From 60f379b745eb1a6a7b65d78cee68b6918287f73b Mon Sep 17 00:00:00 2001 From: Sergei Petrosian Date: Fri, 8 Dec 2023 10:39:18 +0100 Subject: [PATCH] ci: Add Python tests to the CI Signed-off-by: Sergei Petrosian --- .github/workflows/build_docs.yml | 4 +- .github/workflows/changelog_to_tag.yml | 1 - .github/workflows/codeql.yml | 48 +++++++++++++++ .github/workflows/pr-title-lint.yml | 3 +- .github/workflows/python-unit-test.yml | 84 ++++++++++++++++++++++++++ .github/workflows/weekly_ci.yml | 2 +- README.md | 2 +- contributing.md | 31 ++++++++++ 8 files changed, 167 insertions(+), 8 deletions(-) create mode 100644 .github/workflows/codeql.yml create mode 100644 .github/workflows/python-unit-test.yml diff --git a/.github/workflows/build_docs.yml b/.github/workflows/build_docs.yml index e08cb4b..6c4678f 100644 --- a/.github/workflows/build_docs.yml +++ b/.github/workflows/build_docs.yml @@ -45,9 +45,7 @@ jobs: echo "Created $branch branch" else echo "Branch $branch already exists" - fi - - - name: Checkout the docs branch + fi- name: Checkout the docs branch uses: actions/checkout@v4 with: ref: docs diff --git a/.github/workflows/changelog_to_tag.yml b/.github/workflows/changelog_to_tag.yml index c2fe3c0..e1719ca 100644 --- a/.github/workflows/changelog_to_tag.yml +++ b/.github/workflows/changelog_to_tag.yml @@ -83,7 +83,6 @@ jobs: name: Version ${{ steps.tag.outputs.tagname }} bodyFile: ./.tagmsg.txt makeLatest: true - - name: Publish role to Galaxy uses: robertdebock/galaxy-action@1.2.1 with: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..cf81e92 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,48 @@ +--- +name: CodeQL +on: # yamllint disable-line rule:truthy + push: + branches: ["main"] + pull_request: + branches: ["main"] + merge_group: + branches: + - main + types: + - checks_requested + schedule: + - cron: 48 9 * * 6 +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + strategy: + fail-fast: false + matrix: + language: [python] + steps: + - name: Update pip, git + run: | + set -euxo pipefail + sudo apt update + sudo apt install -y git + - name: Checkout + uses: actions/checkout@v4 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + queries: +security-and-quality + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/pr-title-lint.yml b/.github/workflows/pr-title-lint.yml index 8342fb5..3fe030c 100644 --- a/.github/workflows/pr-title-lint.yml +++ b/.github/workflows/pr-title-lint.yml @@ -26,6 +26,5 @@ jobs: - name: Run commitlint on PR title env: - PR_TITLE: ${{ github.event.pull_request.title }} - # Echo from env variable to avoid bash errors with extra characters + PR_TITLE: ${{ github.event.pull_request.title }}# Echo from env variable to avoid bash errors with extra characters run: echo "$PR_TITLE" | npx commitlint --verbose diff --git a/.github/workflows/python-unit-test.yml b/.github/workflows/python-unit-test.yml new file mode 100644 index 0000000..a2abf54 --- /dev/null +++ b/.github/workflows/python-unit-test.yml @@ -0,0 +1,84 @@ +--- +# yamllint disable rule:line-length +name: Python Unit Tests +on: # yamllint disable-line rule:truthy + pull_request: + merge_group: + branches: + - main + types: + - checks_requested + push: + branches: + - main + workflow_dispatch: +permissions: + contents: read +jobs: + python: + strategy: + matrix: + pyver_os: + - ver: "2.7" + os: ubuntu-20.04 + - ver: "3.6" + os: ubuntu-20.04 + - ver: "3.8" + os: ubuntu-latest + - ver: "3.9" + os: ubuntu-latest + - ver: "3.10" + os: ubuntu-latest + - ver: "3.11" + os: ubuntu-latest + runs-on: ${{ matrix.pyver_os.os }} + steps: + - name: Update git + run: | + set -euxo pipefail + sudo apt update + sudo apt install -y git + + - name: checkout PRuses: actions/checkout@v4 + + - name: Set up Python 2.7 + if: ${{ matrix.pyver_os.ver == '2.7' }} + run: | + set -euxo pipefail + sudo apt install -y python2.7 + + - name: Set up Python 3 + if: ${{ matrix.pyver_os.ver != '2.7' }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.pyver_os.ver }} + + - name: Install platform dependencies, python, tox, tox-lsr + run: | + set -euxo pipefail + python -m pip install --upgrade pippip install "git+https://github.com/linux-system-roles/tox-lsr@3.1.1" + # If you have additional OS dependency packages e.g. libcairo2-dev + # then put them in .github/config/ubuntu-requirements.txt, one + # package per line. + if [ -f .github/config/ubuntu-requirements.txt ]; then + sudo apt-get install -y $(cat .github/config/ubuntu-requirements.txt) + fi + + - name: Run unit tests + run: | + set -euxo pipefail + toxpyver=$(echo "${{ matrix.pyver_os.ver }}" | tr -d .) + toxenvs="py${toxpyver}" + # NOTE: The use of flake8, pylint, black with specific + # python envs is arbitrary and must be changed in tox-lsr + # We really should either do those checks using the latest + # version of python, or in every version of python + case "$toxpyver" in + 27) toxenvs="${toxenvs},coveralls,flake8,pylint" ;; + 36) toxenvs="${toxenvs},coveralls,black" ;; + *) toxenvs="${toxenvs},coveralls" ;; + esac + TOXENV="$toxenvs" lsr_ci_runtox + + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v3 diff --git a/.github/workflows/weekly_ci.yml b/.github/workflows/weekly_ci.yml index 057029f..5e97edb 100644 --- a/.github/workflows/weekly_ci.yml +++ b/.github/workflows/weekly_ci.yml @@ -50,7 +50,7 @@ jobs: git push -f --set-upstream origin ${{ env.BRANCH_NAME }} - name: Create and comment pull request - uses: actions/github-script@v7 + uses: actions/github-script@v6 with: github-token: ${{ secrets.GH_PUSH_TOKEN }} script: | diff --git a/README.md b/README.md index e86c624..cb874be 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Role Name -[![ansible-lint.yml](https://github.com/linux-system-roles/bootloader/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/linux-system-roles/bootloader/actions/workflows/ansible-lint.yml) [![ansible-test.yml](https://github.com/linux-system-roles/bootloader/actions/workflows/ansible-test.yml/badge.svg)](https://github.com/linux-system-roles/bootloader/actions/workflows/ansible-test.yml) [![markdownlint.yml](https://github.com/linux-system-roles/bootloader/actions/workflows/markdownlint.yml/badge.svg)](https://github.com/linux-system-roles/bootloader/actions/workflows/markdownlint.yml) [![woke.yml](https://github.com/linux-system-roles/bootloader/actions/workflows/woke.yml/badge.svg)](https://github.com/linux-system-roles/bootloader/actions/workflows/woke.yml) +[![ansible-lint.yml](https://github.com/linux-system-roles/bootloader/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/linux-system-roles/bootloader/actions/workflows/ansible-lint.yml) [![ansible-test.yml](https://github.com/linux-system-roles/bootloader/actions/workflows/ansible-test.yml/badge.svg)](https://github.com/linux-system-roles/bootloader/actions/workflows/ansible-test.yml) [![codeql.yml](https://github.com/linux-system-roles/bootloader/actions/workflows/codeql.yml/badge.svg)](https://github.com/linux-system-roles/bootloader/actions/workflows/codeql.yml) [![markdownlint.yml](https://github.com/linux-system-roles/bootloader/actions/workflows/markdownlint.yml/badge.svg)](https://github.com/linux-system-roles/bootloader/actions/workflows/markdownlint.yml) [![python-unit-test.yml](https://github.com/linux-system-roles/bootloader/actions/workflows/python-unit-test.yml/badge.svg)](https://github.com/linux-system-roles/bootloader/actions/workflows/python-unit-test.yml) [![woke.yml](https://github.com/linux-system-roles/bootloader/actions/workflows/woke.yml/badge.svg)](https://github.com/linux-system-roles/bootloader/actions/workflows/woke.yml) An Ansible role for bootloader and kernel command line management. diff --git a/contributing.md b/contributing.md index 9e38ab0..01a9ec2 100644 --- a/contributing.md +++ b/contributing.md @@ -19,3 +19,34 @@ are likely to be suitable for new contributors! **Code** is managed on [Github](https://github.com/linux-system-roles/bootloader), using [Pull Requests](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/about-pull-requests). + +## Python Code + +The Python code needs to be **compatible with the Python versions supported by +the role platform**. + +For example, see [meta](https://github.com/linux-system-roles/bootloader/blob/main/meta/main.yml) +for the platforms supported by the role. + +If the role provides Ansible modules (code in `library/` or `module_utils/`) - +these run on the *managed* node, and typically[1] use the default system python: + +* EL6 - python 2.6 +* EL7 - python 2.7 or python 3.6 in some cases +* EL8 - python 3.6 +* EL9 - python 3.9 + +If the role provides some other sort of Ansible plugin such as a filter, test, +etc. - these run on the *control* node and typically use whatever version of +python that Ansible uses, which in many cases is *not* the system python, and +may be a modularity release such as python311. + +In general, it is a good idea to ensure the role python code works on all +versions of python supported by `tox-lsr` from py36 on, and on py27 if the role +supports EL7, and on py26 if the role supports EL6.[1] + +[1] Advanced users may set +[ansible_python_interpreter](https://docs.ansible.com/ansible/latest/reference_appendices/special_variables.html#term-ansible_python_interpreter) +to use a non-system python on the managed node, so it is a good idea to ensure +your code has broad python version compatibility, and do not assume your code +will only ever be run with the default system python.