Feat(URL): Update url endpoints #216
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-FileCopyrightText: Copyright 2025 Siemens AG | |
| # | |
| # SPDX-License-Identifier: Apache-2.0 | |
| name: Check code quality | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| jobs: | |
| # Generate a docker image URL where all the characters are lower-case, for situations where an external contributor | |
| # has a username that begins with a capital letter. This is a limitation of GHCR, which only allows lower-case | |
| # characters. Subsequent jobs use this URL. | |
| prepare_env: | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| image_url: ${{ steps.setenv.outputs.image_url }} | |
| steps: | |
| - name: Set lowercase image name | |
| id: setenv | |
| run: | | |
| OWNER_LC=$(echo "${{ github.repository_owner }}" | tr '[:upper:]' '[:lower:]') | |
| echo "image_url=ghcr.io/${OWNER_LC}/cmp-test-dev:latest" >> $GITHUB_OUTPUT | |
| # Stage 1: fast and basic checks, we run them in parallel to provide more feedback to the contributor at once, | |
| # instead of running them sequentially and giving feedback one piece at a time, requiring more iterations. | |
| ruff_lint: | |
| needs: prepare_env | |
| runs-on: ubuntu-22.04 | |
| container: | |
| image: ${{ needs.prepare_env.outputs.image_url }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Code style | |
| run: ruff check | |
| license_check: | |
| needs: prepare_env | |
| runs-on: ubuntu-22.04 | |
| container: | |
| image: ${{ needs.prepare_env.outputs.image_url }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: License check | |
| run: reuse lint | |
| rf_style_check: | |
| needs: prepare_env | |
| runs-on: ubuntu-22.04 | |
| container: | |
| image: ${{ needs.prepare_env.outputs.image_url }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: RobotFramework style check | |
| run: robocop check --ignore VAR04 | |
| # We haven't settled on a style for RobotFramework yet, enforce check when consensus is reached | |
| continue-on-error: true | |
| spelling_check: | |
| needs: prepare_env | |
| runs-on: ubuntu-22.04 | |
| container: | |
| image: ${{ needs.prepare_env.outputs.image_url }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Spelling checker | |
| run: codespell . --check-filenames --skip *.html,*.pem,*.xml,*venv*,*fips/*.py,*/announcement.py,./data/rfc_test_vectors/* | |
| dependency_check: | |
| # See if newer versions of our Python dependencies are available. This does | |
| # not enforce anything, and only has an informational character. | |
| needs: prepare_env | |
| runs-on: ubuntu-22.04 | |
| continue-on-error: true | |
| container: | |
| image: ${{ needs.prepare_env.outputs.image_url }} | |
| steps: | |
| - name: Check for outdated dependencies | |
| run: | | |
| echo "Checking for outdated packages..." | |
| OUTDATED=$(pip list --outdated --format=columns) | |
| if [ -z "$OUTDATED" ]; then | |
| echo "All packages are up to date!" | |
| exit 0 | |
| else | |
| echo "Outdated packages detected, think about it:" | |
| echo "$OUTDATED" | |
| exit 1 | |
| fi | |
| version_check: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Ensure version is referenced in CHANGELOG.md | |
| run: | | |
| VERSION=$(cat VERSION) | |
| if ! grep -E "^# $VERSION" CHANGELOG.md; then | |
| echo "Error: CHANGELOG.md does not contain an entry for version $VERSION." | |
| exit 1 | |
| fi | |
| # ---------------------------------------------------------------------------- | |
| # Stage 2: these checks are more expensive and do more with the code, e.g., attempt to import dependencies, | |
| # execute some logic, etc. | |
| pylint: | |
| needs: [prepare_env, ruff_lint, license_check, rf_style_check, spelling_check] | |
| runs-on: ubuntu-22.04 | |
| container: | |
| image: ${{ needs.prepare_env.outputs.image_url }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Pylint check | |
| run: pylint --fail-under=9.4 resources | |
| unit_test: | |
| needs: [prepare_env, ruff_lint, license_check, rf_style_check, spelling_check] | |
| runs-on: ubuntu-22.04 | |
| container: | |
| image: ${{ needs.prepare_env.outputs.image_url }} | |
| env: | |
| OQS_INSTALL_PATH: "/root/_oqs" | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Unit tests | |
| run: python3 -m unittest discover -s unit_tests | |
| type_check: | |
| needs: prepare_env | |
| runs-on: ubuntu-22.04 | |
| container: | |
| image: ${{ needs.prepare_env.outputs.image_url }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Pyright check | |
| run: pyright | |
| continue-on-error: true |