Merge pull request #58 from praw-dev/upgrade-tests

Upgrade tests

.github/workflows/ci.yml

@@ -1,95 +1,10 @@
 jobs:
-  complete_coveralls:
-    needs: test-multi-python
-    runs-on: ubuntu-latest
-    steps:
-    - name: Coveralls Finished
-      uses: coverallsapp/github-action@master
-      with:
-        github-token: ${{ secrets.GITHUB_TOKEN }}
-        parallel-finished: true
-  lint-multi-os:
-    name: Lint ${{ matrix.os }}
-    runs-on: ${{ matrix.os }}
-    steps:
-    - uses: actions/checkout@v2
-    - uses: actions/setup-python@v2
-      with:
-        python-version: 3.x
-    - uses: actions/cache@v1
-      with:
-        key: v0-${{ runner.os }}-pip-lint-${{ hashFiles('setup.py') }}
-        path: ~/.cache/pip
-        restore-keys: |
-          v0-${{ runner.os }}-pip-lint-
-          v0-${{ runner.os }}-pip-
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip==21.* setuptools wheel
-        pip install .[lint]
-    - name: Run pre-commit hooks
-      uses: pre-commit/[email protected]
-    strategy:
-      matrix:
-        os: [macOS-latest, ubuntu-latest, windows-latest]
-  test-multi-os:
-    name: Test ${{ matrix.os }}
-    runs-on: ${{ matrix.os }}
-    steps:
-    - uses: actions/checkout@v2
-    - uses: actions/setup-python@v2
-      with:
-        python-version: 3.x
-    - uses: actions/cache@v1
-      with:
-        key: v0-${{ runner.os }}-pip-test-${{ hashFiles('setup.py') }}
-        path: ~/.cache/pip
-        restore-keys: |
-          v0-${{ runner.os }}-pip-test-
-          v0-${{ runner.os }}-pip-
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install https://github.com/LilSpazJoekp/vcrpy/archive/asyncpraw.zip
-        pip install .[test]
-        pip install .[ci]
-    - name: Test with pytest
-      run: pytest
-    strategy:
-      matrix:
-        os: [macOS-latest, ubuntu-latest, windows-latest]
-  test-multi-python:
-    name: Test Python ${{ matrix.python-version }}
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v2
-    - uses: actions/setup-python@v2
-      with:
-        python-version: ${{ matrix.python-version }}
-    - uses: actions/cache@v1
-      with:
-        key: v0-${{ runner.os }}-pip-test-${{ hashFiles('setup.py') }}
-        path: ~/.cache/pip
-        restore-keys: |
-          v0-${{ runner.os }}-pip-test-
-          v0-${{ runner.os }}-pip-
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install https://github.com/LilSpazJoekp/vcrpy/archive/asyncpraw.zip
-        pip install .[test]
-        pip install .[ci]
-    - name: Test with pytest
-      run: coverage run --source asyncprawcore --module pytest
-    - env:
-        COVERALLS_PARALLEL: true
-        COVERALLS_REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      name: Submit to coveralls
-      run: coveralls --service=github
-    - name: Check coverage
-      run: coverage report -m --fail-under=100
-    strategy:
-      matrix:
-        python-version: [3.7, 3.8, 3.9, '3.10']
+  ci:
+    name: CI
+    secrets: inherit
+    uses: praw-dev/.github/.github/workflows/ci.yml@main
+    with:
+      package: asyncprawcore
 name: CI
-on: [pull_request, push]
+on: [ pull_request, push ]
+permissions: read-all

.github/workflows/codeql.yml

@@ -0,0 +1,31 @@
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'python' ]
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+        with:
+          category: "/language:${{matrix.language}}"
+name: "CodeQL"
+on:
+  push:
+    branches: [ "master" ]
+  pull_request:
+    branches: [ "master" ]
+  schedule:
+    - cron: 30 1 * * 6

.github/workflows/manual_tag_release.yml

@@ -0,0 +1,16 @@
+jobs:
+  manual_tag_release:
+    name: Manual Tag Release
+    secrets: inherit
+    uses: praw-dev/.github/.github/workflows/manual_tag_release.yml@main
+    with:
+      commit: ${{ inputs.commit }}
+name: Manual Tag Release
+on:
+  workflow_dispatch:
+    inputs:
+      commit:
+        description: The commit the version bump occurred
+        required: true
+permissions:
+  contents: write

.github/workflows/pre-commit_autoupdate.yml

@@ -0,0 +1,13 @@
+jobs:
+  pre-commit_autoupdate:
+    name: Update pre-commit hooks
+    secrets: inherit
+    uses: praw-dev/.github/.github/workflows/pre-commit_autoupdate.yml@main
+name: Update pre-commit hooks
+on:
+  schedule:
+    - cron: 0 15 * * 1
+  workflow_dispatch:
+permissions:
+  contents: read
+  pull-requests: write

.github/workflows/prepare_release.yml

@@ -1,47 +1,17 @@
 jobs:
   prepare_release:
-    name: Prepare Release v${{ github.event.inputs.version }}
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v2
-      with:
-        ssh-key: ${{ secrets.SSH_DEPLOY_KEY }}
-    - uses: actions/setup-python@v2
-      with:
-        python-version: 3.x
-    - name: Install dependencies
-      run: pip install packaging
-    - name: Prepare Git Variables
-      run: |
-        git config --global author.email ${{ github.actor }}@users.noreply.github.com
-        git config --global author.name ${{ github.actor }}
-        git config --global committer.email [email protected]
-        git config --global committer.name GitHub
-    - name: Set desired version
-      run: |
-        tools/set_version.py ${{ github.event.inputs.version }} > tmp_version
-        echo "version=$(cat tmp_version)" >> $GITHUB_ENV
-    - name: Commit desired version
-      run: git commit -am "Bump to v${{ env.version }}"
-    - name: Set development version
-      run: |
-        tools/set_version.py Unreleased > tmp_version
-        echo "dev_version=$(cat tmp_version)" >> $GITHUB_ENV
-        rm tmp_version
-    - name: Commit development version
-      run: git commit -am "Set development version v${{ env.dev_version }}"
-    - name: Create Pull Request
-      uses: peter-evans/create-pull-request@v3
-      with:
-        body:
-        branch: prepare_release_v${{ env.version }}
-        draft: false
-        title: Release v${{ env.version }}
-
+    name: Prepare Release
+    secrets: inherit
+    uses: praw-dev/.github/.github/workflows/prepare_release.yml@main
+    with:
+      version: ${{ inputs.version }}
 name: Prepare Release
 on:
   workflow_dispatch:
     inputs:
       version:
-        description: 'The version to prepare for release'
+        description: The version to prepare for release
         required: true
+permissions:
+  contents: read
+  pull-requests: write

.github/workflows/pypi.yml

@@ -1,24 +1,11 @@
 jobs:
-  release:
-    name: Build and release
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v2
-    - uses: actions/setup-python@v2
-      with:
-        python-version: '3.x'
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install setuptools wheel twine
-    - env:
-        TWINE_USERNAME: __token__
-        TWINE_PASSWORD: ${{ secrets.PYPI_TOKEN }}
-      name: Build and release
-      run: |
-        python setup.py sdist bdist_wheel
-        twine upload dist/*
+  pypi:
+    name: Upload Python Package
+    secrets: inherit
+    uses: praw-dev/.github/.github/workflows/pypi.yml@main
 name: Upload Python Package
 on:
   release:
-    types: [published]
+    types: [ published ]
+permissions:
+  contents: read

.github/workflows/scorecards-analysis.yml

@@ -0,0 +1,39 @@
+jobs:
+  analysis:
+    name: Scorecards analysis
+    permissions:
+      actions: read
+      contents: read
+      id-token: write
+      security-events: write
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0
+        with:
+          persist-credentials: false
+      - name: Run analysis
+        uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2
+        with:
+          results_file: results.sarif
+          results_format: sarif
+          repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
+          publish_results: true
+      - name: Upload artifact
+        uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # v3.1.1
+        with:
+          name: SARIF file
+          path: results.sarif
+          retention-days: 5
+      - name: Upload to code-scanning
+        uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # v1.0.26
+        with:
+          sarif_file: results.sarif
+name: Scorecards supply-chain security
+on:
+  branch_protection_rule:
+  push:
+    branches: [ main ]
+  schedule:
+    - cron: 30 1 * * 6
+permissions: read-all

.github/workflows/tag_release.yml

@@ -1,43 +1,11 @@
 jobs:
-  release_tag:
-    if: "startsWith(github.event.head_commit.message, 'Merge pull request #') && contains(github.event.head_commit.message, ' from praw-dev/prepare_release_v')"
+  tag_release:
     name: Tag Release
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v2
-      with:
-        fetch-depth: 3
-        ssh-key: ${{ secrets.SSH_DEPLOY_KEY }}
-    - uses: actions/setup-python@v2
-      with:
-        python-version: 3.x
-    - name: Install dependencies
-      run: pip install packaging docutils
-    - name: Extract Version
-      run: |
-        git checkout HEAD^2^
-        echo "commit=$(git rev-parse HEAD)" >> $GITHUB_ENV
-        git log --format=%B -n 1 | ./tools/bump_version.py > tmp_version
-        echo "version=$(cat tmp_version)" >> $GITHUB_ENV
-        cat tmp_version | python -c 'import sys; from packaging import version; print(int(version.Version(sys.stdin.readline()).is_prerelease))' > tmp_is_prerelease
-        echo "is_prerelease=$(cat tmp_is_prerelease)" >> $GITHUB_ENV
-    - name: Extract Change Log
-      run: |
-        echo ${{ env.version }} | ./tools/extract_log_entry.py > version_changelog
-    - env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      name: Create GitHub Release
-      uses: actions/create-release@v1
-      with:
-        body_path: version_changelog
-        commitish: ${{ env.commit }}
-        draft: true
-        prerelease: ${{ env.is_prerelease == '1' }}
-        release_name: v${{ env.version }}
-        tag_name: v${{ env.version }}
+    secrets: inherit
+    uses: praw-dev/.github/.github/workflows/tag_release.yml@main
 name: Tag Release
 on:
   push:
-    branches:
-      - main
-      - release_test
+    branches: [ main, release_test ]
+permissions:
+  contents: write

.pre-commit-config.yaml

@@ -1,41 +1,41 @@
 repos:
+
   - repo: https://github.com/pre-commit/pre-commit-hooks
     hooks:
       - id: end-of-file-fixer
         exclude: .*\.txt
-    rev: v4.1.0
+    rev: v4.4.0
 
   - repo: https://github.com/psf/black
     hooks:
       - id: black
-    rev: 22.1.0
+    rev: 23.7.0
 
   - repo: https://github.com/LilSpazJoekp/docstrfmt
     hooks:
       - id: docstrfmt
-        require_serial: true
-    rev: v1.4.4
+    rev: v1.5.1
 
   - repo: https://github.com/pycqa/flake8
     hooks:
       - id: flake8
-    rev: 4.0.1
+    rev: 6.1.0
 
   - repo: https://github.com/ikamensh/flynt/
     hooks:
       - id: flynt
         args:
           - '-ll'
           - '1000'
-    rev: '0.76'
+    rev: '1.0.1'
 
   - repo: https://github.com/pycqa/isort
     hooks:
       - id: isort
-    rev: 5.10.1
+    rev: 5.12.0
 
   - repo: https://github.com/pycqa/pydocstyle
     hooks:
       - id: pydocstyle
-        files: prawcore/.*
-    rev: 6.1.1
+        files: asyncprawcore/.*
+    rev: 6.3.0