-
Notifications
You must be signed in to change notification settings - Fork 1
175 lines (146 loc) · 6.86 KB
/
testing.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
name: Python testing
on: [push, pull_request, workflow_dispatch]
jobs:
test:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest, macOS-13]
defaults:
run:
shell: bash # For `source`
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
cache: 'pip'
cache-dependency-path: requirements/*.txt
- name: Python/tkinter version debug
run: |
python --version
python -c "import sys, tkinter;tcl = tkinter.Tcl();print(f\"{tkinter.TkVersion=}\n{tkinter.TclVersion=}\n{tcl.call('info', 'patchlevel')=}\n{sys.executable=}\n{tkinter.__file__=}\")"
- name: OS specific setup (windows)
if: startswith(matrix.os, 'windows')
run: |
echo 'OS_NAME=windows' >> $GITHUB_ENV
echo 'ACTIVATE_PATH=venv/Scripts/activate' >> $GITHUB_ENV
echo 'RESULT_EXTENSION=.exe' >> $GITHUB_ENV
echo 'PYINSTALLER_ARGS=--hide-console=minimize-early' >> $GITHUB_ENV
echo 'INSTALL_CA_CERT=certutil.exe -addstore root local-ca.pem' >> $GITHUB_ENV
- name: OS specific setup (linux)
if: startswith(matrix.os, 'ubuntu')
run: |
echo 'OS_NAME=linux' >> $GITHUB_ENV
echo 'ACTIVATE_PATH=venv/bin/activate' >> $GITHUB_ENV
echo 'RESULT_EXTENSION=' >> $GITHUB_ENV
echo 'PYINSTALLER_ARGS=' >> $GITHUB_ENV
echo 'INSTALL_CA_CERT=sudo cp local-ca.pem /usr/local/share/ca-certificates/local-ca.crt; sudo update-ca-certificates' >> $GITHUB_ENV
- name: OS specific setup (mac)
if: startswith(matrix.os, 'macOS')
run: |
echo 'OS_NAME=mac' >> $GITHUB_ENV
echo 'ACTIVATE_PATH=venv/bin/activate' >> $GITHUB_ENV
# Upload the built .dmg app-installer
echo 'RESULT_EXTENSION=.dmg' >> $GITHUB_ENV
# Target universal2 so that the built binary can run on both intel and apple silicon
# Pass --windowed to build a .app bundle
echo 'PYINSTALLER_ARGS=--target-architecture universal2 --windowed' >> $GITHUB_ENV
echo 'INSTALL_CA_CERT=sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain local-ca.pem' >> $GITHUB_ENV
- name: Select dependency files
run: |
echo "REQUIREMENTS=requirements/${{ env.OS_NAME }}.txt" >> $GITHUB_ENV
echo "DEV_REQUIREMENTS=requirements/${{ env.OS_NAME }}-dev.txt" >> $GITHUB_ENV
- name: Install dependencies
run: |
python -m ensurepip
python -m venv venv
source ${{ env.ACTIVATE_PATH }}
python -m pip install --upgrade pip
python -m pip install -r ${{ env.REQUIREMENTS }} -r ${{ env.DEV_REQUIREMENTS }}
python -m pip install --no-deps -e .
VERSION_STRING="$(python -c 'from prism import VERSION_STRING; print(VERSION_STRING)')"
echo "VERSION_STRING=$VERSION_STRING" >> $GITHUB_ENV
echo "SIMPLE_NAME=prism-$VERSION_STRING" >> $GITHUB_ENV
echo "BUILD_RESULT_NAME=prism-$VERSION_STRING-${{ env.OS_NAME }}${{ env.RESULT_EXTENSION }}" >> $GITHUB_ENV
- name: Run typechecking
run: |
source ${{ env.ACTIVATE_PATH }}
mypy --strict .
- name: Run tests
run: |
source ${{ env.ACTIVATE_PATH }}
coverage run
coverage report
- name: tee | stderr
if: env.OS_NAME != 'windows'
run:
echo 'TEE_STDERR=| tee /dev/stderr' >> $GITHUB_ENV
- name: Test ssl system certs
run: |
source ${{ env.ACTIVATE_PATH }}
certifi_ca_certs="$(python -m certifi)"
(
cd tests/system_certs
echo 'Print certs' >&2
sh print.sh
echo "Run local https server and ensure it's running" >&2
python server.py >/dev/null 2>&1 &
sleep 1
echo 'Ensure request succeeds with local ca' >&2
curl --ssl-no-revoke --fail --silent https://localhost:12345 --cacert local-ca.pem ${{ env.TEE_STDERR }} | grep '^Hello world' >/dev/null 2>&1
echo 'Ensure request fails with certifi ca' >&2
! curl --ssl-no-revoke --fail https://localhost:12345 --cacert "$certifi_ca_certs" 2>&1 ${{ env.TEE_STDERR }} | grep 'SSL certificate problem' >/dev/null 2>&1
echo 'Install certs' >&2
${{ env.INSTALL_CA_CERT }}
)
# Create placeholder logfile
touch latest.log
echo 'Ensure ssl error is caught when using included certs' >&2
echo 'use_included_certs = true' > included_certs_settings.toml
# Don't open the settings prompt
echo 'autowho = true' >> included_certs_settings.toml
python prism_overlay.py --test-ssl --settings=included_certs_settings.toml --logfile=latest.log ${{ env.TEE_STDERR }} | grep '^Caught missing local issuer SSLError: ' >/dev/null 2>&1
echo 'Ensure request succeeds when using system certs' >&2
echo 'use_included_certs = false' > system_certs_settings.toml
# Don't open the settings prompt
echo 'autowho = true' >> system_certs_settings.toml
python prism_overlay.py --test-ssl --settings=system_certs_settings.toml --logfile=latest.log ${{ env.TEE_STDERR }} | grep '^Got response: Hello world' >/dev/null 2>&1
- name: Build single file binary with pyinstaller
run: |
source ${{ env.ACTIVATE_PATH }}
python add_version_to_icon.py # Create the icon file
pyinstaller prism_overlay.py --noconfirm --onefile --icon=pyinstaller/who_with_version.ico --name "${{ env.SIMPLE_NAME }}" --additional-hooks-dir=pyinstaller ${{ env.PYINSTALLER_ARGS }}
- name: Package app bundle to disk image (mac)
if: env.OS_NAME == 'mac'
run: |
brew install imagemagick
magick pyinstaller/who_with_version.ico pyinstaller/who_with_version.icns
brew install create-dmg
mkdir -p 'dist/app'
mv "dist/${{ env.SIMPLE_NAME }}.app" "dist/app"
# Inspired by:
# https://www.pythonguis.com/tutorials/packaging-pyqt5-applications-pyinstaller-macos-dmg/
create-dmg \
--volname "Prism ${{ env.VERSION_STRING }} installer" \
--volicon 'pyinstaller/who_with_version.icns' \
--window-pos 200 120 \
--window-size 600 300 \
--icon-size 100 \
--icon "${{ env.SIMPLE_NAME }}.app" 175 120 \
--hide-extension "${{ env.SIMPLE_NAME }}.app" \
--app-drop-link 425 120 \
"${{ env.BUILD_RESULT_NAME }}" \
"dist/app/"
- name: Store built binary (non-mac)
if: env.OS_NAME != 'mac'
run: |
mv "dist/${{ env.SIMPLE_NAME }}${{ env.RESULT_EXTENSION }}" "${{ env.BUILD_RESULT_NAME }}"
- name: Upload built binary/app .dmg
uses: actions/upload-artifact@v4
with:
name: ${{ env.SIMPLE_NAME }}-${{ matrix.os }}
path: "${{ env.BUILD_RESULT_NAME }}"
if-no-files-found: error