Skip to content

Pin dependencies to resolve several CVEs (#664) #810

Pin dependencies to resolve several CVEs (#664)

Pin dependencies to resolve several CVEs (#664) #810

Workflow file for this run

---
name: Tests and Coverage
"on":
pull_request:
branches:
- dev
- main
push:
branches:
- dev
- main
jobs:
test:
name: Tests
runs-on: ubuntu-latest
strategy:
matrix:
python-version:
- "3.9"
- "3.10"
- "3.11"
steps:
- name: ⤵️ Check out code from GitHub
uses: actions/checkout@v3
- name: 🏗 Set up Python
id: setup-python
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: ⤵️ Get pip cache directory
id: pip-cache
run: |
echo "dir=$(pip cache dir)" >> $GITHUB_OUTPUT
- name: ⤵️ Establish pip cache
uses: actions/cache@v3
with:
path: ${{ steps.pip-cache.outputs.dir }}
key: "${{ runner.os }}-pip-\
${{ hashFiles('.github/workflows/requirements.txt') }}"
restore-keys: |
${{ runner.os }}-pip-
- name: 🏗 Install workflow dependencies
run: |
pip install -r .github/workflows/requirements.txt
poetry config virtualenvs.create true
poetry config virtualenvs.in-project true
- name: ⤵️ Establish poetry cache
uses: actions/cache@v3
with:
path: .venv
key: "venv-${{ steps.setup-python.outputs.python-version }}-\
${{ hashFiles('poetry.lock') }}"
restore-keys: |
venv-${{ steps.setup-python.outputs.python-version }}-
- name: 🏗 Install package dependencies
run: |
poetry install --no-interaction
- name: 🚀 Run pytest
run: poetry run pytest --cov ecowitt2mqtt tests
- name: ⬆️ Upload coverage artifact
uses: actions/upload-artifact@v3
with:
name: coverage-${{ matrix.python-version }}
path: .coverage
coverage:
name: Code Coverage
needs: test
runs-on: ubuntu-latest
steps:
- name: ⤵️ Check out code from GitHub
uses: actions/checkout@v3
- name: ⬇️ Download coverage data
uses: actions/download-artifact@v3
- name: 🏗 Set up Python 3.9
id: setup-python
uses: actions/setup-python@v4
with:
python-version: 3.9
- name: ⤵️ Get pip cache directory
id: pip-cache
run: |
echo "dir=$(pip cache dir)" >> $GITHUB_OUTPUT
- name: ⤵️ Establish pip cache
uses: actions/cache@v3
with:
path: ${{ steps.pip-cache.outputs.dir }}
key: "${{ runner.os }}-pip-\
${{ hashFiles('.github/workflows/requirements.txt') }}"
restore-keys: |
${{ runner.os }}-pip-
- name: 🏗 Install workflow dependencies
run: |
pip install -r .github/workflows/requirements.txt
poetry config virtualenvs.create true
poetry config virtualenvs.in-project true
- name: ⤵️ Establish poetry cache
uses: actions/cache@v3
with:
path: .venv
key: "venv-${{ steps.setup-python.outputs.python-version }}-\
${{ hashFiles('poetry.lock') }}"
restore-keys: |
venv-${{ steps.setup-python.outputs.python-version }}-
- name: 🏗 Install package dependencies
run: |
poetry install --no-interaction
- name: 🚀 Process coverage results
run: |
poetry run coverage combine coverage*/.coverage*
poetry run coverage xml -i
- name: 📊 Upload coverage report to codecov.io
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
publish_docker_image:
name: Publish Docker Images Workflow
needs: coverage
uses: ./.github/workflows/publish-docker.yml
secrets:
DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }}
DOCKER_HUB_TOKEN: ${{ secrets.DOCKER_HUB_TOKEN }}