diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index bddcbb6..8eb8544 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -15,11 +15,54 @@ env: REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} IMAGE_NAME: ${{ github.repository }} # Image name will be / jobs: - release: + verify-with-tox: + runs-on: ubuntu-latest + steps: + - name: 📄 Checkout code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-depth: 0 + - name: 🧱 Install Poetry + run: curl -sSL https://install.python-poetry.org | python3 - + - name: 🧱 Setup Python + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + with: + python-version: '3.13' + cache: poetry + - name: 🧱 Install dependencies + run: poetry install --all-extras + - name: 🧪 Run tests + run: poetry run tox + - name: SonarCloud scan for PR + uses: sonarsource/sonarqube-scan-action@13990a695682794b53148ff9f6a8b6e22e43955e # v3.1.0 + if: github.event_name == 'pull_request' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + args: | + -Dsonar.pullrequest.base=${{ github.base_ref }} + -Dsonar.pullrequest.branch=${{ github.head_ref }} + -Dsonar.pullrequest.key=${{ github.event.pull_request.number }} + - name: SonarCloud scan for Push + uses: sonarsource/sonarqube-scan-action@13990a695682794b53148ff9f6a8b6e22e43955e # v3.1.0 + if: github.event_name == 'push' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + args: | + -Dsonar.branch.name=${{ github.head_ref }} + - name: Docker Hadolint + uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf + with: + format: tty + release-please: + needs: verify-with-tox runs-on: ubuntu-latest steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - id: rp + - id: release if: github.event_name != 'pull_request' && github.ref_name == 'main' uses: googleapis/release-please-action@7987652d64b4581673a76e33ad5e98e3dd56832f # v4.1.3 with: @@ -35,11 +78,11 @@ jobs: id: tags env: # When release-please is skipped, these values will be empty - is_release: ${{ steps.rp.outputs.release_created }} - version: v${{ steps.rp.outputs.major }}.${{ steps.rp.outputs.minor }}.${{ steps.rp.outputs.patch }} + release_created: ${{ steps.release.outputs.release_created }} + version: ${{ steps.release.outputs.version }} run: | tags="" - if [[ "$is_release" = 'true' ]]; then + if [[ "$release_created" = 'true' ]]; then tags="type=semver,pattern={{version}},value=$version type=semver,pattern={{major}},value=$version type=semver,pattern={{major}}.{{minor}},value=$version" diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 5bd7fe6..5332e68 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -64,3 +64,7 @@ repos: rev: v4.1.0 hooks: - id: commitizen + - repo: https://github.com/hadolint/hadolint + rev: v2.12.0 + hooks: + - id: hadolint diff --git a/tox.ini b/tox.ini index 681def5..cd8a98b 100644 --- a/tox.ini +++ b/tox.ini @@ -5,11 +5,7 @@ envlist = py313 minversion = 4.21.2 -[testenv] -description = set index urls - [testenv:lint] -description = run linters and formatters deps = ruff mypy @@ -17,3 +13,17 @@ commands = ruff format ruff check mypy . + +[testenv] +deps = + coverage + pytest +commands = + coverage run -m pytest . --junitxml="junittest.xml" + coverage report -m --fail-under 90 + coverage xml + +[coverage:run] +relative_files = True +source = app/ +branch = True