CI #355

Workflow file for this run

	# Main CI

	name: CI

	on:
	push:
	branches:
	- master
	tags:
	- '*'
	pull_request:

	jobs:
	code_checks:
	runs-on: ubuntu-latest
	strategy:
	matrix:
	task: ["fmt", "lint"]

	steps:
	- uses: actions/checkout@v3

	- uses: ./.github/actions/common-setup

	- name: check code
	run: poetry run poe ${{ matrix.task }}

	build:
	needs: code_checks
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v3

	- uses: ./.github/actions/common-setup

	- name: Build 🔨
	run: poetry build

	build_windows:
	needs: code_checks
	runs-on: windows-latest

	steps:
	- uses: actions/checkout@v3

	- uses: ./.github/actions/common-setup
	with:
	python_version: 3.11

	- name: Add entrypoint to bypass issue with relative imports in PyInstaller
	run: powershell -Command 'Invoke-WebRequest https://gist.githubusercontent.com/Wenzel/e38d227d94f16e026b3aed03ea6a6661/raw/383ec56d62c58e444f6c5962ee6940a5c583d341/stub.py -OutFile stub.py'

	- name: Build Windows release
	run: poetry run pyinstaller --onefile --name checksec stub.py
	shell: bash

	- name: Upload Windows release artefact
	uses: actions/upload-artifact@v3
	with:
	name: checksec.exe
	path: dist/checksec.exe

	# TODO: can't test rich output: UnicodeEncodeError: 'charmap' codec can't encode characters in position 0-78: character maps to <undefined>
	- name: Smoke test
	run: ./dist/checksec.exe C:\Windows --json
	shell: bash

	test:
	needs: build
	strategy:
	matrix:
	os: [ubuntu-latest, windows-latest]
	runs-on: ${{ matrix.os }}
	defaults:
	run:
	shell: bash

	steps:
	- uses: actions/checkout@v3
	with:
	submodules: true

	- uses: ./.github/actions/common-setup

	- name: Run tests
	run: poetry run poe test_e2e

	release:
	needs: test

	runs-on: ubuntu-latest
	outputs:
	upload_url: ${{ steps.step_upload_url.outputs.upload_url }}
	version: ${{ steps.get_version.outputs.version }}

	# push on master and tag is 'v*'
	if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
	steps:
	- uses: actions/checkout@v3
	- name: Get the version
	id: get_version
	run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\//}

	- name: Create a Release
	id: create_release
	uses: actions/create-release@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	tag_name: ${{ steps.get_version.outputs.version }}
	release_name: ${{ steps.get_version.outputs.version }}

	- id: step_upload_url
	run: echo "::set-output name=upload_url::${{ steps.create_release.outputs.upload_url }}"

	release_windows:
	needs: [build_windows, release]
	runs-on: windows-latest

	steps:
	# the deploy action below depends on a checkout of the repo
	# otherwise it fails trying to remote the 'origin' remote
	# https://github.com/JamesIves/github-pages-deploy-action/issues/335
	- uses: actions/checkout@v3

	# download artifacts
	- uses: actions/download-artifact@v3
	with:
	name: checksec.exe

	- name: Upload a Release Asset
	uses: actions/[email protected]
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ needs.release.outputs.upload_url }}
	asset_path: checksec.exe
	asset_name: checksec.exe
	asset_content_type: vnd.microsoft.portable-executable

	publish:
	needs: release
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v3

	- uses: ./.github/actions/common-setup

	- name: Build package
	run: poetry build

	- name: Publish on PyPI 🚀
	run: poetry publish
	env:
	POETRY_PYPI_TOKEN_PYPI: ${{ secrets.ACCESS_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CI #355

Workflow file

CI #355

Jobs

Run details

Workflow file for this run