Feature/bump deps #216
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Infos on current github runners: | |
# https://docs.github.com/en/free-pro-team@latest/actions/reference/specifications-for-github-hosted-runners#about-github-hosted-runners | |
name: CI/CD | |
on: | |
pull_request: | |
push: | |
branches: ["main"] | |
tags: ["v*"] | |
workflow_dispatch: | |
inputs: | |
refToBuild: | |
description: "Branch, tag or commit SHA1 to build" | |
required: true | |
type: string | |
concurrency: | |
group: cicd-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
test: | |
name: Lint & Test | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [macos-13, macos-14, windows-2022, ubuntu-22.04] | |
steps: | |
# Setup environment | |
- uses: actions/checkout@v4 | |
if: ${{ github.event_name != 'workflow_dispatch' }} | |
- uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'workflow_dispatch' }} | |
with: | |
ref: ${{ inputs.refToBuild }} | |
- name: Setup Python | |
uses: ./.github/actions/setup | |
- name: Prepare Linux | |
if: matrix.os == 'ubuntu-22.04' | |
run: | | |
sudo apt-get update | |
sudo apt-get install \ | |
python3-pil \ | |
tesseract-ocr \ | |
tesseract-ocr-eng \ | |
tesseract-ocr-jpn \ | |
tesseract-ocr-chi-sim \ | |
xclip | |
sudo apt-get install \ | |
xvfb \ | |
libxkbcommon-x11-0 \ | |
libxcb-icccm4 \ | |
libxcb-image0 \ | |
libxcb-keysyms1 \ | |
libxcb-randr0 \ | |
libxcb-render-util0 \ | |
libxcb-xinerama0 \ | |
libxcb-xfixes0 \ | |
libxcb-shape0 \ | |
libxcb-cursor0 \ | |
libegl1 \ | |
libegl1-mesa | |
sudo apt-get install \ | |
ca-certificates | |
echo "XDG_SESSION_TYPE=gnome" >> $GITHUB_ENV | |
echo "QT_DEBUG_PLUGINS=1" >> $GITHUB_ENV | |
echo "QT_QPA_PLATFORM=xcb" >> $GITHUB_ENV | |
- name: Prepare macOS | |
if: matrix.os == 'macos-13' || matrix.os == 'macos-14' | |
run: | | |
brew install tesseract tesseract-lang dylibbundler | |
brew info tesseract | |
- name: Prepare Windows | |
if: matrix.os == 'windows-2022' | |
run: | | |
$url = "https://digi.bib.uni-mannheim.de/tesseract/tesseract-ocr-w64-setup-v5.3.0.20221214.exe" | |
Invoke-WebRequest -Uri $url -OutFile "tesseract_installer.exe" | |
7z x tesseract_installer.exe -O"C:\Program Files\Tesseract-OCR" | |
$chi_sim_url = "https://github.com/tesseract-ocr/tessdata_fast/raw/main/chi_sim.traineddata" | |
Invoke-WebRequest -Uri $chi_sim_url -OutFile "C:\Program Files\Tesseract-OCR\tessdata\chi_sim.traineddata" | |
$jpn_url = "https://github.com/tesseract-ocr/tessdata_fast/raw/main/jpn.traineddata" | |
Invoke-WebRequest -Uri $jpn_url -OutFile "C:\Program Files\Tesseract-OCR\tessdata\jpn.traineddata" | |
$tesseract = "C:\Program Files\Tesseract-OCR\" | |
echo "$tesseract" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append | |
echo "TESSDATA_PREFIX=$tesseract\tessdata" >> $env:GITHUB_ENV | |
Set-DisplayResolution -Width 1920 -Height 1080 -Force | |
- name: Test tesseract | |
run: | | |
tesseract --version | |
tesseract --list-langs | |
- name: Run project checks | |
run: | | |
uv run poe cicd-check | |
env: | |
QT_DEBUG_PLUGINS: 1 | |
- name: Coveralls Parallel | |
uses: coverallsapp/github-action@release/v2 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
flag-name: ${{ matrix.os }} | |
path-to-lcov: coverage.lcov | |
parallel: true | |
test-python-package: | |
name: Test Python package build | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [macos-13, macos-14, windows-2022, ubuntu-22.04] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Python | |
uses: ./.github/actions/setup | |
- name: Test build python package | |
run: uv build | |
test-briefcase: | |
name: Test Briefcase build | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [macos-13, macos-14, windows-2022, ubuntu-22.04] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Python | |
uses: ./.github/actions/setup | |
- name: Test build briefcase package | |
shell: bash -l {0} | |
run: uv run poe bundle-dev | |
- name: Print briefcase log in case of error | |
if: failure() | |
shell: bash -l {0} | |
run: | | |
(cat logs/briefcase*) || true | |
find build/normcap || true | |
# For security reasons, github doesn't allow setting envvars using expressions | |
# directly. Therefore, we need an extra step: | |
- name: Set current date as env variable | |
shell: bash -l {0} | |
run: echo "NOW=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_ENV | |
- name: Draft internal release | |
uses: ncipollo/release-action@v1 | |
# It's possible, that the run lacks release permissions (e.g. on forks). In | |
# this is not crucial, so we just silence the error. | |
continue-on-error: true | |
if: github.repository_owner == 'dynobo' | |
with: | |
name: Internal | |
body: "Only for internal tests. Should not be published. [${{ env.NOW }}]" | |
repo: normcap | |
owner: dynobo | |
artifacts: "*/*.+(dmg|AppImage|msi|zip)" | |
allowUpdates: true | |
draft: true | |
prerelease: true | |
token: ${{ secrets.GITHUB_TOKEN }} | |
tag: "internal" | |
test-documentation: | |
name: Test documentation build | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Python | |
uses: ./.github/actions/setup | |
- name: Build documentation | |
run: uv run poe docs-build | |
coveralls: | |
name: Upload coverage | |
needs: test | |
if: github.repository_owner == 'dynobo' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Coveralls Finished | |
uses: coverallsapp/github-action@release/v2 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
parallel-finished: true | |
codeql: | |
name: CodeQL | |
runs-on: ubuntu-latest | |
permissions: | |
actions: read | |
contents: read | |
security-events: write | |
strategy: | |
fail-fast: false | |
matrix: | |
language: ["javascript", "python"] | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v3 | |
with: | |
languages: ${{ matrix.language }} | |
queries: security-extended | |
- name: Autobuild | |
uses: github/codeql-action/autobuild@v3 | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v3 | |
deploy-briefcase: | |
name: Briefcase build & draft release | |
needs: | |
- test | |
- test-briefcase | |
- test-python-package | |
if: | | |
startsWith(github.ref, 'refs/tags/v') | |
&& github.repository_owner == 'dynobo' | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [macos-13, macos-14, windows-2022, ubuntu-22.04] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Python | |
uses: ./.github/actions/setup | |
- name: Build package briefcase | |
shell: bash -l {0} | |
run: uv run poe bundle | |
- name: Draft release | |
if: github.repository == 'dynobo/normcap' | |
uses: ncipollo/release-action@v1 | |
with: | |
body: | |
See [CHANGELOG](https://github.com/dynobo/normcap/blob/main/CHANGELOG) for | |
details. | |
artifacts: "*/*.+(dmg|AppImage|msi|zip)" | |
artifactErrorsFailBuild: false | |
allowUpdates: true | |
draft: true | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- name: FTP upload windows package | |
if: matrix.os == 'windows-2022' && github.repository == 'dynobo/normcap' | |
uses: SamKirkland/FTP-Deploy-Action@v4.3.5 | |
with: | |
server: ${{ secrets.WEBGO_FTP_HOST }} | |
username: ${{ secrets.WEBGO_FTP_USER }} | |
password: ${{ secrets.WEBGO_FTP_PASS }} | |
protocol: ftps | |
local-dir: ./bundle/ | |
exclude: | | |
**/platforms/** | |
**/imgs/** | |
**/*.py | |
**/*.wxs | |
**/*.wxs | |
**/metainfo | |
deploy-pypi: | |
name: Publish to PyPi | |
needs: deploy-briefcase | |
runs-on: ubuntu-22.04 | |
permissions: | |
# Used to authenticate to PyPI via OIDC. | |
# Used to sign the release's artifacts with sigstore-python. | |
id-token: write | |
# Used to attach signing artifacts to the published release. | |
contents: write | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Python | |
uses: ./.github/actions/setup | |
- name: Build Python package | |
run: uv build | |
- name: Publish to PyPi | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
with: | |
verbose: true | |
print-hash: true | |
- name: Sign published artifacts | |
uses: sigstore/gh-action-sigstore-python@v3.0.0 | |
with: | |
inputs: | | |
./dist/*.tar.gz | |
./dist/*.whl | |
release-documentation: | |
name: Deploy github pages | |
needs: | |
- test | |
- test-documentation | |
if: | | |
(startsWith(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/main') | |
&& github.repository_owner == 'dynobo' | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Python | |
uses: ./.github/actions/setup | |
- name: Build documentation | |
run: uv run poe docs-build | |
- name: Deploy pages | |
uses: peaceiris/actions-gh-pages@v4 | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
publish_dir: ./site |