From dde3b04dba70ba2d6a6cb9b5a915ec0bb31b087b Mon Sep 17 00:00:00 2001
From: Luke Tainton <luke@tainton.uk>
Date: Wed, 25 Dec 2024 09:58:19 +0000
Subject: [PATCH] feat(ci): switch to common CI

---
 .github/workflows/ci.yml | 57 +++++++++-------------------------------
 1 file changed, 12 insertions(+), 45 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 7fe3820..304c39c 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,53 +1,20 @@
 name: CI
 on:
-  push:
-    branches: [ main ]
   pull_request:
     types: [opened, synchronize, reopened]
     paths-ignore:
-      - 'README.md'
-      - 'LICENSE.md'
-      - '.gitignore'
-      - 'CODEOWNERS'
-      - 'renovate.json'
-      - '.github/'
+      - "README.md"
+      - "LICENSE.md"
+      - ".gitignore"
+      - ".github/CODEOWNERS"
+      - ".github/renovate.json"
+      - ".github/dependabot.yml"
 
 jobs:
   ci:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out repository code
-        uses: actions/checkout@v4.2.2
-        with:
-          fetch-depth: 0
-      - name: Setup Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.11"
-      - name: Setup Poetry
-        uses: abatilo/actions-poetry@v3
-      - name: Install dependencies
-        run: poetry install
-      - name: Lint
-        run: poetry run ./tools/lint.sh
-      - name: Unit Test
-        run: |
-          poetry run coverage run -m pytest -v --junitxml=testresults.xml
-          poetry run coverage xml
-          sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
-      - name: SonarCloud Scan
-        uses: SonarSource/sonarcloud-github-action@master
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-      - name: Snyk Vulnerability Scan
-        uses: snyk/actions/python-3.10@master
-        continue-on-error: true # To make sure that SARIF upload gets called
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          args: --sarif-file-output=snyk.sarif
-      - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@v3
-        with:
-          sarif_file: snyk.sarif
+    uses: luketainton/gha-workflows/.github/workflows/ci-python-poetry.yml@main
+    with:
+      python-version: 3.11
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}