add ability to block ip addresses that are submitting spam #1938 #2524
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD Optimized | |
on: | |
merge_group: | |
pull_request: | |
push: | |
workflow_dispatch: | |
env: | |
FORCE_COLOR: 1 | |
concurrency: | |
cancel-in-progress: true | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
jobs: | |
setup: | |
name: Setup and Cache Dependencies | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read # Minimal permission for checking out code | |
outputs: | |
python-cache-dir: ${{ steps.poetry-cache.outputs.dir }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Cache pre-commit hooks | |
uses: actions/cache@v3 | |
with: | |
path: ~/.cache/pre-commit | |
key: ${{ runner.os }}-pre-commit-${{ hashFiles('.pre-commit-config.yaml') }} | |
restore-keys: | | |
${{ runner.os }}-pre-commit- | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: 3.11.2 | |
- name: Get Poetry cache directory | |
id: poetry-cache | |
run: echo "::set-output name=dir::$(poetry config cache-dir)" | |
- name: Cache Poetry dependencies | |
uses: actions/cache@v3 | |
with: | |
path: ${{ steps.poetry-cache.outputs.dir }} | |
key: ${{ runner.os }}-poetry-${{ hashFiles('**/poetry.lock') }} | |
restore-keys: | | |
${{ runner.os }}-poetry- | |
pre-commit: | |
name: Run pre-commit | |
needs: setup | |
runs-on: ubuntu-latest | |
permissions: | |
issues: write | |
pull-requests: write | |
contents: write | |
actions: write | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: 3.11.2 | |
- name: Run pre-commit | |
uses: pre-commit/[email protected] | |
code-ql: | |
name: Run CodeQL | |
needs: pre-commit | |
runs-on: ubuntu-latest | |
permissions: | |
security-events: write | |
actions: read | |
contents: read | |
strategy: | |
fail-fast: true | |
matrix: | |
language: | |
- 'javascript' | |
- 'python' | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: github/codeql-action/init@v2 | |
with: | |
languages: ${{ matrix.language }} | |
- uses: github/codeql-action/autobuild@v2 | |
- uses: github/codeql-action/analyze@v2 | |
test: | |
name: Run Tests | |
needs: code-ql | |
runs-on: ubuntu-latest | |
permissions: | |
issues: write | |
pull-requests: write | |
contents: write | |
actions: write | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: 3.11.2 | |
- run: pip install poetry | |
- run: poetry install | |
- run: poetry run python manage.py collectstatic --noinput | |
- name: Run tests | |
run: poetry run xvfb-run --auto-servernum python manage.py test -v 3 --failfast |