build(deps-dev): bump cryptography from 42.0.4 to 43.0.1 #740
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/test-python-poetry-task.md | |
| name: Test Python | |
| # See: https://docs.github.com/actions/using-workflows/events-that-trigger-workflows | |
| on: | |
| create: | |
| push: | |
| paths: | |
| - ".github/workflows/test-python-poetry-task.ya?ml" | |
| - ".github/.?codecov.ya?ml" | |
| - "dev/.?codecov.ya?ml" | |
| - ".?codecov.ya?ml" | |
| - "Taskfile.ya?ml" | |
| - "poetry.lock" | |
| - "pyproject.toml" | |
| - "compilesketches/tests/**" | |
| - "**.py" | |
| - "**/pytest.ini" | |
| pull_request: | |
| paths: | |
| - ".github/workflows/test-python-poetry-task.ya?ml" | |
| - ".github/.?codecov.ya?ml" | |
| - "dev/.?codecov.ya?ml" | |
| - ".?codecov.ya?ml" | |
| - "Taskfile.ya?ml" | |
| - "poetry.lock" | |
| - "pyproject.toml" | |
| - "compilesketches/tests/**" | |
| - "**.py" | |
| - "**/pytest.ini" | |
| schedule: | |
| # Run periodically to catch breakage caused by external changes. | |
| - cron: "0 12 * * WED" | |
| workflow_dispatch: | |
| repository_dispatch: | |
| jobs: | |
| run-determination: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| result: ${{ steps.determination.outputs.result }} | |
| permissions: {} | |
| steps: | |
| - name: Determine if the rest of the workflow should run | |
| id: determination | |
| run: | | |
| RELEASE_BRANCH_REGEX="^refs/heads/v[0-9]+$" | |
| # The `create` event trigger doesn't support `branches` filters, so it's necessary to use Bash instead. | |
| if [[ | |
| "${{ github.event_name }}" != "create" || | |
| "${{ github.ref }}" =~ $RELEASE_BRANCH_REGEX | |
| ]]; then | |
| # Run the other jobs. | |
| RESULT="true" | |
| else | |
| # There is no need to run the other jobs. | |
| RESULT="false" | |
| fi | |
| echo "result=$RESULT" >> $GITHUB_OUTPUT | |
| test: | |
| needs: run-determination | |
| if: needs.run-determination.outputs.result == 'true' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version-file: pyproject.toml | |
| - name: Install Task | |
| uses: arduino/setup-task@v2 | |
| with: | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| version: 3.x | |
| - name: Run tests | |
| uses: liskin/gh-problem-matcher-wrap@v3 | |
| with: | |
| linters: pytest | |
| run: task python:test | |
| - name: Display code coverage report | |
| run: task python:coverage-report | |
| # A token is used to avoid intermittent spurious job failures caused by rate limiting. | |
| - name: Set up Codecov upload token | |
| run: | | |
| if [[ "${{ github.repository }}" == "arduino/compile-sketches" ]]; then | |
| # In order to avoid uploads of data from forks, only use the token for runs in the parent repo. | |
| # Token is intentionally exposed. | |
| # See: https://community.codecov.com/t/upload-issues-unable-to-locate-build-via-github-actions-api/3954 | |
| CODECOV_TOKEN="0c2a8127-e253-4812-8b83-6dcc586c2bf7" | |
| else | |
| # codecov/codecov-action does unauthenticated upload if empty string is passed via the `token` input. | |
| CODECOV_TOKEN="" | |
| fi | |
| echo "CODECOV_TOKEN=$CODECOV_TOKEN" >> "$GITHUB_ENV" | |
| - name: Upload coverage report to Codecov | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| fail_ci_if_error: true | |
| file: coverage.xml | |
| token: ${{ env.CODECOV_TOKEN }} |