Support for h11, h2 and qh3 #2
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | ||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| pull_request: | ||
| permissions: "read-all" | ||
| concurrency: | ||
| group: ci-${{ github.ref_name }} | ||
| cancel-in-progress: true | ||
| defaults: | ||
| run: | ||
| shell: bash | ||
| jobs: | ||
| package: | ||
| runs-on: ubuntu-latest | ||
| timeout-minutes: 10 | ||
| steps: | ||
| - name: "Checkout repository" | ||
| uses: "actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3" | ||
| - name: "Setup Python" | ||
| uses: "actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b" | ||
| with: | ||
| python-version: "3.x" | ||
| cache: "pip" | ||
| - name: "Check packages" | ||
| run: | | ||
| python -m pip install -U pip setuptools wheel build twine rstcheck | ||
| python -m build | ||
| rstcheck CHANGES.rst | ||
| python -m twine check dist/* | ||
| test: | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12-dev"] | ||
| os: | ||
| - macos-11 | ||
| - windows-latest | ||
| - ubuntu-20.04 # OpenSSL 1.1.1 | ||
| - ubuntu-22.04 # OpenSSL 3.0 | ||
| nox-session: [''] | ||
| include: | ||
| - experimental: false | ||
| traefik-server: true | ||
| - python-version: "pypy-3.7" | ||
| os: ubuntu-latest | ||
| experimental: false | ||
| nox-session: test-pypy | ||
| - python-version: "pypy-3.8" | ||
| os: ubuntu-latest | ||
| experimental: false | ||
| nox-session: test-pypy | ||
| - python-version: "3.x" | ||
| os: ubuntu-latest | ||
| experimental: false | ||
| nox-session: test_brotlipy | ||
| # Test CPython with a broken hostname_checks_common_name (the fix is in 3.9.3) | ||
| - python-version: "3.9.2" | ||
| os: ubuntu-20.04 # CPython 3.9.2 is not available for ubuntu-22.04. | ||
| experimental: false | ||
| nox-session: test-3.9 | ||
| - python-version: "3.12-dev" | ||
| experimental: true | ||
| exclude: | ||
| # Ubuntu 22.04 comes with OpenSSL 3.0, so only CPython 3.9+ is compatible with it | ||
| # https://github.com/python/cpython/issues/83001 | ||
| - python-version: "3.7" | ||
| os: ubuntu-22.04 | ||
| - python-version: "3.8" | ||
| os: ubuntu-22.04 | ||
| # Testing with non-final CPython on macOS is too slow for CI. | ||
| - python-version: "3.12-dev" | ||
| os: macos-11 | ||
| runs-on: ${{ matrix.os }} | ||
| name: ${{ fromJson('{"macos-11":"macOS","windows-latest":"Windows","ubuntu-latest":"Ubuntu","ubuntu-20.04":"Ubuntu 20.04 (OpenSSL 1.1.1)","ubuntu-22.04":"Ubuntu 22.04 (OpenSSL 3.0)"}')[matrix.os] }} ${{ matrix.python-version }} ${{ matrix.nox-session }} | ||
| continue-on-error: ${{ matrix.experimental }} | ||
| timeout-minutes: 40 | ||
| steps: | ||
| - name: "Checkout repository" | ||
| uses: "actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3" | ||
| - name: "Traefik: Fake CA and Domain" | ||
| if: ${{ matrix.traefik-server && contains(matrix.os, "ubuntu") }} | ||
|
Check failure on line 94 in .github/workflows/ci.yml
|
||
| run: | | ||
| wget https://github.com/FiloSottile/mkcert/releases/download/v1.4.4/mkcert-v1.4.4-linux-amd64 | ||
| chmod +x mkcert-v1.4.4-linux-amd64 | ||
| sudo cp mkcert-v1.4.4-linux-amd64 /usr/local/bin/mkcert | ||
| sudo apt install libnss3-tools | ||
| mkdir ./certs | ||
| mkcert -install | ||
| mkcert -cert-file ./certs/httpbin.local.pem -key-file ./certs/httpbin.local.key httpbin.local alt.httpbin.local | ||
| echo "127.0.0.1 httpbin.local alt.httpbin.local" | sudo tee -a /etc/hosts | ||
| - name: "Traefik: Produce Compose & Config" | ||
| if: ${{ matrix.traefik-server && contains(matrix.os, "ubuntu") }} | ||
| env: | ||
| TRAEFIK_CERTIFICATE_TOML: | | ||
| [[tls.certificates]] | ||
| certFile = "/certs/httpbin.local.pem" | ||
| keyFile = "/certs/httpbin.local.key" | ||
| TRAEFIK_COMPOSE_SCHEMA: | | ||
| services: | ||
| proxy: | ||
| image: traefik:v2.10 | ||
| restart: unless-stopped | ||
| healthcheck: | ||
| test: [ "CMD", "traefik" ,"healthcheck", "--ping" ] | ||
| interval: 3s | ||
| timeout: 3s | ||
| retries: 10 | ||
| ports: | ||
| - target: 8888 | ||
| published: 8888 | ||
| protocol: tcp | ||
| mode: host | ||
| - target: 4443 | ||
| published: 4443 | ||
| protocol: tcp | ||
| mode: host | ||
| - target: 4443 | ||
| published: 4443 | ||
| protocol: udp | ||
| mode: host | ||
| volumes: | ||
| - /var/run/docker.sock:/var/run/docker.sock | ||
| - ./certs:/certs | ||
| command: | ||
| # Enable Docker in Traefik, so that it reads labels from Docker services | ||
| - --providers.docker | ||
| # TLS providers | ||
| - --providers.file.directory=/certs/ | ||
| # Auto discovery | ||
| - --providers.file.watch=true | ||
| # Do not expose all Docker services, only the ones explicitly exposed | ||
| - --providers.docker.exposedbydefault=false | ||
| # Create an entrypoint "http" listening on port 8080 | ||
| - --entrypoints.http.address=:8888 | ||
| # Create an entrypoint "https" listening on port 4443 | ||
| - --entrypoints.https.address=:4443 | ||
| # QUIC Related Configuration | ||
| - --experimental.http3=true | ||
| - --entrypoints.https.http3=true | ||
| # Enable the access log, with HTTP requests | ||
| - --accesslog | ||
| # Enable the Traefik log, for configurations and errors | ||
| - --log | ||
| # Disable the Dashboard and API | ||
| - --api.dashboard=false | ||
| # Enable healthcheck | ||
| - --ping | ||
| - --log.level=DEBUG | ||
| proxy_alt: | ||
| image: traefik:v2.10 | ||
| restart: unless-stopped | ||
| healthcheck: | ||
| test: [ "CMD", "traefik" ,"healthcheck", "--ping" ] | ||
| interval: 3s | ||
| timeout: 3s | ||
| retries: 10 | ||
| ports: | ||
| - target: 9999 | ||
| published: 9999 | ||
| protocol: tcp | ||
| mode: host | ||
| - target: 8754 | ||
| published: 8754 | ||
| protocol: tcp | ||
| mode: host | ||
| volumes: | ||
| - /var/run/docker.sock:/var/run/docker.sock | ||
| - ./certs:/certs | ||
| command: | ||
| # Enable Docker in Traefik, so that it reads labels from Docker services | ||
| - --providers.docker | ||
| # TLS providers | ||
| - --providers.file.directory=/certs/ | ||
| # Auto discovery | ||
| - --providers.file.watch=true | ||
| # Do not expose all Docker services, only the ones explicitly exposed | ||
| - --providers.docker.exposedbydefault=false | ||
| # Create an entrypoint "http" listening on port 9999 | ||
| - --entrypoints.http.address=:9999 | ||
| # Create an entrypoint "https" listening on port 8754 | ||
| - --entrypoints.https.address=:8754 | ||
| # Enable the access log, with HTTP requests | ||
| - --accesslog | ||
| # Enable the Traefik log, for configurations and errors | ||
| - --log | ||
| # Disable the Dashboard and API | ||
| - --api.dashboard=false | ||
| # Enable healthcheck | ||
| - --ping | ||
| httpbin: | ||
| image: mccutchen/go-httpbin:v2.8.0 | ||
| restart: unless-stopped | ||
| depends_on: | ||
| proxy: | ||
| condition: service_healthy | ||
| labels: | ||
| - traefik.enable=true | ||
| - traefik.http.routers.httpbin-http.rule=Host(`httpbin.local`) || Host(`alt.httpbin.local`) | ||
| - traefik.http.routers.httpbin-http.entrypoints=http | ||
| - traefik.http.routers.httpbin-https.rule=Host(`httpbin.local`) || Host(`alt.httpbin.local`) | ||
| - traefik.http.routers.httpbin-https.entrypoints=https | ||
| - traefik.http.routers.httpbin-https.tls=true | ||
| - traefik.http.services.httpbin.loadbalancer.server.port=8080 | ||
| run: | | ||
| echo "$TRAEFIK_COMPOSE_SCHEMA" > ./docker-compose.yaml | ||
| echo "$TRAEFIK_CERTIFICATE_TOML" > ./certs/certificate.toml | ||
| - name: "Traefik: Start stack" | ||
| if: ${{ matrix.traefik-server && contains(matrix.os, "ubuntu") }} | ||
| run: docker compose up -d | ||
| - name: "Traefik: Wait for service" | ||
| if: ${{ matrix.traefik-server && contains(matrix.os, "ubuntu") }} | ||
| run: curl --retry 30 --retry-max-time 120 --fail https://httpbin.local:4443/get | ||
| - name: "mkcert: export MKCERT_CA_ROOT" | ||
| if: ${{ matrix.traefik-server && contains(matrix.os, "ubuntu") }} | ||
| run: export MKCERT_CA_ROOT=`mkcert -CAROOT` | ||
| - name: "Setup Python ${{ matrix.python-version }}" | ||
| uses: "actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b" | ||
| with: | ||
| python-version: ${{ matrix.python-version }} | ||
| - name: "Install dependencies" | ||
| run: python -m pip install --upgrade pip setuptools nox | ||
| - name: "Run tests" | ||
| run: ./ci/run_tests.sh | ||
| env: | ||
| PYTHON_VERSION: ${{ matrix.python-version }} | ||
| NOX_SESSION: ${{ matrix.nox-session }} | ||
| - name: "Upload artifact" | ||
| uses: "actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce" | ||
| with: | ||
| name: coverage-data | ||
| path: ".coverage.*" | ||
| if-no-files-found: error | ||
| coverage: | ||
| if: always() | ||
| runs-on: "ubuntu-latest" | ||
| needs: test | ||
| steps: | ||
| - name: "Checkout repository" | ||
| uses: "actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3" | ||
| - name: "Setup Python" | ||
| uses: "actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b" | ||
| with: | ||
| python-version: "3.x" | ||
| - name: "Install coverage" | ||
| run: "python -m pip install --upgrade coverage" | ||
| - name: "Download artifact" | ||
| uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a | ||
| with: | ||
| name: coverage-data | ||
| - name: "Combine & check coverage" | ||
| run: | | ||
| python -m coverage combine | ||
| python -m coverage html --skip-covered --skip-empty | ||
| python -m coverage report --ignore-errors --show-missing --fail-under=100 | ||
| - if: ${{ failure() }} | ||
| name: "Upload report if check failed" | ||
| uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce | ||
| with: | ||
| name: coverage-report | ||
| path: htmlcov | ||
