open_pub/MsgCenterPy
1
0
Fork 0
mirror of https://github.com/ZGCA-Forge/MsgCenterPy.git synced 2025-12-15 13:34:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into dependabot/github_actions/actions/upload-pages-artifact-4

Browse Source
This commit is contained in:
Xuwznln
2025-09-05 01:25:52 +08:00
committed by GitHub
parent d5704e78c3 9d52781134
commit 2d83bad8ce
13 changed files with 386 additions and 879 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.github/workflows/ci.yml vendored
View File

@@ -58,12 +58,12 @@ jobs:
- name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install flake8 pytest
python -m pip install pytest
pip install -e .[dev]
- name: Test with pytest
run: |
pytest
pytest -v
# Step 3: ROS2 integration test
test-with-ros2:
@@ -122,10 +122,7 @@ jobs:
- name: Install security tools
run: |
python -m pip install --upgrade pip
pip install bandit "safety>=3.0.0" "typer<0.12.0" "marshmallow<4.0.0"
- name: Run bandit security scan
run: bandit -r msgcenterpy/ -f json -o bandit-report.json
pip install "safety>=3.0.0" "typer<0.12.0" "marshmallow<4.0.0"
- name: Run safety security scan
run: safety check --output json > safety-report.json
@@ -135,7 +132,6 @@ jobs:
with:
name: security-reports
path: |
bandit-report.json
safety-report.json
if: always()

22
.github/workflows/docs.yml vendored
View File

@@ -5,6 +5,18 @@ on:
branches: [main]
pull_request:
branches: [main]
workflow_dispatch:
inputs:
branch:
description: "要部署文档的分支"
required: false
default: "main"
type: string
deploy_to_pages:
description: "是否部署到 GitHub Pages"
required: false
default: true
type: boolean
# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
permissions:
@@ -25,6 +37,8 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ github.event.inputs.branch || github.ref }}
- name: Set up Python
uses: actions/setup-python@v5
@@ -42,7 +56,7 @@ jobs:
- name: Setup Pages
id: pages
uses: actions/configure-pages@v4
if: github.ref == 'refs/heads/main'
if: github.ref == 'refs/heads/main' || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_to_pages == 'true')
- name: Build Sphinx documentation
run: |
@@ -51,13 +65,13 @@ jobs:
- name: Upload artifact
uses: actions/upload-pages-artifact@v4
if: github.ref == 'refs/heads/main'
if: github.ref == 'refs/heads/main' || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_to_pages == 'true')
with:
path: docs/_build/html
# Deploy to GitHub Pages (only on main branch)
# Deploy to GitHub Pages
deploy:
if: github.ref == 'refs/heads/main'
if: github.ref == 'refs/heads/main' || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_to_pages == 'true')
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}

105
.github/workflows/publish.yml vendored
View File

@@ -6,11 +6,11 @@
# separate terms of service, privacy policy, and support
# documentation.
name: Upload Python Package
name: Upload PyPI package
on:
release:
types: [published]
types: [published, edited]
workflow_dispatch:
inputs:
test_pypi:
@@ -23,6 +23,7 @@ permissions:
contents: read
jobs:
# Step 1: Code formatting and pre-commit validation (fast failure)
code-format:
name: Code formatting and pre-commit validation
runs-on: ubuntu-latest
@@ -33,7 +34,7 @@ jobs:
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
python-version: "3.10" # Use minimum version for consistency
- name: Install dependencies
run: |
@@ -45,15 +46,16 @@ jobs:
with:
extra_args: --all-files
# Step 2: Basic build and test with minimum Python version (3.10)
basic-build:
name: Basic build and test
name: Basic build (Python 3.10, Ubuntu)
runs-on: ubuntu-latest
needs: [code-format]
needs: [code-format] # Only run after code formatting passes
steps:
- uses: actions/checkout@v4
- name: Set up Python
- name: Set up Python 3.10
uses: actions/setup-python@v5
with:
python-version: "3.10"
@@ -69,23 +71,18 @@ jobs:
- name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install flake8 pytest
python -m pip install pytest
pip install -e .[dev]
- name: Test with pytest
run: |
pytest -v
- name: Run linting
run: |
black --check --line-length=120 msgcenterpy tests
isort --check-only msgcenterpy tests
mypy msgcenterpy --disable-error-code=unused-ignore
# Step 3: ROS2 integration test
test-with-ros2:
name: ROS2 integration test
runs-on: ubuntu-latest
needs: [basic-build]
needs: [basic-build] # Only run after basic build passes
steps:
- uses: actions/checkout@v4
@@ -105,6 +102,7 @@ jobs:
- name: Install ROS2 and dependencies
shell: bash -l {0}
run: |
# Install ROS2 core packages
conda install -y \
ros-humble-ros-core \
ros-humble-std-msgs \
@@ -113,10 +111,43 @@ jobs:
- name: Install package and run tests
shell: bash -l {0}
run: |
# Install our package with basic dependencies (not ros2 extra to avoid conflicts)
pip install -e .[dev]
# Run all tests with verbose output (ROS2 tests will be automatically included)
python -c "import rclpy, rosidl_runtime_py; print('All ROS2 dependencies available')"
pytest -v
# Step 4: Security scan
security:
name: Security scan
runs-on: ubuntu-latest
needs: [basic-build] # Run in parallel with ROS2 test after basic build
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.10" # Use minimum version for consistency
- name: Install security tools
run: |
python -m pip install --upgrade pip
pip install "safety>=3.0.0" "typer<0.12.0" "marshmallow<4.0.0"
- name: Run safety security scan
run: safety check --output json > safety-report.json
- name: Upload security reports
uses: actions/upload-artifact@v4
with:
name: security-reports
path: |
safety-report.json
if: always()
release-build:
name: Build release distributions
runs-on: ubuntu-latest
@@ -125,27 +156,43 @@ jobs:
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.x"
python-version: "3.10" # Use minimum version for consistency
- name: Install build dependencies
run: |
python -m pip install --upgrade pip
python -m pip install build twine check-manifest
python -m pip install build twine
- name: Verify version consistency
if: github.event_name == 'release'
if: github.event_name == 'release' && (github.event.action == 'published' || (github.event.action == 'edited' && !github.event.release.prerelease))
run: |
VERSION=$(python -c "import msgcenterpy; print(msgcenterpy.__version__)" 2>/dev/null || echo "unknown")
TAG_VERSION="${GITHUB_REF#refs/tags/v}"
# Install package first
pip install -e .
# Get package version (fail fast if not available)
VERSION=$(python -c "import msgcenterpy; print(msgcenterpy.__version__)")
# Handle both v0.0.3 and 0.0.3 tag formats
RAW_TAG="${GITHUB_REF#refs/tags/}"
if [[ "$RAW_TAG" == v* ]]; then
TAG_VERSION="${RAW_TAG#v}"
else
TAG_VERSION="$RAW_TAG"
fi
echo "Package version: $VERSION"
echo "Tag version: $TAG_VERSION"
if [ "$VERSION" != "$TAG_VERSION" ]; then
echo "Version mismatch: package=$VERSION, tag=$TAG_VERSION"
echo "Version mismatch: package=$VERSION, tag=$TAG_VERSION"
echo "Please ensure the package version matches the git tag"
exit 1
fi
- name: Check manifest
run: check-manifest
echo "✅ Version verification passed: $VERSION"
- name: Build release distributions
run: |
@@ -166,7 +213,7 @@ jobs:
runs-on: ubuntu-latest
needs:
- release-build
if: github.event_name == 'release' && !github.event.release.prerelease && github.event.inputs.test_pypi != 'true'
if: github.event_name == 'release' && !github.event.release.prerelease && github.event.inputs.test_pypi != 'true' && (github.event.action == 'published' || github.event.action == 'edited')
permissions:
# IMPORTANT: this permission is mandatory for trusted publishing
id-token: write
@@ -189,7 +236,7 @@ jobs:
runs-on: ubuntu-latest
needs:
- release-build
if: github.event.inputs.test_pypi == 'true' || (github.event_name == 'release' && github.event.release.prerelease)
if: github.event.inputs.test_pypi == 'true' || (github.event_name == 'release' && github.event.release.prerelease && (github.event.action == 'published' || github.event.action == 'edited'))
permissions:
# IMPORTANT: this permission is mandatory for trusted publishing
id-token: write
@@ -213,7 +260,9 @@ jobs:
name: Add assets to GitHub release
runs-on: ubuntu-latest
needs: release-build
if: github.event_name == 'release'
if: github.event_name == 'release' && (github.event.action == 'published' || github.event.action == 'edited')
permissions:
contents: write # Need write access to upload release assets
steps:
- name: Retrieve release distributions
@@ -252,7 +301,3 @@ jobs:
echo "| GitHub Release | Assets uploaded |" >> $GITHUB_STEP_SUMMARY
echo "| Version | ${{ github.event.release.tag_name || 'test' }} |" >> $GITHUB_STEP_SUMMARY
- name: Notify team
run: |
echo "Package published successfully!"