Merge pull request #64 from madpah/feature/update-to-use-cyclonedx-py…

…thon-lib Migrate `jake` to utilise external CycloneDX and OSSIndex libraries
sonatype-nexus-community · Oct 13, 2021 · 2fff773 · 2fff773
2 parents fc2ecb1 + bc42408
commit 2fff773
Show file tree

Hide file tree

Showing 78 changed files with 1,864 additions and 5,134 deletions.
diff --git a/.circleci/ci-publish.sh b/.circleci/ci-publish.sh
diff --git a/.circleci/ci-run.sh b/.circleci/ci-run.sh
diff --git a/.circleci/ci-setup.sh b/.circleci/ci-setup.sh
diff --git a/.circleci/circleci-readme.md b/.circleci/circleci-readme.md
@@ -25,4 +25,4 @@ The local build runs in a docker container.
 
       However, the build will proceed and can complete “successfully”, which allows you to verify scripts in your config, etc.
 
-      If the build does complete successfully, you should see a happy yellow `Success!` message.
+      If the build does complete successfully, you should see a happy yellow `Success!` message.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -14,75 +14,117 @@
 
 version: 2.1
 
+commands:
+  ensure_poetry_installed:
+    description: "Installs Poetry ready for use"
+    steps:
+      - run: |
+          python -m ensurepip --default-pip
+          pip install --upgrade pip
+          pip install poetry
+
 executors:
-  python:
+  python39:
+    docker:
+      - image: cimg/python:3.9
+  python38:
     docker:
-      - image: circleci/python:3.7
+      - image: cimg/python:3.8
+  python37:
+    docker:
+      - image: cimg/python:3.7
+  python36:
+    docker:
+      - image: cimg/python:3.6
 
 jobs:
-  publish:
-    executor: python
-    environment:
-      PIPENV_VENV_IN_PROJECT: true
+  build_and_test:
+    parameters:
+      python_version:
+        type: string
+    executor: python<< parameters.python_version >>
     steps:
-      - add_ssh_keys:
-          fingerprints:
-            - "4f:7d:6b:26:dc:44:de:b0:4d:f1:96:50:2a:b5:bd:b3"
+      - ensure_poetry_installed
       - checkout
+      - restore_cache: # ensure this step occurs *before* installing dependencies
+          name: "Restore any valid cache"
+          key: dependencies-{{ .Branch }}-{{ parameters.python_version }}-{{ checksum "poetry.lock" }}
       - run:
-          name: Setup Python environment
           command: |
-            .circleci/ci-setup.sh
+            poetry install
+      - save_cache:
+          name: "Cache dependencies"
+          key: dependencies-{{ .Branch }}-{{ parameters.python_version }}-{{ checksum "poetry.lock" }}
+          paths:
+            - /home/circleci/.cache/pypoetry/virtualenvs
       - run:
           command: |
-            .circleci/ci-publish.sh
+            poetry build
+      - run:
+          command: |
+            poetry run tox -e py<< parameters.python_version >>
 
-  build:
-    executor: python
-    environment:
-      PIPENV_VENV_IN_PROJECT: true
+  coding_standards:
+    executor: python39
     steps:
+      - ensure_poetry_installed
       - checkout
+      - restore_cache: # ensure this step occurs *before* installing dependencies
+          name: "Restore any valid cache"
+          key: dependencies-{{ .Branch }}-{{ parameters.python_version }}-{{ checksum "poetry.lock" }}
+      - run:
+          command: |
+            poetry install
+      - save_cache:
+          name: "Cache dependencies"
+          key: dependencies-{{ .Branch }}-{{ parameters.python_version }}-{{ checksum "poetry.lock" }}
+          paths:
+            - /home/circleci/.cache/pypoetry/virtualenvs
       - run:
-          name: Setup Python environment
           command: |
-            .circleci/ci-setup.sh
+            poetry run tox -eflake8
+
+  release_and_pypi_publish:
+    executor: python39
+    environment:
+      CIRCLECI: "true"
+      GH_TOKEN: None
+    steps:
+      - ensure_poetry_installed
+      - run:
+          name: "Install python-semantic-release"
+          command: |
+            export
+            pip install python-semantic-release
+      - checkout
+      - restore_cache: # ensure this step occurs *before* installing dependencies
+          name: "Restore any valid cache"
+          key: dependencies-{{ .Branch }}-{{ parameters.python_version }}-{{ checksum "poetry.lock" }}
       - run:
-          name: Run tests
+          name: "Build for release"
           command: |
-            .circleci/ci-run.sh
+            poetry install
+            poetry build
       - run:
-          name: Run self scan
+          name: "Semantic Release"
           command: |
-            # audit jake with jake
-            source .venv_non_dev/bin/activate
-            pip3 install -e .
-            jake ddt -q
-      - store_test_results: # Upload test results for display in Test Summary: https://circleci.com/docs/2.0/collect-test-data/
-          path: test-results
-      - store_artifacts: # Upload test summary for display in Artifacts: https://circleci.com/docs/2.0/artifacts/
-          path: test-results
-          destination: tr1
+            semantic-release --noop publish
 
 workflows:
-  version: 2
-  build_and_test_and_publish:
+  cicd:
     jobs:
-      - build
-      - publish:
-          filters:
-            branches:
-              only: main
-          context: pypi
-          requires:
-            - build
-
-  build_nightly:
+      - build_and_test:
+          matrix:
+            parameters:
+              python_version: ["39", "38", "37", "36"]
+      - coding_standards
+  release:
+    jobs:
+      - release_and_pypi_publish
     triggers:
       - schedule:
-          cron: "35 20 * * *"
+          cron: "0 0 * * *"
           filters:
             branches:
-              only: main
-    jobs:
-      - build
+              only:
+                - main
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,111 @@
+# Copyright 2019-Present Sonatype Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+name: Python CI
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+  workflow_dispatch:
+  schedule:
+    # schedule weekly tests, since dependencies are not intended to be pinned
+    # this means: at 23:42 on Fridays
+    - cron: '42 23 * * 5'
+
+env:
+  REPORTS_DIR: CI_reports
+
+jobs:
+  coding-standards:
+    name: Linting & Coding Standards
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        # see https://github.com/actions/checkout
+        uses: actions/checkout@v2
+      - name: Setup Python Environment
+        # see https://github.com/actions/setup-python
+        uses: actions/setup-python@v2
+        with:
+          python-version: 3.9
+          architecture: 'x64'
+      - name: Install poetry
+        # see https://github.com/marketplace/actions/setup-poetry
+        uses: Gr1N/setup-poetry@v7
+        with:
+          poetry-version: 1.1.8
+      - uses: actions/cache@v2
+        with:
+          path: ~/.cache/pypoetry/virtualenvs
+          key: ${{ runner.os }}-poetry-${{ hashFiles('poetry.lock') }}
+      - name: Install dependencies
+        run: poetry install
+      - name: Run tox
+        run: poetry run tox -e flake8
+
+  build-and-test:
+    name: Build & Test (Python ${{ matrix.python-version }}
+    runs-on: ubuntu-latest
+    env:
+      REPORTS_ARTIFACT: tests-reports
+    strategy:
+      fail-fast: false
+      matrix:
+        python-version:
+          - "3.9" # highest supported
+          - "3.8"
+          - "3.7"
+          - "3.6" # lowest supported
+    timeout-minutes: 30
+    steps:
+      - name: Checkout
+        # see https://github.com/actions/checkout
+        uses: actions/checkout@v2
+      - name: Create reports directory
+        run: mkdir ${{ env.REPORTS_DIR }}
+      - name: Setup Python Environment
+        # see https://github.com/actions/setup-python
+        uses: actions/setup-python@v2
+        with:
+          python-version: ${{ matrix.python-version }}
+          architecture: 'x64'
+      - name: Install poetry
+        # see https://github.com/marketplace/actions/setup-poetry
+        uses: Gr1N/setup-poetry@v7
+        with:
+          poetry-version: 1.1.8
+      - uses: actions/cache@v2
+        with:
+          path: ~/.cache/pypoetry/virtualenvs
+          key: ${{ runner.os }}-poetry-${{ hashFiles('poetry.lock') }}
+      - name: Install dependencies
+        run: poetry install
+      - name: Ensure build successful
+        run: poetry build
+      - name: Run tox
+        run: poetry run tox -e py${{ matrix.python-version }}
+      - name: Generate coverage reports
+        run: >
+          poetry run coverage report &&
+          poetry run coverage xml -o ${{ env.REPORTS_DIR }}/coverage.xml &&
+          poetry run coverage html -d ${{ env.REPORTS_DIR }}
+      - name: Artifact reports
+        if: ${{ ! cancelled() }}
+        # see https://github.com/actions/upload-artifact
+        uses: actions/upload-artifact@v2
+        with:
+          name: ${{ env.REPORTS_ARTIFACT }}
+          path: ${{ env.REPORTS_DIR }}
+          if-no-files-found: error