mirror of
https://github.com/natelandau/obsidian-metadata.git
synced 2025-11-18 01:43:39 -05:00
755151e2ed
ci(deps): bump step-security/harden-runner from 2.1.0 to 2.2.0
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](18bf8ad2ca...c8454efe5d)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
99 lines
3.2 KiB
YAML
99 lines
3.2 KiB
YAML
---
|
|
name: "Automated Tests"
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
push:
|
|
paths:
|
|
- ".github/workflows/automated-tests.yml"
|
|
- ".github/actions/**"
|
|
- "src/**"
|
|
- "tests/**"
|
|
- "pyproject.toml"
|
|
- "poetry.lock"
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
types:
|
|
- opened
|
|
- reopened
|
|
- synchronize
|
|
paths:
|
|
- ".github/workflows/automated-tests.yml"
|
|
- ".github/actions/**"
|
|
- "src/**"
|
|
- "tests/**"
|
|
- "pyproject.toml"
|
|
- "poetry.lock"
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
test-python-code:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
fail-fast: true
|
|
matrix:
|
|
python-version: ["3.10", "3.11"]
|
|
steps:
|
|
- uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v2.2.0
|
|
with:
|
|
egress-policy: block
|
|
disable-sudo: true
|
|
allowed-endpoints: >
|
|
api.snapcraft.io:443
|
|
api.github.com:443
|
|
codecov.io:443
|
|
files.pythonhosted.org:443
|
|
github.com:443
|
|
install.python-poetry.org:443
|
|
pypi.org:443
|
|
python-poetry.org:443
|
|
storage.googleapis.com:443
|
|
uploader.codecov.io:443
|
|
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Setup Python and Poetry
|
|
uses: ./.github/actions/setup-poetry
|
|
|
|
# ----------------------------------------------
|
|
# run linters
|
|
# ----------------------------------------------
|
|
|
|
- name: Lint with Mypy
|
|
run: poetry run mypy src/
|
|
- name: lint with ruff
|
|
run: poetry run ruff --extend-ignore=I001,D301,D401,PLR2004,PLR0913 src/
|
|
- name: check pyproject.toml
|
|
run: poetry run poetry check
|
|
|
|
# ----------------------------------------------
|
|
# run test suite
|
|
# ----------------------------------------------
|
|
- name: Run tests with pytest
|
|
run: |
|
|
poetry run coverage run
|
|
poetry run coverage report
|
|
poetry run coverage xml
|
|
|
|
# ----------------------------------------------
|
|
# confirm package builds
|
|
# ----------------------------------------------
|
|
- name: Build package
|
|
run: poetry build
|
|
|
|
# ----------------------------------------------
|
|
# upload coverage stats
|
|
# ----------------------------------------------
|
|
- name: Upload coverage
|
|
if: github.ref == 'refs/heads/main' && matrix.python-version == '3.11'
|
|
uses: codecov/codecov-action@v3
|
|
with:
|
|
# token: ${{ secrets.CODECOV_TOKEN }} # Only required for private repositories
|
|
files: reports/coverage.xml
|
|
fail_ci_if_error: false
|