-
Notifications
You must be signed in to change notification settings - Fork 37
132 lines (113 loc) · 4.08 KB
/
webhook-checks.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: webhook
on:
push:
branches:
- main
paths:
- .github/workflows/webhook-checks.yml
- webhook/**
- '*.tf'
pull_request:
branches:
- main
paths:
- .github/workflows/webhook-checks.yml
- webhook/**
- '*.tf'
workflow_dispatch: # Manual runs
schedule: # Run tests every day at UTC 9:00A
- cron: '0 9 * * *'
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: 3.12
- name: Cache dependencies
uses: actions/cache@v4
with:
path: webhook/env
key: ${{ runner.os }}-lint-${{ hashFiles('webhook/requirements.txt', 'webhook/requirements-test.txt') }}
- name: Install dependencies
working-directory: webhook
run: |
python -m venv env
source env/bin/activate
pip install --upgrade pip
pip install ruff
pip check
- name: Run linter
working-directory: webhook
run: |
source env/bin/activate
ruff check .
test:
runs-on: ubuntu-latest
strategy:
matrix:
# To parse datetime in ISO format ending with Z, we need at least Python 3.11.
# https://docs.python.org/3/library/datetime.html#datetime.datetime.fromisoformat
# For `itertools.batched` we need at least Python 3.12.
# https://docs.python.org/3/library/itertools.html#itertools.batched
python-version: ['3.12']
env:
PROJECT_ID: jss-22p1-test
ACTIONS_RUNNER_DEBUG: true
ACTIONS_STEP_DEBUG: true
# Needed to generate the identity token for google-github-actions/auth.
# https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-google-cloud-platform
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
steps:
- uses: actions/checkout@v4
- uses: hashicorp/setup-terraform@v3
- uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
# https://github.com/marketplace/actions/authenticate-to-google-cloud
# https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-google-cloud-platform
- id: auth
name: Authenticate to Google Cloud
uses: google-github-actions/auth@v2
with:
workload_identity_provider: projects/886556137211/locations/global/workloadIdentityPools/github-actions/providers/github-actions
service_account: [email protected]
- name: Cache dependencies
uses: actions/cache@v4
with:
path: webhook/env
key: ${{ runner.os }}-check-${{ hashFiles('webhook/requirements.txt', 'webhook/requirements-test.txt') }}
- name: Install dependencies
working-directory: webhook
run: |
python -m venv env
source env/bin/activate
pip install --upgrade pip
pip install -r requirements.txt -r requirements-test.txt
pip check
- name: Type check
working-directory: webhook
run: |
source env/bin/activate
mypy --non-interactive --install-types .
- name: Run tests
working-directory: webhook
run: |
source env/bin/activate
pytest --verbose -s -W ignore::DeprecationWarning