From 18ecf4e23566492f35c74f759daa9b716ddcbbf2 Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 19:19:21 +0000 Subject: [PATCH 01/25] create single workflow for build, test, publish --- .../{run_pytest.yml => build_and_publish.yml} | 0 .github/workflows/codeql.yml | 128 +++++++++--------- 2 files changed, 64 insertions(+), 64 deletions(-) rename .github/workflows/{run_pytest.yml => build_and_publish.yml} (100%) diff --git a/.github/workflows/run_pytest.yml b/.github/workflows/build_and_publish.yml similarity index 100% rename from .github/workflows/run_pytest.yml rename to .github/workflows/build_and_publish.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 63eae77..8a4c60b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,75 +1,75 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -# -# ******** NOTE ******** -# We have attempted to detect the languages in your repository. Please check -# the `language` matrix defined below to confirm you have the correct set of -# supported CodeQL languages. -# -name: "CodeQL" +# # For most projects, this workflow file will not need changing; you simply need +# # to commit it to your repository. +# # +# # You may wish to alter this file to override the set of languages analyzed, +# # or to provide custom queries or build logic. +# # +# # ******** NOTE ******** +# # We have attempted to detect the languages in your repository. Please check +# # the `language` matrix defined below to confirm you have the correct set of +# # supported CodeQL languages. +# # +# name: "CodeQL" -on: - push: - branches: ["*", "*/*"] - pull_request: - # The branches below must be a subset of the branches above - branches: ["*", "*/*"] - schedule: - - cron: "43 4 * * 3" +# on: +# push: +# branches: ["*", "*/*"] +# pull_request: +# # The branches below must be a subset of the branches above +# branches: ["*", "*/*"] +# schedule: +# - cron: "43 4 * * 3" -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write +# jobs: +# analyze: +# name: Analyze +# runs-on: ubuntu-latest +# permissions: +# actions: read +# contents: read +# security-events: write - strategy: - fail-fast: false - matrix: - language: ["python"] - # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] - # Use only 'java' to analyze code written in Java, Kotlin or both - # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both - # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support +# strategy: +# fail-fast: false +# matrix: +# language: ["python"] +# # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] +# # Use only 'java' to analyze code written in Java, Kotlin or both +# # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both +# # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support - steps: - - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 +# steps: +# - name: Checkout repository +# uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. +# # Initializes the CodeQL tools for scanning. +# - name: Initialize CodeQL +# uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 +# with: +# languages: ${{ matrix.language }} +# # If you wish to specify custom queries, you can do so here or in a config file. +# # By default, queries listed here will override any specified in a config file. +# # Prefix the list here with "+" to use these queries and those in the config file. - # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs - # queries: security-extended,security-and-quality +# # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs +# # queries: security-extended,security-and-quality - # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 +# # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). +# # If this step fails, then you should remove it and run the build manually (see below) +# - name: Autobuild +# uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun +# # ℹī¸ Command-line programs to run using the OS shell. +# # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - # If the Autobuild fails above, remove it and uncomment the following three lines. - # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. +# # If the Autobuild fails above, remove it and uncomment the following three lines. +# # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. - # - run: | - # echo "Run, Build Application using script" - # ./location_of_script_within_repo/buildscript.sh +# # - run: | +# # echo "Run, Build Application using script" +# # ./location_of_script_within_repo/buildscript.sh - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 - with: - category: "/language:${{matrix.language}}" \ No newline at end of file +# - name: Perform CodeQL Analysis +# uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 +# with: +# category: "/language:${{matrix.language}}" \ No newline at end of file From f8f4a521a01f36632f84a7283a60af9c4cd62c15 Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 19:20:27 +0000 Subject: [PATCH 02/25] add codeql --- .github/workflows/build_and_publish.yml | 52 +++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 94a513b..1fe18b1 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -9,6 +9,58 @@ on: - main jobs: + codeql: + name: "CodeQL" + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + strategy: + fail-fast: false + matrix: + language: ["python"] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] + # Use only 'java' to analyze code written in Java, Kotlin or both + # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both + # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support + + steps: + - name: Checkout repository + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 + with: + category: "/language:${{matrix.language}}" + test: strategy: matrix: From 1acaa9acaa5ba43bb7a2b3c5850d8ae0a263806b Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 19:47:13 +0000 Subject: [PATCH 03/25] chore: Update GitHub Actions workflow to include publishing step --- .github/workflows/build_and_publish.yml | 57 ++++++++++++++++++++++++- poetry.lock | 2 +- pyproject.toml | 8 ++-- 3 files changed, 62 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 1fe18b1..585f394 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -8,6 +8,10 @@ on: branches: - main +permissions: # Global permissions configuration starts here + contents: read # 'read' access to repository contents + pull-requests: read # 'write' access to pull requests + jobs: codeql: name: "CodeQL" @@ -102,4 +106,55 @@ jobs: # - name: Upload coverage reports to Codecov # uses: codecov/codecov-action@0cfda1dd0a4ad9efc75517f399d859cd1ea4ced1 # v4 # env: - # CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} \ No newline at end of file + # CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} + + publish: + needs: [test, codeql] + runs-on: ubuntu-latest + environment: + name: 'published' + permissions: # Job-level permissions configuration starts here + contents: write # 'write' access to repository contents + pull-requests: write # 'write' access to pull requests + steps: + - uses: actions/checkout@v2 + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: 3.12 + - name: Install OS dependencies for snok/install-poetry + run: | + DEBIAN_FRONTEND=noninteractive apt update + DEBIAN_FRONTEND=noninteractive apt install curl sqlite3 -y + - uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1 + with: + version: 1.8.3 # pin the version as they keep changing their APIs + virtualenvs-create: false + virtualenvs-in-project: false + - name: Install dependencies + run: | + python -m venv venv + . venv/bin/activate + poetry install --with dev --no-interaction --sync + python -c "import os; print(os.environ['VIRTUAL_ENV'])" + - name: Bump version + run: poetry version minor + - name: Commit changes + run: | + git config --local user.email "github-actions[bot]@users.noreply.github.com" + git config --local user.name "github-actions[bot]" + git commit -am "Bump version" + - name: Push changes + uses: ad-m/github-push-action@master + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + - name: Build + run: poetry build + - name: Use Pypi test + run: | + poetry config repositories.test-pypi https://test.pypi.org/legacy/ + poetry config pypi-token.test-pypi ${{ secrets.PYPI_TOKEN }} + - name: Publish + run: poetry publish -r test-pypi + + \ No newline at end of file diff --git a/poetry.lock b/poetry.lock index 5e12832..ca523cb 100644 --- a/poetry.lock +++ b/poetry.lock @@ -636,4 +636,4 @@ zstd = ["zstandard (>=0.18.0)"] [metadata] lock-version = "2.0" python-versions = "^3.12" -content-hash = "fde15ee212edd38aa2ee251a58533dcb2022d9ed632c8790602cdad2b3c0bc5f" +content-hash = "34842efbdeed2743df2ee59132ca8c52bfe471b1fd0eab814be3202ae812d27b" diff --git a/pyproject.toml b/pyproject.toml index a0e1777..93dfca3 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,15 +1,17 @@ [tool.poetry] name = "pydantic-tfl-api" -version = "0.1.0" +version = "0.1.1a0" description = "A Pydantic-based wrapper for the TfL Unified API https://api.tfl.gov.uk/. Not associated with or endorsed by TfL." authors = ["Rob Aleck "] license = "MIT" readme = "README.md" +homepage = "https://github.com/mnbf9rca/pydantic_tfl_api" +repository = "https://github.com/mnbf9rca/pydantic_tfl_api" [tool.poetry.dependencies] python = "^3.12" -pydantic = "^2.8.2" -requests = "^2.32.3" +pydantic = ">=2.8.2" +requests = ">=2.32.3" [tool.poetry.group.dev.dependencies] black = "^24.4.2" From b9581e35d526eb6f13d3d56010d7e3dd0080fff4 Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 19:56:16 +0000 Subject: [PATCH 04/25] sudo work? --- .github/workflows/build_and_publish.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 585f394..10cd283 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -111,6 +111,7 @@ jobs: publish: needs: [test, codeql] runs-on: ubuntu-latest + container: ubuntu:latest@sha256:2e863c44b718727c860746568e1d54afd13b2fa71b160f5cd9058fc436217b30 environment: name: 'published' permissions: # Job-level permissions configuration starts here @@ -124,8 +125,8 @@ jobs: python-version: 3.12 - name: Install OS dependencies for snok/install-poetry run: | - DEBIAN_FRONTEND=noninteractive apt update - DEBIAN_FRONTEND=noninteractive apt install curl sqlite3 -y + DEBIAN_FRONTEND=noninteractive sudo apt update + DEBIAN_FRONTEND=noninteractive sudo apt install curl sqlite3 -y - uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1 with: version: 1.8.3 # pin the version as they keep changing their APIs From fef8d0395fc8299251b041a8f5d96034efc3c7cc Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 20:00:32 +0000 Subject: [PATCH 05/25] chore: Update GitHub Actions workflow to remove unnecessary container specification and use package manager for OS dependencies --- .github/workflows/build_and_publish.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 10cd283..585f394 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -111,7 +111,6 @@ jobs: publish: needs: [test, codeql] runs-on: ubuntu-latest - container: ubuntu:latest@sha256:2e863c44b718727c860746568e1d54afd13b2fa71b160f5cd9058fc436217b30 environment: name: 'published' permissions: # Job-level permissions configuration starts here @@ -125,8 +124,8 @@ jobs: python-version: 3.12 - name: Install OS dependencies for snok/install-poetry run: | - DEBIAN_FRONTEND=noninteractive sudo apt update - DEBIAN_FRONTEND=noninteractive sudo apt install curl sqlite3 -y + DEBIAN_FRONTEND=noninteractive apt update + DEBIAN_FRONTEND=noninteractive apt install curl sqlite3 -y - uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1 with: version: 1.8.3 # pin the version as they keep changing their APIs From 2992d62249a8e00df00b5261d2f898bcf21e801a Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 20:10:26 +0000 Subject: [PATCH 06/25] reuse workflows? --- .github/workflows/build_and_publish.yml | 103 ++----------------- .github/workflows/codeql.yml | 127 ++++++++++++------------ .github/workflows/dependency-review.yml | 4 +- .github/workflows/test-workflow.yml | 54 ++++++++++ 4 files changed, 127 insertions(+), 161 deletions(-) create mode 100644 .github/workflows/test-workflow.yml diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 585f394..923beaf 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -1,9 +1,6 @@ name: Python package on: - push: - branches-ignore: - - main pull_request: branches: - main @@ -14,102 +11,16 @@ permissions: # Global permissions configuration starts here jobs: codeql: - name: "CodeQL" - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - strategy: - fail-fast: false - matrix: - language: ["python"] - # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] - # Use only 'java' to analyze code written in Java, Kotlin or both - # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both - # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support - - steps: - - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - - # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs - # queries: security-extended,security-and-quality - - # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - - # If the Autobuild fails above, remove it and uncomment the following three lines. - # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. - - # - run: | - # echo "Run, Build Application using script" - # ./location_of_script_within_repo/buildscript.sh - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 - with: - category: "/language:${{matrix.language}}" + uses: ./.github/workflows/codeql.yml test: - strategy: - matrix: - python-version: ["3.12"] - runs-on: ubuntu-latest - container: ubuntu:latest@sha256:2e863c44b718727c860746568e1d54afd13b2fa71b160f5cd9058fc436217b30 - steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5 - with: - python-version: ${{ matrix.python-version }} - - name: Install OS dependencies for snok/install-poetry - run: | - DEBIAN_FRONTEND=noninteractive apt update - DEBIAN_FRONTEND=noninteractive apt install curl sqlite3 -y - - uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1 - with: - version: 1.8.3 # pin the version as they keep changing their APIs - virtualenvs-create: false - virtualenvs-in-project: false - - name: Install dependencies - run: | - python -m venv venv - . venv/bin/activate - poetry install --with dev --no-interaction --sync - python -c "import os; print(os.environ['VIRTUAL_ENV'])" - - name: Lint with flake8 - run: | - . venv/bin/activate - # stop the build if there are Python syntax errors or undefined names - flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics - # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide - flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics - - name: Test with pytest - run: | - . venv/bin/activate - pytest --cov pydantic_tfl_api --cov-report=xml - # - name: Upload coverage reports to Codecov - # uses: codecov/codecov-action@0cfda1dd0a4ad9efc75517f399d859cd1ea4ced1 # v4 - # env: - # CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - + uses: ./.github/workflows/test-workflow.yml + + dependency-review: + uses: ./.github/workflows/dependency-review.yml + publish: - needs: [test, codeql] + needs: [test, codeql, dependency-review] runs-on: ubuntu-latest environment: name: 'published' diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 8a4c60b..f911928 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,75 +1,74 @@ -# # For most projects, this workflow file will not need changing; you simply need -# # to commit it to your repository. -# # -# # You may wish to alter this file to override the set of languages analyzed, -# # or to provide custom queries or build logic. -# # -# # ******** NOTE ******** -# # We have attempted to detect the languages in your repository. Please check -# # the `language` matrix defined below to confirm you have the correct set of -# # supported CodeQL languages. -# # -# name: "CodeQL" +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL" -# on: -# push: -# branches: ["*", "*/*"] -# pull_request: -# # The branches below must be a subset of the branches above -# branches: ["*", "*/*"] -# schedule: -# - cron: "43 4 * * 3" +on: + workflow_call: + pull_request: + branches: + - main + schedule: + - cron: "43 4 * * 3" -# jobs: -# analyze: -# name: Analyze -# runs-on: ubuntu-latest -# permissions: -# actions: read -# contents: read -# security-events: write +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write -# strategy: -# fail-fast: false -# matrix: -# language: ["python"] -# # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] -# # Use only 'java' to analyze code written in Java, Kotlin or both -# # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both -# # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support + strategy: + fail-fast: false + matrix: + language: ["python"] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] + # Use only 'java' to analyze code written in Java, Kotlin or both + # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both + # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support -# steps: -# - name: Checkout repository -# uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + steps: + - name: Checkout repository + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 -# # Initializes the CodeQL tools for scanning. -# - name: Initialize CodeQL -# uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 -# with: -# languages: ${{ matrix.language }} -# # If you wish to specify custom queries, you can do so here or in a config file. -# # By default, queries listed here will override any specified in a config file. -# # Prefix the list here with "+" to use these queries and those in the config file. + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. -# # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs -# # queries: security-extended,security-and-quality + # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality -# # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). -# # If this step fails, then you should remove it and run the build manually (see below) -# - name: Autobuild -# uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 + # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 -# # ℹī¸ Command-line programs to run using the OS shell. -# # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun -# # If the Autobuild fails above, remove it and uncomment the following three lines. -# # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. -# # - run: | -# # echo "Run, Build Application using script" -# # ./location_of_script_within_repo/buildscript.sh + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh -# - name: Perform CodeQL Analysis -# uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 -# with: -# category: "/language:${{matrix.language}}" \ No newline at end of file + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3 + with: + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 7ab50fd..8e31bf4 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -5,7 +5,9 @@ # Source repository: https://github.com/actions/dependency-review-action # Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement name: 'Dependency Review' -on: [pull_request] +on: + workflow_call: + pull_request: permissions: contents: read diff --git a/.github/workflows/test-workflow.yml b/.github/workflows/test-workflow.yml new file mode 100644 index 0000000..3bcffaf --- /dev/null +++ b/.github/workflows/test-workflow.yml @@ -0,0 +1,54 @@ +name: Python package + +on: + workflow_call: + pull_request: + + +permissions: # Global permissions configuration starts here + contents: read # 'read' access to repository contents + pull-requests: read # 'write' access to pull requests + +jobs: + test: + strategy: + matrix: + python-version: ["3.12"] + runs-on: ubuntu-latest + container: ubuntu:latest@sha256:2e863c44b718727c860746568e1d54afd13b2fa71b160f5cd9058fc436217b30 + steps: + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5 + with: + python-version: ${{ matrix.python-version }} + - name: Install OS dependencies for snok/install-poetry + run: | + DEBIAN_FRONTEND=noninteractive apt update + DEBIAN_FRONTEND=noninteractive apt install curl sqlite3 -y + - uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1 + with: + version: 1.8.3 # pin the version as they keep changing their APIs + virtualenvs-create: false + virtualenvs-in-project: false + - name: Install dependencies + run: | + python -m venv venv + . venv/bin/activate + poetry install --with dev --no-interaction --sync + python -c "import os; print(os.environ['VIRTUAL_ENV'])" + - name: Lint with flake8 + run: | + . venv/bin/activate + # stop the build if there are Python syntax errors or undefined names + flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics + # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide + flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics + - name: Test with pytest + run: | + . venv/bin/activate + pytest --cov pydantic_tfl_api --cov-report=xml + # - name: Upload coverage reports to Codecov + # uses: codecov/codecov-action@0cfda1dd0a4ad9efc75517f399d859cd1ea4ced1 # v4 + # env: + # CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} From dea9fb77be761d285f523697d647e4ad4bddb389 Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 20:13:49 +0000 Subject: [PATCH 07/25] chore: Update GitHub Actions workflows to remove unnecessary container specifications and use package manager for OS dependencies --- .github/workflows/build_and_publish.yml | 2 -- .github/workflows/codeql.yml | 4 ++-- .github/workflows/dependency-review.yml | 4 +++- .github/workflows/test-workflow.yml | 4 +++- 4 files changed, 8 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 923beaf..5b2838b 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -2,8 +2,6 @@ name: Python package on: pull_request: - branches: - - main permissions: # Global permissions configuration starts here contents: read # 'read' access to repository contents diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f911928..92e67f9 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -13,8 +13,8 @@ name: "CodeQL" on: workflow_call: - pull_request: - branches: + push: + branches-ignore: - main schedule: - cron: "43 4 * * 3" diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 8e31bf4..2b65c23 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -7,7 +7,9 @@ name: 'Dependency Review' on: workflow_call: - pull_request: + push: + branches-ignore: + - main permissions: contents: read diff --git a/.github/workflows/test-workflow.yml b/.github/workflows/test-workflow.yml index 3bcffaf..e22727e 100644 --- a/.github/workflows/test-workflow.yml +++ b/.github/workflows/test-workflow.yml @@ -2,7 +2,9 @@ name: Python package on: workflow_call: - pull_request: + push: + branches-ignore: + - main permissions: # Global permissions configuration starts here From 38130f09d2cab3bd314555b9c96b75a838a36159 Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 20:16:06 +0000 Subject: [PATCH 08/25] dependency review must be on a pr --- .github/workflows/dependency-review.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 2b65c23..afa0b91 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -7,9 +7,6 @@ name: 'Dependency Review' on: workflow_call: - push: - branches-ignore: - - main permissions: contents: read From f213fe6204802418d5c258e73df784d14f234a5a Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 20:16:25 +0000 Subject: [PATCH 09/25] add permissions for nested workflow codeql --- .github/workflows/build_and_publish.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 5b2838b..f31a0f0 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -9,12 +9,16 @@ permissions: # Global permissions configuration starts here jobs: codeql: + permissions: + actions: read + contents: read + security-events: write uses: ./.github/workflows/codeql.yml test: uses: ./.github/workflows/test-workflow.yml - dependency-review: + dependency-review: uses: ./.github/workflows/dependency-review.yml publish: From 47bb5e4e0da3f71219fd55c53e7bf3441d41a3d9 Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 20:21:10 +0000 Subject: [PATCH 10/25] remove global permissions? --- .github/workflows/build_and_publish.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index f31a0f0..99413f6 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -3,9 +3,9 @@ name: Python package on: pull_request: -permissions: # Global permissions configuration starts here - contents: read # 'read' access to repository contents - pull-requests: read # 'write' access to pull requests +# permissions: # Global permissions configuration starts here +# contents: read # 'read' access to repository contents +# pull-requests: read # 'write' access to pull requests jobs: codeql: From 888404189cdd853dc1193a48ce2b0277fdd883ef Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 20:45:12 +0000 Subject: [PATCH 11/25] add gh cli to container --- .devcontainer/devcontainer.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 0123613..410b743 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -5,7 +5,9 @@ // Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile "image": "mcr.microsoft.com/devcontainers/python:1-3.12-bullseye", "features": { - "ghcr.io/devcontainers-contrib/features/poetry:2": {} + "ghcr.io/devcontainers-contrib/features/poetry:2": {}, + "ghcr.io/devcontainers/features/github-cli:1": {} + } // Features to add to the dev container. More info: https://containers.dev/features. From 8262380af7a696bc39e6866961e1440e2fd24936 Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 20:45:33 +0000 Subject: [PATCH 12/25] do we need curl? --- .github/workflows/build_and_publish.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 99413f6..bde15da 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -8,12 +8,12 @@ on: # pull-requests: read # 'write' access to pull requests jobs: - codeql: - permissions: - actions: read - contents: read - security-events: write - uses: ./.github/workflows/codeql.yml + # codeql: + # permissions: + # actions: read + # contents: read + # security-events: write + # uses: ./.github/workflows/codeql.yml test: uses: ./.github/workflows/test-workflow.yml @@ -30,15 +30,15 @@ jobs: contents: write # 'write' access to repository contents pull-requests: write # 'write' access to pull requests steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Set up Python - uses: actions/setup-python@v2 + uses: actions/setup-python@v5 with: python-version: 3.12 - - name: Install OS dependencies for snok/install-poetry - run: | - DEBIAN_FRONTEND=noninteractive apt update - DEBIAN_FRONTEND=noninteractive apt install curl sqlite3 -y + # - name: Install OS dependencies for snok/install-poetry + # run: | + # DEBIAN_FRONTEND=noninteractive apt update + # DEBIAN_FRONTEND=noninteractive apt install curl sqlite3 -y - uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1 with: version: 1.8.3 # pin the version as they keep changing their APIs From a939a38723d301307e0f8a28967950673c276d88 Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 20:46:25 +0000 Subject: [PATCH 13/25] no codeql --- .github/workflows/build_and_publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index bde15da..4c1ed95 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -22,7 +22,7 @@ jobs: uses: ./.github/workflows/dependency-review.yml publish: - needs: [test, codeql, dependency-review] + needs: [test, dependency-review] # codeql, runs-on: ubuntu-latest environment: name: 'published' From 9aeb794fe6822c5384cd1ff5ed8c8506ddf7605f Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 20:49:29 +0000 Subject: [PATCH 14/25] try and push changes to local pr --- .github/workflows/build_and_publish.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 4c1ed95..7307fed 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -60,7 +60,8 @@ jobs: - name: Push changes uses: ad-m/github-push-action@master with: - github_token: ${{ secrets.GITHUB_TOKEN }} + # github_token: ${{ secrets.GITHUB_TOKEN }} + branch: ${{ github.head_ref }} - name: Build run: poetry build - name: Use Pypi test From adc95f9f485bee91776332eb6aeb288f0ca3504d Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 20:53:53 +0000 Subject: [PATCH 15/25] only add pyproject.toml --- .github/workflows/build_and_publish.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 7307fed..825c968 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -56,7 +56,8 @@ jobs: run: | git config --local user.email "github-actions[bot]@users.noreply.github.com" git config --local user.name "github-actions[bot]" - git commit -am "Bump version" + git add pyproject.toml + git commit -m "Bump version" - name: Push changes uses: ad-m/github-push-action@master with: From 3602478f815e3f1f80985582a693ccec982867d5 Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 20:58:15 +0000 Subject: [PATCH 16/25] try different action --- .github/workflows/build_and_publish.yml | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 825c968..56de5c0 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -52,16 +52,20 @@ jobs: python -c "import os; print(os.environ['VIRTUAL_ENV'])" - name: Bump version run: poetry version minor - - name: Commit changes - run: | - git config --local user.email "github-actions[bot]@users.noreply.github.com" - git config --local user.name "github-actions[bot]" - git add pyproject.toml - git commit -m "Bump version" - - name: Push changes - uses: ad-m/github-push-action@master + # - name: Commit changes + # run: | + # git config --local user.email "github-actions[bot]@users.noreply.github.com" + # git config --local user.name "github-actions[bot]" + # git add pyproject.toml + # git commit -m "Bump version" + # - name: Push changes + # uses: ad-m/github-push-action@master + # with: + # # github_token: ${{ secrets.GITHUB_TOKEN }} + - name: Commit & Push changes + uses: actions-js/push@master with: - # github_token: ${{ secrets.GITHUB_TOKEN }} + github_token: ${{ secrets.GITHUB_TOKEN }} branch: ${{ github.head_ref }} - name: Build run: poetry build From 36d7e8d726f132300b631dd796089216b52e0d43 Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 21:02:32 +0000 Subject: [PATCH 17/25] rebase:true --- .github/workflows/build_and_publish.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 56de5c0..4370ec9 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -67,6 +67,7 @@ jobs: with: github_token: ${{ secrets.GITHUB_TOKEN }} branch: ${{ github.head_ref }} + rebase: true - name: Build run: poetry build - name: Use Pypi test From 83a031e4704ab677dcbfb657b53c1e6428cc021c Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 21:07:19 +0000 Subject: [PATCH 18/25] bump and commit --- .github/workflows/build_and_publish.yml | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 4370ec9..a841a8f 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -51,7 +51,11 @@ jobs: poetry install --with dev --no-interaction --sync python -c "import os; print(os.environ['VIRTUAL_ENV'])" - name: Bump version - run: poetry version minor + run: | + poetry version minor + git add pyproject.toml + git commit -m "bump version from workflow" + git push # - name: Commit changes # run: | # git config --local user.email "github-actions[bot]@users.noreply.github.com" @@ -62,12 +66,12 @@ jobs: # uses: ad-m/github-push-action@master # with: # # github_token: ${{ secrets.GITHUB_TOKEN }} - - name: Commit & Push changes - uses: actions-js/push@master - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - branch: ${{ github.head_ref }} - rebase: true + # - name: Commit & Push changes + # uses: actions-js/push@master + # with: + # github_token: ${{ secrets.GITHUB_TOKEN }} + # branch: ${{ github.head_ref }} + # rebase: true - name: Build run: poetry build - name: Use Pypi test From 7411640dd7924487cdd82a3b3441b8270b9f7aa7 Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 21:09:36 +0000 Subject: [PATCH 19/25] fetch-depth: 2 --- .github/workflows/build_and_publish.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index a841a8f..55d60d8 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -31,6 +31,8 @@ jobs: pull-requests: write # 'write' access to pull requests steps: - uses: actions/checkout@v4 + with: + fetch-depth: 2 - name: Set up Python uses: actions/setup-python@v5 with: @@ -52,10 +54,10 @@ jobs: python -c "import os; print(os.environ['VIRTUAL_ENV'])" - name: Bump version run: | - poetry version minor - git add pyproject.toml - git commit -m "bump version from workflow" - git push + poetry version minor + git add pyproject.toml + git commit -m "bump version from workflow" + git push # - name: Commit changes # run: | # git config --local user.email "github-actions[bot]@users.noreply.github.com" From 767d3784f5b22cc38157adf1424d94787ebf2c29 Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 21:12:55 +0000 Subject: [PATCH 20/25] set authro --- .github/workflows/build_and_publish.yml | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 55d60d8..842426a 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -55,25 +55,11 @@ jobs: - name: Bump version run: | poetry version minor + git config --local user.email "github-actions[bot]@users.noreply.github.com" + git config --local user.name "github-actions[bot]" git add pyproject.toml git commit -m "bump version from workflow" git push - # - name: Commit changes - # run: | - # git config --local user.email "github-actions[bot]@users.noreply.github.com" - # git config --local user.name "github-actions[bot]" - # git add pyproject.toml - # git commit -m "Bump version" - # - name: Push changes - # uses: ad-m/github-push-action@master - # with: - # # github_token: ${{ secrets.GITHUB_TOKEN }} - # - name: Commit & Push changes - # uses: actions-js/push@master - # with: - # github_token: ${{ secrets.GITHUB_TOKEN }} - # branch: ${{ github.head_ref }} - # rebase: true - name: Build run: poetry build - name: Use Pypi test From e4c30169e198924993ecb57dae9320ec02b07ed0 Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 21:15:32 +0000 Subject: [PATCH 21/25] ${{ github.head_ref }} --- .github/workflows/build_and_publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 842426a..11d9aae 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -59,7 +59,7 @@ jobs: git config --local user.name "github-actions[bot]" git add pyproject.toml git commit -m "bump version from workflow" - git push + git push origin HEAD:${{ github.head_ref }} - name: Build run: poetry build - name: Use Pypi test From 7e0f8a4caf112295656c516eac8c9bb50f87eb0c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 9 Jul 2024 21:17:21 +0000 Subject: [PATCH 22/25] bump version from workflow --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 93dfca3..3d1c49c 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "pydantic-tfl-api" -version = "0.1.1a0" +version = "0.2.0" description = "A Pydantic-based wrapper for the TfL Unified API https://api.tfl.gov.uk/. Not associated with or endorsed by TfL." authors = ["Rob Aleck "] license = "MIT" From e55d6cc8d1653c09f3ebe5153ee5d919ab8d676d Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 21:21:30 +0000 Subject: [PATCH 23/25] deploy on merge --- .github/workflows/build_and_publish.yml | 20 ++++++++------------ .github/workflows/test-workflow.yml | 5 ----- 2 files changed, 8 insertions(+), 17 deletions(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 11d9aae..4347afd 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -1,19 +1,19 @@ name: Python package on: - pull_request: + merge: # permissions: # Global permissions configuration starts here # contents: read # 'read' access to repository contents # pull-requests: read # 'write' access to pull requests jobs: - # codeql: - # permissions: - # actions: read - # contents: read - # security-events: write - # uses: ./.github/workflows/codeql.yml + codeql: + permissions: + actions: read + contents: read + security-events: write + uses: ./.github/workflows/codeql.yml test: uses: ./.github/workflows/test-workflow.yml @@ -22,7 +22,7 @@ jobs: uses: ./.github/workflows/dependency-review.yml publish: - needs: [test, dependency-review] # codeql, + needs: [test, dependency-review, codeql] runs-on: ubuntu-latest environment: name: 'published' @@ -37,10 +37,6 @@ jobs: uses: actions/setup-python@v5 with: python-version: 3.12 - # - name: Install OS dependencies for snok/install-poetry - # run: | - # DEBIAN_FRONTEND=noninteractive apt update - # DEBIAN_FRONTEND=noninteractive apt install curl sqlite3 -y - uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1 with: version: 1.8.3 # pin the version as they keep changing their APIs diff --git a/.github/workflows/test-workflow.yml b/.github/workflows/test-workflow.yml index e22727e..141f11f 100644 --- a/.github/workflows/test-workflow.yml +++ b/.github/workflows/test-workflow.yml @@ -17,17 +17,12 @@ jobs: matrix: python-version: ["3.12"] runs-on: ubuntu-latest - container: ubuntu:latest@sha256:2e863c44b718727c860746568e1d54afd13b2fa71b160f5cd9058fc436217b30 steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5 with: python-version: ${{ matrix.python-version }} - - name: Install OS dependencies for snok/install-poetry - run: | - DEBIAN_FRONTEND=noninteractive apt update - DEBIAN_FRONTEND=noninteractive apt install curl sqlite3 -y - uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1 with: version: 1.8.3 # pin the version as they keep changing their APIs From 0628257cee320df4b6d44afe288fb9b20556c3ca Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 21:25:42 +0000 Subject: [PATCH 24/25] test has test name --- .github/workflows/codeql.yml | 2 +- .github/workflows/test-workflow.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 92e67f9..7463b03 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -9,7 +9,7 @@ # the `language` matrix defined below to confirm you have the correct set of # supported CodeQL languages. # -name: "CodeQL" +name: CodeQL on: workflow_call: diff --git a/.github/workflows/test-workflow.yml b/.github/workflows/test-workflow.yml index 141f11f..0380f67 100644 --- a/.github/workflows/test-workflow.yml +++ b/.github/workflows/test-workflow.yml @@ -1,4 +1,4 @@ -name: Python package +name: test package on: workflow_call: From 3bb5944fe60913842cf039b39daaef14407ac1ae Mon Sep 17 00:00:00 2001 From: Rob Aleck Date: Tue, 9 Jul 2024 21:34:08 +0000 Subject: [PATCH 25/25] run on push to main --- .github/workflows/build_and_publish.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml index 4347afd..8b456fd 100644 --- a/.github/workflows/build_and_publish.yml +++ b/.github/workflows/build_and_publish.yml @@ -1,7 +1,9 @@ -name: Python package +name: Publish the completed package to Pypi on: - merge: + push: + branches: + - main # permissions: # Global permissions configuration starts here # contents: read # 'read' access to repository contents