Bump actions/checkout from 5.0.1 to 6.0.0 (#1463) #1365
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| pull_request: {} | |
| push: {} | |
| jobs: | |
| linux: | |
| runs-on: ${{ matrix.PYTHON.OS || 'ubuntu-latest' }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| PYTHON: | |
| # Base builds | |
| - {VERSION: "3.8", NOXSESSION: "tests"} | |
| - {VERSION: "3.9", NOXSESSION: "tests"} | |
| - {VERSION: "3.10", NOXSESSION: "tests"} | |
| - {VERSION: "3.11", NOXSESSION: "tests"} | |
| - {VERSION: "3.12", NOXSESSION: "tests"} | |
| - {VERSION: "3.13", NOXSESSION: "tests"} | |
| - {VERSION: "3.14", NOXSESSION: "tests"} | |
| - {VERSION: "3.14t", NOXSESSION: "tests"} | |
| - {VERSION: "pypy-3.11", NOXSESSION: "tests"} | |
| - {VERSION: "3.11", NOXSESSION: "tests-wheel", OS: "windows-latest"} | |
| # -cryptography-main | |
| - {VERSION: "3.8", NOXSESSION: "tests-cryptography-main"} | |
| - {VERSION: "3.9", NOXSESSION: "tests-cryptography-main"} | |
| - {VERSION: "3.10", NOXSESSION: "tests-cryptography-main"} | |
| - {VERSION: "3.11", NOXSESSION: "tests-cryptography-main"} | |
| - {VERSION: "3.12", NOXSESSION: "tests-cryptography-main"} | |
| - {VERSION: "3.13", NOXSESSION: "tests-cryptography-main"} | |
| - {VERSION: "3.14", NOXSESSION: "tests-cryptography-main"} | |
| - {VERSION: "3.14t", NOXSESSION: "tests-cryptography-main"} | |
| - {VERSION: "pypy-3.11", NOXSESSION: "tests-cryptography-main"} | |
| # -cryptography-minimum | |
| - {VERSION: "3.8", NOXSESSION: "tests-cryptography-minimum"} | |
| - {VERSION: "3.9", NOXSESSION: "tests-cryptography-minimum"} | |
| - {VERSION: "3.10", NOXSESSION: "tests-cryptography-minimum"} | |
| - {VERSION: "3.11", NOXSESSION: "tests-cryptography-minimum"} | |
| - {VERSION: "3.12", NOXSESSION: "tests-cryptography-minimum"} | |
| - {VERSION: "3.13", NOXSESSION: "tests-cryptography-minimum"} | |
| - {VERSION: "pypy-3.11", NOXSESSION: "tests-cryptography-minimum"} | |
| # Cryptography wheels | |
| - {VERSION: "3.9", NOXSESSION: "tests-cryptography-minimum-wheel"} | |
| - {VERSION: "3.9", NOXSESSION: "tests-wheel"} | |
| # Random order | |
| - {VERSION: "3.9", NOXSESSION: "tests-random-order"} | |
| # Meta | |
| - {VERSION: "3.9", NOXSESSION: "check-manifest"} | |
| - {VERSION: "3.11", NOXSESSION: "lint"} | |
| - {VERSION: "3.13", NOXSESSION: "mypy"} | |
| - {VERSION: "3.9", NOXSESSION: "docs"} | |
| steps: | |
| - uses: actions/[email protected] | |
| - name: Setup python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ matrix.PYTHON.VERSION }} | |
| - run: python -m pip install nox | |
| - run: nox | |
| env: | |
| NOXSESSION: ${{ matrix.PYTHON.NOXSESSION }} | |
| - uses: ./.github/actions/upload-coverage | |
| linux-docker: | |
| runs-on: ubuntu-latest | |
| container: ghcr.io/pyca/cryptography-runner-${{ matrix.TEST.CONTAINER }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| TEST: | |
| # cryptography-main used since there's no wheel | |
| - {CONTAINER: "ubuntu-rolling", NOXSESSION: "tests-cryptography-main"} | |
| name: "${{ matrix.TEST.NOXSESSION }} on ${{ matrix.TEST.CONTAINER }}" | |
| steps: | |
| - uses: actions/[email protected] | |
| - run: /venv/bin/pip install nox | |
| - run: /venv/bin/nox | |
| env: | |
| RUSTUP_HOME: /root/.rustup | |
| NOXSESSION: ${{ matrix.TEST.NOXSESSION }} | |
| - uses: ./.github/actions/upload-coverage | |
| linux-downstream: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| DOWNSTREAM: | |
| - twisted | |
| - certbot | |
| - certbot-josepy | |
| PYTHON: | |
| - 3.12 | |
| name: "Downstream tests for ${{ matrix.DOWNSTREAM }}" | |
| steps: | |
| - uses: actions/[email protected] | |
| - name: Setup python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ matrix.PYTHON }} | |
| - run: ./.github/downstream.d/${{ matrix.DOWNSTREAM }}.sh install | |
| - run: pip install . | |
| - run: ./.github/downstream.d/${{ matrix.DOWNSTREAM }}.sh run | |
| all-green: | |
| runs-on: ubuntu-latest | |
| needs: [linux, linux-docker, linux-downstream] | |
| if: ${{ always() }} | |
| timeout-minutes: 3 | |
| steps: | |
| - name: Decide whether the needed jobs succeeded or failed | |
| uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # v1.2.2 | |
| with: | |
| jobs: ${{ toJSON(needs) }} | |
| - uses: actions/checkout@c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5 # v5.0.1 | |
| timeout-minutes: 3 | |
| with: | |
| persist-credentials: false | |
| - name: Setup python | |
| uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 | |
| with: | |
| python-version: '3.12' | |
| timeout-minutes: 3 | |
| - run: pip install coverage[toml] | |
| - name: Download coverage data | |
| uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 | |
| with: | |
| pattern: coverage-data-* | |
| merge-multiple: true | |
| - name: Combine coverage and fail if it's too low | |
| id: combinecoverage | |
| run: | | |
| set +e | |
| python -m coverage combine | |
| echo "## Python Coverage" >> $GITHUB_STEP_SUMMARY | |
| python -m coverage report -m --fail-under=98 > COV_REPORT | |
| COV_EXIT_CODE=$? | |
| cat COV_REPORT | |
| if [ $COV_EXIT_CODE -ne 0 ]; then | |
| echo "🚨 Python Coverage failed. Coverage too low." | tee -a $GITHUB_STEP_SUMMARY | |
| fi | |
| echo '```' >> $GITHUB_STEP_SUMMARY | |
| cat COV_REPORT >> $GITHUB_STEP_SUMMARY | |
| echo '```' >> $GITHUB_STEP_SUMMARY | |
| exit $COV_EXIT_CODE | |
| - name: Create coverage HTML | |
| run: python -m coverage html | |
| if: ${{ failure() && steps.combinecoverage.outcome == 'failure' }} | |
| - name: Upload HTML report. | |
| uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 | |
| with: | |
| name: _html-report | |
| path: htmlcov | |
| if-no-files-found: ignore |