Bump softprops/action-gh-release from 1 to 2 (#372) #360
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test | |
| on: | |
| push: | |
| branches: [main] | |
| tags: ['v*'] | |
| pull_request: | |
| branches: [main] | |
| workflow_dispatch: | |
| env: | |
| LATEST_PY_VERSION: '3.11' | |
| COVERAGE_ARGS: '--cov --cov-report=term --cov-report=xml' | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| python-version: ['3.10', '3.11'] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - uses: snok/install-poetry@v1.3 | |
| with: | |
| virtualenvs-in-project: true | |
| - name: Install Qt dependencies | |
| run: sudo apt-get install -y libegl1 | |
| # Cache packages per python version, and reuse until lockfile changes | |
| - name: Cache python packages | |
| id: cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: .venv | |
| key: venv-${{ matrix.python-version }}-${{ hashFiles('poetry.lock') }} | |
| - name: Install dependencies | |
| if: steps.cache.outputs.cache-hit != 'true' | |
| run: poetry install -v -E all | |
| # TODO: Need an alternate location for SQLite db | |
| # - name: Run CLI smoke test | |
| # run: | | |
| # source $VENV | |
| # naturtag -cdo 45524803 | |
| # naturtag -cdt 48978 | |
| - name: Run unit tests | |
| run: poetry run pytest ${{ env.COVERAGE_ARGS }} test | |
| # TODO: Upload coverage report to codecov... once there's actual coverage to report | |
| # - name: "Upload coverage report to Codecov" | |
| # if: ${{ matrix.python-version == env.LATEST_PY_VERSION }} | |
| # uses: codecov/codecov-action@v3 | |
| # Run code analysis checks via pre-commit hooks | |
| analyze: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.LATEST_PY_VERSION }} | |
| - name: Run style checks & linting | |
| uses: pre-commit/action@v3.0.0 | |
| - name: Scan dependencies for known vulnerabilities | |
| uses: pypa/gh-action-pip-audit@v1.0.8 | |
| with: | |
| vulnerability-service: osv | |
| # Ignore issues with pip and setuptools versions used by the action itself | |
| ignore-vulns: | | |
| GHSA-mq26-g339-26xf | |
| PYSEC-2023-228 | |
| PYSEC-2022-43012 |