From e593c5fd0fb1c525e92a4fa7767132677cbd3418 Mon Sep 17 00:00:00 2001 From: Sorin Sbarnea Date: Wed, 19 Apr 2023 18:49:23 +0100 Subject: [PATCH] GHA maintenance (#3876) --- .github/dependabot.yml | 12 +++--- .github/release-drafter.yml | 4 +- .github/workflows/ack.yml | 5 ++- .github/workflows/push.yml | 5 ++- .github/workflows/release.yml | 25 +++++------ .github/workflows/tox.yml | 78 +++++++++++++++++++++++++---------- 6 files changed, 80 insertions(+), 49 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 00bec4ba0..bf2a0d0bc 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,21 +1,21 @@ # https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates version: 2 +enable-beta-ecosystems: true updates: - package-ecosystem: "pip" directory: "/" schedule: - interval: "daily" + interval: daily labels: - dependencies - skip-changelog - open-pull-requests-limit: 3 allow: - - dependency-type: all + - dependency-name: "ansible*" + - dependency-name: pyyaml - package-ecosystem: "github-actions" directory: "/" schedule: interval: daily - open-pull-requests-limit: 3 labels: - - "dependencies" - - "skip-changelog" + - dependencies + - skip-changelog diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml index 114b5fc80..1893b9fab 100644 --- a/.github/release-drafter.yml +++ b/.github/release-drafter.yml @@ -1,2 +1,2 @@ -# see https://github.com/ansible-community/devtools -_extends: ansible-community/devtools +# see https://github.com/ansible/devtools +_extends: ansible/devtools diff --git a/.github/workflows/ack.yml b/.github/workflows/ack.yml index 5880addda..5e7b9f549 100644 --- a/.github/workflows/ack.yml +++ b/.github/workflows/ack.yml @@ -1,4 +1,5 @@ -# See https://github.com/ansible-community/devtools/blob/main/.github/workflows/ack.yml +--- +# See https://github.com/ansible/devtools/blob/main/.github/workflows/ack.yml name: ack on: pull_request_target: @@ -6,4 +7,4 @@ on: jobs: ack: - uses: ansible-community/devtools/.github/workflows/ack.yml@main + uses: ansible/devtools/.github/workflows/ack.yml@main diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index ceef4e3cb..1a01af81d 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -1,4 +1,5 @@ -# See https://github.com/ansible-community/devtools/blob/main/.github/workflows/push.yml +--- +# See https://github.com/ansible/devtools/blob/main/.github/workflows/push.yml name: push on: push: @@ -9,4 +10,4 @@ on: jobs: ack: - uses: ansible-community/devtools/.github/workflows/push.yml@main + uses: ansible/devtools/.github/workflows/push.yml@main diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c2a75b17b..84ef052bf 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,3 +1,5 @@ +--- +# cspell:ignore mislav name: release on: @@ -8,41 +10,34 @@ jobs: pypi: name: Publish to PyPI registry environment: release - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 env: FORCE_COLOR: 1 PY_COLORS: 1 TOXENV: pkg - TOX_PARALLEL_NO_SPINNER: 1 steps: - name: Switch to using Python 3.9 by default uses: actions/setup-python@v4 with: python-version: 3.9 + - name: Install tox - run: >- - python3 -m - pip install - --user - tox + run: python3 -m pip install --user "tox>=4.0.0" + - name: Check out src from Git uses: actions/checkout@v3 with: fetch-depth: 0 # needed by setuptools-scm + submodules: true + - name: Build dists run: python -m tox - - name: Publish to test.pypi.org - if: >- # "create" workflows run separately from "push" & "pull_request" - github.event_name == 'release' - uses: pypa/gh-action-pypi-publish@master - with: - password: ${{ secrets.testpypi_password }} - repository_url: https://test.pypi.org/legacy/ + - name: Publish to pypi.org if: >- # "create" workflows run separately from "push" & "pull_request" github.event_name == 'release' - uses: pypa/gh-action-pypi-publish@master + uses: pypa/gh-action-pypi-publish@release/v1 with: password: ${{ secrets.pypi_password }} diff --git a/.github/workflows/tox.yml b/.github/workflows/tox.yml index 6cfabeed7..a681ff7f6 100644 --- a/.github/workflows/tox.yml +++ b/.github/workflows/tox.yml @@ -1,16 +1,21 @@ +--- name: tox on: - create: # is used for publishing to PyPI and TestPyPI - tags: # any tag regardless of its name, no branches push: # only publishes pushes to the main branch to TestPyPI branches: # any integration branch but not tag - "main" - tags-ignore: - - "**" pull_request: - schedule: - - cron: 1 0 * * * # Run daily at 0:01 UTC + branches: + - "main" + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + +env: + FORCE_COLOR: 1 # tox, pytest, ansible-lint + PY_COLORS: 1 jobs: pre: @@ -30,26 +35,36 @@ jobs: docs pkg eco - py39-devel - py310-devel + py311-devel build: name: ${{ matrix.name }} - runs-on: ubuntu-latest + runs-on: ${{ matrix.os || 'ubuntu-22.04' }} needs: pre - env: - PYTEST_REQPASS: 454 + defaults: + run: + shell: ${{ matrix.shell || 'bash'}} # limit potential endless looks like we had with build-containers timeout-minutes: 20 strategy: fail-fast: false matrix: ${{ fromJson(needs.pre.outputs.matrix) }} + env: + PYTEST_REQPASS: 454 steps: - - name: Check out src from Git - uses: actions/checkout@v3 + - uses: actions/checkout@v3 with: fetch-depth: 0 # needed by setuptools-scm + submodules: true + + - name: Set pre-commit cache + uses: actions/cache@v3 + if: ${{ matrix.passed_name == 'lint' }} + with: + path: | + ~/.cache/pre-commit + key: pre-commit-${{ matrix.name || matrix.passed_name }}-${{ hashFiles('.pre-commit-config.yaml') }} - name: Install system dependencies # remove broken .deb ansible and replace with pip version: # https://github.com/actions/virtual-environments/issues/3001 @@ -66,18 +81,28 @@ jobs: && virtualenv foo \ && source foo/bin/activate \ && ansible --version - - name: Install a default Python + - name: Set up Python ${{ matrix.python_version || '3.9' }} + if: "!contains(matrix.shell, 'wsl')" uses: actions/setup-python@v4 with: - python-version: ${{ matrix.python_version }} - - name: Install dependencies - run: | - python3 -m pip install -U pip 'coverage[toml]' - python3 -m pip install 'tox>=4.0.0' - - name: Run tox -e ${{ matrix.passed_name }} + cache: pip + python-version: ${{ matrix.python_version || '3.9' }} + + - name: Install tox run: | - ${{ matrix.PREFIX }} tox -e ${{ matrix.passed_name }} - continue-on-error: ${{ matrix.experimental || false }} + python3 -m pip install --upgrade pip + python3 -m pip install --upgrade "tox>=4.0.0" + + - name: Log installed dists + run: python3 -m pip freeze --all + + - name: Initialize tox envs ${{ matrix.passed_name }} + run: python3 -m tox --notest --skip-missing-interpreters false -vv -e ${{ matrix.passed_name }} + timeout-minutes: 5 # average is under 1, but macos can be over 3 + + # sequential run improves browsing experience (almost no speed impact) + - name: tox -e ${{ matrix.passed_name }} + run: python3 -m tox -e ${{ matrix.passed_name }} - name: Combine coverage data if: ${{ startsWith(matrix.passed_name, 'py') }} @@ -93,6 +118,15 @@ jobs: token: ${{ secrets.CODECOV_TOKEN }} verbose: true # optional (default = false) + - name: Report failure if git reports dirty status + run: | + if [[ -n $(git status -s) ]]; then + # shellcheck disable=SC2016 + echo -n '::error file=git-status::' + printf '### Failed as git reported modified and/or untracked files\n```\n%s\n```\n' "$(git status -s)" | tee -a "$GITHUB_STEP_SUMMARY" + exit 99 + fi + # https://github.com/actions/toolkit/issues/193 check: if: always()