Use YARA for batched word matching #1872
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: tests | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - dev | |
| pull_request: | |
| permissions: | |
| contents: write # needed to publish tags | |
| pull-requests: read | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| lint: | |
| if: contains(github.event.pull_request.title, 'SignatureBot') == false | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v6 | |
| - name: Set up Python | |
| run: uv python install 3.10 | |
| - name: ruff format | |
| run: uvx ruff@0.15.10 format --check . | |
| - name: ruff check | |
| run: uvx ruff@0.15.10 check . | |
| test: | |
| if: contains(github.event.pull_request.title, 'SignatureBot') == false | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| python-version: ["3.10", "3.11", "3.12", "3.13", "3.14"] | |
| fail-fast: false | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v6 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| run: uv python install ${{ matrix.python-version }} | |
| - name: Install dependencies | |
| run: uv sync --group dev | |
| - name: Run tests with pytest | |
| uses: nick-fields/retry@v2 | |
| with: | |
| max_attempts: 3 | |
| timeout_minutes: 20 | |
| retry_wait_seconds: 0 | |
| command: | | |
| uv run pytest --exitfirst --disable-warnings --log-cli-level=DEBUG --cov-report xml:cov.xml --cov=baddns --cov=examples | |
| - name: Upload Code Coverage | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| files: ./cov.xml | |
| verbose: true | |
| publish: | |
| runs-on: ubuntu-latest | |
| needs: test | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v6 | |
| - name: Set up Python | |
| run: uv python install 3.12 | |
| - name: Get current version | |
| id: get_version | |
| run: | | |
| VERSION=$(uv run python -c "from baddns.__version__ import __version__; print(__version__)") | |
| echo "VERSION=$VERSION" >> $GITHUB_ENV | |
| - name: Fetch latest tag | |
| run: | | |
| git fetch --tags | |
| LATEST_TAG=$(git describe --tags $(git rev-list --tags --max-count=1)) | |
| echo "LATEST_TAG=$LATEST_TAG" >> $GITHUB_ENV | |
| - name: Check for Version Update | |
| run: | | |
| CURRENT_VERSION="${{ env.VERSION }}" | |
| LATEST_VERSION="${{ env.LATEST_TAG }}" | |
| if [ "$CURRENT_VERSION" == "$LATEST_VERSION" ]; then | |
| echo "VERSION_CHANGE=false" >> $GITHUB_ENV | |
| else | |
| echo "VERSION_CHANGE=true" >> $GITHUB_ENV | |
| fi | |
| shell: bash | |
| env: | |
| VERSION: ${{ env.VERSION }} | |
| LATEST_TAG: ${{ env.LATEST_TAG }} | |
| - name: Build PyPi package | |
| if: github.ref == 'refs/heads/main' && env.VERSION_CHANGE == 'true' | |
| run: uv build | |
| - name: Publish PyPi package | |
| if: github.ref == 'refs/heads/main' && env.VERSION_CHANGE == 'true' | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| password: ${{ secrets.PYPI_API_TOKEN }} | |
| - name: Tag the release if version changed | |
| if: github.ref == 'refs/heads/main' && env.VERSION_CHANGE == 'true' | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| git tag -a "${{ env.VERSION }}" -m "Release ${{ env.VERSION }}" | |
| git push origin "refs/tags/${{ env.VERSION }}" |