4ee61cb8b9
pip audit silence
178 lines
5.9 KiB
YAML
178 lines
5.9 KiB
YAML
name: CI
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
- '[0-9].[0-9]+' # matches to backport branches, e.g. 3.6
|
|
tags: [ 'v*' ]
|
|
pull_request:
|
|
branches:
|
|
- main
|
|
- '[0-9].[0-9]+'
|
|
- 'update/pre-commit-autoupdate'
|
|
schedule:
|
|
- cron: '0 6 * * *' # Daily 6AM UTC build
|
|
|
|
env:
|
|
pythonversion: 3.9
|
|
|
|
|
|
jobs:
|
|
|
|
dependency-audit:
|
|
name: Dependency audit
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- name: install python
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: ${{env.pythonversion}}
|
|
- name: create local poetry install
|
|
run: |
|
|
python -m venv .venv
|
|
source .venv/bin/activate
|
|
pip install --upgrade pip setuptools
|
|
python -m pip install poetry
|
|
poetry install
|
|
- uses: trailofbits/gh-action-pip-audit@v1.0.5
|
|
with:
|
|
virtual-environment: .venv
|
|
ignore-vulns: |
|
|
GHSA-w596-4wvx-j9j6 # subversion related git dep, dependency for pytest. This is no impact here.
|
|
GHSA-2p9h-ccw7-33gf # invalid ddos comment on the cleo package
|
|
GHSA-hcpj-qp55-gfph
|
|
GHSA-29gw-9793-fvw7 # ipython test dep, not in release
|
|
|
|
lint:
|
|
name: Linter
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 5
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v3
|
|
- name: Setup Python 3.9
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: ${{env.pythonversion}}
|
|
#----------------------------------------------
|
|
# ----- install & configure poetry -----
|
|
#----------------------------------------------
|
|
- name: Install Poetry
|
|
uses: snok/install-poetry@v1
|
|
with:
|
|
virtualenvs-create: true
|
|
virtualenvs-in-project: true
|
|
installer-parallel: true
|
|
#----------------------------------------------
|
|
# load cached venv if cache exists
|
|
#----------------------------------------------
|
|
- name: Load cached venv
|
|
id: cached-poetry-dependencies
|
|
uses: actions/cache@v3
|
|
with:
|
|
path: .venv
|
|
key: venv-${{ runner.os }}-${{ hashFiles('**/poetry.lock') }}
|
|
- name: Make sync version of library (redis_om)
|
|
run: make sync
|
|
#----------------------------------------------
|
|
# install dependencies if cache does not exist
|
|
#----------------------------------------------
|
|
- name: Install dependencies
|
|
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
|
|
run: poetry install --no-interaction --no-root
|
|
#----------------------------------------------
|
|
# install your root project, if required
|
|
#----------------------------------------------
|
|
- name: Install library
|
|
run: poetry install --no-interaction
|
|
#----------------------------------------------
|
|
# run test suite
|
|
#----------------------------------------------
|
|
- name: Run linter
|
|
run: |
|
|
make dist
|
|
make lint
|
|
|
|
test-unix:
|
|
name: Test Unix
|
|
needs: lint
|
|
strategy:
|
|
matrix:
|
|
os: [ ubuntu-latest ]
|
|
pyver: ["3.7", "3.8", "3.9", "3.10", "3.11", "pypy-3.8", "pypy-3.7" ]
|
|
redisstack: [ "latest" ]
|
|
fail-fast: false
|
|
services:
|
|
redis:
|
|
image: redis/redis-stack:${{ matrix.redisstack }}
|
|
ports:
|
|
# Maps port 6379 on service container to the host
|
|
- 6379:6379
|
|
# Set health checks to wait until redis has started
|
|
options: >-
|
|
--health-cmd "redis-cli ping"
|
|
--health-interval 10s
|
|
--health-timeout 5s
|
|
--health-retries 5
|
|
runs-on: ${{ matrix.os }}
|
|
timeout-minutes: 15
|
|
env:
|
|
OS: ${{ matrix.os }}
|
|
INSTALL_DIR: ${{ github.workspace }}/redis
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v3
|
|
- name: Setup Python ${{ matrix.pyver }}
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: ${{ matrix.pyver }}
|
|
#----------------------------------------------
|
|
# ----- install & configure poetry -----
|
|
#----------------------------------------------
|
|
- name: Install Poetry
|
|
uses: snok/install-poetry@v1
|
|
with:
|
|
virtualenvs-create: true
|
|
virtualenvs-in-project: true
|
|
installer-parallel: true
|
|
#----------------------------------------------
|
|
# load cached venv if cache exists
|
|
#----------------------------------------------
|
|
- name: Load cached venv
|
|
id: cached-poetry-dependencies
|
|
uses: actions/cache@v3
|
|
with:
|
|
path: .venv
|
|
key: venv-${{ runner.os }}-${{ hashFiles('**/poetry.lock') }}
|
|
#----------------------------------------------
|
|
# Make sync version of library (redis_om)
|
|
#----------------------------------------------
|
|
- name: Make sync version of library (redis_om)
|
|
run: make sync
|
|
#----------------------------------------------
|
|
# install dependencies if cache does not exist
|
|
#----------------------------------------------
|
|
- name: Install dependencies
|
|
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
|
|
run: poetry install --no-interaction --no-root
|
|
#----------------------------------------------
|
|
# install your root project, if required
|
|
#----------------------------------------------
|
|
- name: Install library
|
|
run: poetry install --no-interaction
|
|
- name: Run unittests (redisstack:${{ matrix.redisstack }}, ${{ matrix.os }})
|
|
env:
|
|
REDIS_OM_URL: "redis://localhost:6379?decode_responses=True"
|
|
run: |
|
|
make test
|
|
poetry run coverage xml
|
|
- name: Upload coverage
|
|
uses: codecov/codecov-action@v3
|
|
with:
|
|
file: ./coverage.xml
|
|
flags: unit
|
|
env_vars: OS
|
|
fail_ci_if_error: false
|