SCANPY-217: Migrate from Cirrus CI to GitHub Action #39
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| branches: [master, branch-*, dogfood-*] | |
| pull_request: | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| name: "Build" | |
| runs-on: github-ubuntu-latest-s | |
| permissions: | |
| id-token: write | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| - uses: jdx/mise-action@e3d7b8d67a7958d1207f6ed871e83b1ea780e7b0 #v3.3.1 | |
| with: | |
| install_args: "poetry@2.2.1" | |
| - run: mise use -g poetry@2.2.1 | |
| - uses: SonarSource/ci-github-actions/build-poetry@v1 | |
| with: | |
| sonar-platform: none | |
| artifactory-reader-role: private-reader | |
| artifactory-deployer-role: qa-deployer | |
| deploy-pull-request: true | |
| formatting: | |
| name: "Formatting" | |
| runs-on: github-ubuntu-latest-s | |
| permissions: | |
| id-token: write | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| - uses: ./.github/actions/config-poetry | |
| - run: | | |
| poetry run black src/ tests/ --check | |
| poetry run licenseheaders -t license_header.tmpl -o "SonarSource SA" -y 2011-2024 -n "Sonar Scanner Python" -E .py -d src/ | |
| poetry run licenseheaders -t license_header.tmpl -o "SonarSource SA" -y 2011-2024 -n "Sonar Scanner Python" -E .py -d tests/ | |
| git diff --name-only --exit-code ./src ./tests | |
| documentation: | |
| name: "CLI Documentation" | |
| runs-on: github-ubuntu-latest-s | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| - uses: jdx/mise-action@e3d7b8d67a7958d1207f6ed871e83b1ea780e7b0 #v3.3.1 | |
| with: | |
| install_args: "poetry@2.2.1" | |
| - run: mise use -g poetry@2.2.1 | |
| - run: | | |
| poetry run python tools/generate_cli_documentation.py | |
| git diff --exit-code CLI_ARGS.md | |
| coverage: | |
| name: "Coverage report generation" | |
| runs-on: github-ubuntu-latest-s | |
| permissions: | |
| id-token: write | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| - uses: ./.github/actions/config-poetry | |
| - run: | | |
| poetry run pytest --cov-report=xml:coverage.xml --cov-config=pyproject.toml --cov=src --cov-branch tests | |
| poetry run mypy src/ > mypy-report.txt || true | |
| - name: Upload coverage artifacts | |
| uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| with: | |
| name: coverage-reports | |
| path: | | |
| coverage.xml | |
| mypy-report.txt | |
| analysis: | |
| name: "NEXT Analysis" | |
| runs-on: github-ubuntu-latest-s | |
| needs: [coverage] | |
| permissions: | |
| id-token: write | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| - name: Download coverage artifacts | |
| uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
| with: | |
| name: coverage-reports | |
| - uses: jdx/mise-action@e3d7b8d67a7958d1207f6ed871e83b1ea780e7b0 #v3.3.1 | |
| with: | |
| install_args: "poetry@2.2.1" | |
| - run: mise use -g poetry@2.2.1 | |
| - uses: SonarSource/ci-github-actions/build-poetry@v1 | |
| with: | |
| sonar-platform: next | |
| artifactory-reader-role: private-reader | |
| artifactory-deployer-role: qa-deployer | |
| qa: | |
| name: "Test Python ${{ matrix.python-version }}" | |
| runs-on: github-ubuntu-latest-s | |
| permissions: | |
| id-token: write | |
| contents: write | |
| strategy: | |
| matrix: | |
| python-version: ["3.9.18", "3.9.6", "3.10.13", "3.11.7", "3.12.1", "3.13.2"] | |
| steps: | |
| - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| - uses: ./.github/actions/config-poetry | |
| - run: | | |
| poetry run pytest tests/ | |
| qa-windows: | |
| name: "Test Windows" | |
| runs-on: github-windows-latest-s | |
| permissions: | |
| id-token: write | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| - uses: ./.github/actions/config-poetry | |
| - run: | | |
| poetry run pytest tests/ | |
| its: | |
| name: "Integration Tests" | |
| runs-on: github-ubuntu-latest-s | |
| permissions: | |
| id-token: write | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| - name: Cache SonarQube | |
| uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 | |
| with: | |
| path: sonarqube_cache/ | |
| key: sonarqube-25.3.0.104237 | |
| - name: Download SonarQube | |
| run: | | |
| mkdir -p sonarqube_cache | |
| if [ ! -f sonarqube_cache/sonarqube.zip ]; then | |
| wget -q https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-25.3.0.104237.zip -O sonarqube_cache/sonarqube.zip | |
| fi | |
| env: | |
| SONARQUBE_VERSION: 25.3.0.104237 | |
| - uses: ./.github/actions/config-poetry | |
| - run: .github/scripts/run_its.sh | |
| promote: | |
| name: "Promote" | |
| needs: [build, formatting, documentation, analysis, qa, qa-windows, its] | |
| runs-on: github-ubuntu-latest-s | |
| permissions: | |
| id-token: write | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| - uses: SonarSource/ci-github-actions/promote@v1 | |