Skip to content

Update semgrep requirement from ~=1.100.0 to ~=1.102.0 #1394

Update semgrep requirement from ~=1.100.0 to ~=1.102.0

Update semgrep requirement from ~=1.100.0 to ~=1.102.0 #1394

Workflow file for this run

name: "Python Release"
on:
push:
branches:
- main
pull_request:
branches:
- main
release:
types: [created]
workflow_dispatch:
inputs:
logLevel:
description: 'Log level'
required: true
default: 'warning'
type: choice
options:
- info
- warning
- debug
jobs:
unit-tests:
permissions:
contents: 'read'
id-token: 'write'
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
runs-on: ${{ matrix.os }}
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: 'us-east-1'
steps:
- uses: actions/checkout@v4
# Google Setup
- id: 'auth'
uses: 'google-github-actions/auth@v2'
with:
workload_identity_provider: 'projects/501851565537/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
service_account: 'sos-two@startupos-328814.iam.gserviceaccount.com'
- name: 'Set up Cloud SDK'
uses: 'google-github-actions/setup-gcloud@v2'
with:
version: '>= 363.0.0'
- name: 'Use gcloud CLI'
run: 'gcloud info'
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Set up Node
uses: actions/setup-node@v4
with:
node-version: 20
- name: Setup PHP with tools
uses: shivammathur/setup-php@v2
with:
php-version: '8.3'
tools: composer:v2
- name: Install pypa/build
run: >-
python3 -m
pip install
build hatchling setuptools
--user
- name: Make VERSION
run: python make_version.py
- name: install self
run: pip install -e .
- name: Configure AWS
run: |
aws --profile default configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }}
aws --profile default configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws --profile default configure set region "us-east-1"
aws sts get-caller-identity
- name: Unit Tests
run: |
[ -f "~/.ssh/id_rsa" ] && mv ~/.ssh/id_rsa ~/.ssh/id_rsa2 || echo "No id_rsa"
[ -f "~/.ssh/id_rsa" ] && mv ~/.ssh/id_rsa.pub ~/.ssh/id_rsa2.pub || echo "No id_rsa"
echo "Attempting to set key"
mkdir -p ~/.ssh
echo "IdentityFile ~/.ssh/id_rsa" > ~/.ssh/config
echo "${{ secrets.STR_PRIVATE_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
echo "${{ vars.STR_PUB_KEY }}" > ~/.ssh/id_rsa.pub
echo "Key set"
ssh-keyscan -H ssh.dev.azure.com >> ~/.ssh/known_hosts
echo "Restarting Agent"
eval "$(ssh-agent)"
eval "$(ssh-agent -s)"
ssh-agent -k
eval "$(ssh-agent)"
echo "Attempting PyTest"
pytest
echo "Attempting to restore old key"
[ -f "~/.ssh/id_rsa2" ] && mv ~/.ssh/id_rsa2 ~/.ssh/id_rsa || echo "No old key"
[ -f "~/.ssh/id_rsa2" ] && mv ~/.ssh/id_rsa2.pub ~/.ssh/id_rsa.pub || echo "No old key"
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
with:
token: ${{ secrets.CODECOV_TOKEN }}
- name: Style Guide
run: flake8
build-and-publish:
name: Build and publish Python 🐍 distributions πŸ“¦ to PyPI and TestPyPI
needs: unit-tests
runs-on: ubuntu-latest
steps:
- name: Dump GitHub context
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
run: |
echo "$GITHUB_CONTEXT"
echo "${{github.ref}}"
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install pypa/build
run: >-
python3 -m
pip install
build
--user
- name: Make VERSION
run: python make_version.py
- name: Build a binary wheel and a source tarball
run: >-
python3 -m
build
--sdist
--wheel
--outdir dist/
.
- name: Publish distribution πŸ“¦ to Test PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
password: ${{ secrets.TEST_PYPI_API_TOKEN }}
repository-url: https://test.pypi.org/legacy/
- name: Publish distribution πŸ“¦ to PyPI
if: startsWith(github.ref, 'refs/tags')
uses: pypa/gh-action-pypi-publish@release/v1
with:
password: ${{ secrets.PYPI_API_TOKEN }}