diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index aee0611..a4bad6e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -29,10 +29,10 @@ jobs: steps: - name: Checking out the cookie cutter repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} @@ -82,10 +82,10 @@ jobs: steps: - name: Checking out the cookie cutter repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up Python 3.8 - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: 3.8 diff --git a/.github/workflows/pypi.yml b/.github/workflows/pypi.yml index 6f84599..c11299a 100644 --- a/.github/workflows/pypi.yml +++ b/.github/workflows/pypi.yml @@ -15,10 +15,10 @@ jobs: steps: - name: Checking out the cookie cutter repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: 3.8 diff --git a/cookiecutter.json b/cookiecutter.json index 8d34035..da5cc5a 100644 --- a/cookiecutter.json +++ b/cookiecutter.json @@ -23,7 +23,7 @@ ], "__python_module": "{{ cookiecutter|modname }}", "_catch_version": "2.13.10", - "_cibuildwheel_version": "2.13.0", + "_cibuildwheel_version": "2.13.1", "_pybind_version": "2.10.4", "_sonarscanner_version": "4.7.0.2747" } diff --git a/tests/test_deploy_bake.py b/tests/test_deploy_bake.py index 714ba9f..5677e25 100644 --- a/tests/test_deploy_bake.py +++ b/tests/test_deploy_bake.py @@ -113,23 +113,6 @@ def rtd_api_request(endpoint): assert build["commit"] == sha -def codecov_api_verification(remote_url, token, sha): - def codecov_api_request(endpoint): - resp = requests.get('https://codecov.io/api/{}/{}'.format(remote_url, endpoint), - headers={'Authorization': 'token {}'.format(token)} - ) - return resp.json() - - # Poll the codecov.io API - commit = codecov_api_request('commit/{}'.format(sha))['commit'] - while commit['state'] != 'complete': - time.sleep(5) - commit = codecov_api_request('commit/{}'.format(sha))['commit'] - - # Assert 100% coverage - assert commit['totals']['c'] == '100' - - @pytest.mark.integrations @pytest.mark.flaky(max_runs=3, min_passes=1, rerun_filter=wait_five_seconds) @pytest.mark.timeout(120) @@ -139,25 +122,14 @@ def test_codecovio_github_deploy(): repo = gh.get_repo('dokempf/test-gha-cookiecutter') sha = repo.get_branch('main').commit.sha - codecov_api_verification( - 'gh/dokempf/test-gha-cookiecutter', - os.getenv('CODECOV_GH_API_ACCESS_TOKEN'), - sha - ) - - -@pytest.mark.integrations -@pytest.mark.flaky(max_runs=3, min_passes=1, rerun_filter=wait_five_seconds) -@pytest.mark.timeout(60) -def test_codecovio_gitlab_deploy(): - # Authenticate with Gitlab API - gl = gitlab.Gitlab('https://gitlab.com', private_token=os.getenv("GL_API_ACCESS_TOKEN")) - gl.auth() - project = gl.projects.get('dokempf/test-gitlab-ci-cookiecutter-cpp-project') - sha = project.branches.get('main').commit['id'] + # Ask CodeCov API for coverage information + resp = requests.get( + f'https://api.codecov.io/api/v2/github/dokempf/repos/test-gha-cookiecutter/totals', + headers={ + 'authorization': f'Bearer {os.getenv("CODECOV_GH_API_ACCESS_TOKEN")}' + }, + params={"sha": sha} + ).json() - codecov_api_verification( - 'gl/dokempf/test-gitlab-ci-cookiecutter-cpp-project', - os.getenv('CODECOV_GL_API_ACCESS_TOKEN'), - sha - ) + # Assert 100% coverage + assert resp['totals']['coverage'] == 100 diff --git a/{{cookiecutter.project_slug}}/.github/workflows/ci.yml b/{{cookiecutter.project_slug}}/.github/workflows/ci.yml index 17432c5..e1b0dce 100644 --- a/{{cookiecutter.project_slug}}/.github/workflows/ci.yml +++ b/{{cookiecutter.project_slug}}/.github/workflows/ci.yml @@ -29,7 +29,7 @@ jobs: os: [ubuntu-latest, macos-latest, windows-latest] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 {% if cookiecutter.use_submodules == "Yes" %} with: submodules: 'recursive' @@ -104,14 +104,14 @@ jobs: os: [ubuntu-latest, macos-latest, windows-latest] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 {% if cookiecutter.use_submodules == "Yes" %} with: submodules: 'recursive' {%- endif %} - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: 3.8 @@ -129,7 +129,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 {% if cookiecutter.use_submodules == "Yes" %} with: submodules: 'recursive' @@ -205,5 +205,12 @@ jobs: working-directory: ${{ "{{ github.workspace }}" }} run: | lcov --directory ./build{% if cookiecutter.header_only == "No" %}/src{% endif %} --capture --output-file coverage.info - bash <(curl --connect-timeout 10 --retry 5 -s https://codecov.io/bash) -f coverage.info || echo "Codecov did not collect coverage reports" + + - name: Upload coverage to Codecov + uses: codecov/codecov-action@v3 + with: + fail_ci_if_error: true + files: ${{ "{{runner.workspace}}" }}/coverage.info + env: + CODECOV_TOKEN: ${{ "{{ secrets.CODECOV_TOKEN }}" }} {% endif %} diff --git a/{{cookiecutter.project_slug}}/.github/workflows/pypi.yml b/{{cookiecutter.project_slug}}/.github/workflows/pypi.yml index 0588855..85a6a20 100644 --- a/{{cookiecutter.project_slug}}/.github/workflows/pypi.yml +++ b/{{cookiecutter.project_slug}}/.github/workflows/pypi.yml @@ -16,45 +16,43 @@ jobs: os: [ubuntu-latest, windows-latest, macos-latest] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: 'recursive' - name: Build wheels uses: pypa/cibuildwheel@v{{ cookiecutter._cibuildwheel_version }} - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4 with: path: ./wheelhouse/*.whl upload_testpypi: needs: [build-wheels] runs-on: ubuntu-latest + permissions: + id-token: write if: github.event_name == 'release' && github.event.action == 'published' steps: - - uses: actions/download-artifact@v3 + - uses: actions/download-artifact@v4 with: name: artifact path: dist - - uses: pypa/gh-action-pypi-publish@release/v1 + - uses: pypa/gh-action-pypi-publish@v1.8.11 with: - user: __token__ - password: ${{ "{{ secrets.TESTPYPI_API_TOKEN }}" }} repository_url: https://test.pypi.org/legacy/ upload_pypi: needs: [build-wheels, upload_testpypi] runs-on: ubuntu-latest + permissions: + id-token: write if: github.event_name == 'release' && github.event.action == 'published' steps: - - uses: actions/download-artifact@v3 + - uses: actions/download-artifact@v4 with: name: artifact path: dist - - uses: pypa/gh-action-pypi-publish@release/v1 - with: - user: __token__ - password: ${{ "{{ secrets.PYPI_API_TOKEN }}" }} - verbose: true \ No newline at end of file + - uses: pypa/gh-action-pypi-publish@release/v1.8.11 diff --git a/{{cookiecutter.project_slug}}/.github/workflows/sonarcloud.yml b/{{cookiecutter.project_slug}}/.github/workflows/sonarcloud.yml index 15a32d5..646c8cd 100644 --- a/{{cookiecutter.project_slug}}/.github/workflows/sonarcloud.yml +++ b/{{cookiecutter.project_slug}}/.github/workflows/sonarcloud.yml @@ -24,7 +24,7 @@ jobs: name: SonarCloud runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis submodules: 'recursive' diff --git a/{{cookiecutter.project_slug}}/.pre-commit-config.yaml b/{{cookiecutter.project_slug}}/.pre-commit-config.yaml index 43e950c..eca991b 100644 --- a/{{cookiecutter.project_slug}}/.pre-commit-config.yaml +++ b/{{cookiecutter.project_slug}}/.pre-commit-config.yaml @@ -2,7 +2,7 @@ repos: {%- if cookiecutter.python_bindings %} # Run Black - the uncompromising Python code formatter - repo: https://github.com/psf/black - rev: 23.3.0 + rev: 23.7.0 hooks: - id: black-jupyter {%- endif %} diff --git a/{{cookiecutter.project_slug}}/TODO.md b/{{cookiecutter.project_slug}}/TODO.md index 71767c2..fae38f3 100644 --- a/{{cookiecutter.project_slug}}/TODO.md +++ b/{{cookiecutter.project_slug}}/TODO.md @@ -47,15 +47,21 @@ The following tasks need to be done to get a fully working project: about your project, such as your email adress, PyPI classifiers and a short project description. {%- endif %} {%- if cookiecutter.pypi_release == "Yes" %} -* Add the secret variables `TESTPYPI_API_TOKEN` and `PYPI_API_TOKEN` to your GitHub project. - These variables can be generated by heading to `https://test.pypi.org/` and `https://pypi.org`, - adding a new project and generating these tokens. +* Head to your user settings at `https://pypi.org` and `https://test.pypi.org/` to setup PyPI trusted publishing. + In order to do so, you have to head to the "Publishing" tab, scroll to the bottom + and add a "new pending publisher". The relevant information is: + * PyPI project name: `{{ cookiecutter|modname }}` + * Owner: `{{ cookiecutter|username }}` + * Repository name: `{{ cookiecutter|remote_slug }}` + * Workflow name: `pypi.yml` + * Environment name: not required {%- endif %} {%- if cookiecutter.codecovio == "Yes" %} * Enable the integration with `codecov.io` by heading to the [Codecov.io Website](https://codecov.io), - log in (e.g. with your Github credentials) and enable integration for your repository. This will - allow you to have automatic coverage reports on pull requests, but is not necessary to display - the coverage badge in the README. + log in (e.g. with your Github credentials) and enable integration for your repository. In order to do + so, you need to select it from the list of repositories (potentially re-syncing with GitHub) and head + to the Settings Tab. Within setting, get your token for this repository and put store it as a secret + called `CODECOV_TOKEN` for GitHub Actions. {%- endif %} {%- if cookiecutter.sonarcloud == "Yes" %} * Enable the integration with `sonarcloud.io` by heading to the [Sonarcloud.io Website](https://sonarcloud.io),