2db9da5c8f
* Empty commit * updated beta note for GHAE * more GHAE update + resolve conflict * more GHAE updates + prepare for screenshots * Apply suggestions from code review Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> * address remaining review comments * Revise "About GitHub AE" (#17679) * add screenshots to the Configuring article * reworked to have a separate GHAE section * list numbering * more work on screenshots and conditions * add GHAE screenshots in article * review screenshots in article * added more screenshots and updated more articles * screenshot madness * fix liquid versioning * refactor the ghae script * [GHAE CB/Feb 22]: Add article about data residency for GitHub AE (#17847) * add missing GHAE versioning to article * move screenshots to GHAE asset directory * forgot to change the path for these two images * replace CBB screenshot + add better screenshot * [GHAE CB/Feb 22]: Document upgrades for GitHub AE (#17848) * Version article for GitHub AE * Replace unused variable * Incorporate reviewer feedback * Update intro Co-authored-by: Ethan P <56270045+ethanpalm@users.noreply.github.com> * [GHAE] Enable IP allow list (#17691) * Notes for CC * Updat permission leves chart * Add updated article to further reading * Update gated feature callout with GitHub AE * Version "Managing allowed IP addresses for your organization" for AE * Update images * Update "Restricting network traffic to your enterprise" with new procedures * remove todo note * Update audited actions * Update info about Premium Runners * Use reusable for Premium Runners * Change "Premium Runners" to "AE hosted runners" * Incorporate reviewer feedback * Use correct reusable * Version reusable correctly * [Feb 22] GHAE: Code scanning beta (#17830) * Add "github-ae" to all the frontmatter * GHAE-ify the reusables * Add some more changes * Re-use some content * 🔪 Semmle links * Revert change re "--external-repository-token" in the CodeQL runner * Update CodeQL runner token scopes * Update two screenshots * Remove mention of GitHub.com from AE + other fixes * Apply suggestions from code review Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com> * Use `product_name` variable instead of `product_location` * Remove confusing phrase * [Feb 22] GHAE: Code scanning API and webhook docs (#17883) * Version API and webhook docs * Actually add versioning for GHAE * Fix anchor * [TEMPORARY] Preview for API endpoints * Revert API previews * Update procedure step Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com> * Update docs for AzureAD Group SCIM support in GHAE (#17892) * [GHAE CB] SMTP bootstrapping flow (#17888) * draft * update with AE conntent * update with tons of versioning * remove that lie * fill out the rest of these steps * update with correct versioning * more edits * add images * reversion most of ae article * fix versioning * format correctlly * words matter * last image * update with permmissions * update versioning * add link * apply feedback ❤️ * update with differrent spacing * update with feedback * more feedback * Temporary GHAE release notes for consumables beta launch (#17859) * Create release-notes.md * Add frontmatter * Add to index file * Update github-ae-release-notes.md * Add release notes from Google Doc * Update finalized docs links that have been reviewed * OAuth device flow link update * version for AE * few fixes * Update content/admin/overview/github-ae-release-notes.md * small edits * whoops * commit * update with different links * used wrong reusable * fix more brokenness * Update repository-references.js * Update repository-references.js Co-authored-by: Meg Bird <megbird@github.com> Co-authored-by: Kevin Heis <heiskr@users.noreply.github.com> * [GHAE] Audit public repos (#17917) * verifying what we mean by public * Apply suggestions from code review * Update content/developers/apps/installing-github-apps.md Co-authored-by: Laura Coursen <lecoursen@github.com> * fixing placememnt of liquid conditional Co-authored-by: Laura Coursen <lecoursen@github.com> * GHAE packages beta (#17786) Co-authored-by: jmarlena <6732600+jmarlena@users.noreply.github.com> Co-authored-by: Martin Lopes <martin389@github.com> * fix broken links * [GHAE CB/March 01]: GitHub Actions on GHAE (beta) (#17725) * Added initial layout for premium runners * Restructured content * Added placeholder for removing premium runner * Added versioning and warning note for self-hosted runners * Added versioning and beta notice for actions content * Rephrased beta note * Added versioning for API docs, fixes * Added versioning fixes * Split Github-hosted and premium topics into separate articles * Added edits * Restructured some topics * Revised "Using premium runners in a workflow" * Some small fixes * Fixed typo * Added fixes to reusable * Added edits * Made section titles consistent * Added billing, group mgmt, reusable steps * Cropped certain screenshots for future-proofing * Removed superfluous reusable * Added fixes * Revert "Cropped certain screenshots for future-proofing" This reverts commit c7f24f31fa30d4fe3de2b63fc3cd5feba44ef518. * Added new section for custom images * Added versioning for enterprise-admin operations * Added edits * Added edits * Update adding-premium-runners.md * Removed SHR screenshots. Intending to update them when UI is available. * Update using-labels-with-premium-runners.md * Added custom labels section * Added preview of API docs changes * Added versioning for ip allow list section * Removed removal article * Renamed premium runners to AE hosted runners * Re-added added API preview * Fixed links, updated software specs * Revised "Software specifications" based on feedback * Fixed typos * Small fixes * Added new article "Creating custom images" * Moved "Creating custom images" link * Apply suggestions from code review Co-authored-by: ahdbilal <55514721+ahdbilal@users.noreply.github.com> * Added update from review * Added updates from tech review * Apply suggestions from code review Co-authored-by: ahdbilal <55514721+ahdbilal@users.noreply.github.com> * Added updates from tech review * Added updates from tech review * Added updates from tech review * Added updates from tech review * Fixed reusable * Added fixes * Added update from tech review * Removed the dereferenced OpenAPI schema files * Added fixes * Fixed links * Fixed links * Apply suggestions from code review Co-authored-by: jmarlena <6732600+jmarlena@users.noreply.github.com> * Added updates from peer review * Removed sections that are not in beta * Update viewing-your-github-actions-usage.md * Update viewing-job-execution-time.md * Update index.md * Update about-github-hosted-runners.md * Restored versioning to match GHES approach * Fixed link * Restored self-hosted runner reference to UI steps. * Updated screenshots * Updated screenshots and procedures * Small edits to screenshots * Added AE url info for SHR * Removed superfluous versioning * Update security-hardening-for-github-actions.md * Update actions-shared.md * Small edits * Update usage-limits-billing-and-administration.md * Update managing-complex-workflows.md * Additional versioning * Additional versioning * version environments api and checkrun deployments for ghae (#17991) Co-authored-by: Martin Lopes <martin389@github.com> * Update reviewing-the-audit-log-for-your-organization.md * Added versioning for enterprise policy settings * version configuring artifact retention for AE * remove AE versioning for connecting to Marketplace * Apply suggestions from code review Co-authored-by: Joe Bourne <thejoebourneidentity@github.com> * Update content/admin/github-actions/getting-started-with-github-actions-for-github-ae.md Co-authored-by: Joe Bourne <thejoebourneidentity@github.com> * rewording not public to private * fixing liquid * Fixed elseif entries * Added expectations note * Revised label management article for AE hosted runners * Added enterprise-admin note for adding AE hosted runners * Update enterprise-admin.md * Update self-hosted-runner-security.md * Versioned reusable for AE * Empty commit for CI Co-authored-by: ahdbilal <55514721+ahdbilal@users.noreply.github.com> Co-authored-by: jmarlena <6732600+jmarlena@users.noreply.github.com> Co-authored-by: skedwards88 <skedwards88@github.com> Co-authored-by: Leona B. Campbell <3880403+runleonarun@users.noreply.github.com> Co-authored-by: Joe Bourne <thejoebourneidentity@github.com> Co-authored-by: runleonarun <runleonarun@github.com> * Update OpenAPI Descriptions for GHAE * Update content/admin/overview/github-ae-release-notes.md Co-authored-by: Ethan Palm <56270045+ethanpalm@users.noreply.github.com> Co-authored-by: mchammer01 <42146119+mchammer01@users.noreply.github.com> Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> Co-authored-by: shati-patel <shati-patel@github.com> Co-authored-by: Sarah Schneider <sarahs@github.com> Co-authored-by: skedwards88 <skedwards88@github.com> Co-authored-by: Sarah Schneider <sarahs@users.noreply.github.com> Co-authored-by: Melanie Yarbrough <11952755+myarb@users.noreply.github.com> Co-authored-by: Felicity Chapman <felicitymay@github.com> Co-authored-by: Meg Bird <megbird@github.com> Co-authored-by: Kevin Heis <heiskr@users.noreply.github.com> Co-authored-by: Leona B. Campbell <3880403+runleonarun@users.noreply.github.com> Co-authored-by: Laura Coursen <lecoursen@github.com> Co-authored-by: jmarlena <6732600+jmarlena@users.noreply.github.com> Co-authored-by: Martin Lopes <martin389@github.com> Co-authored-by: ahdbilal <55514721+ahdbilal@users.noreply.github.com> Co-authored-by: Joe Bourne <thejoebourneidentity@github.com> Co-authored-by: runleonarun <runleonarun@github.com> Co-authored-by: github-openapi-bot <69533958+github-openapi-bot@users.noreply.github.com>
18 KiB
title, intro, redirect_from, versions, type, topics
| title | intro | redirect_from | versions | type | topics | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Building and testing Python | You can create a continuous integration (CI) workflow to build and test your Python project. |
|
|
tutorial |
|
{% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} {% data reusables.actions.ae-beta %}
Introduction
This guide shows you how to build, test, and publish a Python package.
{% if currentVersion == "github-ae@latest" %} For instructions on how to make sure your {% data variables.actions.hosted_runner %} has the required software installed, see "Creating custom images." {% else %} {% data variables.product.prodname_dotcom %}-hosted runners have a tools cache with pre-installed software, which includes Python and PyPy. You don't have to install anything! For a full list of up-to-date software and the pre-installed versions of Python and PyPy, see "Specifications for {% data variables.product.prodname_dotcom %}-hosted runners". {% endif %}
Prerequisites
You should be familiar with YAML and the syntax for {% data variables.product.prodname_actions %}. For more information, see "Learn {% data variables.product.prodname_actions %}."
We recommend that you have a basic understanding of Python, PyPy, and pip. For more information, see:
{% data reusables.actions.enterprise-setup-prereq %}
Starting with the Python workflow template
{% data variables.product.prodname_dotcom %} provides a Python workflow template that should work for most Python projects. This guide includes examples that you can use to customize the template. For more information, see the Python workflow template.
To get started quickly, add the template to the .github/workflows directory of your repository.
{% raw %}
name: Python package
on: [push]
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: [2.7, 3.5, 3.6, 3.7, 3.8]
steps:
- uses: actions/checkout@v2
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install flake8 pytest
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
- name: Lint with flake8
run: |
# stop the build if there are Python syntax errors or undefined names
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- name: Test with pytest
run: |
pytest
{% endraw %}
Specifying a Python version
To use a pre-installed version of Python or PyPy on a {% data variables.product.prodname_dotcom %}-hosted runner, use the setup-python action. This action finds a specific version of Python or PyPy from the tools cache on each runner and adds the necessary binaries to PATH, which persists for the rest of the job. If a specific version of Python is not pre-installed in the tools cache, the setup-python action will download and set up the appropriate version from the python-versions repository.
Using the setup-python action is the recommended way of using Python with {% data variables.product.prodname_actions %} because it ensures consistent behavior across different runners and different versions of Python. If you are using a self-hosted runner, you must install Python and add it to PATH. For more information, see the setup-python action.
The table below describes the locations for the tools cache in each {% data variables.product.prodname_dotcom %}-hosted runner.
| Ubuntu | Mac | Windows | |
|---|---|---|---|
| Tool Cache Directory | /opt/hostedtoolcache/* |
/Users/runner/hostedtoolcache/* |
C:\hostedtoolcache\windows\* |
| Python Tool Cache | /opt/hostedtoolcache/Python/* |
/Users/runner/hostedtoolcache/Python/* |
C:\hostedtoolcache\windows\Python\* |
| PyPy Tool Cache | /opt/hostedtoolcache/PyPy/* |
/Users/runner/hostedtoolcache/PyPy/* |
C:\hostedtoolcache\windows\PyPy\* |
If you are using a self-hosted runner, you can configure the runner to use the setup-python action to manage your dependencies. For more information, see using setup-python with a self-hosted runner in the setup-python README.
{% data variables.product.prodname_dotcom %} supports semantic versioning syntax. For more information, see "Using semantic versioning" and the "Semantic versioning specification."
Using multiple Python versions
{% raw %}
name: Python package
on: [push]
jobs:
build:
runs-on: ubuntu-latest
strategy:
# You can use PyPy versions in python-version.
# For example, pypy2 and pypy3
matrix:
python-version: [2.7, 3.5, 3.6, 3.7, 3.8]
steps:
- uses: actions/checkout@v2
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python-version }}
# You can test your matrix by printing the current Python version
- name: Display Python version
run: python -c "import sys; print(sys.version)"
{% endraw %}
Using a specific Python version
You can configure a specific version of python. For example, 3.8. Alternatively, you can use semantic version syntax to get the latest minor release. This example uses the latest minor release of Python 3.
{% raw %}
name: Python package
on: [push]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Python 3.x
uses: actions/setup-python@v2
with:
# Semantic version range syntax or exact version of a Python version
python-version: '3.x'
# Optional - x64 or x86 architecture, defaults to x64
architecture: 'x64'
# You can test your matrix by printing the current Python version
- name: Display Python version
run: python -c "import sys; print(sys.version)"
{% endraw %}
Excluding a version
If you specify a version of Python that is not available, setup-python fails with an error such as: ##[error]Version 3.4 with arch x64 not found. The error message includes the available versions.
You can also use the exclude keyword in your workflow if there is a configuration of Python that you do not wish to run. For more information, see "Workflow syntax for {% data variables.product.prodname_actions %}."
{% raw %}
name: Python package
on: [push]
jobs:
build:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
python-version: [2.7, 3.6, 3.7, 3.8, pypy2, pypy3]
exclude:
- os: macos-latest
python-version: 3.6
- os: windows-latest
python-version: 3.6
{% endraw %}
Using the default Python version
We recommend using setup-python to configure the version of Python used in your workflows because it helps make your dependencies explicit. If you don't use setup-python, the default version of Python set in PATH is used in any shell when you call python. The default version of Python varies between {% data variables.product.prodname_dotcom %}-hosted runners, which may cause unexpected changes or use an older version than expected.
| {% data variables.product.prodname_dotcom %}-hosted runner | Description |
|---|---|
| Ubuntu | Ubuntu runners have multiple versions of system Python installed under /usr/bin/python and /usr/bin/python3. The Python versions that come packaged with Ubuntu are in addition to the versions that {% data variables.product.prodname_dotcom %} installs in the tools cache. |
| Windows | Excluding the versions of Python that are in the tools cache, Windows does not ship with an equivalent version of system Python. To maintain consistent behavior with other runners and to allow Python to be used out-of-the-box without the setup-python action, {% data variables.product.prodname_dotcom %} adds a few versions from the tools cache to PATH. |
| macOS | The macOS runners have more than one version of system Python installed, in addition to the versions that are part of the tools cache. The system Python versions are located in the /usr/local/Cellar/python/* directory. |
Installing dependencies
{% data variables.product.prodname_dotcom %}-hosted runners have the pip package manager installed. You can use pip to install dependencies from the PyPI package registry before building and testing your code. For example, the YAML below installs or upgrades the pip package installer and the setuptools and wheel packages.
When using {% data variables.product.prodname_dotcom %}-hosted runners, you can also cache dependencies to speed up your workflow. For more information, see "Caching dependencies to speed up workflows."
{% raw %}
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: '3.x'
- name: Install dependencies
run: python -m pip install --upgrade pip setuptools wheel
{% endraw %}
Requirements file
After you update pip, a typical next step is to install dependencies from requirements.txt.
{% raw %}
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: '3.x'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
{% endraw %}
Caching Dependencies
When using {% data variables.product.prodname_dotcom %}-hosted runners, you can cache pip dependencies using a unique key, and restore the dependencies when you run future workflows using the cache action. For more information, see "Caching dependencies to speed up workflows."
Pip caches dependencies in different locations, depending on the operating system of the runner. The path you'll need to cache may differ from the Ubuntu example below depending on the operating system you use. For more information, see Python caching examples.
{% raw %}
steps:
- uses: actions/checkout@v2
- name: Setup Python
uses: actions/setup-python@v2
with:
python-version: '3.x'
- name: Cache pip
uses: actions/cache@v2
with:
# This path is specific to Ubuntu
path: ~/.cache/pip
# Look to see if there is a cache hit for the corresponding requirements file
key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }}
restore-keys: |
${{ runner.os }}-pip-
${{ runner.os }}-
- name: Install dependencies
run: pip install -r requirements.txt
{% endraw %}
{% note %}
Note: Depending on the number of dependencies, it may be faster to use the dependency cache. Projects with many large dependencies should see a performance increase as it cuts down the time required for downloading. Projects with fewer dependencies may not see a significant performance increase and may even see a slight decrease due to how pip installs cached dependencies. The performance varies from project to project.
{% endnote %}
Testing your code
You can use the same commands that you use locally to build and test your code.
Testing with pytest and pytest-cov
This example installs or upgrades pytest and pytest-cov. Tests are then run and output in JUnit format while code coverage results are output in Cobertura. For more information, see JUnit and Cobertura.
{% raw %}
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: '3.x'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Test with pytest
run: |
pip install pytest
pip install pytest-cov
pytest tests.py --doctest-modules --junitxml=junit/test-results.xml --cov=com --cov-report=xml --cov-report=html
{% endraw %}
Using Flake8 to lint code
The following example installs or upgrades flake8 and uses it to lint all files. For more information, see Flake8.
{% raw %}
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: '3.x'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Lint with flake8
run: |
pip install flake8
flake8 .
{% endraw %}
Running tests with tox
With {% data variables.product.prodname_actions %}, you can run tests with tox and spread the work across multiple jobs. You'll need to invoke tox using the -e py option to choose the version of Python in your PATH, rather than specifying a specific version. For more information, see tox.
{% raw %}
name: Python package
on: [push]
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
python: [2.7, 3.7, 3.8]
steps:
- uses: actions/checkout@v2
- name: Setup Python
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python }}
- name: Install Tox and any other packages
run: pip install tox
- name: Run Tox
# Run tox using the version of Python in `PATH`
run: tox -e py
{% endraw %}
Packaging workflow data as artifacts
You can upload artifacts to view after a workflow completes. For example, you may need to save log files, core dumps, test results, or screenshots. For more information, see "Persisting workflow data using artifacts."
The following example demonstrates how you can use the upload-artifact action to archive test results from running pytest. For more information, see the upload-artifact action.
{% raw %}
name: Python package
on: [push]
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: [2.7, 3.5, 3.6, 3.7, 3.8]
steps:
- uses: actions/checkout@v2
- name: Setup Python # Set Python version
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python-version }}
# Install pip and pytest
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install pytest
- name: Test with pytest
run: pytest tests.py --doctest-modules --junitxml=junit/test-results-${{ matrix.python-version }}.xml
- name: Upload pytest test results
uses: actions/upload-artifact@v2
with:
name: pytest-results-${{ matrix.python-version }}
path: junit/test-results-${{ matrix.python-version }}.xml
# Use always() to always run this step to publish test results when there are test failures
if: ${{ always() }}
{% endraw %}
Publishing to package registries
You can configure your workflow to publish your Python package to any package registry you'd like when your CI tests pass.
You can store any access tokens or credentials needed to publish your package using secrets. The following example creates and publishes a package to PyPI using twine and dist. For more information, see "Creating and using encrypted secrets."
{% raw %}
name: Upload Python Package
on:
release:
types: [created]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: '3.x'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install setuptools wheel twine
- name: Build and publish
env:
TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }}
TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
run: |
python setup.py sdist bdist_wheel
twine upload dist/*
{% endraw %}
For more information about the template workflow, see python-publish.