poetry: update pydantic requirement from 1.10.22 to 1.10.24 #3261
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Workflow: Pull Request" | |
| on: pull_request | |
| permissions: | |
| id-token: write | |
| contents: read | |
| actions: write | |
| env: | |
| BASE_CACHE_SUFFIX: base | |
| BASE_BRANCH_NAME: ${{ github.event.pull_request.base.ref }} | |
| BRANCH_NAME: ${{ github.event.pull_request.head.ref }} | |
| CI_ROLE_NAME: ${{ secrets.CI_ROLE_NAME }} | |
| BRANCH_GITHUB_SHA_SHORT: $(echo ${{ github.event.pull_request.head.sha }} | cut -c 1-7) | |
| COVERAGE_ARTIFACT_BRANCH_NAME: $(echo ${{ github.event.pull_request.head.ref }} | cut -c 9-) | |
| TF_CLI_ARGS: -no-color | |
| jobs: | |
| workflow--check--branch-name: | |
| runs-on: [self-hosted, ci] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - uses: ./.github/actions/make/ | |
| with: | |
| command: workflow--check--branch-name | |
| workflow--check--rebased-on-main: | |
| runs-on: [self-hosted, ci] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - uses: ./.github/actions/make/ | |
| with: | |
| command: workflow--check--rebased-on-main | |
| workflow--check--release-branch-name: | |
| runs-on: [self-hosted, ci] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| - uses: ./.github/actions/make/ | |
| with: | |
| command: workflow--check--release-branch-name | |
| parse-secrets: | |
| runs-on: [self-hosted, ci] | |
| needs: [workflow--check--branch-name] | |
| steps: | |
| - id: parse-secrets | |
| run: | | |
| echo "::add-mask::${{ secrets.CI_ROLE_NAME }}" | |
| create-workspace-name: | |
| runs-on: [self-hosted, ci] | |
| needs: [workflow--check--branch-name] | |
| outputs: | |
| workspace: ${{ steps.create_workspace_name.outputs.workspace }} | |
| steps: | |
| - id: create_workspace_name | |
| # will create a workspace in the format ci-PI-70-b25lkjd or for release branches rel-2023-10-30-lskjdl | |
| run: | | |
| if [[ ${{ env.BRANCH_NAME }} == *"release/"* ]]; then | |
| echo "workspace=rel-$(echo ${{ env.BRANCH_NAME }} | sed 's/release\///')-${{ env.BRANCH_GITHUB_SHA_SHORT }}" >> $GITHUB_OUTPUT | |
| elif [[ ${{ env.BRANCH_NAME }} == *"dependabot/"* ]]; then | |
| echo "workspace=ci-$(echo ${{ env.BRANCH_NAME }} | sed -n 's|.*pip/||p' | awk -F- '{ for (i=1;i<=NF;i++) printf substr($i,1,1); print "" }')-${{ env.BRANCH_GITHUB_SHA_SHORT }}" >> $GITHUB_OUTPUT | |
| else | |
| echo "workspace=ci-$(echo ${{ env.BRANCH_NAME }} | sed -n 's/.*\/\([^-]*\)-\([^-]*\).*/\1-\2/p' | tr '[:upper:]' '[:lower:]')-${{ env.BRANCH_GITHUB_SHA_SHORT }}" >> $GITHUB_OUTPUT | |
| fi | |
| build-head: | |
| runs-on: [self-hosted, ci] | |
| needs: [parse-secrets] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - uses: ./.github/actions/make/ | |
| with: | |
| command: build | |
| save-to-cache: "true" | |
| restore-from-cache: "false" | |
| build-base: | |
| runs-on: [self-hosted, ci] | |
| needs: [workflow--check--branch-name] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BASE_BRANCH_NAME }} | |
| - uses: ./.github/actions/make/ | |
| with: | |
| command: build | |
| save-to-cache: "true" | |
| restore-from-cache: "false" | |
| cache-suffix: ${{ env.BASE_CACHE_SUFFIX }} | |
| workflow--codebase-checks: | |
| runs-on: [self-hosted, ci] | |
| needs: [build-head] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - uses: ./.github/actions/make/ | |
| with: | |
| command: workflow--codebase-checks | |
| test--unit: | |
| needs: [build-head] | |
| runs-on: [self-hosted, ci] | |
| strategy: | |
| matrix: | |
| test-type: [unit, slow] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - uses: ./.github/actions/pytest-with-rerun/ | |
| with: | |
| test-type: ${{ matrix.test-type }} | |
| test--feature--local: | |
| needs: [build-head] | |
| runs-on: [self-hosted, ci] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - uses: ./.github/actions/make/ | |
| with: | |
| command: test--feature--local | |
| terraform-base-build: | |
| needs: [create-workspace-name, build-base, parse-secrets] | |
| runs-on: [self-hosted, ci] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BASE_BRANCH_NAME }} | |
| - uses: ./.github/actions/terraform/ | |
| with: | |
| command: plan | |
| workspace: ${{ needs.create-workspace-name.outputs.workspace }} | |
| cache-suffix: ${{ env.BASE_CACHE_SUFFIX }} | |
| - uses: ./.github/actions/terraform/ | |
| with: | |
| command: apply | |
| workspace: ${{ needs.create-workspace-name.outputs.workspace }} | |
| save-to-cache: "true" | |
| restore-from-cache: "false" | |
| cache-suffix: ${{ env.BASE_CACHE_SUFFIX }} | |
| terraform-head-build: | |
| needs: | |
| [ | |
| create-workspace-name, | |
| build-head, | |
| workflow--codebase-checks, | |
| test--unit, | |
| test--feature--local, | |
| parse-secrets, | |
| terraform-base-build, | |
| ] | |
| runs-on: [self-hosted, ci] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - uses: ./.github/actions/terraform/ | |
| with: | |
| command: plan | |
| workspace: ${{ needs.create-workspace-name.outputs.workspace }} | |
| - uses: ./.github/actions/terraform/ | |
| with: | |
| command: apply | |
| save-to-cache: "true" | |
| restore-from-cache: "false" | |
| workspace: ${{ needs.create-workspace-name.outputs.workspace }} | |
| apigee--deploy: | |
| needs: [build-head, terraform-head-build] | |
| runs-on: [self-hosted, ci] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - uses: ./.github/actions/make/ | |
| with: | |
| command: apigee--deploy DEV_BUILD="true" | |
| save-to-cache: "false" | |
| restore-from-cache: "true" | |
| requires-aws: true | |
| apigee--attach-product: | |
| needs: [build-head, apigee--deploy] | |
| runs-on: [self-hosted, ci] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - run: | | |
| poetry add pytest-nhsd-apim==3.4.3 | |
| - uses: ./.github/actions/make/ | |
| with: | |
| command: apigee--attach-product DEV_BUILD="true" | |
| save-to-cache: "false" | |
| restore-from-cache: "true" | |
| requires-aws: true | |
| test--integration: | |
| needs: | |
| [ | |
| build-head, | |
| workflow--codebase-checks, | |
| test--unit, | |
| test--feature--local, | |
| terraform-head-build, | |
| apigee--attach-product, | |
| ] | |
| runs-on: [self-hosted, ci] | |
| strategy: | |
| matrix: | |
| test-type: [integration] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - uses: ./.github/actions/pytest-with-rerun/ | |
| with: | |
| test-type: ${{ matrix.test-type }} | |
| requires-aws: true | |
| test--feature--integration: | |
| needs: | |
| [ | |
| build-head, | |
| workflow--codebase-checks, | |
| test--unit, | |
| test--feature--local, | |
| terraform-head-build, | |
| test--integration, | |
| ] | |
| runs-on: [self-hosted, ci] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - uses: ./.github/actions/make/ | |
| with: | |
| command: test--feature--integration | |
| requires-aws: true | |
| test--smoke: | |
| needs: | |
| [ | |
| build-head, | |
| workflow--codebase-checks, | |
| test--unit, | |
| test--feature--local, | |
| terraform-head-build, | |
| test--feature--integration, | |
| test--integration, | |
| apigee--deploy, | |
| apigee--attach-product, | |
| ] | |
| runs-on: [self-hosted, ci] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - uses: ./.github/actions/make/ | |
| with: | |
| command: test--smoke | |
| requires-aws: true | |
| create-coverage-name: | |
| runs-on: [self-hosted, ci] | |
| needs: [workflow--check--branch-name] | |
| outputs: | |
| coverage-name: ${{ steps.create_coverage_name.outputs.coverage-name }} | |
| steps: | |
| - id: create_coverage_name | |
| run: | | |
| echo "coverage-name=${{ env.COVERAGE_ARTIFACT_BRANCH_NAME }}" >> $GITHUB_OUTPUT | |
| test--coverage-sonar: | |
| needs: | |
| [ | |
| build-head, | |
| workflow--codebase-checks, | |
| test--unit, | |
| test--feature--local, | |
| terraform-head-build, | |
| test--feature--integration, | |
| test--integration, | |
| apigee--deploy, | |
| apigee--attach-product, | |
| test--smoke, | |
| create-coverage-name, | |
| ] | |
| runs-on: [self-hosted, ci] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - uses: ./.github/actions/make/ | |
| with: | |
| command: test--coverage | |
| requires-aws: true | |
| save-to-cache: "true" | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v6 | |
| with: | |
| name: "${{ needs.create-coverage-name.outputs.coverage-name }}-coverage" | |
| path: "sonarcloud-coverage.xml" | |
| - name: SonarQube Scan | |
| uses: SonarSource/sonarqube-scan-action@v7 | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| SONAR_HOST_URL: https://sonarcloud.io | |
| apigee--detach-product: | |
| needs: | |
| [ | |
| build-head, | |
| test--smoke, | |
| apigee--attach-product, | |
| test--feature--integration, | |
| ] | |
| runs-on: [self-hosted, ci] | |
| if: ${{ needs.apigee--attach-product.result == 'success' }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - run: | | |
| poetry add pytest-nhsd-apim==3.4.3 | |
| - uses: ./.github/actions/make/ | |
| with: | |
| command: apigee--detach-product DEV_BUILD="true" | |
| save-to-cache: "false" | |
| restore-from-cache: "true" | |
| requires-aws: true | |
| delete--proxy: | |
| needs: [test--smoke, apigee--deploy, apigee--detach-product] | |
| runs-on: [self-hosted, ci] | |
| if: ${{ needs.apigee--deploy.result == 'success' }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| - uses: ./.github/actions/make/ | |
| with: | |
| command: apigee--delete DEV_BUILD="true" | |
| save-to-cache: "false" | |
| restore-from-cache: "true" | |
| requires-aws: true | |
| destroy-redundant-workspaces: | |
| runs-on: [self-hosted, ci] | |
| needs: [build-head] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| fetch-depth: 0 | |
| - name: Remove redundant workspaces | |
| uses: ./.github/actions/make/ | |
| with: | |
| command: destroy--redundant-workspaces BRANCH_NAME=origin/${{ env.BRANCH_NAME }} DESTROY_ALL_COMMITS_ON_BRANCH=false KILL_ALL=false CURRENT_COMMIT="${{ env.BRANCH_GITHUB_SHA_SHORT }}" TF_CLI_ARGS=${{ env.TF_CLI_ARGS }} | |
| requires-aws: true |