Skip to content

Commit 2dd26dd

Browse files
committed
Split Github Workflow
1 parent 224992b commit 2dd26dd

2 files changed

Lines changed: 68 additions & 92 deletions

File tree

.github/workflows/PR.yml

Lines changed: 31 additions & 92 deletions
Original file line numberDiff line numberDiff line change
@@ -1,72 +1,19 @@
1-
# This workflow will install Python dependencies, run tests and lint with a single version of Python
2-
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
3-
4-
name: PR
1+
name: PR CI - Integration/E2E
52

63
on:
7-
pull_request_target:
8-
types: [ labeled, synchronize ]
9-
branches: [ main ]
4+
workflow_run:
5+
workflows: ["PR Approval - Unittest"]
6+
types: [completed]
107

118
concurrency:
129
group: pr-queue
1310
cancel-in-progress: false
1411

1512
jobs:
16-
approve: # First step
17-
# minimize potential vulnerabilities
18-
if: ${{ contains(github.event.pull_request.labels.*.name, 'ok-to-test') }}
19-
runs-on: ubuntu-latest
20-
steps:
21-
- name: Approve
22-
run: echo For security reasons, all pull requests need to be approved first before running any automated CI.
23-
unittest:
24-
name: unittest
25-
runs-on: ubuntu-latest
26-
needs: [ approve ]
27-
strategy:
28-
matrix:
29-
python-version: [ '3.9', '3.10', '3.11', '3.12', '3.13' ]
30-
steps:
31-
- uses: actions/checkout@v4
32-
with:
33-
ref: ${{ github.event.pull_request.head.sha }}
34-
- name: Set up Python ${{ matrix.python-version }}
35-
uses: actions/setup-python@v5
36-
with:
37-
python-version: ${{ matrix.python-version }}
38-
- name: Install dependencies
39-
run: |
40-
# ldap requirements
41-
sudo apt update -y
42-
sudo apt-get install build-essential python3-dev libldap2-dev libsasl2-dev vim -y
43-
python -m pip install --upgrade pip
44-
pip install flake8 pytest pytest-cov
45-
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
46-
if [ -f tests_requirements.txt ]; then pip install -r tests_requirements.txt; fi
47-
- name: Lint with flake8
48-
run: |
49-
# stop the build if there are Python syntax errors or undefined names
50-
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
51-
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
52-
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
53-
- name: Configure AWS credentials for pytest
54-
uses: aws-actions/configure-aws-credentials@v4
55-
with:
56-
aws-access-key-id: ${{ secrets.ACCESS_KEY_ID }}
57-
aws-secret-access-key: ${{ secrets.SECRET_ACCESS_KEY }}
58-
aws-region: ${{ secrets.REGION }}
59-
- name: 📃 Unittest tests with pytest
60-
env:
61-
BUCKET: ${{ secrets.BUCKET }}
62-
REGION: ${{ secrets.REGION }}
63-
run: |
64-
python -m pytest -v tests/unittest
65-
6613
terraform_apply:
6714
name: terraform_apply
68-
needs: [ approve, unittest ]
6915
runs-on: ubuntu-latest
16+
if: github.event.workflow_run.repository.full_name == github.repository && github.event.workflow_run.head_repository.full_name == github.repository && github.event.workflow_run.conclusion == 'success' && length(github.event.workflow_run.pull_requests) > 0
7017
strategy:
7118
matrix:
7219
python-version: [ '3.13' ]
@@ -75,12 +22,13 @@ jobs:
7522
steps:
7623
- uses: actions/checkout@v4
7724
with:
78-
ref: ${{ github.event.pull_request.head.sha }}
25+
ref: ${{ github.event.workflow_run.head_sha }}
26+
persist-credentials: false
7927
- name: Set up Python ${{ matrix.python-version }}
8028
uses: actions/setup-python@v5
8129
with:
8230
python-version: ${{ matrix.python-version }}
83-
- name: Configure AWS credentials for pytest
31+
- name: Configure AWS credentials
8432
uses: aws-actions/configure-aws-credentials@v4
8533
with:
8634
aws-access-key-id: ${{ secrets.ACCESS_KEY_ID }}
@@ -121,8 +69,9 @@ jobs:
12169

12270
integration:
12371
name: integration
124-
needs: [ approve, unittest, terraform_apply ]
72+
needs: [terraform_apply]
12573
runs-on: ubuntu-latest
74+
if: github.event.workflow_run.repository.full_name == github.repository && github.event.workflow_run.head_repository.full_name == github.repository && github.event.workflow_run.conclusion == 'success' && length(github.event.workflow_run.pull_requests) > 0
12675
strategy:
12776
max-parallel: 1
12877
matrix:
@@ -143,7 +92,8 @@ jobs:
14392
steps:
14493
- uses: actions/checkout@v4
14594
with:
146-
ref: ${{ github.event.pull_request.head.sha }}
95+
ref: ${{ github.event.workflow_run.head_sha }}
96+
persist-credentials: false
14797
- name: Set up Python ${{ matrix.python-version }}
14898
uses: actions/setup-python@v5
14999
with:
@@ -152,18 +102,12 @@ jobs:
152102
run: |
153103
# ldap requirements
154104
sudo apt update -y
155-
sudo apt-get install build-essential python3-dev libldap2-dev libsasl2-dev vim -y
105+
sudo apt-get install -y build-essential python3-dev libldap2-dev libsasl2-dev
156106
python -m pip install --upgrade pip
157-
pip install flake8 pytest pytest-cov
107+
pip install pytest pytest-cov
158108
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
159109
if [ -f tests_requirements.txt ]; then pip install -r tests_requirements.txt; fi
160-
- name: Lint with flake8
161-
run: |
162-
# stop the build if there are Python syntax errors or undefined names
163-
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
164-
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
165-
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
166-
- name: Configure AWS credentials for pytest
110+
- name: Configure AWS credentials
167111
uses: aws-actions/configure-aws-credentials@v4
168112
with:
169113
aws-access-key-id: ${{ secrets.ACCESS_KEY_ID }}
@@ -176,7 +120,7 @@ jobs:
176120
run: |
177121
echo "$GOOGLE_APPLICATION_CREDENTIALS_CONTENTS" > "$RUNNER_PATH/gcp_service.json"
178122
echo "GOOGLE_APPLICATION_CREDENTIALS=$RUNNER_PATH/gcp_service.json" >> "$GITHUB_ENV"
179-
- name: 📃 Integration tests with pytest
123+
- name: Integration tests with pytest
180124
env:
181125
BUCKET: ${{ secrets.BUCKET }}
182126
REGION: ${{ secrets.REGION }}
@@ -189,26 +133,26 @@ jobs:
189133
AZURE_ACCOUNT_ID: ${{ secrets.AZURE_ACCOUNT_ID }}
190134
GCP_DATABASE_NAME: ${{ secrets.GCP_DATABASE_NAME }}
191135
GCP_DATABASE_TABLE_NAME: ${{ secrets.GCP_DATABASE_TABLE_NAME }}
192-
run: |
193-
python -m pytest -v tests/integration
136+
run: python -m pytest -v tests/integration
194137

195138
terraform_destroy:
196139
name: terraform_destroy
197-
needs: [ approve, unittest, terraform_apply, integration ]
140+
needs: [terraform_apply, integration]
141+
runs-on: ubuntu-latest
142+
if: (github.event.workflow_run.repository.full_name == github.repository && github.event.workflow_run.head_repository.full_name == github.repository && github.event.workflow_run.conclusion == 'success' && length(github.event.workflow_run.pull_requests) > 0) && (success() || failure())
198143
strategy:
199144
matrix:
200145
python-version: [ '3.13' ]
201-
if: success() || failure()
202-
runs-on: ubuntu-latest
203146
steps:
204147
- uses: actions/checkout@v4
205148
with:
206-
ref: ${{ github.event.pull_request.head.sha }}
149+
ref: ${{ github.event.workflow_run.head_sha }}
150+
persist-credentials: false
207151
- name: Set up Python ${{ matrix.python-version }}
208152
uses: actions/setup-python@v5
209153
with:
210154
python-version: ${{ matrix.python-version }}
211-
- name: Configure AWS credentials for pytest
155+
- name: Configure AWS credentials
212156
uses: aws-actions/configure-aws-credentials@v4
213157
with:
214158
aws-access-key-id: ${{ secrets.ACCESS_KEY_ID }}
@@ -238,20 +182,21 @@ jobs:
238182
REGION_NAME: ${{ secrets.TERRAFORM_REGION }}
239183
run: |
240184
cd terraform/aws_instance
241-
# terraform destroy/
242185
terragrunt destroy -auto-approve 1> /dev/null
243186
244187
e2e:
245188
name: e2e
246-
needs: [ approve, unittest, terraform_apply, integration ]
189+
needs: [terraform_apply, integration]
247190
runs-on: ubuntu-latest
191+
if: github.event.workflow_run.repository.full_name == github.repository && github.event.workflow_run.head_repository.full_name == github.repository && github.event.workflow_run.conclusion == 'success' && length(github.event.workflow_run.pull_requests) > 0
248192
strategy:
249193
matrix:
250194
python-version: [ '3.9', '3.10', '3.11', '3.12', '3.13' ]
251195
steps:
252196
- uses: actions/checkout@v4
253197
with:
254-
ref: ${{ github.event.pull_request.head.sha }}
198+
ref: ${{ github.event.workflow_run.head_sha }}
199+
persist-credentials: false
255200
- name: Set up Python ${{ matrix.python-version }}
256201
uses: actions/setup-python@v5
257202
with:
@@ -260,24 +205,18 @@ jobs:
260205
run: |
261206
# ldap requirements
262207
sudo apt update -y
263-
sudo apt-get install build-essential python3-dev libldap2-dev libsasl2-dev vim -y
208+
sudo apt-get install -y build-essential python3-dev libldap2-dev libsasl2-dev
264209
python -m pip install --upgrade pip
265-
pip install flake8 pytest pytest-cov
210+
pip install pytest pytest-cov
266211
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
267212
if [ -f tests_requirements.txt ]; then pip install -r tests_requirements.txt; fi
268-
- name: Lint with flake8
269-
run: |
270-
# stop the build if there are Python syntax errors or undefined names
271-
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
272-
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
273-
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
274-
- name: Configure AWS credentials for pytest
213+
- name: Configure AWS credentials
275214
uses: aws-actions/configure-aws-credentials@v4
276215
with:
277216
aws-access-key-id: ${{ secrets.ACCESS_KEY_ID }}
278217
aws-secret-access-key: ${{ secrets.SECRET_ACCESS_KEY }}
279218
aws-region: ${{ secrets.REGION }}
280-
- name: 📃 E2E test
219+
- name: E2E test
281220
env:
282221
AWS_DEFAULT_REGION: ${{ secrets.REGION }}
283222
policy: ${{ secrets.POLICY }}

.github/workflows/PR_Approval.yml

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
name: PR Approval - Unittest
2+
3+
on:
4+
pull_request:
5+
types: [opened, synchronize, reopened]
6+
branches: [main]
7+
workflow_dispatch:
8+
9+
jobs:
10+
unittest:
11+
name: unittest
12+
runs-on: ubuntu-latest
13+
strategy:
14+
matrix:
15+
python-version: ['3.9', '3.10', '3.11', '3.12', '3.13']
16+
steps:
17+
- uses: actions/checkout@v4
18+
with:
19+
persist-credentials: false
20+
- name: Set up Python ${{ matrix.python-version }}
21+
uses: actions/setup-python@v5
22+
with:
23+
python-version: ${{ matrix.python-version }}
24+
- name: Install dependencies
25+
run: |
26+
sudo apt update -y
27+
sudo apt-get install -y build-essential python3-dev libldap2-dev libsasl2-dev
28+
python -m pip install --upgrade pip
29+
pip install flake8 pytest pytest-cov
30+
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
31+
if [ -f tests_requirements.txt ]; then pip install -r tests_requirements.txt; fi
32+
- name: Lint with flake8
33+
run: |
34+
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
35+
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
36+
- name: Unittest with pytest
37+
run: python -m pytest -v tests/unittest

0 commit comments

Comments
 (0)