ci: enforce semantic commit conventions for releases #4828
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Python | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| schedule: | |
| - cron: "0 8 * * *" | |
| concurrency: | |
| group: check-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| validate-pr-title: | |
| name: Validate PR Title | |
| if: github.event_name == 'pull_request' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: read | |
| steps: | |
| - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5.5.3 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| types: | | |
| feat | |
| fix | |
| docs | |
| style | |
| refactor | |
| perf | |
| test | |
| build | |
| ci | |
| chore | |
| revert | |
| requireScope: false | |
| subjectPattern: ^(?![A-Z]).+$ | |
| subjectPatternError: | | |
| The subject "{subject}" found in the pull request title "{title}" | |
| didn't match the configured pattern. Please ensure that the subject | |
| doesn't start with an uppercase character. | |
| wip: false | |
| validateSingleCommit: false | |
| validateSingleCommitMatchesPrTitle: false | |
| build: | |
| name: test with ${{ matrix.py }} on ${{ matrix.os }} | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| py: | |
| - "3.13" | |
| - "3.12" | |
| - "3.11" | |
| - "3.10" | |
| - "3.9" | |
| - "3.8" | |
| os: | |
| - ubuntu-latest | |
| - macos-latest | |
| - windows-latest | |
| steps: | |
| - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup python for test ${{ matrix.py }} | |
| uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 | |
| with: | |
| python-version: ${{ matrix.py }} | |
| - name: Install tox | |
| run: python -m pip install "tox-gh>=1.2" poetry | |
| - name: Setup test suite | |
| run: tox -vv --notest | |
| - name: Run test suite | |
| run: tox --skip-pkg-install | |
| env: | |
| COVERAGE_FILE: "coverage.${{ matrix.os }}.${{ matrix.py }}" | |
| - name: Store coverage file | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: coverage.${{ matrix.os }}.${{ matrix.py }} | |
| path: coverage.${{ matrix.os }}.${{ matrix.py }} | |
| if-no-files-found: error | |
| coverage: | |
| if: github.event_name != 'schedule' | |
| name: Coverage | |
| runs-on: ubuntu-latest | |
| needs: build | |
| permissions: | |
| pull-requests: write | |
| contents: write | |
| env: | |
| COVERAGE_FILE: "coverage" | |
| steps: | |
| - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 | |
| id: download | |
| with: | |
| pattern: coverage.* | |
| merge-multiple: true | |
| - name: Coverage comment | |
| id: coverage_comment | |
| uses: py-cov-action/python-coverage-comment-action@b3d7e98bf5528b07d6951ef7a93e2b156f960112 # v3.1.0 | |
| with: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| MERGE_COVERAGE_FILES: true | |
| ANNOTATE_MISSING_LINES: true | |
| VERBOSE: true | |
| - name: Store Pull Request comment to be posted | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| if: steps.coverage_comment.outputs.COMMENT_FILE_WRITTEN == 'true' | |
| with: | |
| name: python-coverage-comment-action | |
| path: python-coverage-comment-action.txt | |
| gitleaks: | |
| name: gitleaks | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| with: | |
| fetch-depth: 0 | |
| - uses: gitleaks/gitleaks-action@ff98106e4c7b2bc287b24eaf42907196329070c7 # v2.3.9 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }} |