Keep 'ci/dependency-updates' up-to-date with 'main' #690
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI - Tests | |
on: | |
pull_request: | |
push: | |
branches: | |
- 'main' | |
- 'push-action/**' # Allow pushing to protected branches (using CasperWA/push-protected) | |
jobs: | |
basic-tests: | |
name: External | |
uses: SINTEF/ci-cd/.github/workflows/[email protected] | |
with: | |
# General setup | |
install_extras: "[dev]" | |
# pre-commit | |
run_pre-commit: false | |
# pylint & safety | |
python_version_pylint_safety: "3.10" | |
run_pylint: false | |
run_safety: true | |
# ID: 70612 | |
# Package: Jinja2 | |
# Has been disputed by the maintainer and multiple third parties. | |
# For more information see: https://github.com/advisories/GHSA-f6pv-j8mr-w6rr | |
safety_options: | | |
--ignore=70612 | |
# Build dist | |
python_version_package: "3.10" | |
build_libs: flit | |
build_cmd: flit build | |
# Build documentation | |
run_build_docs: false | |
docker: | |
name: Docker | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
docker_target: ["development", "production"] | |
env: | |
# "Regular" entities service configuration values | |
ENTITIES_SERVICE_MONGO_URI: mongodb://localhost:27017 | |
ENTITIES_SERVICE_X509_CERTIFICATE_FILE: docker_security/test-client.pem | |
ENTITIES_SERVICE_CA_FILE: docker_security/test-ca.pem | |
# These are used in the Dockerfile as well as in pytest | |
ENTITIES_SERVICE_HOST: localhost | |
ENTITIES_SERVICE_PORT: 8000 | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
- name: Setup Python 3.10 | |
uses: actions/setup-python@v5 | |
with: | |
python-version: "3.10" | |
- name: Run MongoDB | |
run: | | |
# Create folder for certificates | |
mkdir -p docker_security | |
# Generate certificates | |
cd docker_security && ${{ github.workspace }}/.github/docker_init/setup_mongo_security.sh | |
cd ${{ github.workspace }} | |
# Pull mongo:8 image and run it | |
docker pull mongo:8 | |
docker run --rm -d \ | |
--name "mongo" \ | |
--network "host" \ | |
--volume "${{ github.workspace }}/.github/docker_init/create_x509_user.js:/docker-entrypoint-initdb.d/0_create_x509_user.js" \ | |
--volume "${{ github.workspace }}/docker_security:/mongo_tls" \ | |
mongo:8 \ | |
--tlsMode allowTLS --tlsCertificateKeyFile /mongo_tls/test-server1.pem --tlsCAFile /mongo_tls/test-ca.pem | |
sleep 10 # Wait for the database to start | |
- name: Build Docker image | |
run: | | |
docker build \ | |
--pull \ | |
--tag entities-service \ | |
--target ${{ matrix.docker_target }} \ | |
. | |
- name: Install test dependencies | |
run: | | |
python -m pip install -U pip | |
pip install -U setuptools wheel | |
pip install -U -e .[testing] | |
- name: Run Docker container | |
run: | | |
# Create logging directory and file | |
mkdir -p logs | |
touch -a logs/entities_service.log | |
# Run the service in the background | |
docker run --rm -d \ | |
--env ENTITIES_SERVICE_MONGO_URI \ | |
--env ENTITIES_SERVICE_X509_CERTIFICATE_FILE \ | |
--env ENTITIES_SERVICE_CA_FILE \ | |
--env PORT=${ENTITIES_SERVICE_PORT} \ | |
--env RUN_TIME=60 \ | |
--env STOP_TIME=3 \ | |
--name "entities-service" \ | |
--network "host" \ | |
--volume "${PWD}:/app" \ | |
--entrypoint "./.github/utils/coverage_entrypoint.sh" \ | |
entities-service \ | |
${{ matrix.docker_target }} | |
sleep 5 # Wait for the service to start | |
- name: Run tests | |
run: | | |
{ | |
pytest -vv --live-backend --cov-report= --color=yes | |
} || { | |
echo "Failed! Here's the Docker logs for the service:" && | |
docker logs entities-service && | |
echo -e "\nAnd the service log:" && | |
cat logs/entities_service.log && | |
exit 1 | |
} | |
- name: Collect coverage | |
run: | | |
# We have mapped the current working directory with the service's working | |
# directory in Docker. This means that we can, first of all, stop the service | |
# via a file touch, and then collect the coverage data from the service. | |
# | |
# See the .github/utils/coverage_entrypoint.sh file for more details on the | |
# stopping mechanism. | |
touch stop_gunicorn | |
sleep 3 # Wait for the service to stop | |
mv .coverage .coverage.pytest | |
coverage combine --data-file=.coverage.final --rcfile=pyproject.toml .coverage.pytest .coverage.docker | |
coverage xml --data-file=.coverage.final --rcfile=pyproject.toml -o coverage.xml | |
coverage report --data-file=.coverage.final --rcfile=pyproject.toml --show-missing --skip-covered --skip-empty | |
- name: Upload coverage | |
if: github.repository_owner == 'SINTEF' | |
uses: codecov/codecov-action@v4 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: coverage.xml | |
fail_ci_if_error: true | |
env_vars: OS,PYTHON | |
flags: docker | |
env: | |
OS: ubuntu-latest | |
PYTHON: '3.10' | |
pytest: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
python_version: ["3.10", "3.11", "3.12"] | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
- name: Setup Python ${{ matrix.python_version }} | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python_version }} | |
- name: Install test dependencies | |
run: | | |
python -m pip install -U pip | |
pip install -U setuptools wheel flit | |
pip install -U -e .[testing] | |
- name: Run pytest | |
run: pytest -vv --cov-report=xml --color=yes | |
- name: Upload coverage | |
if: github.repository_owner == 'SINTEF' | |
uses: codecov/codecov-action@v4 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
fail_ci_if_error: true | |
env_vars: OS,PYTHON | |
flags: local | |
env: | |
OS: ubuntu-latest | |
PYTHON: ${{ matrix.python_version }} | |
pre-commit-hooks: | |
name: Run custom pre-commit hooks | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
python-version: ["3.10", "3.11", "3.12"] | |
os: ["ubuntu-latest", "windows-latest"] | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Set up Python ${{ matrix.python-version }} | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Install Python dependencies | |
run: | | |
python -m pip install -U pip | |
pip install -U setuptools wheel | |
pip install pre-commit | |
- name: Update pre-commit config file with Python version | |
run: sed -i "s/SET_PYTHON_VERSION/python${{ matrix.python-version }}/g" .github/utils/.pre-commit-config_testing.yaml | |
# Note, shell defaults to bash in ubuntu and pwsh in windows | |
- name: Run validate-entities | |
run: python .github/utils/run_pre-commit_hooks.py default | |
- name: Run invalid-entities | |
run: python .github/utils/run_pre-commit_hooks.py invalid-entities | |
- name: Run mixed-validity | |
run: python .github/utils/run_pre-commit_hooks.py mixed-validity | |
- name: Run quiet | |
run: python .github/utils/run_pre-commit_hooks.py quiet | |
- name: Run quiet-mixed-validity | |
run: python .github/utils/run_pre-commit_hooks.py quiet-mixed-validity | |
- name: Run fail-fast | |
run: python .github/utils/run_pre-commit_hooks.py fail-fast | |
- name: Run validate-entities (cmd) | |
if: runner.os == 'Windows' | |
run: python .github/utils/run_pre-commit_hooks.py default | |
shell: cmd | |
- name: Run invalid-entities (cmd) | |
if: runner.os == 'Windows' | |
run: python .github/utils/run_pre-commit_hooks.py invalid-entities | |
shell: cmd | |
- name: Run mixed-validity (cmd) | |
if: runner.os == 'Windows' | |
run: python .github/utils/run_pre-commit_hooks.py mixed-validity | |
shell: cmd | |
- name: Run quiet (cmd) | |
if: runner.os == 'Windows' | |
run: python .github/utils/run_pre-commit_hooks.py quiet | |
shell: cmd | |
- name: Run quiet-mixed-validity (cmd) | |
if: runner.os == 'Windows' | |
run: python .github/utils/run_pre-commit_hooks.py quiet-mixed-validity | |
shell: cmd | |
- name: Run fail-fast (cmd) | |
if: runner.os == 'Windows' | |
run: python .github/utils/run_pre-commit_hooks.py fail-fast | |
shell: cmd | |
build-cli-docs: | |
name: Build CLI docs | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
- name: Setup Python 3.10 | |
uses: actions/setup-python@v5 | |
with: | |
python-version: "3.10" | |
- name: Install dependencies | |
run: | | |
python -m pip install -U pip | |
pip install -U setuptools wheel | |
pip install -U -e .[cli] | |
- name: Typer version | |
run: typer --version | |
- name: Build CLI docs | |
run: | | |
# Build the CLI documentation | |
# Run it twice, since the first run may create a doc only for the `config` sub-typer app. | |
typer entities_service.cli.main utils docs --output /tmp/CLI.md > /dev/null | |
typer entities_service.cli.main utils docs --output /tmp/CLI.md > /dev/null | |
diff --suppress-common-lines /tmp/CLI.md docs/CLI.md 2>&1 > /tmp/CLI_diff.md && ERROR_CODE=0 || ERROR_CODE=$? | |
ERROR_CODE=$? | |
if [ ${ERROR_CODE} -eq 2 ]; then | |
echo "diff encountered an error." | |
exit 2 | |
elif [ ${ERROR_CODE} -eq 1 ]; then | |
echo "CLI documentation has changed. Please update the documentation." | |
echo "Diff:" | |
cat /tmp/CLI_diff.md | |
exit 1 | |
elif [ ${ERROR_CODE} -eq 0 ]; then | |
echo "CLI documentation is up-to-date." | |
else | |
echo "Unknown error." | |
exit 3 | |
fi |