Update github actions files #682
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Pipeline | |
on: | |
push: | |
branches-ignore: | |
# - main | |
- dev | |
workflow_dispatch: | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ${{ github.repository }} | |
jobs: | |
static-analysis: | |
strategy: | |
matrix: | |
python-version: ["3.9", "3.10", "3.11", "3.12"] | |
fail-fast: false | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Install Dependencies and library | |
shell: bash | |
run: | | |
set -ux | |
python -m pip install --upgrade pip | |
pip install -e ".[submodules,docs,lint,test-core]" | |
- name: Run mypy | |
shell: bash | |
run: | | |
mkdir .mypy_cache # Workaround for bad error message "error: --install-types failed (no mypy cache directory)"; see https://github.com/python/mypy/issues/10768#issuecomment-2178450153 | |
mypy fastagency_studio tests | |
- name: Run bandit | |
shell: bash | |
run: bandit -c pyproject.toml -r fastagency_studio | |
- name: Run Semgrep | |
shell: bash | |
run: semgrep scan --config auto --error | |
unit-test-wasp: | |
if: github.ref != 'refs/heads/dev' && github.ref != 'refs/heads/main' && github.event.pull_request.draft == false | |
runs-on: ubuntu-22.04 | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout repository with cached git lfs | |
uses: nschloe/action-cached-lfs-checkout@v1 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- name: Install wasp | |
run: curl -sSL https://get.wasp-lang.dev/installer.sh | sh -s -- -v 0.14.0 | |
- name: Temporary wasp fix | |
run: | | |
PATCH_FILE_PATH=$(cat $(whereis wasp | cut -d " " -f 2) | tail -1 | cut -d " " -f 1 | cut -d "=" -f 2)/Generator/templates/server/package.json | |
echo $PATCH_FILE_PATH | |
sed -i 's/"postinstall": "patch-package"/"postinstall": ""/' $PATCH_FILE_PATH | |
- name: Run client tests | |
run: cd app && wasp test client run --silent | |
- name: Build wasp | |
run: cd app && wasp build | |
- name: Build frontend | |
run: cd app && cd .wasp/build/web-app && npm install && REACT_APP_API_URL=$REACT_APP_API_URL npm run build | |
pre-commit-check: | |
runs-on: ubuntu-latest | |
env: | |
SKIP: "static-analysis" | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
- name: Set $PY environment variable | |
run: echo "PY=$(python -VV | sha256sum | cut -d' ' -f1)" >> $GITHUB_ENV | |
- uses: actions/cache@v4 | |
with: | |
path: ~/.cache/pre-commit | |
key: pre-commit|${{ env.PY }}|${{ hashFiles('.pre-commit-config.yaml') }} | |
- name: Install Dependencies | |
run: pip install .[submodules,docs,testing] | |
- name: Prisma | |
run: prisma generate | |
- uses: pre-commit/[email protected] | |
# https://github.com/marketplace/actions/alls-green#why | |
check: # This job does nothing and is only used for the branch protection | |
if: github.event.pull_request.draft == false | |
needs: | |
- static-analysis | |
- pre-commit-check | |
- unit-test-wasp | |
runs-on: ubuntu-latest | |
steps: | |
- name: Decide whether the needed jobs succeeded or failed | |
uses: re-actors/alls-green@release/v1 # nosemgrep | |
with: | |
jobs: ${{ toJSON(needs) }} |