Jason Woltje
0222bdbcba
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
- Add publish step to .woodpecker.yml that builds wheel/sdist and uploads to git.mosaicstack.dev PyPI registry via twine (gated on all quality checks, only on main/develop/tags) - Add link-package step to associate PyPI package with the repository - Update README and integration guide with Gitea registry install instructions (pip --index-url, uv --index-url, pyproject.toml config) - Version check prevents re-publishing existing versions Refs #1 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
130 lines
3.5 KiB
YAML
130 lines
3.5 KiB
YAML
when:
|
|
- event: [push, pull_request, manual]
|
|
|
|
variables:
|
|
- &uv_image "ghcr.io/astral-sh/uv:python3.12-bookworm-slim"
|
|
|
|
steps:
|
|
install:
|
|
image: *uv_image
|
|
commands:
|
|
- uv sync --all-extras --frozen
|
|
|
|
lint:
|
|
image: *uv_image
|
|
commands:
|
|
- |
|
|
uv sync --all-extras --frozen
|
|
uv run ruff check src/ tests/
|
|
uv run ruff format --check src/ tests/
|
|
depends_on:
|
|
- install
|
|
|
|
typecheck:
|
|
image: *uv_image
|
|
commands:
|
|
- |
|
|
uv sync --all-extras --frozen
|
|
uv run mypy src/
|
|
depends_on:
|
|
- install
|
|
|
|
security-bandit:
|
|
image: *uv_image
|
|
commands:
|
|
- |
|
|
uv sync --all-extras --frozen
|
|
uv run bandit -r src/ -f screen --skip B311
|
|
depends_on:
|
|
- install
|
|
|
|
security-audit:
|
|
image: *uv_image
|
|
commands:
|
|
- |
|
|
uv sync --all-extras --frozen
|
|
uv run pip-audit
|
|
depends_on:
|
|
- install
|
|
|
|
test:
|
|
image: *uv_image
|
|
commands:
|
|
- |
|
|
uv sync --all-extras --frozen
|
|
uv run pytest --cov=src/mosaicstack_telemetry --cov-report=term-missing --cov-fail-under=85
|
|
depends_on:
|
|
- install
|
|
|
|
publish:
|
|
image: *uv_image
|
|
environment:
|
|
GITEA_USER:
|
|
from_secret: gitea_username
|
|
GITEA_TOKEN:
|
|
from_secret: gitea_token
|
|
commands:
|
|
- |
|
|
uv sync --all-extras --frozen
|
|
CURRENT=$(python3 -c "import tomllib; print(tomllib.load(open('pyproject.toml','rb'))['project']['version'])")
|
|
echo "Building version $$CURRENT..."
|
|
uv build
|
|
uv pip install twine
|
|
PUBLISHED=$(pip index versions mosaicstack-telemetry \
|
|
--index-url "https://$$GITEA_USER:$$GITEA_TOKEN@git.mosaicstack.dev/api/packages/mosaic/pypi/simple/" \
|
|
2>/dev/null | grep -oP '\(\K[^)]+' || echo "0.0.0")
|
|
if [ "$$CURRENT" = "$$PUBLISHED" ]; then
|
|
echo "Version $$CURRENT already published, skipping"
|
|
else
|
|
echo "Publishing $$CURRENT (was $$PUBLISHED)..."
|
|
twine upload \
|
|
--repository-url "https://git.mosaicstack.dev/api/packages/mosaic/pypi" \
|
|
--username "$$GITEA_USER" \
|
|
--password "$$GITEA_TOKEN" \
|
|
dist/*
|
|
echo "Published mosaicstack-telemetry $$CURRENT"
|
|
fi
|
|
when:
|
|
- branch: [main, develop]
|
|
event: [push, manual, tag]
|
|
depends_on:
|
|
- lint
|
|
- typecheck
|
|
- security-bandit
|
|
- security-audit
|
|
- test
|
|
|
|
link-package:
|
|
image: alpine:3
|
|
environment:
|
|
GITEA_TOKEN:
|
|
from_secret: gitea_token
|
|
commands:
|
|
- apk add --no-cache curl
|
|
- sleep 5
|
|
- |
|
|
set -e
|
|
for attempt in 1 2 3; do
|
|
STATUS=$$(curl -s -o /dev/null -w "%{http_code}" -X POST \
|
|
-H "Authorization: token $$GITEA_TOKEN" \
|
|
"https://git.mosaicstack.dev/api/v1/packages/mosaic/pypi/mosaicstack-telemetry/-/link/telemetry-client-py")
|
|
if [ "$$STATUS" = "201" ] || [ "$$STATUS" = "204" ]; then
|
|
echo "Package linked to repository"
|
|
exit 0
|
|
elif [ "$$STATUS" = "400" ]; then
|
|
echo "Package already linked (OK)"
|
|
exit 0
|
|
elif [ $$attempt -lt 3 ]; then
|
|
echo "Package not found yet, retrying in 5s (attempt $$attempt/3)..."
|
|
sleep 5
|
|
else
|
|
echo "Failed to link package (status $$STATUS)"
|
|
exit 1
|
|
fi
|
|
done
|
|
when:
|
|
- branch: [main, develop]
|
|
event: [push, manual, tag]
|
|
depends_on:
|
|
- publish
|