From 086026169445ff1c0b4a8538d3c5bad549add722 Mon Sep 17 00:00:00 2001 From: Corentin Garcia Date: Wed, 6 Mar 2024 19:47:10 +0100 Subject: [PATCH 1/2] chore(ci): move code analysis to separate job --- .github/workflows/ci.yml | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b571cbc..b35f8d9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,7 +20,8 @@ jobs: strategy: fail-fast: false matrix: - python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "pypy3.9", "pypy3.10"] + python-version: + ["3.8", "3.9", "3.10", "3.11", "3.12", "pypy3.9", "pypy3.10"] runs-on: ubuntu-latest steps: - name: Checkout code @@ -42,18 +43,28 @@ jobs: run: make style - name: Test run: make test - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - name: Codecov uses: codecov/codecov-action@v4 with: flags: ${{ matrix.python-version }} token: ${{ secrets.CODECOV_TOKEN }} + code_scanning: + name: Code scanning + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: python + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 release: name: Release on PyPI runs-on: ubuntu-latest environment: release - needs: ci + needs: [ci, code_scanning] if: startsWith(github.ref, 'refs/tags/v') permissions: id-token: write From 4614dd9a139036b722a00c9b5f8784e819adf2b6 Mon Sep 17 00:00:00 2001 From: Corentin Garcia Date: Wed, 6 Mar 2024 19:48:36 +0100 Subject: [PATCH 2/2] chore(ci): format doc worklow --- .github/workflows/doc.yml | 60 +++++++++++++++++++-------------------- 1 file changed, 29 insertions(+), 31 deletions(-) diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml index 56dd60a..e1c5b30 100644 --- a/.github/workflows/doc.yml +++ b/.github/workflows/doc.yml @@ -17,37 +17,35 @@ jobs: permissions: contents: write steps: - - name: Checkout code - uses: actions/checkout@v4 - - name: Install Poetry - run: pipx install poetry - - name: Setup Python - uses: actions/setup-python@v5 - with: - python-version: 3.12 - cache: "poetry" - - name: Setup environment - run: poetry install - - name: Build HTML - run: poetry run sphinx-build -M html docs docs/build - - name: Upload artifacts - uses: actions/upload-pages-artifact@v3 - with: - path: docs/build/html/ + - name: Checkout code + uses: actions/checkout@v4 + - name: Install Poetry + run: pipx install poetry + - name: Setup Python + uses: actions/setup-python@v5 + with: + python-version: 3.12 + cache: "poetry" + - name: Setup environment + run: poetry install + - name: Build HTML + run: poetry run sphinx-build -M html docs docs/build + - name: Upload artifacts + uses: actions/upload-pages-artifact@v3 + with: + path: docs/build/html/ deploy: - name: Deploy documentation - runs-on: ubuntu-latest - needs: build - if: startsWith(github.ref, 'refs/tags/v') - permissions: - pages: write # to deploy to Pages - id-token: write # to verify the deployment originates from an appropriate source - environment: - name: github-pages - url: ${{ steps.deployment.outputs.page_url }} - steps: + name: Deploy documentation + runs-on: ubuntu-latest + needs: build + if: startsWith(github.ref, 'refs/tags/v') + permissions: + pages: write # to deploy to Pages + id-token: write # to verify the deployment originates from an appropriate source + environment: + name: github-pages + url: ${{ steps.deployment.outputs.page_url }} + steps: - name: Deploy to GitHub Pages id: deployment - uses: actions/deploy-pages@v4 # or the latest "vX.X.X" version tag for this action - - + uses: actions/deploy-pages@v4