Skip to content
Tests And Linting

chore(deps): bump github/codeql-action from 2 to 3 (#26) #107

Sign in to view logs

chore(deps): bump github/codeql-action from 2 to 3 (#26)

chore(deps): bump github/codeql-action from 2 to 3 (#26) #107

Workflow file for this run

.github/workflows/ci.yaml at 211dc0e
name: Tests And Linting
on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]
env:
APP_SECRET_KEY: "ThisIsABadSecret"
jobs:
validate:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v3
- uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Install Pre-Commit
run: python -m pip install pre-commit && pre-commit install
- name: Load cached Pre-Commit Dependencies
id: cached-pre-commit-dependencies
uses: actions/cache@v3
with:
path: ~/.cache/pre-commit/
key: pre-commit-4|${{ env.pythonLocation }}|${{ hashFiles('.pre-commit-config.yaml') }}
- name: Execute Pre-Commit
run: pre-commit run --show-diff-on-failure --color=always --all-files
test:
strategy:
fail-fast: true
matrix:
python-version: ["3.11"]
uses: ./.github/workflows/test.yaml
with:
python-version: ${{ matrix.python-version }}
coverage: ${{ matrix.python-version == '3.11' }}
integration: ${{ matrix.python-version == '3.11' }}
test-platform-compat:
if: github.event_name == 'push'
strategy:
fail-fast: true
matrix:
os: ["macos-latest"]
uses: ./.github/workflows/test.yaml
with:
python-version: "3.11"
os: ${{ matrix.os }}
sonarcloud:
name: SonarCloud
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
# Disable snyk for now, doesn't support PDM?
# snyk:
# needs:
# - test
# - validate
# if: github.event.pull_request.head.repo.fork == false && github.repository_owner == 'jacobcoffee'
# runs-on: ubuntu-latest
# steps:
# - name: Check out repository
# uses: actions/checkout@v3
#
# - name: Run Snyk Monitor
# if: ${{ github.ref == 'refs/heads/main' }}
# uses: snyk/actions/python-3.8@master
# with:
# command: monitor
# env:
# SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
#
# - name: Run Snyk Test
# if: ${{ github.ref != 'refs/heads/main' }}
# uses: snyk/actions/python-3.8@master
# with:
# command: test
# env:
# SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
codeql:
needs:
- test
- validate
runs-on: ubuntu-latest
permissions:
security-events: write
steps:
- name: Check out repository
uses: actions/checkout@v3
- name: Initialize CodeQL Without Dependencies
uses: github/codeql-action/init@v3
with:
setup-python-dependencies: false
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
build-docs:
needs:
- validate
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.11"
allow-prereleases: true
- uses: pdm-project/setup-pdm@v3
name: Setup PDM
with:
python-version: 3.11
allow-python-prereleases: true
cache: true
- name: Install dependencies
run: pdm install -G:all
- name: Build docs
run: pdm run make docs
- name: Save PR number
env:
PR_NUMBER: ${{ github.event.number }}
run: echo $PR_NUMBER > .pr_number
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: docs-preview
path: |
docs/_build/html
.pr_number
changelog:
needs:
- test
- validate
if: github.event.pull_request.head.repo.fork == false && github.repository_owner == 'JacobCoffee'
runs-on: ubuntu-latest
steps:
- name: Generate a changelog
uses: orhun/git-cliff-action@v2
with:
config: cliff.toml
args: --verbose
env:
OUTPUT: changelog.rst