Merge pull request #22 from camptocamp/npm-provenance #122
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous integration | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - '[0-9]+.[0-9]+' | |
| tags: | |
| - '*' | |
| pull_request: | |
| permissions: | |
| # To publish Docker images | |
| packages: write | |
| # To publish Python packages | |
| id-token: write | |
| # To publish Helm charts | |
| contents: write | |
| env: | |
| HAS_SECRETS: ${{ secrets.HAS_SECRETS }} | |
| jobs: | |
| pre-commit: | |
| name: Pre commit checks | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 20 | |
| if: "!startsWith(github.event.head_commit.message, '[skip ci] ')" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.13' | |
| - run: python3 -m pip install $(grep pre-commit== requirements.txt) | |
| - uses: actions/cache@v4 | |
| with: | |
| path: ~/.cache/pre-commit | |
| key: pre-commit-${{ hashFiles('.pre-commit-config.yaml') }} | |
| restore-keys: "pre-commit-${{ hashFiles('.pre-commit-config.yaml') }}\npre-commit-" | |
| - run: pre-commit run --all-files | |
| - run: git diff --exit-code --patch > /tmp/pre-commit.patch || true | |
| if: failure() | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: Apply pre-commit fix.patch | |
| path: /tmp/pre-commit.patch | |
| retention-days: 1 | |
| if: failure() | |
| main: | |
| name: Continuous integration | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 20 | |
| needs: pre-commit | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.13' | |
| - run: python3 -m pip install --requirement=.github/requirements.txt | |
| - run: python3 -m pip install --requirement=requirements.txt | |
| - name: Print the environment | |
| run: c2cciutils-env | |
| env: | |
| GITHUB_EVENT: ${{ toJson(github) }} | |
| - run: poetry install | |
| - name: Prospector | |
| run: poetry run prospector --die-on-tool-error --output-format=pylint | |
| - run: docker build --tag camptocamp/tag-publish tests | |
| - name: Publish | |
| run: poetry run tag-publish | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - run: git diff --exit-code --patch > /tmp/dpkg-versions.patch || true | |
| if: failure() | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: Update dpkg versions list.patch | |
| path: /tmp/dpkg-versions.patch | |
| retention-days: 1 | |
| if: failure() |