Remove codeql from non-default branch #4320
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and test | |
| on: | |
| push: | |
| branches: [altera, arm, main, sbp, tertia] | |
| pull_request: | |
| branches: [arm, main] | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| env: | |
| UV_VERSION: '0.8.8' | |
| jobs: | |
| # Skip the build if this commit already passed on another branch. | |
| dedup: | |
| uses: ./.github/workflows/dedup.yml | |
| permissions: | |
| actions: read | |
| with: | |
| workflow_file: build.yml | |
| test: | |
| needs: dedup | |
| permissions: | |
| contents: read | |
| # Run on our own runner for trusted sources (push/dispatch, or a same-repo | |
| # PR); fork PRs fall back to the hosted runner so they never touch it. | |
| runs-on: ${{ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) && 'self-hosted' || 'ubuntu-latest' }} | |
| # Skip if this commit already built elsewhere, and keep skipping same-repo | |
| # PRs from branches push already built. Manual dispatch always runs so we | |
| # can force a rebuild. | |
| if: >- | |
| (needs.dedup.outputs.already_built != 'true' || github.event_name == 'workflow_dispatch') && | |
| ( | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.head.repo.full_name != github.repository || | |
| !contains(fromJSON('["altera", "arm", "main", "sbp", "tertia"]'), github.event.pull_request.head.ref) | |
| ) | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| python-version: | |
| - '3.13' | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0 | |
| with: | |
| version: ${{ env.UV_VERSION }} | |
| # Cache packages per python version, and reuse until lockfile changes | |
| - name: Cache python packages | |
| id: cache | |
| uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 | |
| with: | |
| path: .venv | |
| key: venv-${{ matrix.python-version }}-${{ hashFiles('uv.lock') }} | |
| - name: Install dependencies | |
| #if: steps.cache.outputs.cache-hit != 'true' | |
| run: uv sync --frozen --no-dev --group test | |
| - name: Run unit tests | |
| run: | | |
| uv run --frozen pytest -rs tests | |
| - name: Run Playwright end-to-end tests | |
| run: | | |
| sh tests/run-playwright.sh |