@@ -2,9 +2,9 @@ name: CI/CD Pipeline
22
33on :
44 push :
5- branches : [ main, develop ]
5+ branches : [main]
66 pull_request :
7- branches : [ main, develop ]
7+ branches : [main]
88
99env :
1010 PYTHON_VERSION : " 3.9"
@@ -18,165 +18,160 @@ jobs:
1818 python-version : ["3.9", "3.10", "3.11", "3.12"]
1919
2020 steps :
21- - name : Checkout code
22- uses : actions/checkout@v4
23-
24- - name : Set up Python ${{ matrix.python-version }}
25- uses : actions/setup-python@v4
26- with :
27- python-version : ${{ matrix.python-version }}
28-
29- - name : Cache pip dependencies
30- uses : actions/cache@v3
31- with :
32- path : ~/.cache/pip
33- key : ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }}
34- restore-keys : |
35- ${{ runner.os }}-pip-
36-
37- name : Install dependencies
38- run : |
39- python -m pip install --upgrade pip
40- pip install tox tox-gh-actions
41-
42- name : Run tests with tox
43- run : tox
44- env :
45- TOXENV : py${{ matrix.python-version }}
46-
47- - name : Upload coverage reports
48- if : matrix.python-version == '3.11'
49- uses : codecov/codecov-action@v3
50- with :
51- file : ./coverage.xml
52- flags : unittests
53- name : codecov-umbrella
54- fail_ci_if_error : false
21+ - name : Checkout code
22+ uses : actions/checkout@v4
23+
24+ - name : Set up Python
25+ uses : actions/setup-python@v5
26+ with :
27+ python-version : ${{ matrix.python-version }}
28+
29+ - name : Cache pip dependencies
30+ uses : actions/cache@v4
31+ with :
32+ path : ~/.cache/pip
33+ key : ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }}
34+ restore-keys : |
35+ ${{ runner.os }}-pip-
36+
37+ - name : Install dependencies
38+ run : |
39+ python -m pip install --upgrade pip
40+ pip install tox tox-gh-actions
41+
42+ - name : Run tests with tox
43+ run : tox
44+ env :
45+ TOXENV : py${{ matrix.python-version }}
46+
47+ - name : Upload coverage reports
48+ if : ${{ matrix.python-version == '3.11' }}
49+ uses : codecov/codecov-action@v4
50+ with :
51+ files : ./coverage.xml
52+ flags : unittests
53+ name : codecov-umbrella
54+ fail_ci_if_error : false
5555
5656 lint :
5757 name : Code Quality
5858 runs-on : ubuntu-latest
5959
6060 steps :
61- - name : Checkout code
62- uses : actions/checkout@v4
61+ - name : Checkout code
62+ uses : actions/checkout@v4
6363
64- - name : Set up Python ${{ env.PYTHON_VERSION }}
65- uses : actions/setup-python@v4
66- with :
67- python-version : ${{ env.PYTHON_VERSION }}
64+ - name : Set up Python
65+ uses : actions/setup-python@v5
66+ with :
67+ python-version : ${{ env.PYTHON_VERSION }}
6868
69- - name : Cache pip dependencies
70- uses : actions/cache@v3
71- with :
72- path : ~/.cache/pip
73- key : ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }}
74- restore-keys : |
75- ${{ runner.os }}-pip-
69+ - name : Cache pip dependencies
70+ uses : actions/cache@v4
71+ with :
72+ path : ~/.cache/pip
73+ key : ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }}
74+ restore-keys : |
75+ ${{ runner.os }}-pip-
7676
77- name : Install dependencies
78- run : |
79- python -m pip install --upgrade pip
80- pip install tox tox-gh-actions
77+ - name : Install dependencies
78+ run : |
79+ python -m pip install --upgrade pip
80+ pip install tox tox-gh-actions
8181
82- name : Run linting
83- run : tox -e lint
82+ - name : Run linting
83+ run : tox -e lint
8484
85- - name : Run type checking
86- run : tox -e type
85+ - name : Run type checking
86+ run : tox -e type
8787
88- - name : Run formatting check
89- run : tox -e format
88+ - name : Run formatting check
89+ run : tox -e format
9090
9191 security :
9292 name : Security Scan
9393 runs-on : ubuntu-latest
9494
9595 steps :
96- - name : Checkout code
97- uses : actions/checkout@v4
98-
99- - name : Set up Python ${{ env.PYTHON_VERSION }}
100- uses : actions/setup-python@v4
101- with :
102- python-version : ${{ env.PYTHON_VERSION }}
103-
104- - name : Cache pip dependencies
105- uses : actions/cache@v3
106- with :
107- path : ~/.cache/pip
108- key : ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }}
109- restore-keys : |
110- ${{ runner.os }}-pip-
111-
112- name : Install dependencies
113- run : |
114- python -m pip install --upgrade pip
115- pip install tox tox-gh-actions
116-
117- name : Run security checks
118- run : tox -e security
96+ - name : Checkout code
97+ uses : actions/checkout@v4
98+
99+ - name : Set up Python
100+ uses : actions/setup-python@v5
101+ with :
102+ python-version : ${{ env.PYTHON_VERSION }}
103+
104+ - name : Cache pip dependencies
105+ uses : actions/cache@v4
106+ with :
107+ path : ~/.cache/pip
108+ key : ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }}
109+ restore-keys : |
110+ ${{ runner.os }}-pip-
111+
112+ - name : Install dependencies
113+ run : |
114+ python -m pip install --upgrade pip
115+ pip install tox tox-gh-actions
116+
117+ - name : Run security checks
118+ run : tox -e security
119119
120120 build :
121121 name : Build Package
122122 runs-on : ubuntu-latest
123123 needs : [test, lint, security]
124124
125125 steps :
126- - name : Checkout code
127- uses : actions/checkout@v4
126+ - name : Checkout code
127+ uses : actions/checkout@v4
128128
129- - name : Set up Python ${{ env.PYTHON_VERSION }}
130- uses : actions/setup-python@v4
131- with :
132- python-version : ${{ env.PYTHON_VERSION }}
129+ - name : Set up Python
130+ uses : actions/setup-python@v5
131+ with :
132+ python-version : ${{ env.PYTHON_VERSION }}
133133
134- - name : Install build dependencies
135- run : |
136- python -m pip install --upgrade pip
137- pip install build twine
134+ - name : Install build dependencies
135+ run : |
136+ python -m pip install --upgrade pip
137+ pip install build twine
138138
139- name : Build package
140- run : python -m build
139+ - name : Build package
140+ run : python -m build
141141
142- - name : Check package
143- run : twine check dist/*
142+ - name : Check package
143+ run : twine check dist/*
144144
145- - name : Upload build artifacts
146- uses : actions/upload-artifact@v3
147- with :
148- name : dist
149- path : dist/
145+ - name : Upload build artifacts
146+ uses : actions/upload-artifact@v4
147+ with :
148+ name : dist
149+ path : dist/
150150
151151 release :
152152 name : Release
153153 runs-on : ubuntu-latest
154154 needs : [build]
155- if : github.event_name == 'push' && github.ref == 'refs/heads/main'
155+ if : ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
156+ permissions :
157+ contents : write
158+ id-token : write
156159
157160 steps :
158- - name : Checkout code
159- uses : actions/checkout@v4
160-
161- - name : Download build artifacts
162- uses : actions/download-artifact@v3
163- with :
164- name : dist
165- path : dist/
166-
167- - name : Set up Python ${{ env.PYTHON_VERSION }}
168- uses : actions/setup-python@v4
169- with :
170- python-version : ${{ env.PYTHON_VERSION }}
171-
172- - name : Install twine
173- run : |
174- python -m pip install --upgrade pip
175- pip install twine
176-
177- name : Publish to PyPI
178- if : github.event_name == 'push' && github.ref == 'refs/heads/main'
179- env :
180- TWINE_USERNAME : __token__
181- TWINE_PASSWORD : ${{ secrets.PYPI_API_TOKEN }}
182- run : twine upload dist/*
161+ - name : Checkout code
162+ uses : actions/checkout@v4
163+
164+ - name : Download build artifacts
165+ uses : actions/download-artifact@v4
166+ with :
167+ name : dist
168+ path : dist/
169+
170+ - name : Set up Python
171+ uses : actions/setup-python@v5
172+ with :
173+ python-version : ${{ env.PYTHON_VERSION }}
174+
175+ - name : Publish to PyPI
176+ if : ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
177+ uses : pypa/gh-action-pypi-publish@release/v1
0 commit comments