peewee-plus/.github/workflows/ci.yaml

---
name: CI
on:
  pull_request:
    types: ["opened", "synchronize"]
  push:
    branches: ["devel"]
env:
  POETRY_VERSION: 1.4.1
jobs:
  Test:
    name: Python ${{ matrix.python.version }}
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python:
          - version: "3.7"
            toxenv: py37
          - version: "3.8"
            toxenv: py38
          - version: "3.9"
            toxenv: py39
          - version: "3.10"
            toxenv: py310
          - version: "3.11"
            toxenv: py311
      fail-fast: true
    steps:
      - name: Checkout
        uses: actions/checkout@v2

      - name: Install Python ${{ matrix.python.version }}
        uses: actions/setup-python@v4
        with:
          python-version: ${{ matrix.python.version }}

      - name: Configure Job Cache
        uses: actions/cache@v3
        with:
          path: |
            ~/.cache/pip
            ~/.cache/pypoetry/cache
            ~/.poetry            
          # Including the hashed poetry.lock in the cache slug ensures that the cache
          # will be invalidated, and thus all packages will be redownloaded, if the
          # lockfile is updated
          key: ${{ runner.os }}-${{ matrix.python.toxenv }}-${{ hashFiles('**/poetry.lock') }}

      - name: Configure Path
        run: echo "$HOME/.local/bin" >> $GITHUB_PATH

      - name: Configure Environment
        run: .github/scripts/setup-env.sh

      - name: Run Toxenv ${{ matrix.python.toxenv }}
        run: poetry run tox -e ${{ matrix.python.toxenv }}
  Check:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2

      - name: Install Python 3.10
        uses: actions/setup-python@v4
        with:
          python-version: "3.10"

      - name: Configure Job Cache
        uses: actions/cache@v3
        with:
          path: |
            ~/.cache/pip
            ~/.cache/pypoetry/cache
            ~/.poetry            
          # Hardcoded 'py310' slug here lets this cache piggyback on the 'py310' cache
          # that is generated for the tests above
          key: ${{ runner.os }}-py310-${{ hashFiles('**/poetry.lock') }}

      - name: Configure Path
        run: echo "$HOME/.local/bin" >> $GITHUB_PATH

      - name: Configure Environment
        run: .github/scripts/setup-env.sh

      - name: Run Static Analysis Checks
        run: poetry run tox -e static

      - name: Run Static Analysis Checks (Tests)
        run: poetry run tox -e static-tests

      - name: Run Security Checks
        run: poetry run tox -e security