Auto-generated changes #265

Workflow file for this run

	name: Build NPM package
	on:
	pull_request:
	types: [opened, reopened, synchronize]
	branches:
	- 'main'
	push:
	branches:
	- 'main'

	jobs:
	init:
	runs-on: ubuntu-latest
	steps:
	- uses: milaboratory/github-ci/actions/context/init@v4-beta
	with:
	version-canonize: false
	branch-versioning: main
	run:
	needs:
	- init

	uses: milaboratory/github-ci/.github/workflows/node-matrix-pnpm.yaml@v4-beta
	with:
	app-name: 'Runenv: Python 3'
	app-name-slug: 'runenv-python-3'
	notify-telegram: true
	node-version: '20.x'
	build-script-name: 'build'
	pnpm-recursive-build: true
	test: false
	test-script-name: 'test'
	pnpm-recursive-tests: false
	team-id: 'ciplopen-runenv-python-3'
	aws-login-duration: 43199

	publish-to-public: 'true'
	package-path: 'catalogue'
	create-tag: 'true'

	npmrc-config: \|
	{
	"registries": {
	"https://registry.npmjs.org/": {
	"scopes": ["milaboratories", "platforma-sdk", "platforma-open"],
	"tokenVar": "NPMJS_TOKEN"
	}
	}
	}

	main-metapackage-name: '@platforma-open/milaboratories.runenv-python-3'
	pre-calculated-task-list: \|
	[
	{"os":"windows-latest", "arch":"amd64", "python_version":"3.12.10"},
	{"os":"ubuntu-large-amd64", "arch":"amd64", "python_version":"3.12.10"},
	{"os":"ubuntu-large-arm64", "arch":"arm64", "python_version":"3.12.10"},
	{"os":"macos-13", "arch":"amd64", "python_version":"3.12.10"},
	{"os":"macos-14", "arch":"arm64", "python_version":"3.12.10"},

	{"os":"windows-latest", "arch":"amd64", "python_version":"3.10.11"},
	{"os":"ubuntu-large-amd64", "arch":"amd64", "python_version":"3.10.11"},
	{"os":"ubuntu-large-arm64", "arch":"arm64", "python_version":"3.10.11"},
	{"os":"macos-13", "arch":"amd64", "python_version":"3.10.11"},
	{"os":"macos-14", "arch":"arm64", "python_version":"3.10.11"},

	{"os":"ubuntu-large-amd64", "arch":"amd64", "python_version":"3.12.10-atls"},
	{"os":"macos-14", "arch":"arm64", "python_version":"3.12.10-atls"},

	{"os":"windows-latest", "arch":"amd64", "python_version":"3.12.10-sccoda"},
	{"os":"ubuntu-large-amd64", "arch":"amd64", "python_version":"3.12.10-sccoda"},
	{"os":"ubuntu-large-arm64", "arch":"arm64", "python_version":"3.12.10-sccoda"},
	{"os":"macos-13", "arch":"amd64", "python_version":"3.12.10-sccoda"},
	{"os":"macos-14", "arch":"arm64", "python_version":"3.12.10-sccoda"},

	{"os":"windows-latest", "arch":"amd64", "python_version":"3.12.10-rapids"},
	{"os":"ubuntu-large-amd64", "arch":"amd64", "python_version":"3.12.10-rapids"},
	{"os":"ubuntu-large-arm64", "arch":"arm64", "python_version":"3.12.10-rapids"},
	{"os":"macos-13", "arch":"amd64", "python_version":"3.12.10-rapids"},
	{"os":"macos-14", "arch":"arm64", "python_version":"3.12.10-rapids"}
	]

	sign-binaries: \|
	python/pydist//.so
	python/pydist//.dylib
	python/pydist/*/bin/python
	python/pydist/*/bin/python3
	python/pydist/*/bin/pip
	python/pydist/*/bin/venv
	python/pydist/*/bin/pip3
	python/pydist//bin/hmm*
	python/pydist/*/bin/alimask
	python/pydist/*/bin/pdbfixer

	# pydist/3.12.6/macosx-x64/<python package root>
	# Do not try to notarize 'packages' directory with whl files, as whl is an archive and we
	# have to sign all .so files inside first to not tirgger notarisation errors
	notarize-paths: \|
	python/pydist//bin
	python/pydist//lib

	# Python main get new .so files during dependencies installation.
	# We have to disable libraries validation to not break Python runtime.
	mac-sign-entitlements: \|
	<key>com.apple.security.automation.apple-events</key> <true/>
	<key>com.apple.security.cs.allow-dyld-environment-variables</key> <true/>
	<key>com.apple.security.cs.allow-jit</key> <true/>
	<key>com.apple.security.cs.disable-library-validation</key> <true/>
	<key>com.apple.security.get-task-allow</key> <true/>

	secrets:
	env: \|
	{ "NPMJS_TOKEN": ${{ toJSON(secrets.NPMJS_TOKEN) }},
	"AWS_CI_IAM_MONOREPO_SIMPLE_ROLE": ${{ toJSON(secrets.AWS_CI_IAM_MONOREPO_SIMPLE_ROLE) }},
	"AWS_CI_TURBOREPO_S3_BUCKET": ${{ toJSON(secrets.AWS_CI_TURBOREPO_S3_BUCKET) }},

	"PL_REGISTRY_PLATFORMA_OPEN_UPLOAD_URL": ${{ toJSON(secrets.PL_REGISTRY_PLOPEN_UPLOAD_URL) }},
	"QUAY_USERNAME": ${{ toJSON(secrets.QUAY_USERNAME) }},
	"QUAY_ROBOT_TOKEN": ${{ toJSON(secrets.QUAY_ROBOT_TOKEN) }} }

	MAC_SIGN_CERT_ID: '5MJ3ML3YR9'
	MAC_SIGN_CERT: ${{ secrets.MAC_CERTS }}
	MAC_SIGN_CERT_PWD: ${{ secrets.MAC_CERTS_PASSWORD }}
	MAC_NOTR_API_KEY: ${{ secrets.MAC_API_KEY }}
	MAC_NOTR_API_KEY_ID: ${{ secrets.MAC_API_KEY_ID }}
	MAC_NOTR_API_KEY_ISSUER_ID: ${{ secrets.MAC_API_KEY_ISSUER_ID }}
	WIN_SIGN_CERT: ${{ secrets.WIN_CODE_SIGN_CHAIN }}

	GCP_KMS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.GCP_KMS_WORKLOAD_IDENTITY_PROVIDER }}
	GCP_KMS_SERVICE_ACCOUNT: ${{ secrets.GCP_KMS_SERVICE_ACCOUNT }}
	GCP_KMS_LOCATION: ${{ secrets.GCP_KMS_LOCATION }}
	GCP_KMS_KEYRING: ${{ secrets.GCP_SOFTWARE_KMS_KEYRING }}
	GCP_KMS_KEY_NAME: ${{ secrets.GCP_SOFTWARE_KMS_KEY_NAME }}

	TELEGRAM_NOTIFICATION_TARGET: ${{ secrets.TG_CHANNEL_MIBUILDS }}
	TELEGRAM_API_TOKEN: ${{ secrets.TG_CI_BOT_TOKEN }}

	GH_ZEN_APP_ID: ${{ secrets.GH_ZEN_APP_ID }}
	GH_ZEN_APP_PRIVATE_KEY: ${{ secrets.GH_ZEN_APP_PRIVATE_KEY }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Auto-generated changes #265

Workflow file

Auto-generated changes #265

Uh oh!

Jobs

Run details

Workflow file for this run