dest index
- uses: google-github-actions/auth@ba79af03959ebeac9769e648f473a284504d9193 # v2.1.10
with:
workload_identity_provider: projects/868781662168/locations/global/workloadIdentityPools/prod-github/providers/github-oidc-pool
service_account: gha-pypi@sac-prod-sa.iam.gserviceaccount.com
- run: python3 -uS bin/upload-artifacts