public/roboluke-tasks
3
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Releases 48 Activity

chore(ci): use Python 3.13 in CI #323

Merged
luketainton merged 2 commits from chore/ci-to-313 into main 2024-11-28 22:50:41 +01:00
Conversation 1 Commits 2 Files Changed 2 +8 -46
2 changed files with 8 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/ci.yml vendored
View File

@ -13,6 +13,8 @@ on:
jobs: jobs:
ci: ci:
uses: luketainton/gha-workflows/.github/workflows/ci-python-poetry-with-docker.yml@main uses: luketainton/gha-workflows/.github/workflows/ci-python-poetry-with-docker.yml@main
with:
python-version: 3.13
secrets: secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

52
.github/workflows/release.yml vendored
View File

@ -6,52 +6,12 @@ on:
jobs: jobs:
test: test:
name: Test uses: luketainton/gha-workflows/.github/workflows/ci-python-poetry-with-docker.yml@main
runs-on: ubuntu-latest with:
steps: python-version: 3.13
- name: Check out repository code secrets:
uses: actions/checkout@v4.2.2 SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
fetch-depth: 0
- uses: hadolint/hadolint-action@v3.1.0
with:
dockerfile: Dockerfile
output-file: hadolint.out
format: sonarqube
no-fail: true
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Setup Poetry
uses: abatilo/actions-poetry@v3
- name: Install dependencies
run: poetry install
- name: Lint
run: |
poetry run pylint --fail-under=8 --recursive=yes --output-format=parseable --output=lintreport.txt .
cat lintreport.txt
- name: Unit Test
run: |
poetry run coverage run -m pytest -v --junitxml=testresults.xml
poetry run coverage xml
sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- name: Snyk Vulnerability Scan
uses: snyk/actions/python-3.10@master
continue-on-error: true # To make sure that SARIF upload gets called
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --sarif-file-output=snyk.sarif --all-projects
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: snyk.sarif
create_release: create_release:
name: Create Release name: Create Release