Skip to content

🔖 Release 2.2.900 #146

🔖 Release 2.2.900

🔖 Release 2.2.900 #146

Workflow file for this run

name: CI
on:
push:
branches:
- main
pull_request:
permissions: "read-all"
concurrency:
group: ci-${{ github.ref_name }}
cancel-in-progress: true
defaults:
run:
shell: bash
jobs:
package:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: "Checkout repository"
uses: "actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608"
- name: "Setup Python"
uses: "actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1"
with:
python-version: "3.x"
cache: "pip"
- name: "Check packages"
run: |
python -m pip install -U pip setuptools wheel build twine rstcheck
python -m build
rstcheck CHANGES.rst
python -m twine check dist/*
test:
strategy:
fail-fast: false
matrix:
python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12"]
os:
- macos-latest
- windows-latest
- ubuntu-20.04 # OpenSSL 1.1.1
- ubuntu-latest # OpenSSL 3.0
nox-session: ['']
include:
- experimental: false
traefik-server: true
- python-version: "pypy-3.7"
os: ubuntu-latest
experimental: false
nox-session: test-pypy
- python-version: "pypy-3.8"
os: ubuntu-latest
experimental: false
nox-session: test-pypy
traefik-server: true
- python-version: "pypy-3.9"
os: ubuntu-latest
experimental: false
nox-session: test-pypy
traefik-server: true
- python-version: "pypy-3.10"
os: ubuntu-latest
experimental: false
nox-session: test-pypy
traefik-server: true
- python-version: "3.x"
os: ubuntu-latest
experimental: false
nox-session: test_brotlipy
# Test CPython with a broken hostname_checks_common_name (the fix is in 3.9.3)
- python-version: "3.9.2"
os: ubuntu-20.04 # CPython 3.9.2 is not available for ubuntu-22.04.
experimental: false
nox-session: test-3.9
exclude:
# Ubuntu 22.04 comes with OpenSSL 3.0, so only CPython 3.9+ is compatible with it
# https://github.com/python/cpython/issues/83001
- python-version: "3.7"
os: ubuntu-22.04
- python-version: "3.8"
os: ubuntu-22.04
runs-on: ${{ matrix.os }}
name: ${{ fromJson('{"macos-latest":"macOS","windows-latest":"Windows","ubuntu-latest":"Ubuntu","ubuntu-20.04":"Ubuntu 20.04 (OpenSSL 1.1.1)","ubuntu-latest":"Ubuntu Latest (OpenSSL 3+)"}')[matrix.os] }} ${{ matrix.python-version }} ${{ matrix.nox-session }}
continue-on-error: ${{ matrix.experimental }}
timeout-minutes: 40
steps:
- name: "Checkout repository"
uses: "actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608"
- name: "Traefik: Prerequisites - CA, Host, Tools (Linux)"
if: ${{ matrix.traefik-server && contains(matrix.os, 'ubuntu') }}
run: |
mkdir ./certs
pip install trustme
python -m trustme -i httpbin.local alt.httpbin.local -d ./certs
mv ./certs/server.pem ./certs/httpbin.local.pem
mv ./certs/server.key ./certs/httpbin.local.key
mv ./certs/client.pem ./rootCA.pem
echo "127.0.0.1 httpbin.local alt.httpbin.local" | sudo tee -a /etc/hosts
# - name: "Traefik: Prerequisites - CA, Host, Tools (Windows)"
# if: ${{ matrix.traefik-server && contains(matrix.os, 'windows') }}
# run: |
# mkdir ./certs
# pip install trustme
# python -m trustme -i httpbin.local alt.httpbin.local -d ./certs
# mv ./certs/server.pem ./certs/httpbin.local.pem
# mv ./certs/server.key ./certs/httpbin.local.key
# mv ./certs/client.pem ./rootCA.pem
# echo 127.0.0.1 httpbin.local alt.httpbin.local >> %WinDir%\system32\drivers\etc\hosts
# choco install -y curl
- name: "Traefik: Prerequisites - CA, Host, Tools (MacOS)"
if: ${{ matrix.traefik-server && contains(matrix.os, 'mac') }}
run: |
sudo security authorizationdb write com.apple.trust-settings.admin allow
mkdir ./certs
pip install trustme
python -m trustme -i httpbin.local alt.httpbin.local -d ./certs
mv ./certs/server.pem ./certs/httpbin.local.pem
mv ./certs/server.key ./certs/httpbin.local.key
mv ./certs/client.pem ./rootCA.pem
brew install curl
brew install docker
brew install docker-compose
colima start --network-address
colima list
echo "192.168.106.2 httpbin.local alt.httpbin.local" | sudo tee -a /etc/hosts
- name: "Traefik: Produce Compose & Config"
if: ${{ matrix.traefik-server && !contains(matrix.os, 'windows') }}
env:
TRAEFIK_CERTIFICATE_TOML: |
[[tls.certificates]]
certFile = "/certs/httpbin.local.pem"
keyFile = "/certs/httpbin.local.key"
TRAEFIK_COMPOSE_SCHEMA: |
services:
proxy:
image: traefik:v2.10.4
restart: unless-stopped
healthcheck:
test: [ "CMD", "traefik" ,"healthcheck", "--ping" ]
interval: 3s
timeout: 3s
retries: 10
ports:
- target: 8888
published: 8888
protocol: tcp
mode: host
- target: 4443
published: 4443
protocol: tcp
mode: host
- target: 4443
published: 4443
protocol: udp
mode: host
- target: 9999
published: 9999
protocol: tcp
mode: host
- target: 8754
published: 8754
protocol: tcp
mode: host
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./certs:/certs
command:
# Enable Docker in Traefik, so that it reads labels from Docker services
- --providers.docker
# TLS providers
- --providers.file.directory=/certs/
# Auto discovery
- --providers.file.watch=true
# Do not expose all Docker services, only the ones explicitly exposed
- --providers.docker.exposedbydefault=false
# Create an entrypoint "http" listening on port 8080
- --entrypoints.http.address=:8888
# Create an entrypoint "https" listening on port 4443
- --entrypoints.https.address=:4443
# Create alt-no-quic entrypoints
- --entrypoints.alt-http.address=:9999
- --entrypoints.alt-https.address=:8754
# QUIC Related Configuration
- --experimental.http3=true
- --entrypoints.https.http3=true
- --entrypoints.alt-https.http3=false
# Enable the access log, with HTTP requests
- --accesslog
# Enable the Traefik log, for configurations and errors
- --log
# Disable the Dashboard and API
- --api.dashboard=false
# Enable healthcheck
- --ping
- --log.level=INFO
httpbin:
image: mccutchen/go-httpbin:v2.11.1
restart: unless-stopped
depends_on:
proxy:
condition: service_healthy
labels:
- traefik.enable=true
- traefik.http.routers.httpbin-http.rule=Host(`httpbin.local`) || Host(`alt.httpbin.local`)
- traefik.http.routers.httpbin-http.entrypoints=http,alt-http
- traefik.http.routers.httpbin-https.rule=Host(`httpbin.local`) || Host(`alt.httpbin.local`)
- traefik.http.routers.httpbin-https.entrypoints=https,alt-https
- traefik.http.routers.httpbin-https.tls=true
- traefik.http.services.httpbin.loadbalancer.server.port=8080
run: |
echo "$TRAEFIK_COMPOSE_SCHEMA" > ./docker-compose.yaml
echo "$TRAEFIK_CERTIFICATE_TOML" > ./certs/certificate.toml
- name: "Traefik: Start stack"
if: ${{ matrix.traefik-server && !contains(matrix.os, 'windows') }}
run: docker-compose up -d
- name: "Traefik: Wait for service"
uses: nick-fields/retry@v2
if: ${{ matrix.traefik-server && !contains(matrix.os, 'windows') }}
with:
timeout_minutes: 3
max_attempts: 30
command: curl --fail http://httpbin.local:8888/get
- name: "Setup Python ${{ matrix.python-version }}"
uses: "actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1"
with:
python-version: ${{ matrix.python-version }}
- name: "Install dependencies"
run: python -m pip install --upgrade pip setuptools nox
- name: "Run tests"
run: ./ci/run_tests.sh
env:
PYTHON_VERSION: ${{ matrix.python-version }}
NOX_SESSION: ${{ matrix.nox-session }}
- name: "Upload artifact"
uses: "actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce"
with:
name: coverage-data
path: ".coverage.*"
if-no-files-found: error
coverage:
if: always()
runs-on: "ubuntu-latest"
needs: test
steps:
- name: "Checkout repository"
uses: "actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608"
- name: "Setup Python"
uses: "actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1"
with:
python-version: "3.x"
- name: "Install coverage"
run: "python -m pip install --upgrade coverage"
- name: "Download artifact"
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
with:
name: coverage-data
- name: "Combine & check coverage"
run: |
python -m coverage combine
python -m coverage html --skip-covered --skip-empty
python -m coverage report --ignore-errors --show-missing --fail-under=90
- if: ${{ failure() }}
name: "Upload report if check failed"
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce
with:
name: coverage-report
path: htmlcov