-
-
Notifications
You must be signed in to change notification settings - Fork 389
133 lines (133 loc) · 4.18 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: ci
on:
pull_request:
push:
branches:
- main
- v1.51
jobs:
validate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.11"
- name: Install Pre-Commit
run: python -m pip install pre-commit && pre-commit install
- name: Load cached Pre-Commit Dependencies
id: cached-poetry-dependencies
uses: actions/cache@v3
with:
path: ~/.cache/pre-commit/
key: pre-commit-4|${{ env.pythonLocation }}|${{ hashFiles('.pre-commit-config.yaml') }}
- name: Execute Pre-Commit
run: pre-commit run --show-diff-on-failure --color=always --all-files
test:
runs-on: ubuntu-latest
strategy:
fail-fast: true
matrix:
python-version: ["3.8", "3.9", "3.10", "3.11"]
steps:
- name: Check out repository
uses: actions/checkout@v3
- name: Set up python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Install Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
installer-parallel: true
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v3
with:
path: .venv
key: v1-venv-${{ runner.os }}-${{ matrix.python-version }}-${{ hashFiles('**/poetry.lock') }}
- name: Install dependencies
run: poetry install --no-interaction
- name: Set pythonpath
run: echo "PYTHONPATH=$PWD" >> $GITHUB_ENV
- name: Run mypy
if: matrix.python-version == '3.8'
run: poetry run mypy starlite tests
- name: Run pyright
if: matrix.python-version == '3.8'
run: poetry run pyright starlite tests
- name: Test
if: matrix.python-version != '3.11'
run: poetry run pytest
- name: Test with Coverage
if: matrix.python-version == '3.11'
run: poetry run pytest docs/examples tests --cov=starlite --cov-report=xml
- uses: actions/upload-artifact@v3
if: matrix.python-version == '3.11'
with:
name: coverage-xml
path: coverage.xml
sonar:
needs:
- test
- validate
if: github.event.pull_request.head.repo.fork == false
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v3
- name: Download Artifacts
uses: actions/download-artifact@v3
with:
name: coverage-xml
- name: Fix coverage file for sonarcloud
run: sed -i "s/home\/runner\/work\/starlite\/starlite/github\/workspace/g" coverage.xml
- name: SonarCloud Scan
uses: sonarsource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
snyk:
needs:
- test
- validate
if: github.event.pull_request.head.repo.fork == false
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- name: Run Snyk Monitor
if: ${{ github.ref == 'refs/heads/main' }}
uses: snyk/actions/python-3.8@master
with:
command: monitor
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Run Snyk Test
if: ${{ github.ref != 'refs/heads/main' }}
uses: snyk/actions/python-3.8@master
with:
command: test
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
codeql:
needs:
- test
- validate
runs-on: ubuntu-latest
permissions:
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Initialize CodeQL With Dependencies
if: github.event_name == 'push'
uses: github/codeql-action/init@v2
- name: Initialize CodeQL Without Dependencies
if: github.event_name == 'pull_request'
uses: github/codeql-action/init@v2
with:
setup-python-dependencies: false
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2