Skip to content

Fix permissions in CI #830

Fix permissions in CI

Fix permissions in CI #830

Workflow file for this run

name: Codon CI
on:
push:
branches:
- master
- develop
tags:
- '*'
pull_request:
branches:
- develop
jobs:
release:
name: Create GitHub Release
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Check
if: contains(github.ref, 'tags/v')
id: check
run: echo "::set-output name=MAKE_RELEASE::true"
- name: Create Release
id: create_release
if: steps.check.outputs.MAKE_RELEASE
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: ${{ github.ref }}
draft: false
prerelease: false
- name: Output Release URL File
if: steps.check.outputs.MAKE_RELEASE
run: echo "${{ steps.create_release.outputs.upload_url }}" > release_url.txt
- name: Save Release URL File for Publish
if: steps.check.outputs.MAKE_RELEASE
uses: actions/upload-artifact@v4
with:
name: release_url
path: release_url.txt
manylinux:
runs-on: ubuntu-latest
name: Codon CI (manylinux)
needs: [ release ]
steps:
- uses: actions/checkout@v4
- name: Cache Dependencies
id: cache-deps
uses: actions/cache@v4
with:
path: llvm
key: manylinux-llvm
- name: Main
uses: ./.github/actions/build-manylinux
- name: Load Release URL File
if: contains(github.ref, 'tags/v')
uses: actions/download-artifact@v4
with:
name: release_url
- name: Get Release URL
id: get_release_url
if: contains(github.ref, 'tags/v')
run: |
echo ::set-output name=file_name::${REPOSITORY_NAME##*/}-${TAG_REF_NAME##*/v} # RepositoryName-v1.0.0
value=`cat release_url/release_url.txt`
echo ::set-output name=upload_url::$value
env:
TAG_REF_NAME: ${{ github.ref }}
REPOSITORY_NAME: ${{ github.repository }}
- name: Upload Release Asset
if: contains(github.ref, 'tags/v')
uses: actions/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.get_release_url.outputs.upload_url }}
asset_path: ./codon-linux-x86_64.tar.gz
asset_name: codon-linux-x86_64.tar.gz
asset_content_type: application/gzip
- name: Upload Artifacts
uses: actions/upload-artifact@v4
with:
name: manylinux-x86_64
path: codon-linux-x86_64.tar.gz
main:
strategy:
matrix:
os:
- ubuntu-latest
- macos-12
runs-on: ${{ matrix.os }}
name: Codon CI
needs: [ release ]
permissions:
id-token: write
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: '3.9'
- name: Linux Setup
if: startsWith(matrix.os, 'ubuntu')
run: |
echo "LIBEXT=so" >> $GITHUB_ENV
echo "OS_NAME=linux" >> $GITHUB_ENV
- name: macOS Setup
if: startsWith(matrix.os, 'macos')
run: |
brew install automake
echo "LIBEXT=dylib" >> $GITHUB_ENV
echo "OS_NAME=osx" >> $GITHUB_ENV
- name: Set up Python
run: |
python -m pip install --upgrade pip setuptools wheel
python -m pip install numpy cython wheel astunparse
which python
which pip
echo "CODON_PYTHON=$(python test/python/find-python-library.py)" >> $GITHUB_ENV
- name: Cache Dependencies
id: cache-deps
uses: actions/cache@v4
with:
path: llvm
key: ${{ runner.os }}-llvm
- name: Build Dependencies
if: steps.cache-deps.outputs.cache-hit != 'true'
run: ./scripts/deps.sh 2
env:
CC: clang
CXX: clang++
- name: Build
run: |
mkdir build
export LLVM_DIR=$(llvm/bin/llvm-config --cmakedir)
(cd build && cmake .. -DCMAKE_BUILD_TYPE=Release \
-DCMAKE_C_COMPILER=${CC} \
-DCMAKE_CXX_COMPILER=${CXX})
cmake --build build --config Release -- VERBOSE=1
cmake --install build --prefix=codon-deploy
env:
CC: clang
CXX: clang++
- name: Build Cython
run: |
(cd codon-deploy/python && python3 setup.py sdist)
CODON_DIR=$(pwd)/codon-deploy python -m pip install -v codon-deploy/python/dist/*.gz
python test/python/cython_jit.py
env:
CC: clang
CXX: clang++
- name: Test
run: |
ln -s build/libcodonrt.${LIBEXT} .
build/codon_test
test/app/test.sh build
(cd test/python && CODON_DIR=$(pwd)/../../codon-deploy python3 setup.py build_ext --inplace && python3 pyext.py)
env:
CODON_PATH: ./stdlib
PYTHONPATH: .:./test/python
LD_LIBRARY_PATH: ./build
- name: Artifact Environment
run: |
echo "CODON_BUILD_ARCHIVE=codon-$(uname -s | awk '{print tolower($0)}')-$(uname -m).tar.gz" >> $GITHUB_ENV
- name: Prepare Artifacts
run: |
cp -rf codon-deploy/python/dist .
rm -rf codon-deploy/lib/libfmt.a codon-deploy/lib/pkgconfig codon-deploy/lib/cmake codon-deploy/python/codon.egg-info codon-deploy/python/dist codon-deploy/python/build
if [ -e build/libunwind.${LIBEXT} ]; then cp build/libunwind.${LIBEXT} codon-deploy/lib/codon/; fi
tar -czf ${CODON_BUILD_ARCHIVE} codon-deploy
du -sh codon-deploy
- name: Load Release URL File
if: contains(github.ref, 'tags/v')
uses: actions/download-artifact@v4
with:
name: release_url
- name: Get Release URL
id: get_release_url
if: contains(github.ref, 'tags/v')
run: |
echo ::set-output name=file_name::${REPOSITORY_NAME##*/}-${TAG_REF_NAME##*/v} # RepositoryName-v1.0.0
value=`cat release_url/release_url.txt`
echo ::set-output name=upload_url::$value
env:
TAG_REF_NAME: ${{ github.ref }}
REPOSITORY_NAME: ${{ github.repository }}
- name: Upload Release Asset
if: contains(github.ref, 'tags/v') && startsWith(matrix.os, 'macos')
uses: actions/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.get_release_url.outputs.upload_url }}
asset_path: ./codon-darwin-x86_64.tar.gz
asset_name: codon-darwin-x86_64.tar.gz
asset_content_type: application/gzip
- name: Upload Artifacts
if: startsWith(matrix.os, 'macos')
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.os }}-x86_64
path: codon-darwin-x86_64.tar.gz
- name: Upload Artifacts
if: startsWith(matrix.os, 'ubuntu')
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.os }}-x86_64
path: codon-linux-x86_64.tar.gz
# - name: Publish on TestPyPI
# if: github.ref == 'refs/heads/develop' && startsWith(matrix.os, 'ubuntu')
# uses: pypa/gh-action-pypi-publish@release/v1
# with:
# repository-url: https://test.pypi.org/legacy/
# skip-existing: true
- name: Publish Package
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags') && startsWith(matrix.os, 'ubuntu')
uses: pypa/gh-action-pypi-publish@release/v1