First Commit

Author: GlassOfWhiskey

.flake8

@@ -0,0 +1,3 @@
+[flake8]
+max-line-length = 88
+extend-ignore = E203,E501

.github/codeql/config.yml

@@ -0,0 +1,12 @@
+name: "StreamFlow CodeQL configuration"
+queries:
+  - uses: security-and-quality
+paths-ignore:
+  - tests
+query-filters:
+  # Reason: this rule targets XSS, which is not a concern here
+  - exclude:
+      id: py/jinja2/autoescape-false
+  # Reason: false positive on function body ellipsis (issue 11351)
+  - exclude:
+      id: py/ineffectual-statement

.github/dependabot.yml

@@ -0,0 +1,10 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/workflows/ci-tests.yaml

@@ -0,0 +1,116 @@
+name: "CI Tests"
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    branches:
+      - master
+concurrency:
+  group: build-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+jobs:
+  code-ql-check:
+    name: "CodeQL check"
+    runs-on: ubuntu-22.04
+    permissions:
+      security-events: write
+    steps:
+      - uses: actions/checkout@v3
+      - uses: github/codeql-action/init@v2
+        with:
+          config-file: .github/codeql/config.yml
+          languages: python
+      - uses: github/codeql-action/analyze@v2
+  static-checks:
+    name: "Static checks"
+    runs-on: ubuntu-22.04
+    strategy:
+      matrix:
+        step: [ "bandit", "lint" ]
+    env:
+      TOXENV: ${{ matrix.step }}
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with:
+          python-version: "3.11"
+          cache: pip
+          cache-dependency-path: |
+            requirements.txt
+            test-requirements.txt
+            tox.ini
+      - name: "Install Python Dependencies and plugin"
+        run: |
+          python -m pip install tox --user
+          python -m pip install . --user
+      - name: "Run static analysis via Tox"
+        run: tox
+  unit-tests:
+    name: "Unit tests"
+    strategy:
+      matrix:
+        on: [ "ubuntu-22.04"]
+        python: [ "3.8", "3.9", "3.10", "3.11" ]
+        include:
+          - on: "macos-12"
+            python: "3.11"
+    runs-on: ${{ matrix.on }}
+    env:
+      POSTGRES_DB: streamflow
+      POSTGRES_PASSWORD: streamflow
+      POSTGRES_USER: streamflow
+      POSTGRES_HOST: 127.0.0.1
+      TOXENV: ${{ format('py{0}-unit', matrix.python) }}
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python }}
+          cache: pip
+          cache-dependency-path: |
+            requirements.txt
+            tox.ini
+      - uses: actions/setup-node@v3
+        with:
+          node-version: "15"
+      - name: "Install Docker (MacOs X)"
+        uses: douglascamata/setup-docker-macos-action@v1-alpha
+        if: ${{ startsWith(matrix.on, 'macos-') }}
+      - uses: docker/setup-qemu-action@v2
+      - name: "Start PostgreSQL Docker container"
+        run: |
+          docker run \
+            --rm \
+            --detach \
+            --env POSTGRES_DB=${{ env.POSTGRES_DB }} \
+            --env POSTGRES_PASSWORD=${{ env.POSTGRES_DB }} \
+            --env POSTGRES_USER=${{ env.POSTGRES_DB }} \
+            --publish 5432:5432 \
+            postgres:15.2-alpine
+      - name: "Install Python Dependencies and plugin"
+        run: |
+          python -m pip install tox --user
+          python -m pip install . --user
+      - name: "Run tests via Tox"
+        run: python -m tox
+      - name: "Upload coverage report for unit tests"
+        uses: actions/upload-artifact@v3
+        with:
+          name: ${{ format('py{0}-unit-tests', matrix.python) }}
+          path: ./coverage.xml
+          retention-days: 1
+          if-no-files-found: error
+  upload-to-codecov:
+    name: "Codecov report upload"
+    needs: [ "unit-tests" ]
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@v3
+      - name: "Download artifacts"
+        uses: actions/download-artifact@v3
+      - name: "Upload coverage to Codecov"
+        uses: codecov/codecov-action@v3
+        with:
+          fail_ci_if_error: true
+          token: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/release.yml

@@ -0,0 +1,60 @@
+name: "Release new version"
+on:
+  workflow_run:
+    workflows:
+      - "CI Tests"
+    branches:
+      - master
+    types:
+      - completed
+jobs:
+  github:
+    name: "Create GitHub Release"
+    runs-on: ubuntu-22.04
+    permissions:
+      contents: write
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    steps:
+      - uses: actions/checkout@v3
+      - name: "Get version"
+        run: echo "PLUGIN_VERSION=$(cat postgresql/version.py | grep -oP '(?<=VERSION = \")(.*)(?=\")')" >> $GITHUB_ENV
+      - name: "Check tag existence"
+        uses: mukunku/[email protected]
+        id: check-tag
+        with:
+          tag: ${{ env.PLUGIN_VERSION }}
+      - name: "Create Release"
+        id: create-release
+        uses: actions/create-release@v1
+        if: ${{ steps.check-tag.outputs.exists == 'false' }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ env.PLUGIN_VERSION }}
+          release_name: ${{ env.PLUGIN_VERSION }}
+          draft: false
+          prerelease: false
+  pypi:
+    name: "Publish on PyPI"
+    runs-on: ubuntu-22.04
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with:
+          python-version: "3.10"
+      - name: "Get local version"
+        run: echo "PLUGIN_VERSION=$(cat streamflow/version.py | grep -oP '(?<=VERSION = \")(.*)(?=\")')" >> $GITHUB_ENV
+      - name: "Get PyPI version"
+        run: echo "PYPI_VERSION=$(pip index versions --pre streamflow | grep streamflow | sed 's/.*(\(.*\))/\1/')" >> $GITHUB_ENV
+      - name: "Build Python packages"
+        if: ${{ env.PLUGIN_VERSION != env.PYPI_VERSION }}
+        run: |
+          python -m pip install build --user
+          python -m build --sdist --wheel --outdir dist/ .
+      - name: "Publish package to PyPI"
+        uses: pypa/gh-action-pypi-publish@release/v1
+        if: ${{ env.PLUGIN_VERSION != env.PYPI_VERSION }}
+        with:
+          user: __token__
+          password: ${{ secrets.PYPI_TOKEN }}

.gitignore

@@ -0,0 +1,133 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+pip-wheel-metadata/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+.hypothesis/
+.pytest_cache/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+.python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# celery beat schedule file
+celerybeat-schedule
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# IDE
+.idea
+
+# Mac OS X
+.DS_Store
+
+# StreamFlow
+.streamflow