diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 00b3b9cd9..b7db6cc09 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -7,7 +7,7 @@ on: # The branches below must be a subset of the branches above branches: [master, devel] schedule: - - cron: '0 17 * * 2' + - cron: "0 17 * * 2" jobs: analyze: @@ -19,29 +19,28 @@ jobs: matrix: # Override automatic language detection by changing the below list # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] - language: ['python', 'javascript'] + language: ["python", "javascript"] # Learn more... # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection steps: - - name: Checkout repository - uses: actions/checkout@v3 - with: - # We must fetch at least the immediate parents so that if this is - # a pull request then we can checkout the head. - fetch-depth: 2 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v2 - - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + - name: Checkout repository + uses: actions/checkout@v3 + with: + # We must fetch at least the immediate parents so that if this is + # a pull request then we can checkout the head. + fetch-depth: 2 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/dependency-auto-merge.yml b/.github/workflows/dependency-auto-merge.yml index afa59cc67..1f56f114d 100644 --- a/.github/workflows/dependency-auto-merge.yml +++ b/.github/workflows/dependency-auto-merge.yml @@ -22,7 +22,7 @@ jobs: with: github-token: "${{ secrets.GITHUB_TOKEN }}" - name: Enable auto-merge for Dependabot PRs - if: ${{ steps.metadata.outputs.package-ecosystem == 'pip' || steps.metadata.outputs.package-ecosystem == 'github_actions' }} + if: ${{ steps.metadata.outputs.package-ecosystem == 'pip' || steps.metadata.outputs.package-ecosystem == 'github_actions' }} run: gh pr review --approve "$PR_URL" && gh pr merge --auto --merge "$PR_URL" env: PR_URL: ${{github.event.pull_request.html_url}} diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 8fd361bd3..970506c62 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -4,7 +4,7 @@ # # Source repository: https://github.com/actions/dependency-review-action # Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement -name: 'Dependency Review' +name: "Dependency Review" on: [pull_request] permissions: @@ -14,9 +14,9 @@ jobs: dependency-review: runs-on: ubuntu-latest steps: - - name: 'Checkout Repository' + - name: "Checkout Repository" uses: actions/checkout@v3 - - name: 'Dependency Review' + - name: "Dependency Review" uses: actions/dependency-review-action@v3 with: fail-on-severity: moderate diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 19f61288d..b06355b23 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -1,6 +1,10 @@ name: Documentation check -on: [pull_request] +on: + push: + branches: + - "dependabot/**" + pull_request: jobs: style_check: @@ -8,20 +12,20 @@ jobs: max-parallel: 4 matrix: os: [ubuntu-latest] - python-version: ['3.10'] - + python-version: ["3.10"] + runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3 - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - name: Install dependencies - run: | - python -m pip install --upgrade pip - pip install tox tox-gh-actions - - name: Test documentation - run: | - tox -e docs + - uses: actions/checkout@v3 + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install tox tox-gh-actions + - name: Test documentation + run: | + tox -e docs diff --git a/.github/workflows/e2etests.yml b/.github/workflows/e2etests.yml index 495ee5c44..652085406 100644 --- a/.github/workflows/e2etests.yml +++ b/.github/workflows/e2etests.yml @@ -1,5 +1,9 @@ name: End-to-end tests -on: [pull_request] +on: + push: + branches: + - "dependabot/**" + pull_request: jobs: cypress-e2e-headless: @@ -47,7 +51,7 @@ jobs: uses: actions/setup-node@v3 with: node-version: ${{ matrix.node }} - cache: 'pnpm' + cache: "pnpm" cache-dependency-path: swift_browser_ui_frontend/pnpm-lock.yaml - name: Build Frontend run: | diff --git a/.github/workflows/eslint.yml b/.github/workflows/eslint.yml index f09d89174..6ea106660 100644 --- a/.github/workflows/eslint.yml +++ b/.github/workflows/eslint.yml @@ -1,14 +1,17 @@ name: Javascript ESLint check -on: [pull_request] - +on: + push: + branches: + - "dependabot/**" + pull_request: jobs: build: runs-on: ubuntu-latest strategy: matrix: - node: ['18'] + node: ["18"] name: Node ${{ matrix.node }} eslint check steps: - uses: actions/checkout@v3 @@ -19,7 +22,7 @@ jobs: uses: actions/setup-node@v3 with: node-version: ${{ matrix.node }} - cache: 'pnpm' + cache: "pnpm" cache-dependency-path: swift_browser_ui_frontend/pnpm-lock.yaml - name: Install dependencies run: | @@ -29,4 +32,3 @@ jobs: run: | pushd swift_browser_ui_frontend pnpm run lint - \ No newline at end of file diff --git a/.github/workflows/pnpm-dependabot.yml b/.github/workflows/pnpm-dependabot.yml index 78af7701d..d1761a0ff 100644 --- a/.github/workflows/pnpm-dependabot.yml +++ b/.github/workflows/pnpm-dependabot.yml @@ -4,9 +4,21 @@ name: Dependabot on: pull_request_target permissions: read-all jobs: - update-lockfile: + fetch-dependabot-metadata: runs-on: ubuntu-latest if: ${{ github.actor == 'dependabot[bot]' }} + outputs: + package-ecosystem: ${{ steps.metadata.outputs.package-ecosystem }} + steps: + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@v1.3.6 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + update-lockfile: + runs-on: ubuntu-latest + needs: [fetch-dependabot-metadata] + if: needs.fetch-dependabot-metadata.outputs.package-ecosystem == 'npm_and_yarn' permissions: pull-requests: write contents: write @@ -17,8 +29,10 @@ jobs: - uses: actions/checkout@v3 with: ref: ${{ github.event.pull_request.head.ref }} - - run: pnpm i --lockfile-only --prefix swift_browser_ui_frontend - - run: | + - name: Update pnpm lock file + run: pnpm i --lockfile-only --prefix swift_browser_ui_frontend + - name: Trigger update + run: | git config --global user.name github-actions[bot] git config --global user.email github-actions[bot]@users.noreply.github.com git add swift_browser_ui_frontend/pnpm-lock.yaml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 62fe39ec8..df75e6ff5 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -6,7 +6,7 @@ on: push: branches: [master, devel] tags: - - 'v*' + - "v*" jobs: push_to_registry: @@ -18,7 +18,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - + - name: Login to DockerHub if: github.event_name != 'pull_request' uses: docker/login-action@v2 @@ -35,7 +35,7 @@ jobs: type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'master') }} type=raw,value=stage,enable=${{ github.ref == format('refs/heads/{0}', 'devel') }} type=ref,event=tag - + - name: Build and push uses: docker/build-push-action@v4 with: diff --git a/.github/workflows/spellcheck.yml b/.github/workflows/spellcheck.yml index 6aa5a0aff..78f01027d 100644 --- a/.github/workflows/spellcheck.yml +++ b/.github/workflows/spellcheck.yml @@ -8,12 +8,12 @@ jobs: max-parallel: 4 matrix: os: [ubuntu-latest] - + runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3 - - uses: rojopolis/spellcheck-github-actions@0.30.0 - name: Spellcheck - with: - config_path: .github/config/.spellcheck.yml + - uses: actions/checkout@v3 + - uses: rojopolis/spellcheck-github-actions@0.30.0 + name: Spellcheck + with: + config_path: .github/config/.spellcheck.yml diff --git a/.github/workflows/style.yml b/.github/workflows/style.yml index 102b76ee1..68211fc1e 100644 --- a/.github/workflows/style.yml +++ b/.github/workflows/style.yml @@ -1,6 +1,10 @@ name: Python style check -on: [pull_request] +on: + push: + branches: + - "dependabot/**" + pull_request: jobs: style_check: @@ -8,30 +12,30 @@ jobs: max-parallel: 4 matrix: os: [ubuntu-latest] - python-version: ['3.10'] - + python-version: ["3.10"] + runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3 - - name: Setup node - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node }} - - uses: actions/checkout@v3 - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - name: Install dependencies - run: | - python -m pip install --upgrade pip - pip install tox tox-gh-actions - - name: Test flake8 syntax with tox - run: tox -e flake8 - - name: Test mypy typing with tox - run: tox -e mypy - - name: bandit static check - run: tox -e bandit - - name: black style check - run: tox -e black + - uses: actions/checkout@v3 + - name: Setup node + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node }} + - uses: actions/checkout@v3 + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install tox tox-gh-actions + - name: Test flake8 syntax with tox + run: tox -e flake8 + - name: Test mypy typing with tox + run: tox -e mypy + - name: bandit static check + run: tox -e bandit + - name: black style check + run: tox -e black diff --git a/.github/workflows/unit.yml b/.github/workflows/unit.yml index bd21cf8ce..ae6e72bba 100644 --- a/.github/workflows/unit.yml +++ b/.github/workflows/unit.yml @@ -1,6 +1,10 @@ name: Python Unit Tests -on: [pull_request] +on: + push: + branches: + - "dependabot/**" + pull_request: jobs: unit_test: @@ -8,41 +12,41 @@ jobs: max-parallel: 4 matrix: os: [ubuntu-latest] - python-version: ['3.10'] - node: ['18'] - + python-version: ["3.10"] + node: ["18"] + runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3 - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - name: Install dependencies - run: | - python -m pip install --upgrade pip - pip install tox tox-gh-actions coverage - - uses: pnpm/action-setup@v2 - with: - version: 7 - - name: Use Node.js ${{ matrix.node }} - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node }} - cache: 'pnpm' - cache-dependency-path: swift_browser_ui_frontend/pnpm-lock.yaml - - name: Install frontend - run: | - pushd swift_browser_ui_frontend - pnpm install --prod - pnpm run docker-build - - name: Run unit tests - run: | - tox -e pytest - coverage lcov -o lcov.info - - name: Send coverage to coveralls - uses: coverallsapp/github-action@master - with: - github-token: ${{ secrets.github_token }} - path-to-lcov: lcov.info + - uses: actions/checkout@v3 + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install tox tox-gh-actions coverage + - uses: pnpm/action-setup@v2 + with: + version: 7 + - name: Use Node.js ${{ matrix.node }} + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node }} + cache: "pnpm" + cache-dependency-path: swift_browser_ui_frontend/pnpm-lock.yaml + - name: Install frontend + run: | + pushd swift_browser_ui_frontend + pnpm install --prod + pnpm run docker-build + - name: Run unit tests + run: | + tox -e pytest + coverage lcov -o lcov.info + - name: Send coverage to coveralls + uses: coverallsapp/github-action@master + with: + github-token: ${{ secrets.github_token }} + path-to-lcov: lcov.info diff --git a/.github/workflows/vueunit.yml b/.github/workflows/vueunit.yml index 2a49117ae..160e7de32 100644 --- a/.github/workflows/vueunit.yml +++ b/.github/workflows/vueunit.yml @@ -1,6 +1,10 @@ name: Vue.js Unit Tests -on: [pull_request] +on: + push: + branches: + - "dependabot/**" + pull_request: jobs: test: