-
Notifications
You must be signed in to change notification settings - Fork 9
118 lines (116 loc) · 4.82 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
name: CI
on: [push, pull_request, workflow_dispatch]
jobs:
unittest:
name: Unit tests - ${{ matrix.PYTHON_VERSION }}
runs-on: ubuntu-latest
permissions:
contents: "read"
id-token: "write"
strategy:
fail-fast: false
matrix:
PYTHON_VERSION: ["3.8", "3.9", "3.10", "3.11", "3.12"]
services:
postgres:
image: postgres:11
env:
POSTGRES_DB: minimalkv_test
POSTGRES_PASSWORD: minimalkv_test
POSTGRES_USER: minimalkv_test
env:
SIMPLEKV_CI: 1
steps:
- uses: actions/checkout@v4
- name: Set up Conda env
uses: mamba-org/setup-micromamba@068f1ab4b37ed9b3d9f73da7db90a0cda0a48d29
with:
environment-file: environment.yml
cache-environment: true
create-args: >-
python=${{ matrix.PYTHON_VERSION }}
# For some reason we can't check for $ACTIONS_ID_TOKEN_REQUEST_URL
# from the `if` condition in the next step.
# See this commit: https://github.com/simonbohnen/minimalkv/commit/775c74c1b1248245d66c2be69476e18acda9f2fe
# and this run: https://github.com/simonbohnen/minimalkv/actions/runs/3444175584/jobs/5746499674
# It appears that the variable is not accessible from the env context.
- name: Check if ID Token generation is enabled
id: check-id-token
run: |
if [[ -z "${ACTIONS_ID_TOKEN_REQUEST_URL}" ]]; then
echo "ID Token generation is not enabled"
exit 1
fi
continue-on-error: true
- id: google_auth
if: steps.check-id-token.outcome == 'success'
name: "Authenticate to Google Cloud"
uses: google-github-actions/auth@v2
with:
workload_identity_provider: "projects/498651197656/locations/global/workloadIdentityPools/qc-minimalkv-gh-actions-pool/providers/github-actions-provider"
service_account: "[email protected]"
token_format: "access_token"
- name: Authenticate to AWS
if: steps.check-id-token.outcome == 'success'
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::211125346859:role/github-poweruser
aws-region: eu-central-1
# We set an env variable according to the result of the check
# to only allow skipping of aws integration test when in fork.
# When being run in the base repo, the aws integration test should always be executed.
- name: Remap AWS Environment Variables
if: steps.check-id-token.outcome == 'success'
run: |
echo "ACCESS_KEY_ID=${{ env.AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV
echo "SECRET_ACCESS_KEY=${{ env.AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV
echo "SESSION_TOKEN=${{ env.AWS_SESSION_TOKEN }}" >> $GITHUB_ENV
# This is a work around as long as S3FSStore has the side effect of setting env variables
# to provide authentication. This can savely be removed as soon as this side effect is gone
- name: Check whether the workflow runs in a fork
run: echo "CI_IN_FORK=${{ github.event.pull_request && github.repository != github.event.pull_request.head.repo.full_name }}" >> $GITHUB_ENV
- name: "Run setup: install package & start docker container"
shell: bash -x -l {0}
run: |
pip install --no-deps .
docker-compose up -d
while ! docker exec mysql mysqladmin status -h 127.0.0.1 -u minimalkv_test --password=minimalkv_test; \
do sleep 3; done
- name: Run the unittests
shell: bash -l {0}
run: |
pytest -n auto --dist loadfile -rs --cov=minimalkv --cov-report=xml
- name: Build the package
shell: bash -x -l {0}
run: |
python -m build
- name: Typecheck the codebase
shell: bash -x -l {0}
run: mypy minimalkv
- name: Publish package
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags') && matrix.PYTHON_VERSION == '3.10'
uses: pypa/[email protected]
with:
user: __token__
password: ${{ secrets.pypi_password }}
- uses: codecov/codecov-action@v5
with:
file: ./coverage.xml
pre-commit-checks:
name: "Pre-commit checks"
runs-on: ubuntu-latest
env:
PRE_COMMIT_USE_MICROMAMBA: 1
steps:
- name: Checkout branch
uses: actions/checkout@v4
- name: Set up micromamba
uses: mamba-org/setup-micromamba@068f1ab4b37ed9b3d9f73da7db90a0cda0a48d29
- name: Add micromamba to GITHUB_PATH
run: echo "${HOME}/micromamba-bin" >> "$GITHUB_PATH"
- name: Install Python 3.10
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Run pre-commit checks
uses: pre-commit/[email protected]