Skip to content

Pin runner images to specific versions #8

Pin runner images to specific versions

Pin runner images to specific versions #8

Workflow file for this run

name: ci/cd
on: [push, pull_request]
jobs:
lint:
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Install uv
uses: astral-sh/setup-uv@v5
with:
enable-cache: true
- name: Set up python
uses: actions/setup-python@v5
with:
python-version: "3.9"
- name: Lint
run: make lint
test:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os:
- ubuntu-24.04 # renovate: github-runner
- macos-14 # renovate: github-runner
- windows-2022 # renovate: github-runner
python-version:
- "3.9"
- "3.10"
- "3.11"
- "3.12"
- "3.13"
- "pypy3.9"
- "pypy3.10"
fail-fast: false
steps:
- uses: actions/checkout@v4
- name: Install uv
uses: astral-sh/setup-uv@v5
with:
enable-cache: true
- name: Set up python
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
allow-prereleases: true
- name: Test
env:
COVERAGE_FILE: .coverage.${{ matrix.os }}.${{ matrix.python-version }}
run: make pytest
- name: Upload coverage data
uses: actions/upload-artifact@v4
with:
name: coverage-data-${{ matrix.os }}-${{ matrix.python-version }}
path: .coverage.${{ matrix.os }}.${{ matrix.python-version }}
include-hidden-files: true
coverage:
runs-on: ubuntu-24.04
needs: test
outputs:
percentage: ${{ steps.percentage.outputs.percentage }}
steps:
- uses: actions/checkout@v4
- name: Install Coverage.py
run: pipx install coverage[toml]
- name: Download coverage data
uses: actions/download-artifact@v4
with:
pattern: coverage-data-*
merge-multiple: true
- name: Combine data
run: coverage combine
- name: Output coverage percentage
id: percentage
run: |
coverage json
echo "percentage=$(jq '.totals.percent_covered_display' coverage.json)" >> $GITHUB_OUTPUT
- name: Save coverage report
run: coverage report --format=markdown >> $GITHUB_STEP_SUMMARY
- name: Ensure 100% coverage
run: coverage report --fail-under=100
coverage-badge:
runs-on: ubuntu-24.04
needs: coverage
if: github.event_name == 'push' && github.ref_name == 'main'
permissions:
contents: write
steps:
- uses: actions/checkout@v4
with:
ref: "coverage-badge"
- name: Calculate badge color
id: color
run: |
echo "color=$(python3 -Ic 'print(
min(
(percentage, color)
for percentage, color in [
(100, "brightgreen"),
(90, "green"),
(70, "yellowgreen"),
(50, "yellow"),
(30, "orange"),
(0, "red"),
]
if percentage >= int(${{ needs.coverage.outputs.percentage }})
)[1]
)')" >> $GITHUB_OUTPUT
- name: Update JSON file
run: |
jq -n \
--argjson schemaVersion 1 \
--arg label coverage \
--arg message ${{ needs.coverage.outputs.percentage }}% \
--arg color ${{ steps.color.outputs.color }} \
'$ARGS.named' > coverage-badge.json
- name: Create commit
run: |
git config user.name 'github-actions[bot]'
git config user.email '41898282+github-actions[bot]@users.noreply.github.com'
git commit -am "Update coverage" && git push || true
build:
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Install uv
uses: astral-sh/setup-uv@v5
with:
enable-cache: true
- name: Build project
run: uv build
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: artifacts
path: dist/*
if-no-files-found: error
pypi-publish:
runs-on: ubuntu-24.04
needs:
- lint
- test
- coverage
- build
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
environment: pypi-publish
permissions:
id-token: write
steps:
- name: Download artifacts
uses: actions/download-artifact@v4
with:
name: artifacts
path: dist
- name: Publish to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
lint-spec-parser:
runs-on: ubuntu-24.04
defaults:
run:
working-directory: spec_parser
steps:
- uses: actions/checkout@v4
- name: Install uv
uses: astral-sh/setup-uv@v5
with:
enable-cache: true
- name: Set up python
uses: actions/setup-python@v5
with:
python-version: "3.9"
- name: Lint
run: make lint
dummy-required-job:
runs-on: ubuntu-24.04
needs:
- lint
- test
- coverage
- build
- lint-spec-parser
if: always()
steps:
- run: exit 1
if: ${{ contains( needs.*.result, 'failure' ) || contains( needs.*.result, 'cancelled' ) }}