#252: Updated Github workflows from Exasol toolbox

.github/workflows/release.yml → .github/workflows/build-and-publish.yml

@@ -1,22 +1,23 @@
 name: Build & Publish
 
 on:
-  push:
-    tags: '**'
+  workflow_call:
+    secrets:
+      PYPI_TOKEN:
+          required: true
 
 jobs:
 
-  publish-release:
+  cd-job:
+    name: Continuous Delivery
     runs-on: ubuntu-24.04
-    environment: publish
-
     steps:
 
       - name: SCM Checkout
         uses: actions/checkout@v4
 
       - name: Setup Python & Poetry Environment
-        uses: exasol/python-toolbox/.github/actions/python-environment@0.12.0
+        uses: exasol/python-toolbox/.github/actions/python-environment@1.0.1
         with:
           python-version: '3.10'
           poetry-version: '2.1.2'
@@ -35,5 +36,6 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: >
           gh release create ${GITHUB_REF_NAME}
-          --title ${GITHUB_REF_NAME} -F "./doc/changes/changes_${GITHUB_REF_NAME}.md"
+          --title ${GITHUB_REF_NAME}
+          --notes-file ./doc/changes/changes_${GITHUB_REF_NAME}.md
           dist/*

.github/workflows/cd.yml

@@ -0,0 +1,18 @@
+name: CD
+
+on:
+  push:
+    tags:
+      - '**'
+
+jobs:
+
+  check-tag-version-job:
+    name: Check Release Tag
+    uses: ./.github/workflows/check-release-tag.yml
+
+  cd-job:
+    name: Continuous Delivery
+    uses: ./.github/workflows/build-and-publish.yml
+    secrets:
+      PYPI_TOKEN: ${{ secrets.PYPI_TOKEN }}

.github/workflows/check-release-tag.yml

@@ -0,0 +1,21 @@
+name: Check Release Tag
+
+on: workflow_call
+
+jobs:
+
+  check-tag-version-job:
+
+    name: Check Tag Version
+    runs-on: ubuntu-24.04
+
+    steps:
+      - name: SCM Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Python & Poetry Environment
+        uses: exasol/python-toolbox/.github/actions/python-environment@1.0.1
+
+      - name: Check Tag Version
+        # make sure the pushed/created tag matched the project version
+        run: "[[ `poetry version --short` == ${{ github.ref_name }} ]]"

.github/workflows/checks.yml

@@ -1,7 +1,7 @@
 name: Checks
 
 on:
-  pull_request:
+  workflow_call:
 
 jobs:
 
@@ -16,19 +16,31 @@ jobs:
           fetch-depth: 0
 
       - name: Setup Python & Poetry Environment
-        uses: exasol/python-toolbox/.github/actions/python-environment@0.20.0
-        with:
-          poetry-version: 2.1.2
+        uses: exasol/python-toolbox/.github/actions/python-environment@1.0.1
 
       - name: Check Version(s)
         run: |
-          poetry run version-check exasol/slc/version.py
-
+          poetry run -- version-check exasol/slc/version.py
 
   build-matrix:
     name: Generate Build Matrix
     uses: ./.github/workflows/matrix-python.yml
 
+  Changelog:
+    name: Changelog Update Check
+    runs-on: ubuntu-24.04
+    if: ${{ github.ref != 'refs/heads/main' && github.ref != 'refs/heads/master' }}
+
+    steps:
+      - name: SCM Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Python & Poetry Environment
+        uses: exasol/python-toolbox/.github/actions/python-environment@1.0.1
+
+      - name: Run changelog update check
+        run: poetry run -- nox -s changelog:updated
+
   Lint:
     name: Linting (Python-${{ matrix.python-version }})
     needs: [ Version-Check, build-matrix ]
@@ -42,22 +54,20 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Setup Python & Poetry Environment
-        uses: exasol/python-toolbox/.github/actions/python-environment@0.20.0
+        uses: exasol/python-toolbox/.github/actions/python-environment@1.0.1
         with:
           python-version: ${{ matrix.python-version }}
-          poetry-version: 2.1.2
-
-      - name: Run Unit tests
-        run: poetry run nox -s test:unit
 
       - name: Run lint
-        run: poetry run nox -s lint:code
+        run: poetry run -- nox -s lint:code
 
       - name: Upload Artifacts
-        uses: actions/upload-artifact@v4.4.0
+        uses: actions/upload-artifact@v4.6.0
         with:
           name: lint-python${{ matrix.python-version }}
-          path: .lint.txt
+          path: |
+            .lint.txt
+            .lint.json
           include-hidden-files: true
 
   Type-Check:
@@ -73,13 +83,12 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Setup Python & Poetry Environment
-        uses: exasol/python-toolbox/.github/actions/python-environment@0.20.0
+        uses: exasol/python-toolbox/.github/actions/python-environment@1.0.1
         with:
           python-version: ${{ matrix.python-version }}
-          poetry-version: 2.1.2
 
       - name: Run type-check
-        run: poetry run nox -s lint:typing
+        run: poetry run -- nox -s lint:typing
 
   Security:
     name: Security Checks (Python-${{ matrix.python-version }})
@@ -94,17 +103,78 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Setup Python & Poetry Environment
-        uses: exasol/python-toolbox/.github/actions/python-environment@0.20.0
+        uses: exasol/python-toolbox/.github/actions/python-environment@1.0.1
         with:
           python-version: ${{ matrix.python-version }}
-          poetry-version: 2.1.2
 
       - name: Run security linter
-        run: poetry run nox -s lint:security
+        run: poetry run -- nox -s lint:security
 
       - name: Upload Artifacts
-        uses: actions/upload-artifact@v4.4.0
+        uses: actions/upload-artifact@v4.6.0
         with:
           name: security-python${{ matrix.python-version }}
           path: .security.json
           include-hidden-files: true
+
+  Format:
+    name: Format Check
+    runs-on: ubuntu-24.04
+
+    steps:
+      - name: SCM Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Python & Poetry Environment
+        uses: exasol/python-toolbox/.github/actions/python-environment@1.0.1
+
+      - name: Run format check
+        run: poetry run -- nox -s project:format
+
+  Tests:
+    name: Unit-Tests (Python-${{ matrix.python-version }})
+    needs: [ Lint, Type-Check, Security, Format, build-matrix ]
+    runs-on: ubuntu-24.04
+    env:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    strategy:
+      fail-fast: false
+      matrix: ${{ fromJson(needs.build-matrix.outputs.matrix) }}
+
+    steps:
+      - name: SCM Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Python & Poetry Environment
+        uses: exasol/python-toolbox/.github/actions/python-environment@1.0.1
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Run Tests and Collect Coverage
+        run: poetry run -- nox -s test:unit -- --coverage
+
+      - name: Upload Artifacts
+        uses: actions/upload-artifact@v4.6.0
+        with:
+          name: coverage-python${{ matrix.python-version }}-fast
+          path: .coverage
+          include-hidden-files: true
+
+  test-exaslct-alias-script:
+    needs: build-matrix
+    strategy:
+      fail-fast: false
+      matrix: ${{ fromJson(needs.build-matrix.outputs.matrix) }}
+
+    runs-on: ubuntu-24.04
+    steps:
+
+      - uses: actions/checkout@v4
+
+      - name: Setup Python & Poetry Environment
+        uses: exasol/python-toolbox/.github/actions/python-environment@1.0.1
+        with:
+          python-version: '${{ matrix.python_version }}'
+
+      - name: Test exaslct
+        run: poetry run exaslct --help

.github/workflows/ci.yml

@@ -0,0 +1,18 @@
+name: CI
+
+on:
+  push:
+    branches-ignore:
+      - "github-pages/*"
+      - "gh-pages/*"
+      - "main"
+      - "master"
+  schedule:
+    # “At 00:00 on every 7th day-of-month from 1 through 31.” (https://crontab.guru)
+    - cron: "0 0 1/7 * *"
+
+jobs:
+
+  CI:
+    uses: ./.github/workflows/merge-gate.yml
+    secrets: inherit

.github/workflows/matrix-python.yml

@@ -17,16 +17,14 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Setup Python & Poetry Environment
-        uses: exasol/python-toolbox/.github/actions/python-environment@0.20.0
-        with:
-          poetry-version: 2.1.2
+        uses: exasol/python-toolbox/.github/actions/python-environment@1.0.1
 
       - name: Generate matrix
-        run: poetry run nox -s matrix:python
+        run: poetry run -- nox -s matrix:python
 
       - id: set-matrix
         run: |
-          echo "matrix=$(poetry run nox -s matrix:python)" >> $GITHUB_OUTPUT
+          echo "matrix=$(poetry run -- nox -s matrix:python)" >> $GITHUB_OUTPUT
 
     outputs:
       matrix: ${{ steps.set-matrix.outputs.matrix }}

.github/workflows/merge-gate.yml

@@ -0,0 +1,32 @@
+name: Merge-Gate
+
+on:
+  workflow_call:
+    secrets:
+      DOCKER_USERNAME:
+          required: true
+      DOCKER_PASSWORD:
+          required: true
+jobs:
+
+  fast-checks:
+    name: Fast
+    uses: ./.github/workflows/checks.yml
+
+  slow-checks:
+    name: Slow
+    uses: ./.github/workflows/slow-checks.yml
+    secrets: inherit
+
+  # This job ensures inputs have been executed successfully.
+  approve-merge:
+    name: Allow Merge
+    runs-on: ubuntu-24.04
+    # If you need additional jobs to be part of the merge gate, add them below
+    needs: [ fast-checks, slow-checks ]
+
+    # Each job requires a step, so we added this dummy step.
+    steps:
+      - name: Approve
+        run: |
+          echo "Merge Approved"