pkg: remove wheels #257
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build, Test, and (if needed) Publish Image | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - dev | |
| release: | |
| types: ['published'] | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| x86-build-and-push-image: | |
| runs-on: ubuntu-22.04 | |
| # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. | |
| permissions: | |
| contents: read | |
| packages: write | |
| # | |
| steps: | |
| - uses: docker/[email protected] | |
| with: | |
| driver-opts: image=moby/buildkit | |
| - uses: docker/[email protected] | |
| id: meta | |
| with: | |
| images: ghcr.io/${{ github.repository }} | |
| tags: | | |
| type=sha,format=long | |
| type=semver,pattern={{version}} | |
| - uses: docker/[email protected] | |
| if: github.event_name != 'pull_request' | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ github.token }} | |
| - name: Build image (X86) | |
| id: build | |
| uses: docker/[email protected] | |
| with: | |
| load: true | |
| push: false | |
| tags: pyda_tmp | |
| platforms: linux/amd64 | |
| provenance: false | |
| cache-from: type=gha | |
| - name: Test (X86) | |
| run: | | |
| docker run --cap-add=SYS_PTRACE -e PYTHONUNBUFFERED=1 --rm --workdir /opt/pyda/tests --entrypoint /bin/bash pyda_tmp -c "cat /proc/sys/kernel/pid_max && cat /proc/sys/vm/max_map_count" | |
| docker run --cap-add=SYS_PTRACE -e PYTHONUNBUFFERED=1 --rm --workdir /opt/pyda/tests --entrypoint python3 pyda_tmp run_tests.py --ci --debug | |
| - name: Push image | |
| uses: docker/[email protected] | |
| if: github.event_name != 'pull_request' | |
| with: | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| platforms: linux/amd64 | |
| provenance: false | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Export digest | |
| run: | | |
| rm -rf /tmp/digests | |
| mkdir -p /tmp/digests | |
| digest="${{ steps.build.outputs.digest }}" | |
| touch "/tmp/digests/${digest#sha256:}" | |
| - name: Upload digest | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: digests-linux-amd64 | |
| path: /tmp/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| arm64-build-and-push-image: | |
| runs-on: ubuntu-22.04-arm | |
| # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - uses: docker/[email protected] | |
| with: | |
| driver-opts: image=moby/buildkit | |
| - uses: docker/[email protected] | |
| id: meta | |
| with: | |
| images: ghcr.io/${{ github.repository }} | |
| tags: | | |
| type=sha,format=long | |
| type=semver,pattern={{version}} | |
| - uses: docker/[email protected] | |
| if: github.event_name != 'pull_request' | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ github.token }} | |
| - name: Build image (ARM64) | |
| id: build | |
| uses: docker/[email protected] | |
| with: | |
| load: true | |
| push: false | |
| tags: pyda_tmp | |
| platforms: linux/arm64 | |
| provenance: false | |
| cache-from: type=gha | |
| - name: Test (ARM64) | |
| run: | | |
| docker run --cap-add=SYS_PTRACE -e PYTHONUNBUFFERED=1 --rm --workdir /opt/pyda/tests --entrypoint python3 pyda_tmp run_tests.py --ci --debug | |
| - name: Push image | |
| uses: docker/[email protected] | |
| if: github.event_name != 'pull_request' | |
| with: | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| platforms: linux/arm64 | |
| provenance: false | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Export digest | |
| run: | | |
| rm -rf /tmp/digests | |
| mkdir -p /tmp/digests | |
| digest="${{ steps.build.outputs.digest }}" | |
| touch "/tmp/digests/${digest#sha256:}" | |
| - name: Upload digest | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: digests-linux-arm64 | |
| path: /tmp/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| pip-install: | |
| name: pip-install-test-${{ matrix.os }} | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [macos-14, ubuntu-22.04] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.10' | |
| - name: pip install | |
| run: | | |
| python3 -m venv venv | |
| source venv/bin/activate | |
| pip install . | |
| pip install pwntools | |
| - name: Test installation (Linux) | |
| if: runner.os == 'Linux' | |
| run: | | |
| source venv/bin/activate | |
| python3 -c "import pwnlib" | |
| cd tests | |
| sudo capsh --keep=1 --caps="cap_sys_ptrace+eip" --print -- -c "HOME=$HOME PATH=$PATH python3 run_tests.py --ci --debug --ntrials 1" | |
| - name: Test installation (macOS) | |
| if: runner.os == 'macOS' | |
| run: | | |
| source venv/bin/activate | |
| python3 -c "import pwnlib" | |
| cd tests | |
| PYTHONUNBUFFERED=1 python3 run_tests.py --ci --debug --ntrials 1 | |
| # Attempt to merge the two architecture images into a single image | |
| merge: | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read | |
| packages: write | |
| needs: | |
| - x86-build-and-push-image | |
| - arm64-build-and-push-image | |
| if: github.event_name != 'pull_request' | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: /tmp/digests | |
| pattern: digests-* | |
| merge-multiple: true | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - uses: docker/metadata-action@v5 | |
| id: meta | |
| with: | |
| images: ghcr.io/${{ github.repository }} | |
| tags: | | |
| type=sha,format=long | |
| type=semver,pattern={{version}} | |
| - uses: docker/[email protected] | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ github.token }} | |
| - name: Create manifest list and push | |
| working-directory: /tmp/digests | |
| run: | | |
| docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ | |
| $(printf 'ghcr.io/${{ github.repository }}@sha256:%s ' *) | |
| - name: Inspect image | |
| run: | | |
| docker buildx imagetools inspect ghcr.io/${{ github.repository }}:${{ steps.meta.outputs.version }} | |
| build_sdist: | |
| name: Build source distribution | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Build sdist | |
| run: pipx run build --sdist | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: cibw-sdist | |
| path: dist/*.tar.gz | |
| upload_pypi: | |
| needs: [build_sdist] | |
| runs-on: ubuntu-latest | |
| environment: pypi | |
| permissions: | |
| id-token: write | |
| if: github.event_name == 'release' && github.event.action == 'published' | |
| # or, alternatively, upload to PyPI on every tag starting with 'v' (remove on: release above to use this) | |
| # if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') | |
| steps: | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| # unpacks all CIBW artifacts into dist/ | |
| pattern: cibw-* | |
| path: dist | |
| merge-multiple: true | |
| - uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ |