-
Notifications
You must be signed in to change notification settings - Fork 0
112 lines (105 loc) · 3.41 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
name: Pipeline
on:
push: ~
pull_request: ~
workflow_dispatch:
jobs:
validate-pipeline:
uses: armakuni/github-actions/.github/workflows/lint-pipeline.yml@a5fb943d5c31fcfaa03d562362224551d3e25acb # v0.19.4
validate-action:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- uses: ./
with:
max_carbon_intensity: 10000
validate-python:
defaults:
run:
shell: bash
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- uses: specdown/setup-specdown-action@d922e0e08ad2f2878ca5b43e1ef79b156f3ccdc0 # v0.2.30
- name: Install the latest version of uv
uses: astral-sh/setup-uv@887a942a15af3a7626099df99e897a18d9e5ab3a # v5
with:
version: "latest"
enable-cache: true
- run: make lint
- run: make test
- run: |
echo "$CO2_SIGNAL_API_KEY" > .co2_api_key
make integration
env:
CO2_SIGNAL_API_KEY: ${{secrets.CO2_SIGNAL_API_KEY}}
if: github.ref == 'refs/heads/main'
- name: Spot vunerable dependencies
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
exit-code: '1'
scan-ref: .
all-tests-succeeded:
needs: [ validate-pipeline, validate-action, validate-python ]
runs-on: ubuntu-latest
steps:
- run: echo "All tests succeeded"
release:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
needs: [ all-tests-succeeded ]
name: Release
permissions:
contents: write
outputs:
version: ${{ steps.release.outputs.version }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- name: Install the latest version of uv
uses: astral-sh/setup-uv@887a942a15af3a7626099df99e897a18d9e5ab3a # v5
with:
version: "latest"
enable-cache: true
- name: Cocogitto release
id: release
continue-on-error: true
uses: oknozor/cocogitto-action@f1d28f8e65281597d8209bf233328ddfd4424d10 # v3.9
with:
release: true
- name: Generate Changelog
if: steps.release.outputs.version != ''
run: cog changelog --at ${{ steps.release.outputs.version }} -t full_hash > GITHUB_CHANGELOG.md
- name: Upload github release
if: steps.release.outputs.version != ''
uses: softprops/action-gh-release@e7a8f85e1c67a31e6ed99a94b41bd0b71bbee6b8 # v2
with:
body_path: GITHUB_CHANGELOG.md
tag_name: ${{ steps.release.outputs.version }}
pypi-publish:
needs: [ release ]
name: Upload release to PyPI
runs-on: ubuntu-latest
environment:
url: https://pypi.org/project/carbon-guard/
name: pypi
permissions:
id-token: write
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
ref: ${{ needs.release.outputs.version }}
- name: Install the latest version of uv
uses: astral-sh/setup-uv@887a942a15af3a7626099df99e897a18d9e5ab3a # v5
with:
version: "latest"
enable-cache: true
- name: Install dependencies
shell: bash
run: uv build
- name: Publish package distributions to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
skip-existing: true