From 02642312fbb35f0e6b0701dd3e2bf230ae9bbc7f Mon Sep 17 00:00:00 2001 From: Ethan Paul <24588726+enpaul@users.noreply.github.com> Date: Thu, 4 Aug 2022 23:33:40 -0400 Subject: [PATCH] Add github actions CI --- .github/scripts/setup-env.sh | 34 ++++++++++++++++ .github/workflows/ci.yaml | 78 ++++++++++++++++++++++++++++++++++++ 2 files changed, 112 insertions(+) create mode 100755 .github/scripts/setup-env.sh create mode 100644 .github/workflows/ci.yaml diff --git a/.github/scripts/setup-env.sh b/.github/scripts/setup-env.sh new file mode 100755 index 0000000..19a9c5f --- /dev/null +++ b/.github/scripts/setup-env.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash +# +# Environment setup script for the local project. Intended to be used with automation +# to create a repeatable local environment for tests to be run in. The python env +# this script creates can be accessed at the location defined by the CI_VENV variable +# below. + +set -e; + +CI_CACHE=$HOME/.cache; +POETRY_VERSION=1.1.14; + +mkdir --parents "$CI_CACHE"; + +command -v python; +python --version; + +curl --location https://install.python-poetry.org \ + --output "$CI_CACHE/install-poetry.py" \ + --silent \ + --show-error; +python "$CI_CACHE/install-poetry.py" \ + --version "$POETRY_VERSION" \ + --yes; +poetry --version --no-ansi; +poetry run pip --version; + +poetry install \ + --quiet \ + --remove-untracked \ + --no-ansi; + +poetry env info; +poetry run tox --version; diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 0000000..09b71b7 --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,78 @@ +--- +name: CI +on: + pull_request: + types: ["opened", "synchronize"] + push: + branches: ["devel"] +jobs: + Test: + name: Python ${{ matrix.python.version }} + runs-on: ubuntu-latest + strategy: + matrix: + python: + - version: "3.6" + toxenv: py36 + - version: "3.7" + toxenv: py37 + - version: "3.8" + toxenv: py38 + - version: "3.9" + toxenv: py39 + - version: "3.10" + toxenv: py310 + fail-fast: true + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Install Python ${{ matrix.python.version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python.version }} + - name: Configure Job Cache + uses: actions/cache@v3 + with: + path: | + ~/.cache/pip + ~/.cache/pypoetry/cache + ~/.poetry + # Including the hashed poetry.lock in the cache slug ensures that the cache + # will be invalidated, and thus all packages will be redownloaded, if the + # lockfile is updated + key: ${{ runner.os }}-${{ matrix.python.toxenv }}-${{ hashFiles('**/poetry.lock') }} + - name: Configure Path + run: echo "$HOME/.local/bin" >> $GITHUB_PATH + - name: Configure Environment + run: .github/scripts/setup-env.sh + - name: Run Toxenv ${{ matrix.python.toxenv }} + run: poetry run tox -e ${{ matrix.python.toxenv }} + Check: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Install Python 3.8 + uses: actions/setup-python@v4 + with: + python-version: 3.8 + - name: Configure Job Cache + uses: actions/cache@v3 + with: + path: | + ~/.cache/pip + ~/.cache/pypoetry/cache + ~/.poetry + # Hardcoded 'py310' slug here lets this cache piggyback on the 'py310' cache + # that is generated for the tests above + key: ${{ runner.os }}-py310-${{ hashFiles('**/poetry.lock') }} + - name: Configure Path + run: echo "$HOME/.local/bin" >> $GITHUB_PATH + - name: Configure Environment + run: .github/scripts/setup-env.sh + - name: Run Static Analysis Checks + run: poetry run tox -e static + - name: Run Static Analysis Checks (Tests) + run: poetry run tox -e static-tests + - name: Run Security Checks + run: poetry run tox -e security