Skip to content

feat: Allow to skip validating members in collection filter & validat… #1185

feat: Allow to skip validating members in collection filter & validat…

feat: Allow to skip validating members in collection filter & validat… #1185

Workflow file for this run

name: Build
on:
pull_request:
push:
branches: [main]
release:
types: [published]
jobs:
build-sdist:
name: Build Sdist
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
fetch-depth: 0
- name: Set up pixi
uses: prefix-dev/setup-pixi@5185adfbffb4bd703da3010310260805d89ebb11 # v0.9.6
with:
environments: build
- name: Set version
run: pixi run -e build set-version
- name: Build project
run: pixi run -e build build-sdist
- name: Upload package
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: sdist
path: dist/*
build-wheel:
name: Build Wheel (${{ matrix.target-platform }})
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
include:
- target-platform: linux-64
os: ubuntu-latest
- target-platform: linux-aarch64
os: ubuntu-24.04-arm
- target-platform: osx-64
os: macos-15-intel
- target-platform: osx-arm64
os: macos-latest
- target-platform: win-64
os: windows-latest
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
fetch-depth: 0
- name: Set up pixi
uses: prefix-dev/setup-pixi@5185adfbffb4bd703da3010310260805d89ebb11 # v0.9.6
with:
environments: build
- name: Set version
run: pixi run -e build set-version
- name: Install cargo-auditable
if: github.event_name == 'release' && runner.os != 'Linux'
run: cargo install cargo-auditable@0.7.4 --locked
- name: Prepare cargo-auditable wrapper (macOS)
if: github.event_name == 'release' && runner.os == 'macOS'
run: |
# cargo-auditable must be invoked as "cargo auditable <cmd>", not as a direct CARGO
# replacement — the latter does not support "cargo rustc --profile". A wrapper delegates
# to the real cargo via PATH (no recursion risk since CARGO is set via env, not PATH).
printf '#!/bin/sh\nexec cargo auditable "$@"\n' > /usr/local/bin/cargo-auditable-wrapper
chmod +x /usr/local/bin/cargo-auditable-wrapper
echo "CARGO=/usr/local/bin/cargo-auditable-wrapper" >> "$GITHUB_ENV"
- name: Prepare cargo-auditable wrapper (Windows)
if: github.event_name == 'release' && runner.os == 'Windows'
shell: bash
run: |
printf '@cargo auditable %%*\n' > "C:/cargo-auditable-wrapper.cmd"
echo "CARGO=C:\\cargo-auditable-wrapper.cmd" >> "$GITHUB_ENV"
- name: Prepare cargo-auditable wrapper (Linux)
# The wrapper itself is created inside the manylinux container by
# `before-script-linux` below; here we only point CARGO at it on the
# host so maturin-action forwards the value via `-e CARGO=...`.
if: github.event_name == 'release' && runner.os == 'Linux'
run: echo "CARGO=/usr/local/bin/cargo-auditable-wrapper" >> "$GITHUB_ENV"
- name: Build wheel
uses: PyO3/maturin-action@e83996d129638aa358a18fbd1dfb82f0b0fb5d3b # v1.51.0 # zizmor: ignore[cache-poisoning]
with:
command: build
args: --out dist --release -i python3.10
manylinux: auto
sccache: ${{ github.event_name != 'release' }}
# NOTE: We also need to set up cargo-auditable inside the docker container
# where the linux build is performed.
docker-options: ${{ case(github.event_name == 'release', format('-e CARGO={0}', env.CARGO), '') }}
before-script-linux: |
${{ case(github.event_name == 'release', 'cargo install cargo-auditable@0.7.4 --locked && printf ''#!/bin/sh\nexec cargo auditable "$@"\n'' > /usr/local/bin/cargo-auditable-wrapper && chmod +x /usr/local/bin/cargo-auditable-wrapper', '') }}
- name: Check package
run: pixi run -e build check-wheel
- name: Upload package
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: wheel-${{ matrix.target-platform }}
path: dist/*
release:
name: Publish package
if: github.event_name == 'release'
needs: build-wheel
runs-on: ubuntu-latest
permissions:
id-token: write
environment: pypi
steps:
- uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
path: dist
merge-multiple: true
- name: Publish package on PyPi
uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # v1.14.0