Add SPDX format support for SBOM #3481
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Gating | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
workflow_dispatch: | |
inputs: {} | |
jobs: | |
tests: | |
name: Unit tests | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
python-version: ["3.9", "3.10", "3.11", "3.12"] | |
container: | |
image: python:${{ matrix.python-version }}-slim | |
steps: | |
- name: Install dependencies | |
run: | | |
# We need to install git inside the container otherwise the checkout action will use Git | |
# REST API and the .git directory won't be present which fails due to setuptools-scm | |
apt-get update && apt-get install --no-install-recommends --no-install-suggests -y git | |
python3 -m pip install --upgrade pip | |
pip install tox | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Test with tox | |
run: | | |
# Disable Git's safe.directory mechanism as some unit tests do clone repositories | |
git config --global --add safe.directory '*' | |
tox -e py3 | |
- name: Upload coverage reports to Codecov | |
if: matrix.python-version == '3.12' | |
uses: codecov/codecov-action@v4 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
linters: | |
name: Linters | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
tox_env: | |
- bandit | |
- black | |
- isort | |
- flake8 | |
- mypy | |
container: | |
image: python:3.9-slim | |
steps: | |
- name: Install dependencies | |
run: | | |
# We need to install git inside the container otherwise the checkout action will use Git | |
# REST API and the .git directory won't be present which fails due to setuptools-scm | |
apt-get update && apt-get install --no-install-recommends --no-install-suggests -y git | |
python3 -m pip install --upgrade pip | |
pip install tox | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Test '${{ matrix.tox_env }}' with tox | |
run: tox -e ${{ matrix.tox_env }} | |
hadolint: | |
name: Hadolint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: hadolint/[email protected] | |
with: | |
dockerfile: Containerfile | |
# Ignore list: | |
# * DL3041 - Specify version with dnf install -y <package>-<version> | |
ignore: DL3041 | |
failure-threshold: warning | |
build-image: | |
name: Build Cachi2 image and run integration tests on it | |
runs-on: ubuntu-latest | |
container: | |
image: registry.fedoraproject.org/fedora:40 | |
options: --privileged | |
volumes: | |
# https://github.com/containers/buildah/issues/3666 | |
- /var/lib/containers:/var/lib/containers | |
steps: | |
- name: Install required packages | |
run: | | |
dnf distro-sync -y | |
dnf install -y python3 python3-devel python3-pip gcc git podman | |
pip3 install --upgrade pip | |
pip3 install tox tox-gh-actions | |
- name: add checkout action... | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Build Cachi2 image | |
run: | | |
podman build -t cachi2:${{ github.sha }} . | |
- name: Check image created and Cachi2 version | |
run: | | |
podman images | grep 'cachi2' | |
podman run -t cachi2:${{ github.sha }} --version | |
- name: Run integration tests on built image | |
env: | |
CACHI2_IMAGE: localhost/cachi2:${{ github.sha }} | |
CACHI2_TEST_LOCAL_PYPISERVER: 'true' | |
run: | | |
git config --global --add safe.directory "*" | |
tox -e integration |