chore(deps): update dependencies and pre-commit hooks (#95) #164
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| types: | |
| - opened | |
| - synchronize | |
| - reopened | |
| - ready_for_review | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| FORCE_COLOR: "3" | |
| UVX_CONSTRAINT: requirements/lock/uvx-tools.txt | |
| UVX_COMMAND: uvx -crequirements/lock/uvx-tools.txt | |
| NOX_COMMAND: uvx -crequirements/lock/uvx-tools.txt nox | |
| EXTRA_PYTHON_VERSIONS: "pypy-3.11" | |
| permissions: {} | |
| jobs: | |
| pre_job: | |
| # continue-on-error: true # Uncomment once integration is finished | |
| runs-on: ubuntu-latest | |
| outputs: | |
| should_skip: ${{ steps.skip_check.outputs.should_skip }} | |
| steps: | |
| - name: Don't run CI on draft PR | |
| if: | |
| github.event_name == 'pull_request' && github.event.pull_request.draft | |
| == true | |
| run: exit 1 | |
| - id: skip_check | |
| uses: fkirc/skip-duplicate-actions@f75f66ce1886f00957d99748a42c724f4330bdcf # v5.3.1 | |
| with: | |
| paths_ignore: '[".cruft.json", ".copier.yml"]' | |
| build-package: | |
| name: Build & verify package | |
| needs: pre_job | |
| if: needs.pre_job.outputs.should_skip != 'true' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - uses: hynek/build-and-inspect-python-package@fe0a0fb1925ca263d076ca4f2c13e93a6e92a33e # v2.17.0 | |
| id: baipp | |
| - name: Set python version parameters | |
| id: versions | |
| shell: python | |
| env: | |
| python_classifiers: | |
| ${{ steps.baipp.outputs.supported_python_classifiers_json_array }} | |
| run: | | |
| import os | |
| import json | |
| from pathlib import Path | |
| default_python_version = Path(".python-version").read_text().strip() | |
| python_versions = json.loads(os.getenv("python_classifiers")) | |
| extra_python_versions = [_.strip() for _ in os.getenv("EXTRA_PYTHON_VERSIONS", "").split(",") if _] | |
| min_python_version = python_versions[0] | |
| max_python_version = python_versions[-1] | |
| minmax_python_versions = [min_python_version, max_python_version, *extra_python_versions] | |
| minmax_default_python_versions = list({*minmax_python_versions, default_python_version}) | |
| all_python_versions = list({*python_versions, *extra_python_versions}) | |
| print("{default_python_version=:s}") | |
| print("{min_python_version=:s}") | |
| print("{max_python_version=:s}") | |
| print("{minmax_python_versions=}") | |
| print("{minmax_default_python_versions=}") | |
| print("{all_python_version=}") | |
| with open(os.getenv("GITHUB_OUTPUT"), "a") as f: | |
| f.write(f"{default_python_version=:s}\n") | |
| f.write(f"{min_python_version=:s}\n") | |
| f.write(f"{max_python_version=:s}\n") | |
| f.write(f"minmax_python_versions={json.dumps(minmax_python_versions)}\n") | |
| f.write(f"minmax_default_python_versions={json.dumps(minmax_default_python_versions)}\n") | |
| f.write(f"all_python_versions={json.dumps(all_python_versions)}\n") | |
| outputs: | |
| default-python-version: | |
| ${{ steps.versions.outputs.default_python_version }} | |
| min-python-version: ${{ steps.versions.outputs.min_python_version }} | |
| max-python-version: ${{ steps.versions.outputs.max_python_version }} | |
| minmax-python-versions: | |
| ${{ steps.versions.outputs.minmax_python_versions }} | |
| minmax-default-python-versions: | |
| ${{ steps.versions.outputs.minmax_default_python_versions }} | |
| all-python-version: ${{ steps.versions.outputs.all_python_versions }} | |
| lint: | |
| # only run checks not covered by pre-commit.ci | |
| name: Lint package | |
| needs: pre_job | |
| if: needs.pre_job.outputs.should_skip != 'true' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| # Not always needed but some hooks use it... | |
| - uses: ./.github/actions/setup-cached-uv-and-python | |
| with: | |
| python-version-file: ".python-version" | |
| cache-dependency-path: uv.lock | |
| - name: Get prek version | |
| shell: bash | |
| run: | | |
| prek_version=$(grep prek "$UVX_CONSTRAINT" | cut -d " " -f1 | sed "s/prek==//") | |
| echo "prek_version: ${prek_version}" | |
| echo "prek_version=${prek_version}" >> "$GITHUB_ENV" | |
| - name: Setup prek | |
| uses: j178/prek-action@cbc2f23eb5539cf20d82d1aabd0d0ecbcc56f4e3 # v2.0.2 | |
| with: | |
| prek-version: ${{ env.prek_version }} | |
| install-only: true | |
| - name: Run prek | |
| env: | |
| SKIP: "typecheck" | |
| run: >- | |
| prek run --show-diff-on-failure --color=always --all-files | |
| --hook-stage=manual -v | |
| pinact: | |
| name: Pin actions | |
| needs: pre_job | |
| if: needs.pre_job.outputs.should_skip != 'true' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - name: Pin actions | |
| uses: suzuki-shunsuke/pinact-action@cf51507d80d4d6522a07348e3d58790290eaf0b6 # v2.0.0 | |
| with: | |
| skip_push: "true" | |
| typecheck: | |
| name: Typecheck package | |
| needs: pre_job | |
| if: needs.pre_job.outputs.should_skip != 'true' | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: | |
| - ubuntu-latest | |
| # - windows-latest | |
| session: | |
| - typecheck | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - uses: ./.github/actions/setup-cached-uv-and-python | |
| with: | |
| python-version-file: ".python-version" | |
| cache-dependency-path: uv.lock | |
| - name: Get python version | |
| id: python_version | |
| run: | | |
| python_version=$(cat .python-version) | |
| echo "python_version=${python_version}" >> "$GITHUB_OUTPUT" | |
| shell: bash | |
| - name: typecheck | |
| env: | |
| python_version: ${{ steps.python_version.outputs.python_version }} | |
| session: ${{ matrix.session }} | |
| run: $NOX_COMMAND -s "${session}-${python_version}" | |
| shell: bash | |
| test: | |
| name: Test package across pythons | |
| needs: | |
| - pre_job | |
| - build-package | |
| if: needs.pre_job.outputs.should_skip != 'true' | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: | |
| - ubuntu-latest | |
| python-version: | |
| ${{ | |
| fromJson(needs.build-package.outputs.minmax-default-python-versions) | |
| }} | |
| session: | |
| - test | |
| include: | |
| - os: windows-latest | |
| python-version: | |
| ${{ needs.build-package.outputs.default-python-version }} | |
| session: test | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 | |
| with: | |
| name: Packages | |
| path: dist | |
| - uses: ./.github/actions/setup-cached-uv-and-python | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| cache-dependency-path: uv.lock | |
| - name: Test with nox | |
| env: | |
| python_version: ${{ matrix.python-version }} | |
| options: "++installpkg dist/*.whl" | |
| session: ${{ matrix.session }} | |
| run: | | |
| # shellcheck disable=SC2086 | |
| $NOX_COMMAND -s "${session}-${python_version}" -- $options | |
| shell: bash -euxo pipefail {0} | |
| - name: Upload coverage data | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: | |
| coverage-data-${{ matrix.os }}-${{ matrix.python-version }}-${{ | |
| matrix.session }} | |
| path: .nox/test-*/tmp/.coverage* | |
| include-hidden-files: true | |
| if-no-files-found: ignore | |
| coverage: | |
| name: Combine coverage | |
| needs: | |
| - pre_job | |
| - test | |
| if: needs.pre_job.outputs.should_skip != 'true' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - name: Download individual coverage reports | |
| uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 | |
| with: | |
| pattern: coverage-data-* | |
| path: .nox | |
| merge-multiple: true | |
| - name: Display structure of downloaded files | |
| run: ls -aR | |
| - uses: ./.github/actions/setup-cached-uv-and-python | |
| with: | |
| python-version-file: ".python-version" | |
| cache-dependency-path: requirements/lock/uvx-tools.txt | |
| - name: Run coverage | |
| run: | | |
| $NOX_COMMAND -s coverage -- ++coverage combine html markdown | |
| cat coverage.md | |
| cat coverage.md >> "$GITHUB_STEP_SUMMARY" | |
| # fail if under 100% | |
| $NOX_COMMAND -s coverage -- ++coverage report ++coverage-options --fail-under=100 | |
| shell: bash | |
| - name: Upload HTML report if check failed. | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: html-report | |
| path: htmlcov | |
| if: ${{ failure() }} | |
| docs: | |
| needs: pre_job | |
| if: needs.pre_job.outputs.should_skip != 'true' | |
| permissions: | |
| contents: write | |
| uses: ./.github/workflows/docs.yml | |
| with: | |
| deploy: false | |
| # Ensure everything required is passing for branch protection. | |
| required-checks-pass: | |
| if: always() | |
| needs: | |
| - pre_job | |
| - lint | |
| - pinact | |
| - typecheck | |
| - test | |
| - coverage | |
| - docs | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Decide whether the needed jobs succeeded or failed | |
| uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # v1.2.2 | |
| with: | |
| allowed-skips: "lint,pinact,typecheck,test,coverage,docs" | |
| jobs: ${{ toJSON(needs) }} |