mirror of
https://github.com/ParisNeo/lollms_hub.git
synced 2026-05-04 03:01:01 -04:00
e106bda859
- Remove OS matrix from lint job; run lint only on ubuntu-latest - Upgrade actions/setup-python from v4 to v5 with pip caching - Replace snok/install-poetry and manual cache with pip-based setup - Simplify tox.ini by using `deps = poetry` and `poetry run` consistently - Remove redundant `skipsdist = true` and duplicated commands_pre blocks - Drop deprecated safety JSON output and html coverage report
184 lines
4.5 KiB
YAML
184 lines
4.5 KiB
YAML
name: CI/CD Pipeline
|
|
|
|
on:
|
|
push:
|
|
branches: [ main, develop ]
|
|
pull_request:
|
|
branches: [ main, develop ]
|
|
|
|
jobs:
|
|
lint:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
python-version: ['3.11', '3.12', '3.13']
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Set up Python ${{ matrix.python-version }}
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: ${{ matrix.python-version }}
|
|
cache: 'pip'
|
|
|
|
- name: Install base dependencies
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
pip install tox poetry
|
|
|
|
- name: Run linting with tox
|
|
run: tox -e flake8,pylint,ruff
|
|
|
|
test:
|
|
runs-on: ${{ matrix.os }}
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
os: [ubuntu-latest, windows-latest, macos-latest]
|
|
python-version: ['3.11', '3.12', '3.13']
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Set up Python ${{ matrix.python-version }}
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: ${{ matrix.python-version }}
|
|
cache: 'pip'
|
|
|
|
- name: Install base dependencies
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
pip install tox poetry
|
|
|
|
- name: Run tests with coverage
|
|
run: tox -e py${{ matrix.python-version }} -- --cov=app --cov-report=xml
|
|
|
|
- name: Upload coverage reports
|
|
uses: actions/upload-artifact@v4
|
|
if: always()
|
|
with:
|
|
name: coverage-report-${{ matrix.os }}-${{ matrix.python-version }}
|
|
path: |
|
|
coverage.xml
|
|
htmlcov/
|
|
|
|
security-bandit:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Set up Python
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: '3.12'
|
|
|
|
- name: Install Poetry
|
|
uses: snok/install-poetry@v1
|
|
with:
|
|
version: latest
|
|
virtualenvs-create: true
|
|
virtualenvs-in-project: true
|
|
|
|
- name: Load cached venv
|
|
id: cached-poetry-dependencies
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: .venv
|
|
key: venv-${{ runner.os }}-3.12-${{ hashFiles('**/poetry.lock') }}
|
|
|
|
- name: Install dependencies
|
|
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
|
|
run: poetry install --with dev
|
|
|
|
- name: Run bandit security check
|
|
run: poetry run tox -e security-bandit
|
|
|
|
- name: Upload bandit report
|
|
uses: actions/upload-artifact@v4
|
|
if: always()
|
|
with:
|
|
name: bandit-report
|
|
path: bandit-report.json
|
|
|
|
security-safety:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Set up Python
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: '3.12'
|
|
|
|
- name: Install Poetry
|
|
uses: snok/install-poetry@v1
|
|
with:
|
|
version: latest
|
|
virtualenvs-create: true
|
|
virtualenvs-in-project: true
|
|
|
|
- name: Load cached venv
|
|
id: cached-poetry-dependencies
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: .venv
|
|
key: venv-${{ runner.os }}-3.12-${{ hashFiles('**/poetry.lock') }}
|
|
|
|
- name: Install dependencies
|
|
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
|
|
run: poetry install --with dev
|
|
|
|
- name: Run safety security check
|
|
run: poetry run tox -e security-safety
|
|
|
|
- name: Upload safety report
|
|
uses: actions/upload-artifact@v4
|
|
if: always()
|
|
with:
|
|
name: safety-report
|
|
path: safety-report.json
|
|
|
|
build:
|
|
needs: [lint, test, security-bandit, security-safety]
|
|
runs-on: ubuntu-latest
|
|
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Set up Python
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: '3.12'
|
|
|
|
- name: Install Poetry
|
|
uses: snok/install-poetry@v1
|
|
with:
|
|
version: latest
|
|
virtualenvs-create: true
|
|
virtualenvs-in-project: true
|
|
|
|
- name: Load cached venv
|
|
id: cached-poetry-dependencies
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: .venv
|
|
key: venv-${{ runner.os }}-3.12-${{ hashFiles('**/poetry.lock') }}
|
|
|
|
- name: Install dependencies
|
|
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
|
|
run: poetry install --with dev
|
|
|
|
- name: Build package
|
|
run: poetry build
|
|
|
|
- name: Check package
|
|
run: poetry run twine check dist/*
|
|
|
|
- name: Upload build artifacts
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: dist
|
|
path: dist/
|