2022-11-10 21:00:44 +00:00
name : Tests
on :
- push
- pull_request
2022-11-11 13:56:12 +00:00
defaults :
run :
working-directory : spiffworkflow-backend
2022-11-10 21:00:44 +00:00
jobs :
2022-11-11 17:39:46 +00:00
tests :
name : ${{ matrix.session }} ${{ matrix.python }} / ${{ matrix.os }} ${{ matrix.database }}
runs-on : ${{ matrix.os }}
strategy :
fail-fast : false
matrix :
include :
2022-11-13 03:41:43 +00:00
# - { python: "3.11", os: "ubuntu-latest", session: "safety" }
# - { python: "3.11", os: "ubuntu-latest", session: "mypy" }
# - { python: "3.10", os: "ubuntu-latest", session: "mypy" }
# - { python: "3.9", os: "ubuntu-latest", session: "mypy" }
2022-11-11 17:39:46 +00:00
- {
python : "3.11" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "mysql" ,
}
2022-11-13 03:41:43 +00:00
# - {
# python: "3.11",
# os: "ubuntu-latest",
# session: "tests",
# database: "postgres",
# }
# - {
# python: "3.11",
# os: "ubuntu-latest",
# session: "tests",
# database: "sqlite",
# }
# - {
# python: "3.10",
# os: "ubuntu-latest",
# session: "tests",
# database: "sqlite",
# }
# - {
# python: "3.9",
# os: "ubuntu-latest",
# session: "tests",
# database: "sqlite",
# }
# - {
# python: "3.10",
# os: "windows-latest",
# session: "tests",
# database: "sqlite",
# }
# - {
# python: "3.11",
# os: "macos-latest",
# session: "tests",
# database: "sqlite",
# }
# - {
# # typeguard 2.13.3 is broken with TypeDict in 3.11.
# # probably the next release fixes it.
# # https://github.com/agronholm/typeguard/issues/242
# python: "3.11",
# os: "ubuntu-latest",
# session: "typeguard",
# database: "sqlite",
# }
# - { python: "3.11", os: "ubuntu-latest", session: "xdoctest" }
# - { python: "3.11", os: "ubuntu-latest", session: "docs-build" }
2022-11-11 17:39:46 +00:00
env :
NOXSESSION : ${{ matrix.session }}
SPIFF_DATABASE_TYPE : ${{ matrix.database }}
FORCE_COLOR : "1"
PRE_COMMIT_COLOR : "always"
DB_PASSWORD : password
FLASK_SESSION_SECRET_KEY : super_secret_key
steps :
- name : Check out the repository
uses : actions/checkout@v3.0.2
- name : Set up Python ${{ matrix.python }}
uses : actions/setup-python@v4.2.0
with :
python-version : ${{ matrix.python }}
- name : Upgrade pip
run : |
pip install --constraint=.github/workflows/constraints.txt pip
pip --version
- name : Upgrade pip in virtual environments
shell : python
run : |
import os
import pip
with open(os.environ["GITHUB_ENV"], mode="a") as io:
print(f"VIRTUALENV_PIP={pip.__version__}", file=io)
- name : Install Poetry
run : |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
poetry --version
- name : Install Nox
run : |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt nox
pipx inject --pip-args=--constraint=.github/workflows/constraints.txt nox nox-poetry
nox --version
# - name: Compute pre-commit cache key
# if: matrix.session == 'pre-commit'
# id: pre-commit-cache
# shell: python
# run: |
# import hashlib
# import sys
#
# python = "py{}.{}".format(*sys.version_info[:2])
# payload = sys.version.encode() + sys.executable.encode()
# digest = hashlib.sha256(payload).hexdigest()
# result = "${{ runner.os }}-{}-{}-pre-commit".format(python, digest[:8])
#
# print("::set-output name=result::{}".format(result))
#
# - name: Restore pre-commit cache
# uses: actions/cache@v3.0.11
# if: matrix.session == 'pre-commit'
# with:
# path: ~/.cache/pre-commit
# key: ${{ steps.pre-commit-cache.outputs.result }}-${{ hashFiles('.pre-commit-config.yaml') }}
# restore-keys: |
# ${{ steps.pre-commit-cache.outputs.result }}-
- name : Setup Mysql
uses : mirromutth/mysql-action@v1.1
with :
host port : 3306
container port : 3306
mysql version : "8.0"
mysql database : "spiffworkflow_backend_testing"
mysql root password : password
if : matrix.database == 'mysql'
- name : Setup Postgres
run : docker run --name postgres-spiff -p 5432:5432 -e POSTGRES_PASSWORD=spiffworkflow_backend -e POSTGRES_USER=spiffworkflow_backend -e POSTGRES_DB=spiffworkflow_backend_testing -d postgres
if : matrix.database == 'postgres'
- name : Run Nox
run : |
nox --force-color --python=${{ matrix.python }}
- name : Upload coverage data
# pin to upload coverage from only one matrix entry, otherwise coverage gets confused later
2022-11-13 02:51:35 +00:00
if : always() && matrix.session == 'tests' && matrix.python == '3.11' && matrix.os == 'ubuntu-latest' && matrix.database == 'mysql'
2022-11-11 17:39:46 +00:00
uses : "actions/upload-artifact@v3.0.0"
2022-11-13 02:51:35 +00:00
# this action doesn't seem to respect working-directory so include working-directory value in path
2022-11-11 17:39:46 +00:00
with :
name : coverage-data
2022-11-13 02:51:35 +00:00
path : "spiffworkflow-backend/.coverage.*"
2022-11-11 17:39:46 +00:00
- name : Upload documentation
if : matrix.session == 'docs-build'
uses : actions/upload-artifact@v3.0.0
with :
name : docs
path : docs/_build
- name : Upload logs
if : failure() && matrix.session == 'tests'
uses : "actions/upload-artifact@v3.0.0"
with :
name : logs-${{matrix.python}}-${{matrix.os}}-${{matrix.database}}
path : "./log/*.log"
run_pre_commit_checks :
runs-on : ubuntu-latest
defaults :
run :
working-directory : .
steps :
- name : Check out the repository
uses : actions/checkout@v3.0.2
with :
# Disabling shallow clone is recommended for improving relevancy of reporting in sonarcloud
fetch-depth : 0
- name : Set up Python
uses : actions/setup-python@v4.2.0
with :
python-version : "3.11"
- name : Install Poetry
run : |
pipx install poetry
poetry --version
- name : Poetry Install
run : poetry install
- name : run_pre_commit
run : ./bin/run_pre_commit_in_ci
check_docker_start_script :
runs-on : ubuntu-latest
steps :
- name : Check out the repository
uses : actions/checkout@v3.0.2
with :
# Disabling shallow clone is recommended for improving relevancy of reporting in sonarcloud
fetch-depth : 0
- name : start_backend
run : ./bin/build_and_run_with_docker_compose
timeout-minutes : 20
env :
SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA : "true"
- name : wait_for_backend
run : ./bin/wait_for_server_to_be_up 5
coverage :
runs-on : ubuntu-latest
needs : tests
steps :
- name : Check out the repository
uses : actions/checkout@v3.0.2
with :
# Disabling shallow clone is recommended for improving relevancy of reporting in sonarcloud
fetch-depth : 0
- name : Set up Python
uses : actions/setup-python@v4.2.0
with :
python-version : "3.11"
- name : Upgrade pip
run : |
pip install --constraint=.github/workflows/constraints.txt pip
pip --version
- name : Install Poetry
run : |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
poetry --version
- name : Install Nox
run : |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt nox
pipx inject --pip-args=--constraint=.github/workflows/constraints.txt nox nox-poetry
nox --version
- name : Download coverage data
uses : actions/download-artifact@v3.0.1
with :
name : coverage-data
- name : Combine coverage data and display human readable report
run : |
find . -name \*.pyc -delete
2022-11-13 03:41:43 +00:00
echo debug
pwd
2022-11-13 03:50:42 +00:00
ls -altr
2022-11-11 17:39:46 +00:00
nox --force-color --session=coverage
- name : Create coverage report
run : |
nox --force-color --session=coverage -- xml
- name : Upload coverage report
uses : codecov/codecov-action@v3.1.0
- name : SonarCloud Scan
uses : sonarsource/sonarcloud-github-action@master
# thought about just skipping dependabot
# if: ${{ github.actor != 'dependabot[bot]' }}
# but figured all pull requests seems better, since none of them will have access to sonarcloud.
# however, with just skipping pull requests, the build associated with "Triggered via push" is also associated with the pull request and also fails hitting sonarcloud
# if: ${{ github.event_name != 'pull_request' }}
# so just skip everything but main
if : github.ref_name == 'main'
env :
GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN : ${{ secrets.SONAR_TOKEN }}
# part about saving PR number and then using it from auto-merge-dependabot-prs from:
# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_run
- name : Save PR number
if : ${{ github.event_name == 'pull_request' }}
env :
PR_NUMBER : ${{ github.event.number }}
run : |
mkdir -p ./pr
echo "$PR_NUMBER" > ./pr/pr_number
- uses : actions/upload-artifact@v3
with :
name : pr_number
path : pr/
2022-11-11 17:24:31 +00:00
build-and-push-image :
if : github.ref_name == 'main' && ${{ github.event_name == 'push' }}
2022-11-11 17:39:46 +00:00
needs : tests
2022-11-11 17:24:31 +00:00
env :
REGISTRY : ghcr.io
IMAGE_NAME : sartography/spiffworkflow-backend
runs-on : ubuntu-latest
permissions :
contents : read
packages : write
steps :
2022-11-11 17:26:51 +00:00
- name : Check out the repository
uses : actions/checkout@v3.0.2
with :
# Disabling shallow clone is recommended for improving relevancy of reporting in sonarcloud
fetch-depth : 0
2022-11-11 17:24:31 +00:00
- name : Get current date
id : date
run : echo "::set-output name=date::$(date +%s)"
- name : Log in to the Container registry
uses : docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
with :
registry : ${{ env.REGISTRY }}
username : ${{ github.actor }}
password : ${{ secrets.GITHUB_TOKEN }}
- name : Extract metadata (tags, labels) for Docker
id : meta
uses : docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
with :
images : ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name : Build and push Docker image
uses : docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
env :
# if we ever support more than main we will need to format the ref name
# like sub '/' with '-'
TAG : ${{ github.ref_name }}-${{ steps.date.outputs.date }}
with :
2022-11-11 17:39:46 +00:00
# this action doesn't seem to respect working-directory so set context
2022-11-11 17:31:26 +00:00
context : spiffworkflow-backend
2022-11-11 17:24:31 +00:00
push : true
tags : ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG }}
labels : ${{ steps.meta.outputs.labels }}