Skip to content
CI

Pull Request: Add Missing Direct API Tools #111

Sign in to view logs

Pull Request: Add Missing Direct API Tools

Pull Request: Add Missing Direct API Tools #111

Workflow file for this run

.github/workflows/ci.yml at 37c7804
name: CI
# Integration Test Strategy:
# - Fork PRs: Cannot access secrets, so integration tests are skipped with informative feedback
# - Same-repo PRs: Have access to secrets, integration tests run normally
# - Push to main/develop: Integration tests always run to catch any issues after merge
# - Manual trigger: Allows maintainers to run integration tests on demand
#
# This ensures security while still validating integration tests before release
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main, develop ]
# Run integration tests after PR is merged
workflow_dispatch: # Allow manual trigger for integration tests
jobs:
test:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ['3.10', '3.11', '3.12']
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Cache pip dependencies
uses: actions/cache@v4
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('pyproject.toml') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -e ".[dev]"
- name: Run linting with ruff
if: matrix.python-version == '3.10'
run: |
python -m ruff check .
python -m ruff format --check .
- name: Run type checking with mypy
run: python -m mypy --python-version=${{ matrix.python-version }} src tests
- name: Run unit tests with pytest
run: python -m pytest tests/unit/ -v --cov=nutrient_dws --cov-report=xml --cov-report=term
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: ./coverage.xml
flags: unittests
name: codecov-umbrella
fail_ci_if_error: false
integration-test:
runs-on: ubuntu-latest
# Run on: pushes to main/develop, PRs from same repo, and manual triggers
if: |
github.event_name == 'push' ||
github.event_name == 'workflow_dispatch' ||
(github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository)
strategy:
matrix:
python-version: ['3.10', '3.11', '3.12']
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Cache pip dependencies
uses: actions/cache@v4
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('pyproject.toml') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -e ".[dev]"
- name: Check for API key availability
run: |
if [ -z "${{ secrets.NUTRIENT_DWS_API_KEY }}" ]; then
echo "::warning::NUTRIENT_DWS_API_KEY secret not found, skipping integration tests"
echo "skip_tests=true" >> $GITHUB_ENV
# Provide context about why this might be happening
if [ "${{ github.event_name }}" == "pull_request" ]; then
if [ "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]; then
echo "::notice::This appears to be a PR from a fork. Secrets are not available for security reasons."
else
echo "::error::This is a PR from the same repository but the API key is missing. Please check repository secrets configuration."
fi
else
echo "::error::Running on ${{ github.event_name }} event but API key is missing. Please configure NUTRIENT_DWS_API_KEY secret."
fi
else
echo "::notice::API key found, integration tests will run"
echo "skip_tests=false" >> $GITHUB_ENV
fi
- name: Create integration config with API key
if: env.skip_tests != 'true'
run: |
python -c "
import os
with open('tests/integration/integration_config.py', 'w') as f:
f.write(f'API_KEY = \"{os.environ[\"NUTRIENT_DWS_API_KEY\"]}\"\n')
"
env:
NUTRIENT_DWS_API_KEY: ${{ secrets.NUTRIENT_DWS_API_KEY }}
- name: Run integration tests
if: env.skip_tests != 'true'
run: python -m pytest tests/integration/ -v
- name: Cleanup integration config
if: always()
run: rm -f tests/integration/integration_config.py
# Provide feedback for fork PRs where integration tests can't run
integration-test-fork-feedback:
runs-on: ubuntu-latest
if: |
github.event_name == 'pull_request' &&
github.event.pull_request.head.repo.full_name != github.repository
steps:
- name: Comment on PR about integration tests
uses: actions/github-script@v7
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const issue_number = context.issue.number;
const owner = context.repo.owner;
const repo = context.repo.repo;
// Check if we've already commented
const comments = await github.rest.issues.listComments({
owner,
repo,
issue_number,
});
const botComment = comments.data.find(comment =>
comment.user.type === 'Bot' &&
comment.body.includes('Integration tests are skipped for pull requests from forks')
);
if (!botComment) {
await github.rest.issues.createComment({
owner,
repo,
issue_number,
body: `## Integration Tests Status\n\n` +
`Integration tests are skipped for pull requests from forks due to security restrictions. ` +
`These tests will run automatically after the PR is merged.\n\n` +
`**What this means:**\n` +
`- Unit tests, linting, and type checking have passed ✅\n` +
`- Integration tests require API credentials that aren't available to fork PRs\n` +
`- A maintainer will review your changes and merge if appropriate\n` +
`- Integration tests will run on the main branch after merge\n\n` +
`Thank you for your contribution! 🙏`
});
}
build:
runs-on: ubuntu-latest
needs: test
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -e ".[dev]"
- name: Build package
run: python -m build
- name: Check package with twine
run: twine check dist/*
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: dist
path: dist/