Use a script to populate parts of tox.ini #757
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Do not edit this YAML file. This file is generated automatically by executing | |
# python scripts/split_tox_gh_actions/split_tox_gh_actions.py | |
# The template responsible for it is in | |
# scripts/split_tox_gh_actions/templates/base.jinja | |
name: Test AWS | |
on: | |
push: | |
branches: | |
- master | |
- release/** | |
- potel-base | |
# XXX: We are using `pull_request_target` instead of `pull_request` because we want | |
# this to run on forks with access to the secrets necessary to run the test suite. | |
# Prefer to use `pull_request` when possible. | |
pull_request_target: | |
types: [labeled, opened, reopened, synchronize] | |
# Cancel in progress workflows on pull_requests. | |
# https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-a-fallback-value | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
permissions: | |
contents: read | |
# `write` is needed to remove the `Trigger: tests using secrets` label | |
pull-requests: write | |
env: | |
SENTRY_PYTHON_TEST_AWS_ACCESS_KEY_ID: ${{ secrets.SENTRY_PYTHON_TEST_AWS_ACCESS_KEY_ID }} | |
SENTRY_PYTHON_TEST_AWS_SECRET_ACCESS_KEY: ${{ secrets.SENTRY_PYTHON_TEST_AWS_SECRET_ACCESS_KEY }} | |
BUILD_CACHE_KEY: ${{ github.sha }} | |
CACHED_BUILD_PATHS: | | |
${{ github.workspace }}/dist-serverless | |
jobs: | |
check-permissions: | |
name: permissions check | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/[email protected] | |
with: | |
persist-credentials: false | |
- name: Check permissions on PR | |
if: github.event_name == 'pull_request_target' | |
run: | | |
python3 -uS .github/workflows/scripts/trigger_tests_on_label.py \ | |
--repo-id ${{ github.event.repository.id }} \ | |
--pr ${{ github.event.number }} \ | |
--event ${{ github.event.action }} \ | |
--username "$ARG_USERNAME" \ | |
--label-names "$ARG_LABEL_NAMES" | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# these can contain special characters | |
ARG_USERNAME: ${{ github.event.pull_request.user.login }} | |
ARG_LABEL_NAMES: ${{ toJSON(github.event.pull_request.labels.*.name) }} | |
- name: Check permissions on repo branch | |
if: github.event_name == 'push' | |
run: true | |
test-aws-pinned: | |
name: AWS (pinned) | |
timeout-minutes: 30 | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
python-version: ["3.9"] | |
# python3.6 reached EOL and is no longer being supported on | |
# new versions of hosted runners on Github Actions | |
# ubuntu-20.04 is the last version that supported python3.6 | |
# see https://github.com/actions/setup-python/issues/544#issuecomment-1332535877 | |
os: [ubuntu-20.04] | |
needs: check-permissions | |
steps: | |
- uses: actions/[email protected] | |
with: | |
ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
allow-prereleases: true | |
- name: Setup Test Env | |
run: | | |
pip install "coverage[toml]" tox | |
- name: Erase coverage | |
run: | | |
coverage erase | |
- name: Test aws_lambda pinned | |
run: | | |
set -x # print commands that are executed | |
./scripts/runtox.sh --exclude-latest "py${{ matrix.python-version }}-aws_lambda" | |
- name: Generate coverage XML (Python 3.6) | |
if: ${{ !cancelled() && matrix.python-version == '3.6' }} | |
run: | | |
export COVERAGE_RCFILE=.coveragerc36 | |
coverage combine .coverage-sentry-* | |
coverage xml --ignore-errors | |
- name: Generate coverage XML | |
if: ${{ !cancelled() && matrix.python-version != '3.6' }} | |
run: | | |
coverage combine .coverage-sentry-* | |
coverage xml | |
- name: Upload coverage to Codecov | |
if: ${{ !cancelled() }} | |
uses: codecov/[email protected] | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: coverage.xml | |
# make sure no plugins alter our coverage reports | |
plugin: noop | |
verbose: true | |
- name: Upload test results to Codecov | |
if: ${{ !cancelled() }} | |
uses: codecov/test-results-action@v1 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: .junitxml | |
verbose: true | |
check_required_tests: | |
name: All pinned AWS tests passed | |
needs: test-aws-pinned | |
# Always run this, even if a dependent job failed | |
if: always() | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Check for failures | |
if: contains(needs.test-aws-pinned.result, 'failure') || contains(needs.test-aws-pinned.result, 'skipped') | |
run: | | |
echo "One of the dependent jobs has failed. You may need to re-run it." && exit 1 |