Update dependencies #1529
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
push: | |
branches: [main] | |
tags: ['v*'] | |
pull_request: | |
branches: [main] | |
workflow_dispatch: | |
env: | |
LATEST_PY_VERSION: '3.11' | |
COVERAGE_ARGS: '--cov --cov-report=term --cov-report=xml' | |
XDIST_ARGS: '--numprocesses=auto' | |
jobs: | |
# Run unit tests for each supported python version | |
test: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12'] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- uses: snok/[email protected] | |
with: | |
virtualenvs-in-project: true | |
# Cache packages per python version, and reuse until lockfile changes | |
- name: Cache python packages | |
id: cache | |
uses: actions/cache@v4 | |
with: | |
path: .venv | |
key: venv-${{ matrix.python-version }}-${{ hashFiles('poetry.lock') }} | |
- name: Install dependencies | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: poetry install -v -E all | |
# Run tests with coverage report | |
- name: Run tests | |
run: poetry run pytest -rs -x -vv ${{ env.XDIST_ARGS }} ${{ env.COVERAGE_ARGS }} | |
# Latest python version: send coverage report to codecov | |
- name: "Upload coverage report to Codecov" | |
if: ${{ matrix.python-version == env.LATEST_PY_VERSION }} | |
uses: codecov/codecov-action@v5 | |
# Run code analysis checks via pre-commit hooks | |
analyze: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.LATEST_PY_VERSION }} | |
- name: Run style checks & linting | |
uses: pre-commit/[email protected] | |
- name: Scan dependencies for known vulnerabilities | |
uses: pypa/[email protected] | |
with: | |
vulnerability-service: osv | |
# Ignore issues with pip and setuptools versions used by the action itself | |
ignore-vulns: | | |
GHSA-cx63-2mw6-8hw5 | |
PYSEC-2023-228 | |
PYSEC-2022-43012 |