Skip to content

Commit

Permalink
Use reusable tox workflow (#172)
Browse files Browse the repository at this point in the history
  • Loading branch information
ssbarnea authored Nov 7, 2024
1 parent 7d9129f commit a24eaa3
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 209 deletions.
221 changes: 12 additions & 209 deletions .github/workflows/tox.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,222 +2,25 @@
name: tox

on:
push: # only publishes pushes to the main branch to TestPyPI
branches: # any integration branch but not tag
push:
branches:
- "main"
pull_request:
branches:
- "main"
workflow_call:

concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true

env:
FORCE_COLOR: 1
PY_COLORS: 1

jobs:
prepare:
name: prepare
runs-on: ubuntu-22.04
outputs:
matrix: ${{ steps.generate_matrix.outputs.matrix }}
steps:
- name: Determine matrix
id: generate_matrix
uses: coactions/dynamic-matrix@v2
with:
default_python: "3.10"
min_python: "3.10"
max_python: "3.12"
other_names: |
lint
docs
platforms: linux,macos

build:
name: ${{ matrix.name }}
runs-on: ${{ matrix.os || 'ubuntu-22.04' }}
needs:
- prepare
defaults:
run:
shell: ${{ matrix.shell || 'bash'}}
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.prepare.outputs.matrix) }}
env:
# Number of expected test passes, safety measure for accidental skip of
# tests. Update value if you add/remove tests.
PYTEST_REQPASS: 1
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # needed by setuptools-scm
submodules: true

- name: Set pre-commit cache
uses: actions/cache@v4
if: ${{ matrix.passed_name == 'lint' }}
with:
path: |
~/.cache/pre-commit
key: pre-commit-${{ matrix.name || matrix.passed_name }}-${{ hashFiles('.pre-commit-config.yaml') }}

- name: Set galaxy cache
uses: actions/cache@v4
if: ${{ startsWith(matrix.passed_name, 'py') }}
with:
path: |
examples/playbooks/collections/*.tar.gz
examples/playbooks/collections/ansible_collections
key: galaxy-${{ hashFiles('examples/playbooks/collections/requirements.yml') }}

- name: Set up Python ${{ matrix.python_version || '3.10' }}
uses: actions/setup-python@v5
with:
cache: pip
python-version: ${{ matrix.python_version || '3.10' }}

- name: Install tox
run: |
python3 -m pip install --upgrade pip
python3 -m pip install --upgrade "tox>=4.0.0"
- name: Log installed dists
run: python3 -m pip freeze --all

- name: Initialize tox envs ${{ matrix.passed_name }}
run: python3 -m tox --notest --skip-missing-interpreters false -vv -e ${{ matrix.passed_name }}
timeout-minutes: 5 # average is under 1, but macos can be over 3

# sequential run improves browsing experience (almost no speed impact)
- name: tox -e ${{ matrix.passed_name }}
run: python3 -m tox -e ${{ matrix.passed_name }}

- name: Archive logs
uses: actions/upload-artifact@v4
with:
name: logs-${{ matrix.name }}.zip
include-hidden-files: true
path: |
.tox/**/log/
.tox/**/.coverage*
.tox/**/coverage.xml
- name: Report failure if git reports dirty status
run: |
if [[ -n $(git status -s) ]]; then
# shellcheck disable=SC2016
echo -n '::error file=git-status::'
printf '### Failed as git reported modified and/or untracked files\n```\n%s\n```\n' "$(git status -s)" | tee -a "$GITHUB_STEP_SUMMARY"
exit 99
fi
# https://github.com/actions/toolkit/issues/193

codeql:
name: codeql
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write

strategy:
fail-fast: false
matrix:
language: ["python"]

steps:
- name: Checkout repository
uses: actions/checkout@v4

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.

# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality

- name: Autobuild
uses: github/codeql-action/autobuild@v3

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{matrix.language}}"

check: # This job does nothing and is only used for the branch protection
if: always()
permissions:
id-token: write # codecov
pull-requests: write # allow codenotify to comment on pull-request

needs:
- build
- codeql

runs-on: ubuntu-latest

steps:
# checkout needed for codecov action which needs codecov.yml file
- uses: actions/checkout@v4

- name: Set up Python # likely needed for coverage
uses: actions/setup-python@v5
with:
python-version: "3.12"

- run: pip3 install 'coverage>=7.5.1'

- name: Merge logs into a single archive
uses: actions/upload-artifact/merge@v4
with:
name: logs.zip
include-hidden-files: true
pattern: logs-*.zip
# artifacts like py312.zip and py312-macos do have overlapping files
separate-directories: true

- name: Download artifacts
uses: actions/download-artifact@v4
with:
name: logs.zip
path: .

- name: Check for expected number of coverage.xml reports
run: |
JOBS_PRODUCING_COVERAGE=5
if [ "$(find . -name coverage.xml | wc -l | bc)" -ne "${JOBS_PRODUCING_COVERAGE}" ]; then
echo "::error::Number of coverage.xml files was not the expected one (${JOBS_PRODUCING_COVERAGE}): $(find . -name coverage.xml |xargs echo)"
exit 1
fi
- name: Upload coverage data
uses: codecov/codecov-action@v4
with:
name: ${{ matrix.passed_name }}
# verbose: true # optional (default = false)
fail_ci_if_error: true
use_oidc: true # cspell:ignore oidc

- name: Check codecov.io status
if: github.event_name == 'pull_request'
uses: coactions/codecov-status@main

- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@release/v1
with:
jobs: ${{ toJSON(needs) }}

- name: Delete Merged Artifacts
uses: actions/upload-artifact/merge@v4
with:
include-hidden-files: true
delete-merged: true
tox:
uses: ansible/team-devtools/.github/workflows/tox.yml@main
with:
jobs_producing_coverage: 7
other_names: |
docs
lint
pkg
devel
6 changes: 6 additions & 0 deletions tox.ini
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,13 @@ envlist =
lint
pkg
docs
py
devel

[testenv]
description =
Run tests
devel: without constrained dependencies
extras =
test
passenv =
Expand Down Expand Up @@ -100,6 +105,7 @@ description =
Build package, verify metadata, install package and assert behavior when ansible is missing.
deps =
build >= 1.0.3
pip
twine >= 4.0.1
skip_install = true
# Ref: https://twitter.com/di_codes/status/1044358639081975813
Expand Down

0 comments on commit a24eaa3

Please sign in to comment.