feat(sandbox): add remove_dir permissions to sandbox API #295
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- main | |
- master | |
tags: | |
- "*" | |
pull_request: | |
workflow_dispatch: | |
permissions: | |
contents: read | |
jobs: | |
checks: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: cachix/install-nix-action@v22 | |
- uses: cachix/cachix-action@v12 | |
with: | |
name: unblob | |
authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" | |
- name: Check Nix formatting | |
run: nix fmt -- --check . | |
- name: Check Python formatting | |
run: nix develop -c -- black --check --diff --color . | |
- name: Ruff | |
run: nix develop -c -- ruff check . | |
build-nix: | |
strategy: | |
matrix: | |
include: | |
- os: ubuntu-latest | |
arch: x86_64-linux | |
- os: ubuntu-latest | |
arch: aarch64-linux | |
- os: macos-13 | |
arch: x86_64-darwin | |
name: Build Nix - ${{ matrix.arch }}.${{ matrix.os }} | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: cachix/install-nix-action@v22 | |
- uses: cachix/cachix-action@v12 | |
with: | |
name: unblob | |
authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
- name: Setup emulation | |
if: ${{ matrix.arch == 'aarch64-linux' }} | |
run: | | |
sudo apt update | |
sudo apt install -q -y qemu-system-aarch64 qemu-efi binfmt-support qemu-user-static | |
mkdir -p ~/.config/nix | |
echo "system-features = aarch64-linux arm-linux" | sudo tee -a /etc/nix/nix.conf | |
- name: Nix Flake checks | |
run: | | |
nix flake check --keep-going --print-build-logs --option system ${{ matrix.arch }} --extra-platforms ${{ matrix.arch }} | |
pytest: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13"] | |
os: [ubuntu-latest, macOS-latest] | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up PDM | |
uses: pdm-project/setup-pdm@v3 | |
with: | |
python-version: ${{ matrix.python-version }} | |
enable-pep582: false | |
cache: true | |
cache-dependency-path: | | |
./pdm.lock | |
./Cargo.lock | |
- uses: actions-rust-lang/setup-rust-toolchain@v1 | |
with: | |
cache: false | |
- name: Cache rust | |
uses: Swatinem/rust-cache@v2 | |
with: | |
key: pytest-${{ matrix.os }} | |
- name: Install dependencies | |
run: | | |
pdm sync -v -d | |
- name: Run Tests | |
run: | | |
pdm pytest | |
pyright: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up PDM | |
uses: pdm-project/setup-pdm@v3 | |
with: | |
python-version: "3.8" | |
enable-pep582: false | |
cache: true | |
cache-dependency-path: | | |
./pdm.lock | |
./Cargo.lock | |
- uses: actions-rust-lang/setup-rust-toolchain@v1 | |
- name: Install dependencies | |
run: | | |
pdm sync -v -d | |
- name: Type-Check | |
run: | | |
pdm pyright | |
# Build jobs are auto-generated by maturin v0.14.17 | |
# To update, run | |
# | |
# maturin generate-ci --platform linux macos -- github | |
# | |
wheel-linux: | |
runs-on: ubuntu-latest | |
needs: [checks, pytest, pyright] | |
strategy: | |
matrix: | |
include: | |
- target: x86_64 | |
platform: manylinux2014 | |
- target: aarch64 | |
platform: manylinux2014 | |
cross: true | |
- target: x86_64 | |
platform: musllinux_1_1 | |
- target: aarch64 | |
platform: musllinux_1_1 | |
cross: true | |
env: | |
CONTAINER: quay.io/pypa/${{ matrix.platform }}_${{ matrix.target }}:latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: "3.10" | |
- name: Cache rust | |
uses: Swatinem/rust-cache@v2 | |
with: | |
key: wheel-linux-${{ matrix.target }}-${{ matrix.platform }} | |
- name: setup emulation | |
if: ${{ matrix.cross }} | |
run: | | |
sudo apt update | |
sudo apt install -q -y qemu-system-${{ matrix.target }} qemu-efi binfmt-support qemu-user-static | |
- name: Build wheels | |
uses: PyO3/maturin-action@v1 | |
with: | |
target: ${{ matrix.target }} | |
container: ${{ env.CONTAINER }} | |
args: --verbose --release --out dist | |
sccache: ${{ matrix.target == 'musllinux_1_1' }} | |
manylinux: auto | |
docker-options: -e CARGO_NET_GIT_FETCH_WITH_CLI=true | |
- name: Upload wheels | |
uses: actions/upload-artifact@v4 | |
with: | |
name: wheels-linux-${{ matrix.target }}-${{ matrix.platform }} | |
path: dist | |
- name: Test wheels | |
run: | | |
cat << EOF | docker run -v $PWD:/usr/src -i $CONTAINER sh -ex - | |
cd /usr/src | |
curl -sSL https://raw.githubusercontent.com/pdm-project/pdm/main/install-pdm.py | python3.10 - | |
export PATH=/root/.local/bin:$PATH | |
pdm sync -v -d --no-self -G test | |
pdm run python -m ensurepip | |
pdm run python -m pip install dist/*.whl | |
pdm pytest | |
EOF | |
wheel-macos: | |
runs-on: macos-13 | |
needs: [checks, pytest, pyright] | |
strategy: | |
matrix: | |
target: [x86_64, aarch64] | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: "3.10" | |
- name: Cache rust | |
uses: Swatinem/rust-cache@v2 | |
with: | |
key: wheel-macos-${{ matrix.target }} | |
- name: Build wheels | |
uses: PyO3/maturin-action@v1 | |
with: | |
target: ${{ matrix.target }} | |
args: --verbose --release --out dist | |
sccache: "true" | |
- name: Upload wheels | |
uses: actions/upload-artifact@v4 | |
with: | |
name: wheels-macos-${{ matrix.target }} | |
path: dist | |
- uses: pdm-project/setup-pdm@v3 | |
name: Setup PDM | |
- name: Test wheels | |
if: ${{ matrix.target == 'x86_64' }} | |
run: | | |
pdm sync -v -d --no-self -G test | |
pdm run python -m ensurepip | |
pdm run python -m pip install dist/*.whl | |
pdm pytest | |
sdist: | |
runs-on: ubuntu-latest | |
needs: [checks, pytest, pyright] | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Build sdist | |
uses: PyO3/maturin-action@v1 | |
with: | |
command: sdist | |
args: --out dist | |
- name: Upload sdist | |
uses: actions/upload-artifact@v4 | |
with: | |
name: sdist | |
path: dist | |
release: | |
name: Release | |
runs-on: ubuntu-latest | |
if: "startsWith(github.ref, 'refs/tags/')" | |
needs: [build-nix, wheel-linux, wheel-macos, sdist] | |
steps: | |
- uses: actions/download-artifact@v4 | |
with: | |
merge-multiple: true | |
- name: Publish to PyPI | |
uses: PyO3/maturin-action@v1 | |
env: | |
MATURIN_PYPI_TOKEN: ${{ secrets.POETRY_PYPI_TOKEN_PYPI }} | |
with: | |
command: upload | |
args: --skip-existing * |