--- name: CI on: pull_request: types: ["opened", "synchronize"] push: branches: ["devel"] env: POETRY_VERSION: 1.4.1 jobs: Test: name: Python ${{ matrix.python.version }} runs-on: ubuntu-latest strategy: fail-fast: true matrix: python: - version: "3.7" toxenv: py37 - version: "3.8" toxenv: py38 - version: "3.9" toxenv: py39 - version: "3.10" toxenv: py310 - version: "3.11" toxenv: py311 steps: - name: Checkout uses: actions/checkout@v2 - name: Install Python ${{ matrix.python.version }} uses: actions/setup-python@v4 with: python-version: ${{ matrix.python.version }} - name: Configure Job Cache uses: actions/cache@v3 with: path: | ~/.cache/pip ~/.cache/pypoetry/cache ~/.poetry # Including the hashed poetry.lock in the cache slug ensures that the cache # will be invalidated, and thus all packages will be redownloaded, if the # lockfile is updated key: ${{ runner.os }}-${{ matrix.python.toxenv }}-${{ hashFiles('**/poetry.lock') }} - name: Configure Path run: echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Configure Environment run: .github/scripts/setup-env.sh - name: Run Toxenv ${{ matrix.python.toxenv }} run: poetry run tox -e ${{ matrix.python.toxenv }} Check: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v2 - name: Install Python 3.10 uses: actions/setup-python@v4 with: python-version: "3.10" - name: Configure Job Cache uses: actions/cache@v3 with: path: | ~/.cache/pip ~/.cache/pypoetry/cache ~/.poetry # Hardcoded 'py310' slug here lets this cache piggyback on the 'py310' cache # that is generated for the tests above key: ${{ runner.os }}-py310-${{ hashFiles('**/poetry.lock') }} - name: Configure Path run: echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Configure Environment run: .github/scripts/setup-env.sh - name: Run Static Analysis Checks run: poetry run tox -e static - name: Run Static Analysis Checks (Tests) run: poetry run tox -e static-tests - name: Run Security Checks run: poetry run tox -e security