forked from quickwit-oss/tantivy-py
-
Notifications
You must be signed in to change notification settings - Fork 0
202 lines (177 loc) · 6.3 KB
/
publish.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
name: Test & Release
on:
release:
types: [published]
# on:
# pull_request:
# branches:
# - master
jobs:
linux:
runs-on: ubuntu-latest
strategy:
matrix:
platform: [ 'x86_64-unknown-linux-gnu', 'aarch64-unknown-linux-gnu' ]
steps:
- name: Harden Runner
uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: block
allowed-endpoints: >
api.github.com:443
cdn03.quay.io:443
crates.io:443
github.com:443
objects.githubusercontent.com:443
quay.io:443
sh.rustup.rs:443
static.crates.io:443
index.crates.io:443
static.rust-lang.org:443
uploads.github.com:443
pypi.org:443
files.pythonhosted.org:443
ghcr.io:443
pkg-containers.githubusercontent.com:443
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236
with:
python-version: 3.8
architecture: x64
- uses: messense/maturin-action@a7534cbf4b1b1bc201c7e81a375ae6931a3ee0c8
with:
rust-toolchain: stable
manylinux: auto
target: ${{ matrix.platform }}
command: build
args: --release --sdist -o dist -i 3.8 3.9 3.10 3.11
- name: Upload wheels
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # 3.1.3
with:
name: wheels
path: dist
windows:
runs-on: windows-latest
strategy:
matrix:
target: [x64]
python-version: ['3.8', '3.9', '3.10', '3.11']
steps:
- name: Harden Runner
uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236
with:
python-version: ${{ matrix.python-version }}
- uses: messense/maturin-action@a7534cbf4b1b1bc201c7e81a375ae6931a3ee0c8
env:
PYO3_PYTHON: python${{ matrix.python-version }}
with:
command: build
args: --release -o dist
- name: Upload wheels
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # 3.1.3
with:
name: wheels
path: dist
macos:
runs-on: macos-latest
strategy:
matrix:
python-version: ['3.8', '3.9', '3.10', '3.11']
steps:
- name: Harden Runner
uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236
with:
python-version: ${{ matrix.python-version }}
- name: Build wheels - x86_64
uses: messense/maturin-action@a7534cbf4b1b1bc201c7e81a375ae6931a3ee0c8
env:
PYO3_PYTHON: python${{ matrix.python-version }}
with:
target: x86_64-apple-darwin
command: build
args: --release -o dist
- name: Build wheels - universal2
uses: messense/maturin-action@a7534cbf4b1b1bc201c7e81a375ae6931a3ee0c8
env:
PYO3_PYTHON: python${{ matrix.python-version }}
with:
command: build
args: --release -o dist --universal2
- name: Upload wheels
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # 3.1.3
with:
name: wheels
path: dist
python-release-github:
runs-on: ubuntu-latest
needs: [ macos, windows, linux ]
permissions:
contents: write # To add assets to a release.
steps:
- name: Harden Runner
uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.1.0
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
static.rust-lang.org:443
uploads.github.com:443
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with:
ref: ${{ github.head_ref }}
- uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1.0.7
with:
profile: minimal
toolchain: stable
- name: Set up Python 3.8
uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1
with:
python-version: 3.8
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: wheels
path: wheels
- name: Upload release binaries
uses: alexellis/upload-assets@259de5111cb56966d046ced998941e93f91d2c93
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
asset_paths: '["./wheels/tantivy-*"]'
release-pypy:
name: Release
runs-on: ubuntu-latest
needs: [ macos, windows, linux ]
if: ${{ !always() }}
permissions:
id-token: write # IMPORTANT: this permission is mandatory for trusted publishing
steps:
- name: Harden Runner
uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: wheels
path: wheels
- name: Publish package distributions to Test PyPI
uses: pypa/gh-action-pypi-publish@b7f401de30cb6434a1e19f805ff006643653240e # v1.8.10
with:
repository-url: https://test.pypi.org/legacy/
packages-dir: wheels/
skip-existing: true
- name: Publish package distributions to PyPI
if: always()
uses: pypa/gh-action-pypi-publish@b7f401de30cb6434a1e19f805ff006643653240e # v1.8.10
with:
packages-dir: wheels/
skip-existing: true