Skip to content
Back to pull request #264

[Snyk-dev] Security upgrade python from 3.10-slim to 3.13.0rc2-slim #468

Sign in to view logs

[Snyk-dev] Security upgrade python from 3.10-slim to 3.13.0rc2-slim

[Snyk-dev] Security upgrade python from 3.10-slim to 3.13.0rc2-slim #468

Workflow file for this run

.github/workflows/ci.yaml at 2833ebd
name: CI
on:
push:
branches: [master]
pull_request:
branches: [master]
jobs:
install:
name: Install
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.10"
cache: pipenv
- name: Install pipenv and dependencies
run: |
pip install --user pipenv
pipenv install --dev --deploy
check:
name: Check Formatting and Typing
runs-on: ubuntu-latest
needs:
- install
if: success()
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.10"
cache: pipenv
- name: Install pipenv and dependencies
run: |
pip install --user pipenv
pipenv sync --dev
- name: Check code style with ruff
run: |
pipenv run ruff check .
- name: Check types with pyright
if: always()
run: |
pipenv run pyright --verbose
test:
name: Run Tests with Pytest
runs-on: ubuntu-latest
needs:
- install
if: success()
services:
postgres:
image: postgres:14.7
env:
POSTGRES_USER: apollo
POSTGRES_PASSWORD: apollo
POSTGRES_DB: apollo
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.10"
cache: pipenv
- name: Install pipenv and dependencies
run: |
pip install --user pipenv
pipenv sync --dev
cp config.example.yaml config.yaml
- name: Test with pytest
run: pipenv run pytest -v
migrate:
name: Check Migrations
runs-on: ubuntu-latest
needs:
- install
if: success()
# postgres container to test migrations against
services:
postgres:
image: postgres:12
env:
POSTGRES_USER: apollo
POSTGRES_PASSWORD: apollo
POSTGRES_DB: apollo
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.10"
cache: pipenv
- name: Install pipenv and dependencies
run: |
pip install --user pipenv
pipenv sync --dev
cp config.example.yaml config.yaml
cp alembic.example.ini alembic.ini
- name: Check upgrade migrations
run: pipenv run alembic upgrade head
- name: Check no migrations need to be generated
run: pipenv run alembic check
- name: Check downgrade migrations
#if: always() #check downgrade even if check failes
run: pipenv run alembic downgrade base
build-and-push-image:
name: Build and Push Docker Image
runs-on: ubuntu-latest
permissions:
packages: write
needs:
- check
- migrate
- test
if: success() && github.ref_name == 'master' && github.event_name == 'push'
steps:
- uses: actions/checkout@v3
- name: Log in to the Container registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Get Docker Metadata
id: meta
uses: docker/metadata-action@v4
with:
images: ghcr.io/${{ github.repository }}
tags: | # tag with commit hash and with 'latest'
type=sha
type=raw,value=latest,enable={{is_default_branch}}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build and Push Docker image
uses: docker/build-push-action@v3
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max