120 lines
3.1 KiB
YAML
120 lines
3.1 KiB
YAML
name: CI
|
|
|
|
on:
|
|
push:
|
|
branches: [ "main" ]
|
|
pull_request:
|
|
branches: [ "main" ]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
env:
|
|
PYTHON_VERSION: "3.11"
|
|
# Used by tests / alembic; matches docker compose environment
|
|
KEYWARDEN_POSTGRES_USER: postgres
|
|
KEYWARDEN_POSTGRES_PASSWORD: postgres
|
|
KEYWARDEN_POSTGRES_HOST: localhost
|
|
KEYWARDEN_POSTGRES_PORT: 5432
|
|
KEYWARDEN_POSTGRES_DB: keywarden
|
|
jobs:
|
|
lint:
|
|
name: Lint & Format
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: ${{ env.PYTHON_VERSION }}
|
|
|
|
- name: Install linters
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
pip install ruff==0.6.4 black==24.8.0
|
|
# - name: Ruff (lint)
|
|
# run: ruff check .
|
|
|
|
# - name: Black (format check)
|
|
# run: black --check .
|
|
|
|
test:
|
|
name: Tests (Pytest + Alembic + Postgres)
|
|
runs-on: ubuntu-latest
|
|
needs: lint
|
|
services:
|
|
postgres:
|
|
image: postgres:17-alpine
|
|
env:
|
|
POSTGRES_DB: keywarden
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: postgres
|
|
ports:
|
|
- 5432:5432
|
|
options: >-
|
|
--health-cmd="pg_isready -U postgres -d keywarden"
|
|
--health-interval=10s
|
|
--health-timeout=5s
|
|
--health-retries=10
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: ${{ env.PYTHON_VERSION }}
|
|
|
|
- name: Cache pip
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: ~/.cache/pip
|
|
key: pip-${{ runner.os }}-${{ env.PYTHON_VERSION }}-${{ hashFiles('**/requirements.txt') }}
|
|
restore-keys: |
|
|
pip-${{ runner.os }}-${{ env.PYTHON_VERSION }}-
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
pip install -r requirements.txt
|
|
|
|
- name: Set PYTHONPATH
|
|
run: echo "PYTHONPATH=${GITHUB_WORKSPACE}" >> $GITHUB_ENV
|
|
|
|
- name: Create .env for tests (optional for app runtime)
|
|
run: |
|
|
printf "KEYWARDEN_POSTGRES_DSN=%s\nKEYWARDEN_SECRET_KEY=%s\n" \
|
|
"${{ env.TEST_POSTGRES_DSN }}" "testsecret" > .env
|
|
|
|
- name: Run Alembic migrations
|
|
env:
|
|
KEYWARDEN_POSTGRES_DSN: ${{ env.TEST_POSTGRES_DSN }}
|
|
run: alembic upgrade head
|
|
|
|
- name: Pytest
|
|
env:
|
|
KEYWARDEN_POSTGRES_DSN: ${{ env.TEST_POSTGRES_DSN }}
|
|
run: |
|
|
pytest -q tests
|
|
docker-build:
|
|
name: Docker Build
|
|
runs-on: ubuntu-latest
|
|
needs: test
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
|
|
- name: Build image (no push)
|
|
uses: docker/build-push-action@v5
|
|
with:
|
|
context: .
|
|
push: false
|
|
tags: keywarden:ci
|
|
# speeds up builds by caching layers on GH Actions
|
|
cache-from: type=gha
|
|
cache-to: type=gha,mode=max |