From 3ecf702d9ed63ec12d83d61a94ba55b5d51e0c6c Mon Sep 17 00:00:00 2001 From: Giles Knap Date: Fri, 26 Aug 2022 12:43:36 +0000 Subject: [PATCH 1/5] make docs CI always run --- .github/workflows/docs.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 534395b9..b30b4083 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -2,8 +2,6 @@ name: Docs CI on: push: - tags: - - "*" pull_request: jobs: From 0a9a6b1347bf25f10534caa566463792c2d623d1 Mon Sep 17 00:00:00 2001 From: Giles Knap Date: Wed, 31 Aug 2022 07:06:18 +0000 Subject: [PATCH 2/5] improve container_tests --- .github/workflows/container_tests.sh | 7 +------ Dockerfile | 3 ++- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/.github/workflows/container_tests.sh b/.github/workflows/container_tests.sh index 5368d797..236617c3 100644 --- a/.github/workflows/container_tests.sh +++ b/.github/workflows/container_tests.sh @@ -2,9 +2,7 @@ set -x cd /project - -python -m venv /tmp/venv -source /tmp/venv/bin/activate +source /venv/bin/activate touch requirements_dev.txt pip install -r requirements_dev.txt -e .[dev] @@ -12,7 +10,4 @@ pip freeze --exclude-editable > requirements_dev.txt pipdeptree -# ensure non-zero length requirements.txt -echo "# runtime dependencies" >> requirements.txt - pytest tests diff --git a/Dockerfile b/Dockerfile index 0d993fcf..d002a19d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -32,7 +32,8 @@ RUN cd /project && \ pip install -r requirements.txt dist/*.whl && \ pip freeze > requirements.txt && \ # we don't want to include our own wheel in requirements - remove with sed - sed -i '/file:\/\//d' requirements.txt + # and replace with a comment to avoid a zero length asset upload later + sed -i '/file:/s/^/# Requirements for /' requirements.txt FROM python:3.10-slim as runtime From 787ce898fd47c0d24fd542815cdf81912454d658 Mon Sep 17 00:00:00 2001 From: Giles Knap Date: Wed, 31 Aug 2022 07:38:57 +0000 Subject: [PATCH 3/5] simplifying CI --- .github/workflows/code.yml | 18 ++++++------------ .github/workflows/container_tests.sh | 2 +- .github/workflows/docs.yml | 1 - .github/workflows/linkcheck.yml | 1 - Dockerfile | 4 ++-- setup.cfg | 6 ++---- 6 files changed, 11 insertions(+), 21 deletions(-) diff --git a/.github/workflows/code.yml b/.github/workflows/code.yml index a458c1a8..376e5adb 100644 --- a/.github/workflows/code.yml +++ b/.github/workflows/code.yml @@ -110,8 +110,6 @@ jobs: run: | docker run --name test build bash /project/.github/workflows/container_tests.sh docker cp test:/project/dist . - docker cp test:/project/requirements.txt . - docker cp test:/project/requirements_dev.txt . docker cp test:/project/cov.xml . - name: Upload coverage to Codecov @@ -134,11 +132,8 @@ jobs: - name: Upload build files uses: actions/upload-artifact@v3 with: - name: build_files - path: | - dist - requirements.txt - requirements_dev.txt + name: dist + path: dist/* sdist: needs: container @@ -151,7 +146,7 @@ jobs: # ${GITHUB_REPOSITORY##*/} is the repo name without org # Replace this with the cli command if different to the repo name run: | - pip install build_files/dist/*.gz + pip install dist/*.gz ${GITHUB_REPOSITORY##*/} --version release: @@ -169,8 +164,7 @@ jobs: uses: softprops/action-gh-release@1e07f4398721186383de40550babbdf2b84acfc5 # v0.1.14 with: files: | - build_files/* - build_files/dist/* + dist/* generate_release_notes: true env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -178,5 +172,5 @@ jobs: - name: Publish to PyPI env: TWINE_USERNAME: __token__ - TWINE_PASSWORD: ${{ secrets.pypi_token }} - run: pipx run twine upload build_files/dist/* + TWINE_PASSWORD: ${{ secrets.PYPI_TOKEN }} + run: pipx run twine upload dist/*/whl dist/*.tar.gz diff --git a/.github/workflows/container_tests.sh b/.github/workflows/container_tests.sh index 236617c3..5f921597 100644 --- a/.github/workflows/container_tests.sh +++ b/.github/workflows/container_tests.sh @@ -6,7 +6,7 @@ source /venv/bin/activate touch requirements_dev.txt pip install -r requirements_dev.txt -e .[dev] -pip freeze --exclude-editable > requirements_dev.txt +pip freeze --exclude-editable > dist/requirements_dev.txt pipdeptree diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index b30b4083..d386d2ed 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -9,7 +9,6 @@ jobs: strategy: fail-fast: false matrix: - os: ["ubuntu-latest"] python: ["3.10"] runs-on: ubuntu-latest diff --git a/.github/workflows/linkcheck.yml b/.github/workflows/linkcheck.yml index 60852749..6b37f194 100644 --- a/.github/workflows/linkcheck.yml +++ b/.github/workflows/linkcheck.yml @@ -10,7 +10,6 @@ jobs: strategy: fail-fast: false matrix: - os: ["ubuntu-latest"] python: ["3.10"] runs-on: ubuntu-latest diff --git a/Dockerfile b/Dockerfile index d002a19d..76b5dad3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -30,10 +30,10 @@ ENV PATH=/venv/bin:$PATH RUN cd /project && \ pip install --upgrade pip && \ pip install -r requirements.txt dist/*.whl && \ - pip freeze > requirements.txt && \ + pip freeze > dist/requirements.txt && \ # we don't want to include our own wheel in requirements - remove with sed # and replace with a comment to avoid a zero length asset upload later - sed -i '/file:/s/^/# Requirements for /' requirements.txt + sed -i '/file:/s/^/# Requirements for /' dist/requirements.txt FROM python:3.10-slim as runtime diff --git a/setup.cfg b/setup.cfg index 36f8418b..008fd8a4 100644 --- a/setup.cfg +++ b/setup.cfg @@ -33,18 +33,16 @@ setup_requires = # For development tests/docs dev = black==22.6.0 - pipdeptree flake8-isort isort>5.0 mypy + pipdeptree pre-commit pytest-cov + setuptools_scm[toml]>=6.2 sphinx-rtd-theme-github-versions tox - setuptools_scm[toml]>=6.2 types-mock - sphinx-rtd-theme-github-versions - sphinx-apischema [options.packages.find] where = src From 66c37e6124f65481bbe11096a69a4885a5efdeda Mon Sep 17 00:00:00 2001 From: Giles Knap Date: Wed, 31 Aug 2022 08:43:13 +0000 Subject: [PATCH 4/5] add PYPI token docs --- docs/how-to.rst | 1 + docs/how-to/existing.rst | 5 ++++- docs/how-to/pypi.rst | 25 +++++++++++++++++++++++++ docs/tutorials/new.rst | 9 +++++++++ 4 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 docs/how-to/pypi.rst diff --git a/docs/how-to.rst b/docs/how-to.rst index 4e1c30e9..b82aec7b 100644 --- a/docs/how-to.rst +++ b/docs/how-to.rst @@ -12,3 +12,4 @@ Practical step-by-step guides for the more experienced user. how-to/existing how-to/update how-to/excalidraw + how-to/pypi diff --git a/docs/how-to/existing.rst b/docs/how-to/existing.rst index 796d9671..094d8b1c 100644 --- a/docs/how-to/existing.rst +++ b/docs/how-to/existing.rst @@ -4,7 +4,7 @@ How to adopt the skeleton in an existing repo If you have an existing repo and would like to adopt the skeleton structure then you can use the commandline tool to merge the skeleton into your repo:: - python3-pip-skeleton existing /path/to/existing/repo + python3-pip-skeleton existing /path/to/existing/repo --org my_github_user_or_org This will: @@ -16,6 +16,9 @@ This will: - Push that merge branch back to the existing repo - Merge with the currently checked out branch, leaving you to fix the conflicts +.. note:: + + To enable publishing to PyPI see `../how-to/pypi` Example merge ------------- diff --git a/docs/how-to/pypi.rst b/docs/how-to/pypi.rst new file mode 100644 index 00000000..2545226f --- /dev/null +++ b/docs/how-to/pypi.rst @@ -0,0 +1,25 @@ +Creating a PyPI Token +===================== + +To publish your package on PyPI requires a PyPI account and for GitHub Actions +to have a PyPI token authorizing access to that account. + +The simplest approach is to set up a PyPI token that is scoped to your PyPI account +and add it to the secrets for your GitHub Organization (or user). This means +that all new projects created in the Organization will automatically gain +permission to publish to PyPI. + +Alternatively you can create a project scoped token for each project. This +is more work but more secure as a bad actor that obtains the key can only +affect a single project. + +If you do not already have a PyPI account use this link: create_account_. + +To learn how to create a token and store it in Github see: adding_a_token_. +You can ignore the other sections of the page regarding Github Actions because +these are already provided by skeleton. Note that skeleton uses ``PYPI_TOKEN`` +as the secret name instead of ``PYPI_API_TOKEN`` described in the link. + + +.. _create_account: https://pypi.org/account/register/ +.. _adding_a_token: https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/#saving-credentials-on-github diff --git a/docs/tutorials/new.rst b/docs/tutorials/new.rst index b3fbdbcf..94eec9e8 100644 --- a/docs/tutorials/new.rst +++ b/docs/tutorials/new.rst @@ -31,6 +31,15 @@ You can then run any entry points declared in setup.cfg e.g.:: will run the python interpreter with access to all the packages you need to develop your repo. +PyPI Token +---------- + +The Github Actions Continuous Integration will publish your package to PyPI. +To do so you need a PyPI account and and a PyPI Token configured in your +project or github Organization. + +see `../how-to/pypi` + Running the tests ----------------- From 6948faa1554b1ddfbdf6c576f57ee81a6cd6955e Mon Sep 17 00:00:00 2001 From: Giles Knap Date: Wed, 31 Aug 2022 08:56:16 +0000 Subject: [PATCH 5/5] fix README typo --- README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.rst b/README.rst index 576bf6e9..e2a85882 100644 --- a/README.rst +++ b/README.rst @@ -19,7 +19,7 @@ It integrates the following tools: - pip and setuptools_scm for version management - Pre-commit with black, flake8 and isort for static analysis -- Pytest for tests and code git@github.com:dls-controls/python3-pip-skeleton.gitcoverage +- Pytest for code and coverage - Sphinx for tutorials, how-to guides, explanations and reference documentation - GitHub Actions for code and docs CI and deployment to PyPI and GitHub Pages - tox -p: runs pre-commit, pytest, mypy and make docs