-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
8 changed files
with
161 additions
and
41 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| name: CD | ||
|
|
||
| on: | ||
| push: | ||
| tags: | ||
| - '**' | ||
|
|
||
| jobs: | ||
|
|
||
| check-tag-version-job: | ||
| name: Check Release Tag | ||
| uses: ./.github/workflows/check-release-tag.yml | ||
|
|
||
| cd-job: | ||
| name: Continuous Delivery | ||
| uses: ./.github/workflows/build-and-publish.yml | ||
| secrets: | ||
| PYPI_TOKEN: ${{ secrets.PYPI_TOKEN }} | ||
|
|
||
| publish-docs: | ||
| needs: [ cd-job ] | ||
| name: Publish Documentation | ||
| uses: ./.github/workflows/gh-pages.yml | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,11 +1,15 @@ | ||
| name: Checks | ||
|
|
||
| on: workflow_call | ||
| on: | ||
| workflow_call: | ||
| secrets: | ||
| ALTERNATIVE_GITHUB_TOKEN: | ||
| required: false | ||
|
|
||
| jobs: | ||
|
|
||
| version-check-job: | ||
| name: Version Check | ||
| Version-Check: | ||
| name: Version | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
|
|
@@ -20,9 +24,9 @@ jobs: | |
| - name: Check Version(s) | ||
| run: poetry run version-check version.py | ||
|
|
||
| build-documentation-job: | ||
| Documentation: | ||
| name: Build Documentation | ||
| needs: [version-check-job] | ||
| needs: [ Version-Check ] | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
|
|
@@ -34,11 +38,11 @@ jobs: | |
|
|
||
| - name: Build Documentation | ||
| run: | | ||
| poetry run python -m nox -s build-docs | ||
| poetry run python -m nox -s docs:build | ||
| lint-job: | ||
| Lint: | ||
| name: Linting (Python-${{ matrix.python-version }}) | ||
| needs: [version-check-job] | ||
| needs: [ Version-Check ] | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| fail-fast: false | ||
|
|
@@ -54,18 +58,19 @@ jobs: | |
| with: | ||
| python-version: ${{ matrix.python-version }} | ||
|
|
||
| - name: Run Linter | ||
| run: poetry run nox -s lint | ||
| - name: Run lint | ||
| run: poetry run nox -s lint:code | ||
|
|
||
| - name: Upload Artifacts | ||
| uses: actions/upload-artifact@v3 | ||
| uses: actions/upload-artifact@v4.4.0 | ||
| with: | ||
| name: .lint.txt | ||
| name: lint-python${{ matrix.python-version }} | ||
| path: .lint.txt | ||
| include-hidden-files: true | ||
|
|
||
| type-check-job: | ||
| Type-Check: | ||
| name: Type Checking (Python-${{ matrix.python-version }}) | ||
| needs: [version-check-job] | ||
| needs: [ Version-Check ] | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| fail-fast: false | ||
|
|
@@ -81,13 +86,40 @@ jobs: | |
| with: | ||
| python-version: ${{ matrix.python-version }} | ||
|
|
||
| - name: Run Type check | ||
| run: poetry run nox -s type-check | ||
| - name: Run type-check | ||
| run: poetry run nox -s lint:typing | ||
|
|
||
| tests-job: | ||
| Security: | ||
| name: Security Checks (Python-${{ matrix.python-version }}) | ||
| needs: [ Version-Check ] | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| python-version: ["3.10", "3.11"] | ||
|
|
||
| steps: | ||
| - name: SCM Checkout | ||
| uses: actions/checkout@v4 | ||
| - name: Setup Python & Poetry Environment | ||
| uses: exasol/python-toolbox/.github/actions/[email protected] | ||
| with: | ||
| python-version: ${{ matrix.python-version }} | ||
| - name: Run security linter | ||
| run: poetry run nox -s lint:security | ||
| - name: Upload Artifacts | ||
| uses: actions/[email protected] | ||
| with: | ||
| name: security-python${{ matrix.python-version }} | ||
| path: .security.json | ||
| include-hidden-files: true | ||
|
|
||
| Tests: | ||
| name: Tests (Python-${{ matrix.python-version }}, Exasol-${{ matrix.exasol-version}}) | ||
| needs: [build-documentation-job, lint-job, type-check-job] | ||
| needs: [ Documentation, Lint, Type-Check, Security ] | ||
| runs-on: ubuntu-latest | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.ALTERNATIVE_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
|
|
@@ -102,7 +134,6 @@ jobs: | |
| with: | ||
| tool-cache: true | ||
| large-packages: false | ||
|
|
||
| - name: Free disk space by removing large directories | ||
| run: | | ||
| sudo rm -rf /usr/local/graalvm/ | ||
|
|
@@ -111,13 +142,14 @@ jobs: | |
| sudo rm -rf /usr/local/share/chromium | ||
| sudo rm -rf /usr/local/lib/node_modules | ||
| sudo rm -rf /opt/ghc | ||
| - name: Setup Python & Poetry Environment | ||
| uses: exasol/python-toolbox/.github/actions/[email protected] | ||
| with: | ||
| python-version: ${{ matrix.python-version }} | ||
|
|
||
| - name: Calculate Test Coverage | ||
| run: poetry run nox -s coverage -- -- --db-version ${{ matrix.exasol-version }} | ||
| run: poetry run nox -s test:coverage -- -- --db-version ${{ matrix.exasol-version }} | ||
| env: | ||
| PYTEST_ADDOPTS: > | ||
| -W 'ignore::DeprecationWarning:luigi:' | ||
|
|
@@ -127,7 +159,8 @@ jobs: | |
| -W 'ignore::DeprecationWarning:exasol_integration_test_docker_environment:' | ||
| - name: Upload Artifacts | ||
| uses: actions/upload-artifact@v3 | ||
| uses: actions/upload-artifact@v4.4.0 | ||
| with: | ||
| name: .coverage | ||
| name: coverage-python${{ matrix.python-version }} | ||
| path: .coverage | ||
| include-hidden-files: true | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,8 @@ | ||
| name: Publish Documentation | ||
|
|
||
| on: workflow_call | ||
| on: | ||
| workflow_call: | ||
| workflow_dispatch: | ||
|
|
||
| jobs: | ||
|
|
||
|
|
@@ -10,16 +12,18 @@ jobs: | |
| steps: | ||
| - name: SCM Checkout | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
|
|
||
| - name: Setup Python & Poetry Environment | ||
| uses: exasol/python-toolbox/.github/actions/[email protected] | ||
|
|
||
| - name: Build Documentation | ||
| run: | | ||
| poetry run python -m nox -s build-docs | ||
| poetry run nox -s docs:multiversion | ||
| - name: Deploy | ||
| uses: JamesIves/github-pages-deploy-action@v4.4.1 | ||
| uses: JamesIves/github-pages-deploy-action@v4.6.0 | ||
| with: | ||
| branch: gh-pages | ||
| folder: .html-documentation | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,46 @@ | ||
| name: Merge-Gate | ||
|
|
||
| on: | ||
| workflow_call: | ||
| secrets: | ||
| ALTERNATIVE_GITHUB_TOKEN: | ||
| required: false | ||
|
|
||
| jobs: | ||
|
|
||
| fast-checks: | ||
| name: Fast | ||
| uses: ./.github/workflows/checks.yml | ||
|
|
||
| slow-checks: | ||
| name: Slow | ||
| runs-on: ubuntu-latest | ||
|
|
||
| # Even though the environment "manual-approval" will be created automatically, | ||
| # it still needs to be configured to require interactive review. | ||
| # See project settings on GitHub (Settings / Environments / manual-approval). | ||
| environment: manual-approval | ||
|
|
||
| # Replace the steps below with the required actions | ||
| # and/or add additional jobs if required | ||
| # Note: | ||
| # If you add additional jobs, make sure they are added as a requirement | ||
| # to the approve-merge job's input requirements (needs). | ||
| steps: | ||
| - name: Tests | ||
| run: | | ||
| echo "Slow tests ran successfully" | ||
| # This job ensures inputs have been executed successfully. | ||
| approve-merge: | ||
| name: Allow Merge | ||
| runs-on: ubuntu-latest | ||
| # If you need additional jobs to be part of the merge gate, add them below | ||
| needs: [ fast-checks, slow-checks ] | ||
|
|
||
| # Each job requires a step, so we added this dummy step. | ||
| steps: | ||
| - name: Approve | ||
| run: | | ||
| echo "Merge Approved" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -9,7 +9,6 @@ on: | |
| jobs: | ||
|
|
||
| report: | ||
| name: Generate Status Report | ||
| runs-on: ubuntu-latest | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.ALTERNATIVE_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} | ||
|
|
@@ -24,32 +23,32 @@ jobs: | |
| uses: exasol/python-toolbox/.github/actions/[email protected] | ||
|
|
||
| - name: Download Artifacts | ||
| uses: actions/download-artifact@v3 | ||
| uses: actions/download-artifact@v4.1.8 | ||
| with: | ||
| path: ./artifacts | ||
|
|
||
| - name: Copy Artifacts into Root Folder | ||
| if: ${{ (hashFiles('./artifacts/.coverage/.coverage') != '') && (hashFiles('./artifacts/.lint.txt/.lint.txt') != '')}} | ||
| working-directory: ./artifacts | ||
| run: | | ||
| cp .coverage/.coverage ../ | ||
| cp .lint.txt/.lint.txt ../ | ||
| cp coverage-python3.9/.coverage ../ | ||
| cp lint-python3.9/.lint.txt ../ | ||
| cp security-python3.9/.security.json ../ | ||
| - name: Generate Report | ||
| run: poetry run nox -s report -- -- --format json | tee metrics.json | ||
| run: poetry run nox -s project:report -- -- --format json | tee metrics.json | ||
|
|
||
| - name: Upload Artifacts | ||
| uses: actions/upload-artifact@v3 | ||
| uses: actions/upload-artifact@v4.4.0 | ||
| with: | ||
| name: metrics.json | ||
| path: metrics.json | ||
|
|
||
| - name: Generate GitHub Summary | ||
| if: ${{ (hashFiles('./artifacts/.coverage/.coverage') != '') && (hashFiles('./artifacts/.lint.txt/.lint.txt') != '')}} | ||
| run: | | ||
| echo -e "# Summary\n" >> $GITHUB_STEP_SUMMARY | ||
| poetry run nox -s report -- -- --format markdown >> $GITHUB_STEP_SUMMARY | ||
| poetry run nox -s project:report -- -- --format markdown >> $GITHUB_STEP_SUMMARY | ||
| echo -e "\n\n# Coverage\n" >> $GITHUB_STEP_SUMMARY | ||
| poetry run coverage report -- --format markdown >> $GITHUB_STEP_SUMMARY | ||
| echo -e "\n\n# Static Code Analysis\n" >> $GITHUB_STEP_SUMMARY | ||
| cat .lint.txt >> $GITHUB_STEP_SUMMARY | ||
| poetry run tbx security pretty-print .security.json >> $GITHUB_STEP_SUMMARY | ||