This repository has been archived by the owner on Jan 22, 2025. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
123 lines (120 loc) · 3.8 KB
/
cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
name: Continuous Deployment
on:
schedule:
- cron: "00 09 * * *"
jobs:
pre_release_check:
name: Check for commits to master
permissions:
actions: read
contents: read
runs-on: ubuntu-latest
outputs:
should_run: ${{ steps.check.outputs.has-new-commits }}
steps:
- name: Determine if commits have been pushed to master.
id: check
uses: adriangl/check-new-commits-action@v1
with:
token: ${{secrets.GH_TOKEN}}
seconds: 604800
branch: "master"
static_checks:
name: Static Checks
needs: pre_release_check
if: needs.pre_release_check.outputs.should_run == 'true'
permissions:
actions: read
contents: read
security-events: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: '3.8'
- name: Setup Worker
run: ci/scripts/setup_worker.sh
- name: Build Package and Verify
run: ci/scripts/build.sh
- name: Typing Check
run: ci/scripts/codescan.sh mypy
- name: Code Quality Check
run: ci/scripts/codescan.sh flake8
- name: Dependency Security Check
run: ci/scripts/codescan.sh safety
- name: Formatting Check
run: ci/scripts/codescan.sh black
- name: Upload Codescan Report
if: ${{ always() }}
uses: actions/upload-artifact@v3
with:
name: codescan-test-report
path: |
/home/runner/work/Flask-OpenAPI/Flask-OpenAPI/ci/codescan_logs/*.log
if-no-files-found: ignore
retention-days: 1
unit_tests:
name: Unit Tests
needs: pre_release_check
if: needs.pre_release_check.outputs.should_run == 'true'
permissions:
actions: read
contents: read
security-events: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: '3.8'
- name: Setup Worker
run: ci/scripts/setup_worker.sh
- name: Build Package and Verify
run: ci/scripts/build.sh
- name: Run Unit Tests
run: ci/scripts/test_runner.sh
- name: Upload Test Report
if: ${{ always() }}
uses: actions/upload-artifact@v3
with:
name: unit-test-report
path: |
/home/runner/work/Flask-OpenAPI/Flask-OpenAPI/ci/tests/report.xml
/home/runner/work/Flask-OpenAPI/Flask-OpenAPI/ci/tests/coverage.xml
/home/runner/work/Flask-OpenAPI/Flask-OpenAPI/ci/tests/pytest.log
if-no-files-found: ignore
retention-days: 1
build_release:
name: Build Release
needs: [pre_release_check, static_checks, unit_tests]
if: needs.pre_release_check.outputs.should_run == 'true'
permissions:
actions: read
contents: read
security-events: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: '3.8'
- name: Setup Worker
run: ci/scripts/setup_worker.sh
- name: Increment Version Number
run: ci/scripts/new_version.sh auto_increment
- name: Build Package and Verify
run: ci/scripts/build.sh
- name: Upload release to PyPI
run: python3 -m twine upload --username=__token__ --password=${{secrets.PYPI_TOKEN}} dist/*
- name: Create GitHub Release
run: gh release create --latest --generate-notes dist/*
env:
GITHUB_TOKEN: ${{secrets.GH_TOKEN}}
- name: Upload Build Artifacts
uses: actions/upload-artifact@v2
with:
name: Flask-OpenAPI
path: /home/runner/work/Flask-OpenAPI/dist
if-no-files-found: ignore
retention-days: 1