Skip to content

Bump rojopolis/spellcheck-github-actions from 0.35.0 to 0.41.0 #280

Bump rojopolis/spellcheck-github-actions from 0.35.0 to 0.41.0

Bump rojopolis/spellcheck-github-actions from 0.35.0 to 0.41.0 #280

name: "Test and Publish"
on:
push:
branches:
- master
- develop
paths-ignore:
- "docs/**"
- CHANGELOG.md
- README.md
- CONTRIBUTING.md
pull_request:
branches:
- master
- develop
paths-ignore:
- "docs/**"
- CHANGELOG.md
- README.md
- CONTRIBUTING.md
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
repository_dispatch:
types: [ok-to-test-command]
jobs:
unit_tests:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: [ '3.8', '3.9', '3.10', '3.11']
steps:
- uses: actions/checkout@v4
- name: Setup python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Setup poetry
run: |
python -V
python -m pip install poetry
- name: Check pre-commit status
run: |
poetry install -v
poetry run pre-commit run --all-files
- name: Test with tox
run: |
pip install tox-pip-version tox-gh-actions "tox<4.0.0"
tox -v
- name: Store coverage reports
uses: actions/upload-artifact@v4
with:
name: coverage-${{ matrix.python-version }}
path: coverage.xml
if-no-files-found: error
sonarcloud_trusted_branch:
if: (github.event_name != 'repository_dispatch' && (github.event.pull_request.head.repo.full_name == github.repository || github.event.pull_request == null)) && (github.actor != 'dependabot[bot]')
runs-on: ubuntu-latest
needs: unit_tests
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Run sonarcloud scan
uses: ./.github/actions/sonarcloud
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
sonarcloud_token: ${{ secrets.SONARCLOUD_TOKEN }}
project_base_dir: ${{ github.workspace }}
sonarcloud_forked_branch:
if: |
github.event_name == 'repository_dispatch' &&
github.event.client_payload.slash_command.args.named.sha != '' &&
contains(
github.event.client_payload.pull_request.head.sha,
github.event.client_payload.slash_command.args.named.sha
) &&
(github.actor != 'dependabot[bot]')
runs-on: ubuntu-latest
permissions:
pull-requests: write
checks: write
needs: unit_tests
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
ref: 'refs/pull/${{ github.event.client_payload.pull_request.number }}/merge'
- name: Run sonarcloud scan
uses: ./.github/actions/sonarcloud
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
sonarcloud_token: ${{ secrets.SONARCLOUD_TOKEN }}
project_base_dir: ${{ github.workspace }}
- name: Update check status
uses: ./.github/actions/update_check_run
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
pull_request_number: ${{ github.event.client_payload.pull_request.number }}
job: ${{ github.job }}
conclusion: ${{ job.status }}
codeql:
if: (github.actor != 'dependabot[bot]')
runs-on: ubuntu-latest
needs: unit_tests
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: python
- name: Autobuild
uses: github/codeql-action/autobuild@v3
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
### PROJECT SPECIFIC CONFIGURATION HERE
e2e_tests_trusted_branch:
if: (github.event_name != 'repository_dispatch' && (github.event.pull_request.head.repo.full_name == github.repository || github.event.pull_request == null) || ( ! failure() && ! cancelled() && github.actor == 'dependabot[bot]'))
needs: [unit_tests, sonarcloud_trusted_branch]
runs-on: ubuntu-latest
strategy:
matrix:
e2e_config: ["e2e", "e2e_pipeline_data_passing"]
steps:
- name: "Checkout repository"
uses: actions/checkout@v4
- name: Run E2E tests
uses: ./.github/actions/e2e_test
with:
e2e_config: ${{ matrix.e2e_config }}
registry_login_server: ${{ secrets.REGISTRY_LOGIN_SERVER }}
azure_credentials: ${{ secrets.AZURE_CREDENTIALS }}
azure_client_id: ${{ secrets.AZURE_CLIENT_ID }}
azure_client_secret: ${{ secrets.AZURE_CLIENT_SECRET }}
azure_storage_account_key: ${{ secrets.AZURE_STORAGE_ACCOUNT_KEY }}
azure_tenant_id: ${{ secrets.AZURE_TENANT_ID }}
azure_subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
e2e_tests_forked_branch:
if: |
github.event_name == 'repository_dispatch' &&
github.event.client_payload.slash_command.args.named.sha != '' &&
contains(
github.event.client_payload.pull_request.head.sha,
github.event.client_payload.slash_command.args.named.sha
) ||
( ! failure() && ! cancelled() && github.actor == 'dependabot[bot]')
needs: [unit_tests, sonarcloud_forked_branch]
runs-on: ubuntu-latest
strategy:
matrix:
e2e_config: ["e2e", "e2e_pipeline_data_passing"]
steps:
- name: Run E2E tests
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: 'refs/pull/${{ github.event.client_payload.pull_request.number }}/merge'
- name: Run E2E tests
uses: ./.github/actions/e2e_test
with:
e2e_config: ${{ matrix.e2e_config }}
registry_login_server: ${{ secrets.REGISTRY_LOGIN_SERVER }}
azure_credentials: ${{ secrets.AZURE_CREDENTIALS }}
azure_client_id: ${{ secrets.AZURE_CLIENT_ID }}
azure_client_secret: ${{ secrets.AZURE_CLIENT_SECRET }}
azure_storage_account_key: ${{ secrets.AZURE_STORAGE_ACCOUNT_KEY }}
azure_tenant_id: ${{ secrets.AZURE_TENANT_ID }}
azure_subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Update check status
uses: ./.github/actions/update_check_run
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
pull_request_number: ${{ github.event.client_payload.pull_request.number }}
job: ${{ github.job }}
conclusion: ${{ job.status }}
publish:
# only run on push to master
if: github.event.pull_request == null && github.ref == 'refs/heads/master'
needs: [e2e_tests_trusted_branch, codeql]
runs-on: ubuntu-latest
strategy:
matrix:
python-version: [ 3.8 ]
env:
PYTHON_PACKAGE: kedro_azureml
steps:
- name: Checkout the repo
uses: actions/checkout@v4
with:
fetch-depth: 0 # necessary to enable merging, all the history is needed
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Build package dist from source # A better way will be : https://packaging.python.org/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/ but pep 517 is still marked as experimental
run: |
pip install poetry
poetry build
- name: Merge back to develop # we have to set the config first on a fresh machine
run: |
git config user.name github-actions
git config user.email [email protected]
git checkout -B develop --track origin/develop
git merge master
git push
- name: Set dynamically package version as output variable # see https://github.com/actions/create-release/issues/39
# see https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-commands-for-github-actions#setting-an-environment-variable
id: set_package_version
run: |
echo "::set-output name=PACKAGE_VERSION::$(cat $PYTHON_PACKAGE/__init__.py | grep -Po '\d+\.\d+\.\d+')"
- name: Create temporary file with the body content for the release
run: |
grep -Poz "## \[${{steps.set_package_version.outputs.PACKAGE_VERSION}}] - \d{4}-\d{2}-\d{2}[\S\s]+?(?=## \[\d+\.\d+\.\d+\]|\[.+\]:)" CHANGELOG.md > release_body.md
- name: Create Release # https://github.com/actions/create-release
id: create_release
uses: actions/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
with:
tag_name: ${{ steps.set_package_version.outputs.PACKAGE_VERSION }}
release_name: Release ${{ steps.set_package_version.outputs.PACKAGE_VERSION }}
body_path: ./release_body.md
draft: false
prerelease: false
- name: Rollback Release in case of run failure
if: failure() && steps.create_release.outputs.id != ''
uses: author/action-rollback@stable
with:
# Using a known release ID
release_id: ${{ steps.create_release.outputs.id }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Publish distribution to PyPI # official action from python maintainers
uses: pypa/gh-action-pypi-publish@master
with:
user: __token__
password: ${{ secrets.PYPI_PASSWORD }}
verbose: true # trace if the upload fails