|
1
|
name: CI |
|
2
|
|
|
3
|
on: |
|
4
|
push: |
|
5
|
branches: [main] |
|
6
|
pull_request: |
|
7
|
branches: [main] |
|
8
|
workflow_call: |
|
9
|
|
|
10
|
concurrency: |
|
11
|
group: ci-${{ github.ref }} |
|
12
|
cancel-in-progress: true |
|
13
|
|
|
14
|
jobs: |
|
15
|
lint: |
|
16
|
runs-on: ubuntu-latest |
|
17
|
steps: |
|
18
|
- uses: actions/checkout@v4 |
|
19
|
- uses: actions/setup-python@v5 |
|
20
|
with: |
|
21
|
python-version: "3.12" |
|
22
|
- run: pip install ruff |
|
23
|
- run: ruff check . |
|
24
|
- run: ruff format --check . |
|
25
|
|
|
26
|
test: |
|
27
|
runs-on: ubuntu-latest |
|
28
|
services: |
|
29
|
postgres: |
|
30
|
image: postgres:16-alpine |
|
31
|
env: |
|
32
|
POSTGRES_DB: fossilrepo_test |
|
33
|
POSTGRES_USER: dbadmin |
|
34
|
POSTGRES_PASSWORD: Password123 |
|
35
|
ports: |
|
36
|
- 5432:5432 |
|
37
|
options: >- |
|
38
|
--health-cmd "pg_isready -U dbadmin -d fossilrepo_test" |
|
39
|
--health-interval 5s |
|
40
|
--health-timeout 5s |
|
41
|
--health-retries 5 |
|
42
|
redis: |
|
43
|
image: redis:7-alpine |
|
44
|
ports: |
|
45
|
- 6379:6379 |
|
46
|
options: >- |
|
47
|
--health-cmd "redis-cli ping" |
|
48
|
--health-interval 5s |
|
49
|
--health-timeout 5s |
|
50
|
--health-retries 5 |
|
51
|
env: |
|
52
|
DJANGO_SECRET_KEY: test-secret-key |
|
53
|
DJANGO_DEBUG: "true" |
|
54
|
POSTGRES_DB: fossilrepo_test |
|
55
|
POSTGRES_USER: dbadmin |
|
56
|
POSTGRES_PASSWORD: Password123 |
|
57
|
POSTGRES_HOST: localhost |
|
58
|
POSTGRES_PORT: "5432" |
|
59
|
REDIS_URL: redis://localhost:6379/1 |
|
60
|
CELERY_BROKER: redis://localhost:6379/0 |
|
61
|
steps: |
|
62
|
- uses: actions/checkout@v4 |
|
63
|
- uses: actions/setup-python@v5 |
|
64
|
with: |
|
65
|
python-version: "3.12" |
|
66
|
- name: Install dependencies |
|
67
|
run: | |
|
68
|
python -c " |
|
69
|
import tomllib, subprocess, sys |
|
70
|
with open('pyproject.toml', 'rb') as f: |
|
71
|
d = tomllib.load(f) |
|
72
|
deps = (d['project'].get('dependencies', []) + |
|
73
|
d['project'].get('optional-dependencies', {}).get('dev', [])) |
|
74
|
subprocess.check_call([sys.executable, '-m', 'pip', 'install'] + deps) |
|
75
|
" |
|
76
|
- run: python manage.py migrate --noinput |
|
77
|
- run: python manage.py collectstatic --no-input |
|
78
|
- run: python -m pytest --cov --cov-report=term-missing --cov-fail-under=40 -v |
|
79
|
|
|
80
|
audit: |
|
81
|
runs-on: ubuntu-latest |
|
82
|
steps: |
|
83
|
- uses: actions/checkout@v4 |
|
84
|
- uses: actions/setup-python@v5 |
|
85
|
with: |
|
86
|
python-version: "3.12" |
|
87
|
- run: pip install pip-audit |
|
88
|
- run: pip-audit --strict --desc || true |
|
89
|
|