.github/workflows/python-package.yml

# https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/
name: Python package

on:
  push:
    tags:
      - '[0-9]+.[0-9]+.[0-9]+'            # release
      - '[0-9]+.[0-9]+.[0-9]+a[0-9]+'     # alpha
      - '[0-9]+.[0-9]+.[0-9]+b[0-9]+'     # beta
      - '[0-9]+.[0-9]+.[0-9]+rc[0-9]+'    # release candidate
      - '[0-9]+.[0-9]+.[0-9]+.dev[0-9]+'  # dev (not semver compliant)
      - '[0-9]+.[0-9]+.[0-9]+.post[0-9]+' # post (not semver compliant)
  pull_request:

jobs:
  cqa:
    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v4

    - uses: awalsh128/cache-apt-pkgs-action@latest
      with:
        packages: zsh
        version: 1.0

    - name: Set up Python
      uses: actions/setup-python@v5
      with:
        python-version: "3.12"
        cache: pip
        cache-dependency-path: '**/pyproject.yaml'

    - name: Install test dependencies
      run: |
        python -m pip install --upgrade pip
        pip install --use-deprecated=legacy-resolver -e .[dev,test]

    - name: Lint with Ruff
      run: |
        ruff check .

    - name: Format check with Ruff
      run: |
        ruff format --check .

  test:
    runs-on: ubuntu-latest

    strategy:
      fail-fast: false
      matrix:
        python-version: ["3.10", "3.11", "3.12"]

    steps:
    - uses: actions/checkout@v4

    - uses: awalsh128/cache-apt-pkgs-action@latest
      with:
        packages: zsh
        version: 1.0

    - name: Set up Python ${{ matrix.python-version }}
      uses: actions/setup-python@v5
      with:
        python-version: ${{ matrix.python-version }}
        cache: pip
        cache-dependency-path: '**/setup.cfg'

    - name: Install dependencies
      run: |
        python -m pip install --upgrade pip
        make develop

    - name: Test with pytest
      run: |
        make test

    - name: Upload coverage data to Codecov
      run: |
        # Verify integrity of codecov download
        curl https://uploader.codecov.io/verification.gpg | gpg --no-default-keyring --keyring trustedkeys.gpg --import
        curl -Os https://uploader.codecov.io/latest/linux/codecov
        curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM
        curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM.sig
        gpgv codecov.SHA256SUM.sig codecov.SHA256SUM
        shasum -a 256 -c codecov.SHA256SUM
        # Upload coverage report
        chmod +x codecov
        ./codecov

  build:
    name: Build distribution
    if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
    runs-on: ubuntu-latest
    needs:
    - cqa
    - test
    steps:
      - uses: actions/checkout@v4
      - name: Set up Python
        uses: actions/setup-python@v5
        with:
          python-version: "3.12"
          cache: pip
          cache-dependency-path: '**/setup.cfg'
      - name: Install pypa/build
        run: >-
          python3 -m
          pip install
          build
          --user
      - name: Build a binary wheel and a source tarball
        run: python3 -m build
      - name: Store the distribution packages
        uses: actions/upload-artifact@v4
        with:
          name: python-package-distributions
          path: dist/

  publish-to-pypi:
    name: >-
      Publish Python distribution to PyPI
    needs:
      - build
    runs-on: ubuntu-latest
    environment:
      name: pypi
      url: https://pypi.org/p/bioutils
    permissions:
      id-token: write # IMPORTANT: mandatory for trusted publishing
    steps:
      - name: Download all the dists
        uses: actions/download-artifact@v4
        with:
          name: python-package-distributions
          path: dist/
      - name: Publish distribution to PyPI
        uses: pypa/gh-action-pypi-publish@release/v1