diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f77dc12fb..8154c15d4 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -33,7 +33,7 @@ jobs: uses: github/codeql-action/init@v3 with: languages: python - build-mode: manual + build-mode: none # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs queries: security-extended config: | diff --git a/.github/workflows/release-python.yml b/.github/workflows/release-python.yml index 69d91a200..8fcd2ce01 100644 --- a/.github/workflows/release-python.yml +++ b/.github/workflows/release-python.yml @@ -7,6 +7,9 @@ on: - "pymongocrypt-[0-9]+.[0-9]+.[0-9]+.post[0-9]+" - "pymongocrypt-[0-9]+.[0-9]+.[0-9]+[a-b][0-9]+" - "pymongocrypt-[0-9]+.[0-9]+.[0-9]+rc[0-9]+" + pull_request: + paths: + - bindings/python/* workflow_dispatch: concurrency: @@ -40,7 +43,10 @@ jobs: allow-prereleases: true - name: Build and test dist files - run: bash ./release.sh + run: | + export LIBMONGOCRYPT_VERSION=$(cat ./libmongocrypt-version.txt) + git fetch origin $LIBMONGOCRYPT_VERSION + bash ./release.sh - uses: actions/upload-artifact@v4 with: diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml new file mode 100644 index 000000000..914adf474 --- /dev/null +++ b/.github/workflows/test-python.yml @@ -0,0 +1,54 @@ +name: Python Tests + +on: + push: + pull_request: + paths: + - bindings/python/* + +concurrency: + group: python-test-${{ github.ref }} + cancel-in-progress: true + +defaults: + run: + working-directory: ./bindings/python + shell: bash -eux {0} + +jobs: + + static: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-python@v5 + - name: "Run pre-commit" + working-directory: . + run: | + pip install -U -q pre-commit + pre-commit run --all-files --hook-stage manual + - run: | + pip install check-manifest + check-manifest -v + + build: + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest, windows-latest, macos-latest] + python-version: ["3.8", "3.12"] + + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v5 + with: + allow-prereleases: true + python-version: ${{ matrix.python-version }} + - name: Build and test dist files + run: | + export LIBMONGOCRYPT_VERSION=$(cat ./libmongocrypt-version.txt) + git fetch origin $LIBMONGOCRYPT_VERSION + bash ./release.sh diff --git a/bindings/python/.evergreen/test.sh b/bindings/python/.evergreen/test.sh index c0dd28a1c..cc7e52f1c 100755 --- a/bindings/python/.evergreen/test.sh +++ b/bindings/python/.evergreen/test.sh @@ -68,25 +68,11 @@ else crypt_shared --version latest --out ../crypt_shared/ --target $TARGET fi - -# Don't run pre-commit on Windows -if [ "$OS" != "Windows_NT" ]; then - # Only run once and with Python 3.8+ - createvirtualenv $BASE_PYTHON .venv - python -m pip install certifi - python -m pip install pre-commit - pre-commit run --all-files - deactivate - rm -rf .venv -fi - for PYTHON_BINARY in "${PYTHONS[@]}"; do echo "Running test with python: $PYTHON_BINARY" $PYTHON_BINARY -c 'import sys; print(sys.version)' git clean -dffx createvirtualenv $PYTHON_BINARY .venv - python -m pip install check-manifest - check-manifest -v python -m pip install --prefer-binary -v -e ".[test]" echo "Running tests with crypto enabled libmongocrypt..." PYMONGOCRYPT_LIB=$PYMONGOCRYPT_LIB_CRYPTO python -c 'from pymongocrypt.binding import lib;assert lib.mongocrypt_is_crypto_available(), "mongocrypt_is_crypto_available() returned False"'