Skip to content

⬆️ Bump actions/upload-artifact from 4.6.0 to 4.6.1 #320

⬆️ Bump actions/upload-artifact from 4.6.0 to 4.6.1

⬆️ Bump actions/upload-artifact from 4.6.0 to 4.6.1 #320

Workflow file for this run

name: CI
branches: [ main ]
branches: [ main ]
python_cache_macOS_path: ~/Library/Caches/pip
python_cache_windows_path: ~\AppData\Local\pip\Cache
python_cache_ubuntu_path: ~/.cache/pip
pipenv_version: 2024.4.0
python_version: '3.11'
# Check that a news file has been added to this branch when a PR is created
name: Assert news files (See
runs-on: ubuntu-latest
# Checkout with full history for to allow compare with base branch
- uses: actions/checkout@v4
fetch-depth: 0
- uses: actions/setup-python@v5
python-version: ${{ env.python_version}}
- uses: FranzDiebold/github-env-vars-action@v2
- name: Load Python Dependencies from cache
uses: actions/cache@v4
path: ${{ env.python_cache_ubuntu_path }}
key: linux-pip-3-continuous-delivery-scripts
- name: Install CI/CD tools
run: |
python -m pip install --upgrade pip
python -m pip install continuous-delivery-scripts
python -m pip list
- name: Assert news
run: cd-assert-news -b ${CI_ACTION_REF_NAME}
GIT_TOKEN: ${{ secrets.GIT_SECRET }}
- name: Report failure if needed
if: ${{ failure() }}
run: |
echo "::error:: News file missing (See guide for details)."
name: Build Documentation
runs-on: ubuntu-latest
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
python-version: ${{ env.python_version}}
- name: Determine dependencies
# Note
# The below code generates a pip requirements file from the pipenv development requirements (also obtaining the
# normal dependencies from
# This code also forces the system to install latest tools as the ones present on the CI system may be too old
# for the process to go through properly.
# FIXME upgrade pipenv when is actually fixed
run: |
python -m pip install --upgrade pip wheel setuptools
python -m pip install pipenv==${{ env.pipenv_version }}
echo "Locking dependencies"
python -m pipenv lock
python -m pipenv requirements > dev-requirements.txt
- uses: FranzDiebold/github-env-vars-action@v2
- name: Load Python Dependencies from cache
uses: actions/cache@v4
path: ${{ env.python_cache_ubuntu_path }}
key: linux-pip-3-continuous-delivery-scripts
- name: Install dependencies
# Note
# As a virtual machine is already being used, pipenv
# is superfluous and eliminating pipenv in CI reduces overhead and reduce complexity, while retaining a single
# location for development dependencies.
run: |
python -m pip install -r dev-requirements.txt
python -m pip list
- name: Generate Documentation
run: |
cd-generate-docs --output_dir $(cd-get-config --key DOCUMENTATION_PRODUCTION_OUTPUT_PATH)
- name: Add copyright/licence notice.
run: |
name: Report licences in use (SPDX)
runs-on: ubuntu-latest
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
python-version: ${{ env.python_version}}
- name: Determine dependencies
# Note
# The below code generates a pip requirements file from the pipenv development requirements (also obtaining the
# normal dependencies from
# This code also forces the system to install latest tools as the ones present on the CI system may be too old
# for the process to go through properly.
# FIXME upgrade when is actually fixed
run: |
python -m pip install --upgrade pip wheel setuptools
python -m pip install pipenv==${{ env.pipenv_version }}
echo "Locking dependencies"
python -m pipenv lock
python -m pipenv requirements > dev-requirements.txt
- uses: FranzDiebold/github-env-vars-action@v2
- name: Load Python Dependencies from cache
uses: actions/cache@v4
path: ${{ env.python_cache_ubuntu_path }}
key: linux-pip-3-continuous-delivery-scripts
- name: Install dependencies
# Note
# As a virtual machine is already being used, pipenv
# is superfluous and eliminating pipenv in CI reduces overhead and reduce complexity, while retaining a single
# location for development dependencies.
run: |
python -m pip install -r dev-requirements.txt
python -m pip list
- name: Generate SPDX documents
run: |
mkdir -p ./spdx-tmp
cd-generate-spdx --output-dir ./spdx-tmp
- name: Add copyright/licence notice.
run: |
- uses: actions/upload-artifact@v4.6.1
name: spdx
path: ./spdx-tmp
name: Check for secrets
runs-on: ubuntu-latest
- uses: actions/setup-python@v5
python-version: ${{ env.python_version}}
- name: Install tools
run: |
python -m pip install --upgrade pip
python -m pip install detect-secrets==1.0.3
python -m pip list
- uses: actions/checkout@v4
fetch-depth: 0
# FIXME gitleaks requires now a licence
# - name: Check for secrets using gitleaks
# uses: zricethezav/gitleaks-action@master
# with:
# config-path: .gitleaks.toml
- name: Check for secrets using detect-secrets
run: |
git ls-files -z | xargs -0 detect-secrets-hook --baseline .secrets.baseline --exclude-files 'Pipfile\.lock$' --exclude-files '.*\.html$' --exclude-files '.*\.properties$' --exclude-files 'ci.yml' --exclude-files '\.git' --exclude-files '.*'
working-directory: .
fail-fast: false
os: [ubuntu-latest ] # FIXME add other platforms when much quicker macOS-latest, windows-latest]
python-version: ["3.8", "3.9", "3.10", "3.11"] # FIXME Test on later python versions, "3.12", "3.13"]
- ${{ github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch' }}
# include:
# - os: windows-latest
# cache_path: ${{ env.python_cache_windows_path }}
# - os: macOS-latest
# cache_path: ${{ env.python_cache_macOS_path }}
# - os: ubuntu-latest
# cache_path: ${{ env.python_cache_ubuntu_path }}
#FIXME run on every platform as on Linux when speed is equivalent
- os: macOS-latest
multi-platform: false
python-version: 3.11
# - os: windows-latest
# multi-platform: false
# python-version: 3.9
# exclude:
# - os: macOS-latest
# multi-platform: false
# - os: windows-latest
# multi-platform: false
name: Build and test
runs-on: ${{ matrix.os }}
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
python-version: ${{ matrix.python-version }}
- name: Install python tools
# This code forces the system to install latest tools as the ones present on the CI system may be too old
# for the process to go through properly.
run: |
python -m pip install --upgrade pip wheel setuptools
- if: ${{ startsWith(matrix.os, 'windows') }}
run: |
python -m pip install --upgrade pipenv
python -m pipenv -V
name: Install latest pipenv
- if: ${{ !startsWith(matrix.os, 'windows') }}
run: |
python -m pip install pipenv==${{ env.pipenv_version }}
name: Install a fixed version of pipenv [${{ env.pipenv_version }}]
- name: Determine dependencies [OS:${{ matrix.os }}, Python:${{ matrix.python-version }}]
# Note
# The below code generates a pip requirements file from the pipenv development requirements (also obtaining the
# normal dependencies from
run: |
python -m pipenv lock --dev
python -m pipenv requirements --dev > dev-requirements.txt
echo "Requirements:"
cat dev-requirements.txt
- if: ${{ startsWith(matrix.os, 'macOS') }}
run: echo "CACHE_PATH=${{ env.python_cache_macOS_path }}" >> $GITHUB_ENV
- if: ${{ startsWith(matrix.os, 'windows') }}
run: echo "CACHE_PATH=${{ env.python_cache_windows_path }}" >> $GITHUB_ENV
- if: ${{ startsWith(matrix.os, 'ubuntu') }}
run: echo "CACHE_PATH=${{ env.python_cache_ubuntu_path }}" >> $GITHUB_ENV
- name: Cache path to load
run: |
echo "Path to dependency cache: [${{ env.CACHE_PATH }}]"
- name: Load Python Dependencies from cache
if: ${{ ! startsWith(matrix.os, 'windows') }}
uses: actions/cache@v4
path: ${{ env.CACHE_PATH }}
key: ${{ matrix.os }}-pip-${{ matrix.python-version }}-${{ hashFiles('**/dev-requirements.txt') }}
restore-keys: |
${{ matrix.os }}-pip-${{ matrix.python-version }}
# env:
# CACHE_PATH: ${{ matrix.cache_path }}
- name: Install dependencies
# Note
# As a virtual machine is already being used, pipenv
# is superfluous and eliminating pipenv in CI reduces overhead and reduce complexity, while retaining a single
# location for development dependencies.
run: |
pip install --upgrade flake8
pip install -r dev-requirements.txt
pip list
- if: ${{ startsWith(matrix.python-version, '3.10') }}
name: Static Analysis - general (flake8)
run: |
flake8 --count --show-source --statistics
- name: Test with pytest
run: |
- name: Upload coverage reports to Codecov with GitHub Action
uses: codecov/codecov-action@v5