Build and Upload weather-tools to PyPI workflow (google/weather-tools)
The Build and Upload weather-tools to PyPI workflow from google/weather-tools, explained and optimized by Latchkey.
CI health: C - fair
Point runs-on at Latchkey and get caching, job timeouts, SHA-pinned actions, self-healing for flaky steps, and up to 58% lower cost, applied automatically.
What it does
This is the Build and Upload weather-tools to PyPI workflow from the google/weather-tools repository, a real project running GitHub Actions. It is shown here with attribution under its Apache-2.0 license.
Below, Latchkey shows a faster, safer version produced by its optimization engine.
The workflow
# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Build and Upload weather-tools to PyPI
on:
release:
types: [published]
jobs:
build-artifacts:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2.3.1
with:
python-version: 3.8
- name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install setuptools setuptools-scm wheel twine check-manifest
- name: Build tarball and wheels
run: |
git clean -xdf
git restore -SW .
python -m build --sdist --wheel .
- name: Check built artifacts
run: |
python -m twine check dist/*
pwd
if [ -f dist/weather_tools-0.0.0.tar.gz ]; then
echo "❌ INVALID VERSION NUMBER"
exit 1
else
echo "✅ Looks good"
fi
- uses: actions/upload-artifact@v2
with:
name: releases
path: dist
test-built-dist:
needs: build-artifacts
runs-on: ubuntu-latest
steps:
- uses: actions/setup-python@v2.3.1
name: Install Python
with:
python-version: 3.8
- uses: actions/download-artifact@v4.1.7
with:
name: releases
path: dist
- name: List contents of built dist
run: |
ls -ltrh
ls -ltrh dist
- name: Publish package to TestPyPI
if: github.event_name == 'push'
uses: pypa/gh-action-pypi-publish@v1.4.2
with:
user: __token__
password: ${{ secrets.TESTPYPI_TOKEN }}
repository_url: https://test.pypi.org/legacy/
verbose: true
- name: Check uploaded package
if: github.event_name == 'push'
run: |
sleep 3
python -m pip install --upgrade pip
python -m pip install --extra-index-url https://test.pypi.org/simple --upgrade weather-tools
weather-dl --help && weather-mv --help && weather-sp --help
upload-to-pypi:
needs: test-built-dist
if: github.event_name == 'release'
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@v4.1.7
with:
name: releases
path: dist
- name: Publish package to PyPI
uses: pypa/gh-action-pypi-publish@v1.4.2
with:
user: __token__
password: ${{ secrets.PYPI_TOKEN }}
verbose: trueThe same workflow, on Latchkey
Estimated ~20% faster on cache hits, plus fewer wasted runs and a safer supply chain. Added and changed lines are highlighted.
# Copyright 2021 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. name: Build and Upload weather-tools to PyPI on: release: types: [published] jobs: build-artifacts: timeout-minutes: 30 runs-on: latchkey-small steps: - uses: actions/checkout@v2 - name: Set up Python uses: actions/setup-python@v2.3.1 with: cache: 'pip' python-version: 3.8 - name: Install dependencies run: | python -m pip install --upgrade pip python -m pip install setuptools setuptools-scm wheel twine check-manifest - name: Build tarball and wheels run: | git clean -xdf git restore -SW . python -m build --sdist --wheel . - name: Check built artifacts run: | python -m twine check dist/* pwd if [ -f dist/weather_tools-0.0.0.tar.gz ]; then echo "❌ INVALID VERSION NUMBER" exit 1 else echo "✅ Looks good" fi - uses: actions/upload-artifact@v2 with: name: releases path: dist test-built-dist: timeout-minutes: 30 needs: build-artifacts runs-on: latchkey-small steps: - uses: actions/setup-python@v2.3.1 name: Install Python with: cache: 'pip' python-version: 3.8 - uses: actions/download-artifact@v4.1.7 with: name: releases path: dist - name: List contents of built dist run: | ls -ltrh ls -ltrh dist - name: Publish package to TestPyPI if: github.event_name == 'push' uses: pypa/gh-action-pypi-publish@v1.4.2 with: user: __token__ password: ${{ secrets.TESTPYPI_TOKEN }} repository_url: https://test.pypi.org/legacy/ verbose: true - name: Check uploaded package if: github.event_name == 'push' run: | sleep 3 python -m pip install --upgrade pip python -m pip install --extra-index-url https://test.pypi.org/simple --upgrade weather-tools weather-dl --help && weather-mv --help && weather-sp --help upload-to-pypi: timeout-minutes: 30 needs: test-built-dist if: github.event_name == 'release' runs-on: latchkey-small steps: - uses: actions/download-artifact@v4.1.7 with: name: releases path: dist - name: Publish package to PyPI uses: pypa/gh-action-pypi-publish@v1.4.2 with: user: __token__ password: ${{ secrets.PYPI_TOKEN }} verbose: true
What changed
- Run on Latchkey managed runners with one line (
runs-on), which apply the fixes below automatically and self-heal transient failures. This example useslatchkey-small; pick the runner size that fits the job. - Cache dependency installs on the setup step so they are served from cache.
- Add a job timeout so a hung step cannot burn hours of runner time.
1 third-party action is referenced by a movable tag. Pin it to the commit SHA (Latchkey resolves and applies this automatically) so a repointed tag cannot change what runs.
What Latchkey heals here
This workflow has steps that commonly fail on transient issues (network, registries, flaky browsers). On Latchkey managed runners they are detected, retried, and self-healed instead of failing your build:
- Dependency installs
This workflow runs 3 jobs per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.