295 lines
12 KiB
YAML
295 lines
12 KiB
YAML
name: Build InVEST App Binaries
|
|
|
|
on:
|
|
push:
|
|
pull_request:
|
|
|
|
jobs:
|
|
check-syntax-errors:
|
|
name: "Check for syntax errors"
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
|
|
- name: Set up python 3.7
|
|
uses: actions/setup-python@v1
|
|
with:
|
|
python-version: 3.7
|
|
|
|
- name: Set up environment
|
|
run: python -m pip install --upgrade flake8
|
|
|
|
- name: Lint with flake8
|
|
run: |
|
|
# stop the build if there are Python syntax errors or undefined names
|
|
python -m flake8 src --count --select=E9,F63,F7,F82 --show-source --statistics
|
|
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
|
|
python -m flake8 src --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
|
|
|
|
build-windows-binaries:
|
|
name: "Build windows binaries"
|
|
needs: check-syntax-errors
|
|
runs-on: windows-latest
|
|
env:
|
|
PYTHON_VERSION: 3.7
|
|
PYTHON_ARCH: x64
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
fetch-depth: 0 # fetch complete history
|
|
|
|
- name: Fetch git tags
|
|
run: git fetch origin +refs/tags/*:refs/tags/*
|
|
|
|
- name: Restore pip cache
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: ~\AppData\Local\pip\Cache
|
|
key: windows-py${{ env.PYTHON_VERSION }}-${{ env.PYTHON_ARCH}}-pip-${{ hashFiles('**/requirements*.txt') }}-exe
|
|
|
|
- name: Setup conda environment
|
|
uses: conda-incubator/setup-miniconda@v2
|
|
with:
|
|
activate-environment: winbin-env
|
|
auto-update-conda: true
|
|
python-version: 3.7
|
|
channels: conda-forge
|
|
|
|
- name: Install python dependencies
|
|
shell: bash -l {0}
|
|
run: |
|
|
conda install nomkl # make sure numpy is w/out MKL
|
|
conda upgrade -y pip setuptools
|
|
conda install toml requests
|
|
conda install $(python -c "import toml;print(' '.join(toml.load('pyproject.toml')['build-system']['requires']))")
|
|
python ./scripts/convert-requirements-to-conda-yml.py \
|
|
requirements.txt \
|
|
requirements-dev.txt \
|
|
requirements-gui.txt > requirements-all.yml
|
|
conda env update --file requirements-all.yml
|
|
python -m pip install .
|
|
|
|
- name: Install build dependencies
|
|
shell: powershell
|
|
run: |
|
|
# Appveyor build scripts expects PYTHON to point to the dir containing python.
|
|
$env:PYTHON = python -c "import sys, os; print(os.path.dirname(sys.executable))"
|
|
./ci/windows-ci-binary-install.ps1
|
|
|
|
- name: Clone sample data repo (non-lfs)
|
|
shell: bash -l {0}
|
|
run: |
|
|
GIT_URL=$(make jprint-GIT_SAMPLE_DATA_REPO)
|
|
LOCALPATH=$(make jprint-GIT_SAMPLE_DATA_REPO_PATH)
|
|
GIT_REV=$(make jprint-GIT_SAMPLE_DATA_REPO_REV)
|
|
|
|
# Only clone the files ... deliberately not cloning LFS data
|
|
# Installer needs .invest.json files only, and these are not
|
|
# stored in LFS.
|
|
GIT_LFS_SKIP_SMUDGE=1 git clone $GIT_URL $LOCALPATH
|
|
git -C $LOCALPATH checkout $GIT_REV
|
|
|
|
- name: Build userguide, binaries, installer
|
|
shell: bash -l {0}
|
|
run: |
|
|
# This builds the users guide, binaries, and installer
|
|
make windows_installer
|
|
|
|
- name: Set up GCP
|
|
# Secrets not available in PR so don't use GCP.
|
|
if: github.event_name != 'pull_request'
|
|
uses: GoogleCloudPlatform/github-actions/setup-gcloud@master
|
|
with:
|
|
version: '281.0.0'
|
|
service_account_key: ${{ secrets.GOOGLE_SERVICE_ACC_KEY }}
|
|
|
|
- name: Sign binaries
|
|
# Secrets not available in PR so don't use GCP.
|
|
if: github.event_name != 'pull_request'
|
|
shell: bash -l {0}
|
|
run: |
|
|
# figure out the path to signtool.exe (it keeps changing with SDK updates)
|
|
SIGNTOOL_PATH=$(find 'C:\\Program Files (x86)\\Windows Kits\\10' -type f -name 'signtool.exe*' | head -n 1)
|
|
INSTALLER_BINARY=$(find "$(pwd)/dist" -type f -name 'InVEST_*.exe' | head -n 1)
|
|
|
|
# Specify which python version we want to use (it's the one we're using
|
|
# in actions/setup-python.
|
|
export CLOUDSDK_PYTHON=$(which python)
|
|
export CLOUDSDK_GSUTIL_PYTHON=$(which python)
|
|
|
|
# setup-gcloud adds 'gsutil' to PATH
|
|
make CERT_KEY_PASS=${{ secrets.STANFORD_CERT_KEY_PASS }} \
|
|
GSUTIL="gsutil" \
|
|
BIN_TO_SIGN="$INSTALLER_BINARY" \
|
|
SIGNTOOL="$SIGNTOOL_PATH" \
|
|
-s signcode_windows
|
|
|
|
- name: Deploy artifacts to GCS
|
|
# Secrets not available in PR so don't use GCP.
|
|
if: github.event_name != 'pull_request'
|
|
shell: bash -l {0}
|
|
run: |
|
|
# Specify which python version we want to use (it's the one
|
|
# we're using in actions/setup-miniconda)
|
|
export CLOUDSDK_PYTHON=$(which python)
|
|
export CLOUDSDK_GSUTIL_PYTHON=$(which python)
|
|
|
|
# setup-gcloud adds 'gsutil' to PATH
|
|
make GSUTIL="gsutil" deploy
|
|
|
|
- name: Upload installer artifact
|
|
if: always()
|
|
uses: actions/upload-artifact@v2-preview
|
|
with:
|
|
name: InVEST-windows-installer
|
|
path: dist/*.exe
|
|
|
|
- name: Upload user's guide artifact
|
|
uses: actions/upload-artifact@v2-preview
|
|
with:
|
|
name: InVEST-user-guide
|
|
path: dist/InVEST_*_userguide.zip
|
|
|
|
build-mac-binaries:
|
|
name: "Build mac binaries"
|
|
needs: check-syntax-errors
|
|
runs-on: macos-10.15
|
|
env:
|
|
PYTHON_VERSION: 3.7
|
|
PYTHON_ARCH: x64
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
fetch-depth: 0 # fetch complete history
|
|
|
|
- name: Fetch git tags
|
|
run: git fetch origin +refs/tags/*:refs/tags/*
|
|
|
|
- name: Install homebrew dependencies
|
|
run: |
|
|
# There's an issue with the latest versions of homebrew and a
|
|
# pending SSL version removal from the MacOS images used by
|
|
# github actions that was causing ``brew update`` to fail with
|
|
# a nonzero exit code and break our binary builds.
|
|
#
|
|
# This is the issue we were seeing:
|
|
# https://github.com/actions/virtual-environments/issues/1864
|
|
#
|
|
# This is the workaround (patched for our use case):
|
|
# https://github.com/actions/virtual-environments/issues/1811#issuecomment-708480190
|
|
brew uninstall openssl@1.0.2t
|
|
brew uninstall python@2.7.17
|
|
brew untap local/openssl
|
|
brew untap local/python2
|
|
brew update
|
|
brew install pandoc
|
|
|
|
# - name: Restore conda cache
|
|
# uses: actions/cache@v2
|
|
# with:
|
|
# path: ~/opt/anaconda3
|
|
# key: mac-py${{ env.PYTHON_VERSION }}-${{ env.PYTHON_ARCH}}-conda-${{ hashFiles('**/requirements*.txt') }}-exe
|
|
|
|
- name: Setup conda environment
|
|
uses: conda-incubator/setup-miniconda@v2
|
|
with:
|
|
activate-environment: macbin-env
|
|
auto-update-conda: true
|
|
python-version: 3.7
|
|
channels: conda-forge
|
|
|
|
- name: Build conda env with python dependencies
|
|
shell: bash -l {0}
|
|
run: |
|
|
conda install nomkl
|
|
|
|
python ./scripts/convert-requirements-to-conda-yml.py \
|
|
requirements.txt \
|
|
requirements-dev.txt \
|
|
requirements-gui.txt > requirements-all.yml
|
|
conda env update --file requirements-all.yml
|
|
|
|
conda list
|
|
|
|
|
|
- name: Build binaries
|
|
shell: bash -l {0}
|
|
run: |
|
|
make install
|
|
make mac_dmg
|
|
|
|
- name: Set up GCP
|
|
# Secrets not available in PR so don't use GCP.
|
|
# We only want to upload artifacts to a release object in a release.
|
|
if: github.event_name != 'pull_request'
|
|
uses: GoogleCloudPlatform/github-actions/setup-gcloud@master
|
|
with:
|
|
version: '281.0.0'
|
|
service_account_key: ${{ secrets.GOOGLE_SERVICE_ACC_KEY }}
|
|
|
|
- name: Sign DMG
|
|
if: github.event_name != 'pull_request'
|
|
shell: bash -l {0}
|
|
env:
|
|
CERT_KEY_PASS: ${{ secrets.STANFORD_CERT_KEY_PASS }}
|
|
KEYCHAIN_PASS: ${{ secrets.KEYCHAIN_PASS }}
|
|
run: make -s codesign_mac
|
|
|
|
- name: Deploy artifacts to GCS
|
|
# Secrets not available in PR so don't use GCP.
|
|
if: github.event_name != 'pull_request'
|
|
shell: bash -l {0} # needed for conda activation
|
|
run: make deploy
|
|
|
|
- name: Upload binaries artifact
|
|
uses: actions/upload-artifact@v2-preview
|
|
with:
|
|
name: InVEST-mac-binaries
|
|
path: dist/InVEST-*-mac.zip
|
|
|
|
- name: Upload DMG artifact
|
|
uses: actions/upload-artifact@v2-preview
|
|
with:
|
|
name: InVEST-dmg
|
|
path: dist/InVEST*.dmg
|
|
|
|
build-sampledata:
|
|
name: Build sampledata archives
|
|
needs: check-syntax-errors
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
fetch-depth: 0 # Fetch complete history
|
|
- run: git fetch origin +refs/tags/*:refs/tags/*
|
|
|
|
- uses: actions/setup-python@v1
|
|
with:
|
|
python-version: 3.7
|
|
|
|
- run: |
|
|
pip install toml
|
|
pip install $(python -c "import toml;print(' '.join(toml.load('pyproject.toml')['build-system']['requires']))")
|
|
|
|
- run: make sampledata sampledata_single
|
|
|
|
- name: Set up GCP
|
|
# Secrets not available in PR so don't use GCP.
|
|
if: github.event_name != 'pull_request'
|
|
uses: GoogleCloudPlatform/github-actions/setup-gcloud@master
|
|
with:
|
|
version: '281.0.0'
|
|
service_account_key: ${{ secrets.GOOGLE_SERVICE_ACC_KEY }}
|
|
|
|
- name: Deploy artifacts to GCS
|
|
# Secrets not available in PR so don't use GCP.
|
|
# We only want to upload artifacts to a release object in a release.
|
|
if: github.event_name != 'pull_request'
|
|
run: make deploy
|
|
|
|
- name: Upload sample data artifact
|
|
uses: actions/upload-artifact@v2-preview
|
|
with:
|
|
name: InVEST-sample-data
|
|
path: dist/*.zip
|