From 4a92b4ada092885c3115021f31aee3913d039ee7 Mon Sep 17 00:00:00 2001 From: tdruez Date: Wed, 2 Jul 2025 11:15:54 +0400 Subject: [PATCH 01/16] Add macos runner as part of the test matrix strategy Signed-off-by: tdruez --- .../workflows/{ci.yml => run-unit-tests.yml} | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) rename .github/workflows/{ci.yml => run-unit-tests.yml} (79%) diff --git a/.github/workflows/ci.yml b/.github/workflows/run-unit-tests.yml similarity index 79% rename from .github/workflows/ci.yml rename to .github/workflows/run-unit-tests.yml index 57c321664d..a18d4e074f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/run-unit-tests.yml @@ -1,4 +1,4 @@ -name: Test CI +name: Run unit tests on: [push, pull_request] @@ -10,8 +10,6 @@ env: jobs: build: - runs-on: ubuntu-22.04 - services: postgres: image: postgres:13 @@ -31,8 +29,11 @@ jobs: strategy: max-parallel: 4 matrix: + os: [ubuntu-24.04, macos-15] python-version: ["3.10", "3.11", "3.12", "3.13"] + runs-on: ${{ matrix.os }} + steps: - name: Checkout code uses: actions/checkout@v4 @@ -42,12 +43,20 @@ jobs: with: python-version: ${{ matrix.python-version }} - - name: Install universal ctags and xgettext + - name: Install dependencies (Linux) + if: runner.os == 'Linux' run: | sudo apt-get update sudo apt-get install -y universal-ctags gettext - - name: Install dependencies + - name: Install dependencies (macOS) + if: runner.os == 'macOS' + run: | + brew install postgresql@13 + pg_ctl -D /opt/homebrew/var/postgresql@13 start + createdb $POSTGRES_DB + + - name: Install Python dependencies run: make dev envfile - name: Validate code format From c4bd18b6c0b809c3e5e5646a81de9e217a558dd3 Mon Sep 17 00:00:00 2001 From: tdruez Date: Mon, 7 Jul 2025 15:31:40 +0400 Subject: [PATCH 02/16] Revert the base unit test workflow changes Signed-off-by: tdruez --- .github/workflows/run-unit-tests.yml | 19 +++++-------------- 1 file changed, 5 insertions(+), 14 deletions(-) diff --git a/.github/workflows/run-unit-tests.yml b/.github/workflows/run-unit-tests.yml index a18d4e074f..57c321664d 100644 --- a/.github/workflows/run-unit-tests.yml +++ b/.github/workflows/run-unit-tests.yml @@ -1,4 +1,4 @@ -name: Run unit tests +name: Test CI on: [push, pull_request] @@ -10,6 +10,8 @@ env: jobs: build: + runs-on: ubuntu-22.04 + services: postgres: image: postgres:13 @@ -29,11 +31,8 @@ jobs: strategy: max-parallel: 4 matrix: - os: [ubuntu-24.04, macos-15] python-version: ["3.10", "3.11", "3.12", "3.13"] - runs-on: ${{ matrix.os }} - steps: - name: Checkout code uses: actions/checkout@v4 @@ -43,20 +42,12 @@ jobs: with: python-version: ${{ matrix.python-version }} - - name: Install dependencies (Linux) - if: runner.os == 'Linux' + - name: Install universal ctags and xgettext run: | sudo apt-get update sudo apt-get install -y universal-ctags gettext - - name: Install dependencies (macOS) - if: runner.os == 'macOS' - run: | - brew install postgresql@13 - pg_ctl -D /opt/homebrew/var/postgresql@13 start - createdb $POSTGRES_DB - - - name: Install Python dependencies + - name: Install dependencies run: make dev envfile - name: Validate code format From fa702a72da88a7daa4c8d3a8f335088911c8616a Mon Sep 17 00:00:00 2001 From: tdruez Date: Mon, 7 Jul 2025 15:37:08 +0400 Subject: [PATCH 03/16] Rename the workflow files for clarity and consistency Signed-off-by: tdruez --- .../workflows/{publish-docker.yml => publish-docker-image.yml} | 2 +- ...pipeline.yml => publish-pypi-release-aboutcode-pipeline.yml} | 0 .../workflows/{pypi-release.yml => publish-pypi-release.yml} | 0 .github/workflows/{ci-docker.yml => run-unit-tests-docker.yml} | 2 +- .github/workflows/run-unit-tests.yml | 2 +- 5 files changed, 3 insertions(+), 3 deletions(-) rename .github/workflows/{publish-docker.yml => publish-docker-image.yml} (97%) rename .github/workflows/{pypi-release-aboutcode-pipeline.yml => publish-pypi-release-aboutcode-pipeline.yml} (100%) rename .github/workflows/{pypi-release.yml => publish-pypi-release.yml} (100%) rename .github/workflows/{ci-docker.yml => run-unit-tests-docker.yml} (91%) diff --git a/.github/workflows/publish-docker.yml b/.github/workflows/publish-docker-image.yml similarity index 97% rename from .github/workflows/publish-docker.yml rename to .github/workflows/publish-docker-image.yml index 98bd61decb..3e38f6611c 100644 --- a/.github/workflows/publish-docker.yml +++ b/.github/workflows/publish-docker-image.yml @@ -1,4 +1,4 @@ -name: Publish Docker image on GHCR +name: Publish Docker image on GitHub Container Registry # https://docs.github.com/en/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions on: diff --git a/.github/workflows/pypi-release-aboutcode-pipeline.yml b/.github/workflows/publish-pypi-release-aboutcode-pipeline.yml similarity index 100% rename from .github/workflows/pypi-release-aboutcode-pipeline.yml rename to .github/workflows/publish-pypi-release-aboutcode-pipeline.yml diff --git a/.github/workflows/pypi-release.yml b/.github/workflows/publish-pypi-release.yml similarity index 100% rename from .github/workflows/pypi-release.yml rename to .github/workflows/publish-pypi-release.yml diff --git a/.github/workflows/ci-docker.yml b/.github/workflows/run-unit-tests-docker.yml similarity index 91% rename from .github/workflows/ci-docker.yml rename to .github/workflows/run-unit-tests-docker.yml index aaef6e3d9b..c6505a509a 100644 --- a/.github/workflows/ci-docker.yml +++ b/.github/workflows/run-unit-tests-docker.yml @@ -1,4 +1,4 @@ -name: Test on Docker CI +name: Run unit tests on Docker container on: [push, pull_request] diff --git a/.github/workflows/run-unit-tests.yml b/.github/workflows/run-unit-tests.yml index 57c321664d..897192c5c5 100644 --- a/.github/workflows/run-unit-tests.yml +++ b/.github/workflows/run-unit-tests.yml @@ -1,4 +1,4 @@ -name: Test CI +name: Run unit tests on: [push, pull_request] From 4a9ff8c6fb8b86d7e89ff0eadfa515a7546e2f6e Mon Sep 17 00:00:00 2001 From: tdruez Date: Mon, 7 Jul 2025 15:37:41 +0400 Subject: [PATCH 04/16] Upgrade the workflow OS to ubuntu-24.04 Signed-off-by: tdruez --- .github/workflows/publish-docker-image.yml | 2 +- .github/workflows/publish-pypi-release-aboutcode-pipeline.yml | 2 +- .github/workflows/publish-pypi-release.yml | 2 +- .github/workflows/run-unit-tests-docker.yml | 2 +- .github/workflows/run-unit-tests.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/publish-docker-image.yml b/.github/workflows/publish-docker-image.yml index 3e38f6611c..032c8e7f89 100644 --- a/.github/workflows/publish-docker-image.yml +++ b/.github/workflows/publish-docker-image.yml @@ -16,7 +16,7 @@ env: jobs: build-and-push-image: - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. permissions: diff --git a/.github/workflows/publish-pypi-release-aboutcode-pipeline.yml b/.github/workflows/publish-pypi-release-aboutcode-pipeline.yml index 115f9841a3..61ef16a729 100644 --- a/.github/workflows/publish-pypi-release-aboutcode-pipeline.yml +++ b/.github/workflows/publish-pypi-release-aboutcode-pipeline.yml @@ -9,7 +9,7 @@ on: jobs: build-and-publish: name: Build and publish library to PyPI - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/publish-pypi-release.yml b/.github/workflows/publish-pypi-release.yml index 84ea29381c..f5a217d736 100644 --- a/.github/workflows/publish-pypi-release.yml +++ b/.github/workflows/publish-pypi-release.yml @@ -9,7 +9,7 @@ on: jobs: build-and-publish: name: Build and publish library to PyPI - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/run-unit-tests-docker.yml b/.github/workflows/run-unit-tests-docker.yml index c6505a509a..477e492670 100644 --- a/.github/workflows/run-unit-tests-docker.yml +++ b/.github/workflows/run-unit-tests-docker.yml @@ -4,7 +4,7 @@ on: [push, pull_request] jobs: build: - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: - name: Checkout code diff --git a/.github/workflows/run-unit-tests.yml b/.github/workflows/run-unit-tests.yml index 897192c5c5..9ac195af3f 100644 --- a/.github/workflows/run-unit-tests.yml +++ b/.github/workflows/run-unit-tests.yml @@ -10,7 +10,7 @@ env: jobs: build: - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 services: postgres: From e8f37d18dff05a4601989abb82b393effa4f82c1 Mon Sep 17 00:00:00 2001 From: tdruez Date: Mon, 7 Jul 2025 15:41:14 +0400 Subject: [PATCH 05/16] Simplify the test on Docker workflow Signed-off-by: tdruez --- .github/workflows/run-unit-tests-docker.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/run-unit-tests-docker.yml b/.github/workflows/run-unit-tests-docker.yml index 477e492670..635d090c6a 100644 --- a/.github/workflows/run-unit-tests-docker.yml +++ b/.github/workflows/run-unit-tests-docker.yml @@ -5,6 +5,8 @@ on: [push, pull_request] jobs: build: runs-on: ubuntu-24.04 + env: + FROM_DOCKER_IMAGE: "1" steps: - name: Checkout code @@ -13,8 +15,5 @@ jobs: - name: Generate the .env file and the SECRET_KEY run: make envfile - - name: Build and run the Docker Compose stack - run: docker compose up -d - - name: Run tests - run: docker compose run -e FROM_DOCKER_IMAGE=1 web python ./manage.py test --verbosity=2 --noinput + run: docker compose run web python ./manage.py test --verbosity=2 --noinput From bdf8c9799a7b3a361850d9cf16ca7e4b3a473dd9 Mon Sep 17 00:00:00 2001 From: tdruez <489057+tdruez@users.noreply.github.com> Date: Mon, 7 Jul 2025 15:43:38 +0400 Subject: [PATCH 06/16] Potential fix for code scanning alert no. 20: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/run-unit-tests-docker.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/run-unit-tests-docker.yml b/.github/workflows/run-unit-tests-docker.yml index 635d090c6a..33331a453d 100644 --- a/.github/workflows/run-unit-tests-docker.yml +++ b/.github/workflows/run-unit-tests-docker.yml @@ -2,6 +2,9 @@ name: Run unit tests on Docker container on: [push, pull_request] +permissions: + contents: read + jobs: build: runs-on: ubuntu-24.04 From f8e4fea7ca755629bd6379e0a1f477a5f12d826c Mon Sep 17 00:00:00 2001 From: tdruez Date: Mon, 7 Jul 2025 15:55:01 +0400 Subject: [PATCH 07/16] Refine the workflow triggers Signed-off-by: tdruez --- .../publish-pypi-release-aboutcode-pipeline.yml | 4 ++-- .github/workflows/run-unit-tests-docker.yml | 13 +++++++++---- .github/workflows/run-unit-tests.yml | 7 ++++++- 3 files changed, 17 insertions(+), 7 deletions(-) diff --git a/.github/workflows/publish-pypi-release-aboutcode-pipeline.yml b/.github/workflows/publish-pypi-release-aboutcode-pipeline.yml index 61ef16a729..cdadc18dc9 100644 --- a/.github/workflows/publish-pypi-release-aboutcode-pipeline.yml +++ b/.github/workflows/publish-pypi-release-aboutcode-pipeline.yml @@ -3,8 +3,8 @@ name: Build aboutcode.pipeline Python distributions and publish on PyPI on: workflow_dispatch: push: - tags: - - "aboutcode.pipeline/*" + tags: + - "aboutcode.pipeline/*" jobs: build-and-publish: diff --git a/.github/workflows/run-unit-tests-docker.yml b/.github/workflows/run-unit-tests-docker.yml index 33331a453d..f391086e77 100644 --- a/.github/workflows/run-unit-tests-docker.yml +++ b/.github/workflows/run-unit-tests-docker.yml @@ -1,9 +1,11 @@ name: Run unit tests on Docker container -on: [push, pull_request] - -permissions: - contents: read +on: + workflow_dispatch: + pull_request: + push: + branches: + - main jobs: build: @@ -18,5 +20,8 @@ jobs: - name: Generate the .env file and the SECRET_KEY run: make envfile + - name: Build and run the Docker Compose stack + run: docker compose up -d + - name: Run tests run: docker compose run web python ./manage.py test --verbosity=2 --noinput diff --git a/.github/workflows/run-unit-tests.yml b/.github/workflows/run-unit-tests.yml index 9ac195af3f..f490dff169 100644 --- a/.github/workflows/run-unit-tests.yml +++ b/.github/workflows/run-unit-tests.yml @@ -1,6 +1,11 @@ name: Run unit tests -on: [push, pull_request] +on: + workflow_dispatch: + pull_request: + push: + branches: + - main env: POSTGRES_DB: scancodeio From 1472ea3f2f7416258b151c8f240c501d8393603a Mon Sep 17 00:00:00 2001 From: tdruez Date: Mon, 7 Jul 2025 15:55:24 +0400 Subject: [PATCH 08/16] Add the macOS unit tests workflow Signed-off-by: tdruez --- .github/workflows/run-unit-tests-macos.yml | 48 ++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 .github/workflows/run-unit-tests-macos.yml diff --git a/.github/workflows/run-unit-tests-macos.yml b/.github/workflows/run-unit-tests-macos.yml new file mode 100644 index 0000000000..7ab05ed0f1 --- /dev/null +++ b/.github/workflows/run-unit-tests-macos.yml @@ -0,0 +1,48 @@ +name: Run unit tests on macOS + +on: + workflow_dispatch: + pull_request: + push: + branches: + - main + +env: + POSTGRES_DB: scancodeio + POSTGRES_USER: scancodeio + POSTGRES_PASSWORD: scancodeio + +jobs: + macos-test: + runs-on: macos-13 + + strategy: + matrix: + python-version: ["3.10", "3.11", "3.12", "3.13"] + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v5 + with: + python-version: ${{ matrix.python-version }} + + - name: Install dependencies with Homebrew + run: | + brew update + brew install universal-ctags gettext postgresql + brew services start postgresql + sleep 5 + createdb $POSTGRES_DB || echo "Database may already exist" + + - name: Install Python dependencies + run: make dev envfile + + - name: Run Django tests + run: .venv/bin/python manage.py test --verbosity=2 --noinput + env: + SCANCODEIO_DB_NAME: ${{ env.POSTGRES_DB }} + SCANCODEIO_DB_USER: ${{ env.POSTGRES_USER }} + SCANCODEIO_DB_PASSWORD: ${{ env.POSTGRES_PASSWORD }} From e85f2570890e7efe498d98710ac38f5a65f62100 Mon Sep 17 00:00:00 2001 From: tdruez Date: Mon, 7 Jul 2025 16:18:02 +0400 Subject: [PATCH 09/16] Use Docker to start a Postgres service Signed-off-by: tdruez --- .github/workflows/run-unit-tests-macos.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/run-unit-tests-macos.yml b/.github/workflows/run-unit-tests-macos.yml index 7ab05ed0f1..589deeff32 100644 --- a/.github/workflows/run-unit-tests-macos.yml +++ b/.github/workflows/run-unit-tests-macos.yml @@ -13,7 +13,7 @@ env: POSTGRES_PASSWORD: scancodeio jobs: - macos-test: + run-unit-tests: runs-on: macos-13 strategy: @@ -29,13 +29,13 @@ jobs: with: python-version: ${{ matrix.python-version }} - - name: Install dependencies with Homebrew + - name: Start Postgres container run: | - brew update - brew install universal-ctags gettext postgresql - brew services start postgresql - sleep 5 - createdb $POSTGRES_DB || echo "Database may already exist" + docker run -d --name test-postgres -e POSTGRES_USER=scancodeio -e POSTGRES_PASSWORD=scancodeio -e POSTGRES_DB=scancodeio -p 5432:5432 postgres:13 + + - name: Wait for Postgres to be ready + run: | + until pg_isready -h localhost -p 5432; do sleep 1; done - name: Install Python dependencies run: make dev envfile From 964b33b5006de12a89b46b832bace352e8915280 Mon Sep 17 00:00:00 2001 From: tdruez Date: Mon, 7 Jul 2025 16:23:47 +0400 Subject: [PATCH 10/16] Improve the name of the jobs Signed-off-by: tdruez --- .github/workflows/publish-docker-image.yml | 2 +- .github/workflows/run-unit-tests-docker.yml | 2 +- .github/workflows/run-unit-tests.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/publish-docker-image.yml b/.github/workflows/publish-docker-image.yml index 032c8e7f89..be24c863d8 100644 --- a/.github/workflows/publish-docker-image.yml +++ b/.github/workflows/publish-docker-image.yml @@ -15,7 +15,7 @@ env: IMAGE_NAME: ${{ github.repository }} jobs: - build-and-push-image: + build-and-publish-image: runs-on: ubuntu-24.04 # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. diff --git a/.github/workflows/run-unit-tests-docker.yml b/.github/workflows/run-unit-tests-docker.yml index f391086e77..5842c1abd1 100644 --- a/.github/workflows/run-unit-tests-docker.yml +++ b/.github/workflows/run-unit-tests-docker.yml @@ -8,7 +8,7 @@ on: - main jobs: - build: + run-unit-tests: runs-on: ubuntu-24.04 env: FROM_DOCKER_IMAGE: "1" diff --git a/.github/workflows/run-unit-tests.yml b/.github/workflows/run-unit-tests.yml index f490dff169..64c39d79b8 100644 --- a/.github/workflows/run-unit-tests.yml +++ b/.github/workflows/run-unit-tests.yml @@ -14,7 +14,7 @@ env: POSTGRES_INITDB_ARGS: --encoding=UTF-8 --lc-collate=en_US.UTF-8 --lc-ctype=en_US.UTF-8 jobs: - build: + run-unit-tests: runs-on: ubuntu-24.04 services: From 31e7e6a789b9ebe1dfefd988f03aeead315932ea Mon Sep 17 00:00:00 2001 From: tdruez Date: Mon, 7 Jul 2025 16:30:59 +0400 Subject: [PATCH 11/16] Use an action to start postgres Signed-off-by: tdruez --- .github/workflows/run-unit-tests-macos.yml | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/.github/workflows/run-unit-tests-macos.yml b/.github/workflows/run-unit-tests-macos.yml index 589deeff32..09e5f8c8d5 100644 --- a/.github/workflows/run-unit-tests-macos.yml +++ b/.github/workflows/run-unit-tests-macos.yml @@ -29,13 +29,21 @@ jobs: with: python-version: ${{ matrix.python-version }} - - name: Start Postgres container - run: | - docker run -d --name test-postgres -e POSTGRES_USER=scancodeio -e POSTGRES_PASSWORD=scancodeio -e POSTGRES_DB=scancodeio -p 5432:5432 postgres:13 - - - name: Wait for Postgres to be ready - run: | - until pg_isready -h localhost -p 5432; do sleep 1; done + - name: Set up Python ${{ matrix.python-version }} + uses: ikalnytskyi/action-setup-postgres@v7 + id: postgres + with: + postgres-version: "13" + database: ${{ env.POSTGRES_DB }} + username: ${{ env.POSTGRES_USER }} + password: ${{ env.POSTGRES_PASSWORD }} + port: 5432 + + - run: psql ${{ steps.postgres.outputs.connection-uri }} -c "SELECT 1" + - run: psql service=${{ steps.postgres.outputs.service-name }} -c "SELECT 1" + - run: psql -c "SELECT 1" + env: + PGSERVICE: ${{ steps.postgres.outputs.service-name }} - name: Install Python dependencies run: make dev envfile From fbb9f4cc2db22fbac246bbeec15198d2d2d42ea9 Mon Sep 17 00:00:00 2001 From: tdruez Date: Mon, 7 Jul 2025 16:33:25 +0400 Subject: [PATCH 12/16] Use an action to start postgres Signed-off-by: tdruez --- .github/workflows/run-unit-tests-macos.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/run-unit-tests-macos.yml b/.github/workflows/run-unit-tests-macos.yml index 09e5f8c8d5..075f66da2f 100644 --- a/.github/workflows/run-unit-tests-macos.yml +++ b/.github/workflows/run-unit-tests-macos.yml @@ -33,7 +33,7 @@ jobs: uses: ikalnytskyi/action-setup-postgres@v7 id: postgres with: - postgres-version: "13" + postgres-version: "14" # 13 is not supported. database: ${{ env.POSTGRES_DB }} username: ${{ env.POSTGRES_USER }} password: ${{ env.POSTGRES_PASSWORD }} From 8764fc3349df817f90e4b08164466f87c2d88fc8 Mon Sep 17 00:00:00 2001 From: tdruez Date: Mon, 7 Jul 2025 16:42:58 +0400 Subject: [PATCH 13/16] Add permissions and remove debug statements Signed-off-by: tdruez --- .github/workflows/run-unit-tests-docker.yml | 3 +++ .github/workflows/run-unit-tests-macos.yml | 9 +++------ .github/workflows/run-unit-tests.yml | 3 +++ 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/.github/workflows/run-unit-tests-docker.yml b/.github/workflows/run-unit-tests-docker.yml index 5842c1abd1..5487471312 100644 --- a/.github/workflows/run-unit-tests-docker.yml +++ b/.github/workflows/run-unit-tests-docker.yml @@ -7,6 +7,9 @@ on: branches: - main +permissions: + contents: read + jobs: run-unit-tests: runs-on: ubuntu-24.04 diff --git a/.github/workflows/run-unit-tests-macos.yml b/.github/workflows/run-unit-tests-macos.yml index 075f66da2f..8a1510079a 100644 --- a/.github/workflows/run-unit-tests-macos.yml +++ b/.github/workflows/run-unit-tests-macos.yml @@ -7,6 +7,9 @@ on: branches: - main +permissions: + contents: read + env: POSTGRES_DB: scancodeio POSTGRES_USER: scancodeio @@ -39,12 +42,6 @@ jobs: password: ${{ env.POSTGRES_PASSWORD }} port: 5432 - - run: psql ${{ steps.postgres.outputs.connection-uri }} -c "SELECT 1" - - run: psql service=${{ steps.postgres.outputs.service-name }} -c "SELECT 1" - - run: psql -c "SELECT 1" - env: - PGSERVICE: ${{ steps.postgres.outputs.service-name }} - - name: Install Python dependencies run: make dev envfile diff --git a/.github/workflows/run-unit-tests.yml b/.github/workflows/run-unit-tests.yml index 64c39d79b8..44ec2517fa 100644 --- a/.github/workflows/run-unit-tests.yml +++ b/.github/workflows/run-unit-tests.yml @@ -7,6 +7,9 @@ on: branches: - main +permissions: + contents: read + env: POSTGRES_DB: scancodeio POSTGRES_USER: scancodeio From 58ea556a64ea8273d8662eb84b48a165511e86af Mon Sep 17 00:00:00 2001 From: tdruez Date: Mon, 7 Jul 2025 16:49:07 +0400 Subject: [PATCH 14/16] Improve failing tests Signed-off-by: tdruez --- scanpipe/tests/pipes/test_scancode.py | 12 ++---------- scanpipe/tests/test_pipelines.py | 1 + 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/scanpipe/tests/pipes/test_scancode.py b/scanpipe/tests/pipes/test_scancode.py index 2e729a2748..fbaeda2476 100644 --- a/scanpipe/tests/pipes/test_scancode.py +++ b/scanpipe/tests/pipes/test_scancode.py @@ -79,11 +79,7 @@ def test_scanpipe_pipes_scancode_extract_archive_errors(self): errors = scancode.extract_archive(input_location, target) error_message = "gzip decompression failed" - if sys.platform == "darwin": - error_message += " (zlib returned error -3, msg invalid code lengths set)" - - expected = {input_location: [error_message]} - self.assertEqual(expected, errors) + self.assertIn(error_message, errors[str(input_location)][0]) def test_scanpipe_pipes_scancode_extract_archives(self): tempdir = Path(tempfile.mkdtemp()) @@ -113,11 +109,7 @@ def test_scanpipe_pipes_scancode_extract_archives_errors(self): errors = scancode.extract_archives(tempdir) error_message = "gzip decompression failed" - if sys.platform == "darwin": - error_message += " (zlib returned error -3, msg invalid code lengths set)" - - expected = {str(target): [error_message]} - self.assertEqual(expected, errors) + self.assertIn(error_message, errors[str(target)][0]) @skipIf(sys.platform != "linux", "QCOW2 extraction is not available on macOS.") def test_scanpipe_pipes_scancode_extract_archive_vmimage_qcow2(self): diff --git a/scanpipe/tests/test_pipelines.py b/scanpipe/tests/test_pipelines.py index 21cefc4168..ca9dc4f145 100644 --- a/scanpipe/tests/test_pipelines.py +++ b/scanpipe/tests/test_pipelines.py @@ -535,6 +535,7 @@ class PipelinesIntegrationTest(TestCase): "file_type", # mime type and is_script are inconsistent across systems "mime_type", + "type", "is_script", "notes", "settings", From cb8aa53fc0fb9a389b98d32b7462878d866af69c Mon Sep 17 00:00:00 2001 From: tdruez Date: Mon, 7 Jul 2025 16:55:08 +0400 Subject: [PATCH 15/16] Improve failing tests Signed-off-by: tdruez --- scanpipe/tests/test_pipelines.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanpipe/tests/test_pipelines.py b/scanpipe/tests/test_pipelines.py index ca9dc4f145..0852bc8418 100644 --- a/scanpipe/tests/test_pipelines.py +++ b/scanpipe/tests/test_pipelines.py @@ -535,7 +535,6 @@ class PipelinesIntegrationTest(TestCase): "file_type", # mime type and is_script are inconsistent across systems "mime_type", - "type", "is_script", "notes", "settings", @@ -967,6 +966,7 @@ def test_scanpipe_inspect_packages_with_resolved_dependencies_poetry(self): ) self.assertPipelineResultEqual(expected_file, result_file) + @skipIf(sys.platform == "darwin", "Not supported on macOS") def test_scanpipe_resolved_dependencies_cocoapods(self): pipeline_name = "resolve_dependencies" project1 = make_project() From 237a9e1955c9b3608badd55762e5a7a2314267ec Mon Sep 17 00:00:00 2001 From: tdruez Date: Mon, 7 Jul 2025 17:10:35 +0400 Subject: [PATCH 16/16] Put back the FROM_DOCKER_IMAGE in docker command Signed-off-by: tdruez --- .github/workflows/run-unit-tests-docker.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/run-unit-tests-docker.yml b/.github/workflows/run-unit-tests-docker.yml index 5487471312..609fdfab09 100644 --- a/.github/workflows/run-unit-tests-docker.yml +++ b/.github/workflows/run-unit-tests-docker.yml @@ -13,8 +13,6 @@ permissions: jobs: run-unit-tests: runs-on: ubuntu-24.04 - env: - FROM_DOCKER_IMAGE: "1" steps: - name: Checkout code @@ -27,4 +25,4 @@ jobs: run: docker compose up -d - name: Run tests - run: docker compose run web python ./manage.py test --verbosity=2 --noinput + run: docker compose run -e FROM_DOCKER_IMAGE=1 web python ./manage.py test --verbosity=2 --noinput