name: CI
on:
workflow_dispatch:
inputs:
enable_publish:
description: 'DISABLED - Use publish-tokens.yml workflow instead'
type: boolean
default: false
permissions:
contents: read
actions: read
env:
CARGO_TERM_COLOR: always
jobs:
rust:
name: Rust (${{ matrix.os }})
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
rust: [stable]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ matrix.rust }}
- name: Cache cargo
uses: Swatinem/rust-cache@v2
with:
workspaces: './'
- name: Build
run: cargo build --verbose
- name: Run tests
run: cargo test --verbose
- name: Lint
run: cargo clippy --all-targets --all-features -- -D warnings
python-bindings:
name: Python Bindings
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@master
with:
toolchain: stable
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Install uv
uses: astral-sh/setup-uv@v4
- name: Build Python bindings
run: |
uv sync --extra dev
uv run maturin develop
- name: Lint Python
run: uv run ruff check apps/demo_backend/
frontend:
name: Frontend
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Install pnpm
uses: pnpm/action-setup@v4
with:
version: 9
- name: Get pnpm store directory
shell: bash
run: |
echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_OUTPUT
id: pnpm-cache
- name: Setup pnpm cache
uses: actions/cache@v4
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
pnpm-store-
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Lint frontend
run: cd apps/ui && pnpm run lint
- name: Test frontend
run: cd apps/ui && pnpm run test:unit
publish-crates:
name: Publish Rust Crate
needs: [rust]
if: github.event.inputs.enable_publish == 'true'
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@master
with:
toolchain: stable
- name: Build (dry-run)
run: cargo build --release
- name: Publish to crates.io
run: cargo publish --token ${{ secrets.CRATES_IO_TOKEN }}
publish-pypi:
name: Publish Python Package (${{ matrix.os }})
needs: [python-bindings]
if: github.event.inputs.enable_publish == 'true'
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
runs-on: ${{ matrix.os }}
permissions:
id-token: write contents: read
environment:
name: pypi
url: https://pypi.org/p/kya-validator
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@master
with:
toolchain: stable
- name: Build wheels
uses: astral-sh/setup-uv@v4
with:
enable-cache: true
- name: Build package
run: |
uv sync --extra dev
uv run maturin build --release
- name: Publish to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
packages-dir: target/wheels
github-release:
name: Create GitHub Release (${{ matrix.os }})
needs: [publish-crates, publish-pypi]
if: github.event.inputs.enable_publish == 'true'
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
runs-on: ${{ matrix.os }}
permissions:
contents: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@master
with:
toolchain: stable
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Build wheels
uses: astral-sh/setup-uv@v4
- name: Build release artifacts
run: |
uv sync --extra dev
uv run maturin build --release
- name: Create GitHub Release
uses: softprops/action-gh-release@v2
with:
files: |
target/wheels/*.whl
generate_release_notes: true
name: ${{ github.ref_name }}
draft: false