ci: add codeowners #49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: CI Build | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| jobs: | |
| sca: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: 'Set up Python 3.11' | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| - name: Install dependencies | |
| run: | | |
| pip install --upgrade pip | |
| pip install .[dev] | |
| - name: Check headers | |
| run: isort --check-only **/*.py | |
| - name: Check code style | |
| run: black --check **/*.py | |
| - name: Lint source code | |
| run: pylint src/**/*.py | |
| - name: Type check source code | |
| run: mypy src/**/*.py | |
| - name: Perform security checks | |
| run: bandit -r src | |
| version: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: "${{ github.event.pull_request.head.sha }}" | |
| fetch-depth: 0 | |
| - name: 'Set up Python 3.11' | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| - name: Setup gitconfig | |
| run: | | |
| git config user.name 'autonomous-bot' | |
| git config user.email '[email protected]' | |
| - name: Install dependencies | |
| run: | | |
| pip install --upgrade pip | |
| pip install .[build] | |
| - name: Bump version | |
| run: | | |
| version info | |
| if [ "${GITHUB_REF##*/}" == "main" ]; then | |
| version bump --commit --tag | |
| version push --password "${{ secrets.GITHUB_TOKEN }}" | |
| else | |
| version bump | |
| fi | |
| version info --filepaths | tar -cvzf versioning.tar.gz -T - | |
| - name: Store versioned files | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: "versioning-${{ github.run_number }}" | |
| path: versioning.tar.gz | |
| # - name: Cache version changes | |
| # id: versioned-files | |
| # uses: actions/cache@v3 | |
| # with: | |
| # key: "${{ | |
| # runner.os | |
| # }}-versioning-${{ | |
| # hashFiles('versioning.tar.gz') | |
| # }}" | |
| # path: versioning.tar.gz | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: [version, sca] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: 'Set up Python 3.11' | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| - name: Install dependencies | |
| run: | | |
| pip install --upgrade pip | |
| pip install build==1.0.3 | |
| pip install . | |
| - name: Download versioned files | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: "versioning-${{ github.run_number }}" | |
| - name: Apply versioning changes | |
| run: tar -xzf versioning.tar.gz | |
| - name: Perform build | |
| run: python -m build | |
| - name: Store versioned files | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist | |
| test: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| strategy: | |
| matrix: | |
| python-version: | |
| - '3.6' | |
| - '3.7' | |
| - '3.8' | |
| - '3.9' | |
| - '3.10' | |
| - '3.11' | |
| - '3.12' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download versioned files | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: "versioning-${{ github.run_number }}" | |
| - name: Install dependencies | |
| run: tar -xzf versioning.tar.gz | |
| - name: Download versioned files | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist | |
| - name: Install dependencies | |
| run: | | |
| pip install --upgrade pip | |
| pip install .[dev] | |
| pip install ./dist/*whl | |
| - name: Perform tests | |
| run: pytest --cov=compendium --cov-report=xml tests | |
| publish: | |
| if: github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-latest | |
| needs: ['build', 'test'] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download versioned files | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: "versioning-${{ github.run_number }}" | |
| - name: Install dependencies | |
| run: tar -xzf versioning.tar.gz | |
| - name: Download versioned files | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist | |
| - name: 'Set up Python 3.11' | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| - name: Install dependencies | |
| run: | | |
| pip install --upgrade pip | |
| pip install twine==4.0.0 | |
| - name: Perform publish | |
| run: | | |
| twine upload dist/* \ | |
| --non-interactive \ | |
| --repository pypi \ | |
| --username __token__ \ | |
| --password "${{ secrets.TWINE_PASSWORD }}" |