MILAB-248: feat python-runenv as monorepo #88
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build NPM package | ||
| on: | ||
| pull_request: | ||
| types: [opened, reopened, synchronize] | ||
| branches: | ||
| - 'main' | ||
| push: | ||
| branches: | ||
| - 'main' | ||
| jobs: | ||
| init: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: milaboratory/github-ci/actions/context/init@v4-beta | ||
| with: | ||
| version-canonize: false | ||
| branch-versioning: main | ||
| run: | ||
| needs: | ||
| - init | ||
| uses: milaboratory/github-ci/.github/workflows/node-matrix-pnpm.yaml@v4-beta | ||
| with: | ||
| app-name: 'Runenv: Python 3' | ||
| app-name-slug: 'runenv-python-3' | ||
| notify-telegram: true | ||
| node-version: '20.x' | ||
| build-script-name: 'build' | ||
| pnpm-recursive-build: true | ||
| test: false | ||
| test-script-name: 'test' | ||
| pnpm-recursive-tests: false | ||
| team-id: 'ciplopen-runenv-python-3' | ||
| publish-to-public: 'true' | ||
| package-path: 'catalogue' | ||
| create-tag: 'true' | ||
| npmrc-config: | | ||
| { | ||
| "registries": { | ||
| "https://registry.npmjs.org/": { | ||
| "scopes": ["milaboratories", "platforma-sdk", "platforma-open"], | ||
| "tokenVar": "NPMJS_TOKEN" | ||
| } | ||
| } | ||
| } | ||
| pre-calculate-task-list: | | ||
|
Check failure on line 50 in .github/workflows/build.yaml
|
||
| [ | ||
| {"os":"windows-latest", "arch":"amd64", "python_version":"3.12.10"}, | ||
| {"os":"windows-latest", "arch":"amd64", "python_version":"3.11.9"}, | ||
| {"os":"windows-latest", "arch":"amd64", "python_version":"3.10.18"}, | ||
| {"os":"ubuntu-large-amd64", "arch":"amd64", "python_version":"3.12.10"}, | ||
| {"os":"ubuntu-large-amd64", "arch":"amd64", "python_version":"3.11.9"}, | ||
| {"os":"ubuntu-large-amd64", "arch":"amd64", "python_version":"3.10.18"}, | ||
| {"os":"ubuntu-large-arm64", "arch":"arm64", "python_version":"3.12.10"}, | ||
| {"os":"ubuntu-large-arm64", "arch":"arm64", "python_version":"3.11.9"}, | ||
| {"os":"ubuntu-large-arm64", "arch":"arm64", "python_version":"3.10.18"}, | ||
| {"os":"macos-13", "arch":"amd64", "python_version":"3.12.10"}, | ||
| {"os":"macos-13", "arch":"amd64", "python_version":"3.11.9"}, | ||
| {"os":"macos-13", "arch":"amd64", "python_version":"3.10.18"}, | ||
| {"os":"macos-14", "arch":"arm64", "python_version":"3.12.10"}, | ||
| {"os":"macos-14", "arch":"arm64", "python_version":"3.11.9"}, | ||
| {"os":"macos-14", "arch":"arm64", "python_version":"3.10.18"} | ||
| ] | ||
| build-artifacts: | | ||
| pydist/*/* | ||
| pkg-*.tgz | ||
| sign-binaries: | | ||
| pydist/**/*.so | ||
| pydist/**/*.dylib | ||
| pydist/**/bin/python | ||
| pydist/**/bin/python3 | ||
| pydist/**/bin/pip | ||
| pydist/**/bin/venv | ||
| pydist/**/bin/pip3 | ||
| # pydist/3.12.6/macosx-x64/<python package root> | ||
| # Do not try to notarizr 'packages' directory with whl files, as whl is an archive and we | ||
| # have to sign all .so files inside first to not tirgger notarisation errors | ||
| notarize-paths: | | ||
| pydist/*/bin | ||
| pydist/*/lib | ||
| # Python main get new .so files during dependencies installation. | ||
| # We have to disable libraries validation to not break Python runtime. | ||
| mac-sign-entitlements: | | ||
| <key>com.apple.security.automation.apple-events</key> <true/> | ||
| <key>com.apple.security.cs.allow-dyld-environment-variables</key> <true/> | ||
| <key>com.apple.security.cs.allow-jit</key> <true/> | ||
| <key>com.apple.security.cs.disable-library-validation</key> <true/> | ||
| <key>com.apple.security.get-task-allow</key> <true/> | ||
| secrets: | ||
| env: | | ||
| { "NPMJS_TOKEN": ${{ toJSON(secrets.NPMJS_TOKEN) }}, | ||
| "AWS_CI_IAM_MONOREPO_SIMPLE_ROLE": ${{ toJSON(secrets.AWS_CI_IAM_MONOREPO_SIMPLE_ROLE) }}, | ||
| "AWS_CI_TURBOREPO_S3_BUCKET": ${{ toJSON(secrets.AWS_CI_TURBOREPO_S3_BUCKET) }}, | ||
| "PL_REGISTRY_PLATFORMA_OPEN_UPLOAD_URL": ${{ toJSON(secrets.PL_REGISTRY_PLOPEN_UPLOAD_URL) }} } | ||
| MAC_SIGN_CERT_ID: '5MJ3ML3YR9' | ||
| MAC_SIGN_CERT: ${{ secrets.MAC_CERTS }} | ||
| MAC_SIGN_CERT_PWD: ${{ secrets.MAC_CERTS_PASSWORD }} | ||
| MAC_NOTR_API_KEY: ${{ secrets.MAC_API_KEY }} | ||
| MAC_NOTR_API_KEY_ID: ${{ secrets.MAC_API_KEY_ID }} | ||
| MAC_NOTR_API_KEY_ISSUER_ID: ${{ secrets.MAC_API_KEY_ISSUER_ID }} | ||
| WIN_SIGN_CERT: ${{ secrets.WIN_CODE_SIGN_CHAIN }} | ||
| GCP_KMS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.GCP_KMS_WORKLOAD_IDENTITY_PROVIDER }} | ||
| GCP_KMS_SERVICE_ACCOUNT: ${{ secrets.GCP_KMS_SERVICE_ACCOUNT }} | ||
| GCP_KMS_LOCATION: ${{ secrets.GCP_KMS_LOCATION }} | ||
| GCP_KMS_KEYRING: ${{ secrets.GCP_SOFTWARE_KMS_KEYRING }} | ||
| GCP_KMS_KEY_NAME: ${{ secrets.GCP_SOFTWARE_KMS_KEY_NAME }} | ||
| TELEGRAM_NOTIFICATION_TARGET: ${{ secrets.TG_CHANNEL_MIBUILDS }} | ||
| TELEGRAM_API_TOKEN: ${{ secrets.TG_CI_BOT_TOKEN }} | ||
