Skip to content

Automated update to primary components #717

Automated update to primary components

Automated update to primary components #717

Workflow file for this run

---
name: "CI"
on:
push:
branches:
- main
pull_request:
branches:
- main
schedule:
- cron: '47 5 * * 0'
env:
python_version: "3.12"
defaults:
run:
shell: 'bash --noprofile --norc -Eeuo pipefail {0}'
jobs:
lint:
name: Lint
runs-on: ubuntu-22.04
steps:
- name: Checkout the repository
uses: actions/checkout@v4
- name: Run the goat
uses: seisollc/goat@main
with:
# Exclude anything that contains {{ and }} in the file name
exclude: .*\{\{.*\}\}.*
disable_mypy: true
test:
name: Test
runs-on: ubuntu-22.04
steps:
- name: Checkout the repository
uses: actions/checkout@v4
# Necessary for hooks to succeed during tests for commits/schedule
if: github.event_name != 'push_request'
with:
fetch-depth: 0
submodules: 'true'
- name: Checkout the repository
uses: actions/checkout@v4
# Necessary for hooks to succeed during tests for PRs
if: github.event_name == 'pull_request'
with:
ref: ${{ github.event.pull_request.head.ref }}
fetch-depth: 0
submodules: 'true'
- name: Setup python
uses: actions/setup-python@v5
with:
python-version: ${{ env.python_version }}
- uses: actions/cache@v4
with:
path: ~/.local/share/virtualenvs
key: ${{ runner.os }}-python-${{ env.python_version }}-pipenv-${{ hashFiles('Pipfile.lock') }}
- name: Install the dependencies
run: |
python -m pip install --upgrade pipenv
mkdir "${RUNNER_TEMP}/bin"
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b "${RUNNER_TEMP}/bin"
chmod +x "${RUNNER_TEMP}/bin/syft"
curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b "${RUNNER_TEMP}/bin"
chmod +x "${RUNNER_TEMP}/bin/grype"
echo "${RUNNER_TEMP}/bin" >> "${GITHUB_PATH}"
- name: Install Task
uses: arduino/setup-task@v2
- name: Initialize the repo
run: task -v init
- name: Validate the repo
run: task -v validate
- name: Run the tests
run: task -v test
bump-version:
name: Bump version
needs: [lint, test]
if: "${{ github.event_name == 'push' && !startsWith(github.event.head_commit.message, 'Bump version: 2') }}"
permissions:
contents: write
runs-on: ubuntu-22.04
steps:
- name: Checkout the repository
uses: actions/checkout@v4
with:
token: ${{ secrets.SEISO_AUTOMATION_PAT }}
fetch-depth: 0
- name: Setup python
uses: actions/setup-python@v5
with:
python-version: ${{ env.python_version }}
- uses: actions/cache@v4
with:
path: ~/.local/share/virtualenvs
key: ${{ runner.os }}-python-${{ env.python_version }}-pipenv-${{ hashFiles('Pipfile.lock') }}
- name: Install the dependencies
run: python -m pip install --upgrade pipenv
- name: Install Task
uses: arduino/setup-task@v2
- name: Initialize the repo
run: task -v init
- name: Bump the version
id: bump-version
run: |
task -v release
TAG="$(git describe --tags)"
BRANCH="$(git branch --show-current)"
git push --atomic origin "${BRANCH}" "${TAG}"
echo "tag=${TAG}" >> "${GITHUB_OUTPUT}"
- name: Publish the release to GitHub
uses: softprops/action-gh-release@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
name: ${{ steps.bump-version.outputs.tag }}
tag_name: ${{ steps.bump-version.outputs.tag }}
generate_release_notes: true
draft: false
prerelease: false