diff --git a/.github/scripts/setup-env.sh b/.github/scripts/setup-env.sh index b769019..8144c8f 100755 --- a/.github/scripts/setup-env.sh +++ b/.github/scripts/setup-env.sh @@ -7,66 +7,29 @@ set -e; -# ##### Prereqs ##### -# -# Set global vars for usage in the script, create the cache directory so we can rely -# on that existing, then dump some diagnostic info for later reference. -# -PATH="$PATH:$HOME/.local/bin" -CI_VENV=$HOME/ci; CI_CACHE=$HOME/.cache; -CI_CACHE_GET_POETRY="$CI_CACHE/get-poetry.py"; -CI_VENV_PIP="$CI_VENV/bin/pip"; -CI_VENV_PIP_VERSION=19.3.1; -CI_VENV_TOX="$CI_VENV/bin/tox"; +POETRY_VERSION=1.1.12; mkdir --parents "$CI_CACHE"; command -v python; python --version; -# ##### Install Poetry ##### -# -# Download the poetry install script to the cache directory and then install poetry. -# After dump the poetry version for later reference. -# -curl https://install.python-poetry.org \ - --output "$CI_CACHE_GET_POETRY" \ +curl --location https://install.python-poetry.org \ + --output "$CI_CACHE/install-poetry.py" \ --silent \ - --show-error \ - --location; -python "$CI_CACHE_GET_POETRY" --yes 1>/dev/null; - + --show-error; +python "$CI_CACHE/install-poetry.py" \ + --version "$POETRY_VERSION" \ + --yes; poetry --version --no-ansi; +poetry run pip --version; -# ##### Setup Runtime Venv ##### -# -# Create a virtual environment for poetry to use, upgrade pip in that venv to a pinned -# version, then install the current project to the venv. -# -# Note 1: Poetry, Tox, and this project plugin all use pip under the hood for package -# installation. This means that even though we are creating up to eight venvs -# during a given CI run they all share the same download cache. -# Note 2: The "VIRTUAL_ENV=$CI_VENV" prefix on the poetry commands below sets the venv -# that poetry will use for operations. There is no CLI flag for poetry that -# directs it to use a given environment, but if it finds itself in an existing -# environment it will use it and skip environment creation. -# -python -m venv "$CI_VENV"; - -$CI_VENV_PIP install "pip==$CI_VENV_PIP_VERSION" \ - --upgrade \ - --quiet; - -VIRTUAL_ENV=$CI_VENV poetry install \ +poetry install \ --extras poetry \ --quiet \ - --no-ansi \ - &>/dev/null; + --remove-untracked \ + --no-ansi; -# ##### Print Debug Info ##### -# -# Print the pip and tox versions (which will include registered plugins) -# -$CI_VENV_PIP --version; -echo "tox $($CI_VENV_TOX --version)"; +poetry env info; +poetry run tox --version; diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 5e224f6..a880184 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -11,24 +11,24 @@ jobs: strategy: matrix: python: - - version: 3.6 + - version: "3.6" toxenv: py36 - - version: 3.7 + - version: "3.7" toxenv: py37 - - version: 3.8 + - version: "3.8" toxenv: py38 - - version: 3.9 + - version: "3.9" toxenv: py39 - version: "3.10" toxenv: py310 steps: - name: Checkout uses: actions/checkout@v2 - - name: Setup:python${{ matrix.python.version }} + - name: Install Python ${{ matrix.python.version }} uses: actions/setup-python@v1 with: python-version: ${{ matrix.python.version }} - - name: Setup:cache + - name: Configure Job Cache uses: actions/cache@v2 with: path: | @@ -39,20 +39,22 @@ jobs: # will be invalidated, and thus all packages will be redownloaded, if the # lockfile is updated key: ${{ runner.os }}-${{ matrix.python.toxenv }}-${{ hashFiles('**/poetry.lock') }} - - name: Setup:env + - name: Configure Path + run: echo "$HOME/.local/bin" >> $GITHUB_PATH + - name: Configure Environment run: .github/scripts/setup-env.sh - - name: Run:${{ matrix.python.toxenv }} - run: $HOME/ci/bin/tox -e ${{ matrix.python.toxenv }} + - name: Run Toxenv ${{ matrix.python.toxenv }} + run: poetry run tox -e ${{ matrix.python.toxenv }} Check: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v2 - - name: Setup:python3.8 + - name: Install Python 3.8 uses: actions/setup-python@v1 with: python-version: 3.8 - - name: Setup:cache + - name: Configure Job Cache uses: actions/cache@v2 with: path: | @@ -62,11 +64,13 @@ jobs: # Hardcoded 'py38' slug here lets this cache piggyback on the 'py38' cache # that is generated for the tests above key: ${{ runner.os }}-py38-${{ hashFiles('**/poetry.lock') }} - - name: Setup:env + - name: Configure Path + run: echo "$HOME/.local/bin" >> $GITHUB_PATH + - name: Configure Environment run: .github/scripts/setup-env.sh - - name: Run:static - run: $HOME/ci/bin/tox -e static - - name: Run:static-tests - run: $HOME/ci/bin/tox -e static-tests - - name: Run:security - run: $HOME/ci/bin/tox -e security + - name: Run Static Analysis Checks + run: poetry run tox -e static + - name: Run Static Analysis Checks (Tests) + run: poetry run tox -e static-tests + - name: Run Security Checks + run: poetry run tox -e security