Skip to content

merge queue: embarking main (571782c) and [#69 + #70] together #225

merge queue: embarking main (571782c) and [#69 + #70] together

merge queue: embarking main (571782c) and [#69 + #70] together #225

Workflow file for this run

name: Pipeline
on:
push: ~
pull_request: ~
workflow_dispatch:
env:
PYTHON_VERSION: 3.11
jobs:
validate-pipeline:
uses: armakuni/github-actions/.github/workflows/lint-pipeline.yml@v0.16.5
validate-action:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./
with:
max_carbon_intensity: 10000
validate-python:
defaults:
run:
shell: bash
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: specdown/setup-specdown-action@v0.2.19
- name: Set up python ${{ env.PYTHON_VERSION }}
id: setup-python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Load cached Poetry Binary
id: cached-poetry-binary
uses: actions/cache@v3
with:
path: ~/.local
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}
- run: curl -sSL https://install.python-poetry.org | python3 -
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v3
with:
path: .venv
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}
restore-keys: |
venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-
- name: Install dependencies
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
shell: bash
run: poetry install --no-interaction --no-root
- run: make lint
- run: make test
- run: |
echo "$CO2_SIGNAL_API_KEY" > .co2_api_key
make integration
env:
CO2_SIGNAL_API_KEY: ${{secrets.CO2_SIGNAL_API_KEY}}
if: github.ref == 'refs/heads/main'
- name: Spot vunerable dependencies
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
exit-code: '1'
scan-ref: .
all-tests-succeeded:
needs: [ validate-pipeline, validate-action, validate-python ]
runs-on: ubuntu-latest
steps:
- run: echo "All tests succeeded"
release:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
needs: [ all-tests-succeeded ]
name: Release
permissions:
contents: write
outputs:
version: ${{ steps.release.outputs.version }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up python ${{ env.PYTHON_VERSION }}
id: setup-python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Load cached Poetry Binary
id: cached-poetry-binary
uses: actions/cache@v3
with:
path: ~/.local
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}
- run: curl -sSL https://install.python-poetry.org | python3 -
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v3
with:
path: .venv
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}
restore-keys: |
venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-
- name: Install dependencies
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
shell: bash
run: poetry install --no-interaction --no-root
- name: Cocogitto release
id: release
continue-on-error: true
uses: oknozor/cocogitto-action@v3.5
with:
release: true
- name: Generate Changelog
if: steps.release.outputs.version != ''
run: cog changelog --at ${{ steps.release.outputs.version }} -t full_hash > GITHUB_CHANGELOG.md
- name: Upload github release
if: steps.release.outputs.version != ''
uses: softprops/action-gh-release@v1
with:
body_path: GITHUB_CHANGELOG.md
tag_name: ${{ steps.release.outputs.version }}
pypi-publish:
needs: [ release ]
name: Upload release to PyPI
runs-on: ubuntu-latest
environment: pypi
permissions:
id-token: write
steps:
- uses: actions/checkout@v4
with:
ref: ${{ needs.release.outputs.version }}
- name: Set up python ${{ env.PYTHON_VERSION }}
id: setup-python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Load cached Poetry Binary
id: cached-poetry-binary
uses: actions/cache@v3
with:
path: ~/.local
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}
- run: curl -sSL https://install.python-poetry.org | python3 -
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v3
with:
path: .venv
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}
restore-keys: |
venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-
- name: Install dependencies
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
shell: bash
run: poetry install --no-interaction --no-root
- name: Install dependencies
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
shell: bash
run: poetry build
- name: Publish package distributions to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
skip-existing: true