This repository has been archived by the owner on Dec 13, 2023. It is now read-only.

CI #425

Workflow file for this run

	name: CI
	on:
	workflow_dispatch:
	push:
	branches:
	- '**'
	- '!ws-iac-scan-results/**'
	- '!whitesource-remediate/master-all**'
	- '!whitesource/**'
	tags:
	- '*'
	schedule:
	- cron: '0 4 * * *'

	env:
	APP_NAME: mend_import_sbom

	jobs:
	build-and-test:
	runs-on: ubuntu-latest

	outputs:
	python_version: ${{ steps.set_env_vars.outputs.PYTHON_VERSION }}
	min_py_ver: ${{ steps.set_env_vars.outputs.MIN_PY_VER }}
	version: ${{ steps.set_env_vars.outputs.VERSION }}
	release: ${{ steps.set_env_vars.outputs.RELEASE }}
	app_dir: ${{ steps.set_env_vars.outputs.APP_DIR }}
	pkg_name: ${{ steps.set_env_vars.outputs.PKG_NAME }}
	whl_name: ${{ steps.set_env_vars.outputs.WHL_NAME }}
	source_branch: ${{ steps.get_source_branch.outputs.SOURCE_BRANCH }}

	strategy:
	matrix:
	python-version: ['3.9', '3.10', '3.11']

	steps:
	- name: Set Environment Variables
	id: set_env_vars
	run: \|
	pkgVersion=0.0.0.ci0
	pkgRelease=false

	echo "========= GITHUB_OUTPUT ========="
	echo "PYTHON_VERSION=${{ matrix.python-version }}" >> $GITHUB_OUTPUT
	if [[ ${{ strategy.job-index }} == 0 ]]; then
	echo "MIN_PY_VER=${{ matrix.python-version }}" >> $GITHUB_OUTPUT
	fi

	if [[ "$GITHUB_REF" == "refs/tags/v" \|\| "$GITHUB_REF" == "refs/tags/test-v" ]]; then
	pkgVersion="$(echo ${{ github.ref }} \| sed -r 's/^[\/a-zA-z-]+//')"
	if [[ $pkgVersion != @(a\|b) ]]; then
	pkgRelease=true
	fi
	elif [[ "$GITHUB_REF" == *"/staging" ]]; then
	latestVer="$(git describe --tags $(git rev-list --tags --max-count=1) \| sed -r 's/^[\/a-zA-z-]+//')"
	if [[ $(echo "$latestVer" \| cut -d. -f1,2) == $(date +"%y.%-m") ]] ; then
	nextVersion="$(date +"%y.%-m").$(( $(echo "$latestVer" \| sed 's/.*\.//') + 1 ))"
	else
	nextVersion="$(date +"%y.%-m.1")"
	fi
	pkgVersion="${nextVersion}rc$(date +"%Y%m%d%H%M")"
	fi

	echo "VERSION=$pkgVersion" >> $GITHUB_OUTPUT
	echo "RELEASE=$pkgRelease" >> $GITHUB_OUTPUT
	echo "APP_DIR=${{ env.APP_NAME }}" >> $GITHUB_OUTPUT
	echo "PKG_NAME=${{ env.APP_NAME }}-${pkgVersion}" >> $GITHUB_OUTPUT
	echo "WHL_NAME=${{ env.APP_NAME }}-${pkgVersion}-py3-none-any.whl" >> $GITHUB_OUTPUT

	echo "========== GITHUB_ENV ==========="
	echo "PYTHON_VERSION=${{ matrix.python-version }}" >> $GITHUB_ENV
	echo "VERSION=$pkgVersion" >> $GITHUB_ENV
	echo "APP_DIR=${{ env.APP_NAME }}" >> $GITHUB_ENV
	echo "PKG_NAME=${{ env.APP_NAME }}-${pkgVersion}" >> $GITHUB_ENV
	echo "WHL_NAME=${{ env.APP_NAME }}-${pkgVersion}-py3-none-any.whl" >> $GITHUB_ENV

	- uses: actions/checkout@v3
	- name: Get Source Branch
	id: get_source_branch
	run: \|
	echo "SOURCE_BRANCH=$(git branch --contains ${{ github.sha }} \| grep -E 'feature\|staging' \| sed 's/[ *]//g')" >> $GITHUB_OUTPUT

	- name: Set Package Version
	id: set_package_version
	run: \|
	sed -E -i "s/^__version__ = \"[a-z0-9\.]+\"/__version__ = \"${{ env.VERSION }}\"/g" "${{ env.APP_DIR }}/_version.py"
	cat "${{ env.APP_DIR }}/_version.py"

	- name: Setup Python ${{ matrix.python-version }}
	id: setup_python
	uses: actions/setup-python@v4
	with:
	python-version: ${{ matrix.python-version }}

	- name: Install Dependencies
	id: install_dependencies
	run: \|
	python -m pip install --upgrade pip
	pip install flake8 wheel pytest -r requirements.txt

	- name: Lint with flake8
	id: lint_with_flake8
	run: \|
	# stop the build if there are Python syntax errors or undefined names
	flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics --ignore=E501,F841
	# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
	flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics

	- name: Create wheel Package
	id: create_whl
	run: python setup.py bdist_wheel

	- name: Install ${{ env.PKG_NAME }}
	id: install_whl
	run: pip install "dist/${{ env.WHL_NAME }}"

	- name: Check Unit Test Files
	id: check_test_files
	uses: andstor/file-existence-action@v2
	with:
	files: "/tests/test_.py"

	- name: Run Tests with pytest
	id: tests_pytest
	if: steps.check_test_files.outputs.files_exists == 'true'
	run: pytest

	- name: Unittest
	id: test_unittest
	if: steps.check_test_files.outputs.files_exists == 'true'
	run: python -m unittest

	- name: Copy wheel
	id: copy_whl
	run: \|
	mkdir "dist/${{ env.PYTHON_VERSION }}"
	cp "dist/${{ env.WHL_NAME }}" "dist/${{ env.PYTHON_VERSION }}/"

	- name: Cache wheel
	id: cache_whl
	uses: actions/cache@v3
	with:
	path: dist/${{ env.PYTHON_VERSION }}/${{ env.WHL_NAME }}
	key: ${{ env.PYTHON_VERSION }}_${{ env.APP_DIR }}_${{ github.run_id }}

	publish-staging:
	if: ${{ github.ref == 'refs/heads/staging'}}
	needs: [build-and-test]
	runs-on: ubuntu-latest

	steps:
	- name: Get Environment Variables
	id: get_env_vars
	run: \|
	echo "MIN_PY_VER=${{ needs.build-and-test.outputs.min_py_ver }}" >> $GITHUB_ENV
	echo "APP_DIR=${{ needs.build-and-test.outputs.app_dir }}" >> $GITHUB_ENV
	echo "VERSION=${{ needs.build-and-test.outputs.version }}" >> $GITHUB_ENV
	echo "WHL_NAME=${{ needs.build-and-test.outputs.whl_name }}" >> $GITHUB_ENV
	echo "SOURCE_BRANCH=${{ needs.build-and-test.outputs.source_branch }}" >> $GITHUB_ENV
	echo "AWS_REGION=eu-west-1" >> $GITHUB_ENV
	echo "AWS_BUCKET=mend-ps-staging" >> $GITHUB_ENV
	echo "AWS_DOMAIN=mend-ps" >> $GITHUB_ENV
	echo "AWS_REPO=mend-ps-staging" >> $GITHUB_ENV

	- name: Restore whl
	id: restore_whl
	uses: actions/cache@v3
	with:
	path: dist/${{ env.MIN_PY_VER }}/${{ env.WHL_NAME }}
	key: ${{ env.MIN_PY_VER }}_${{ env.APP_DIR }}_${{ github.run_id }}

	- name: Configure AWS Credentials
	id: config_aws_creds
	uses: aws-actions/configure-aws-credentials@v3
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: ${{ env.AWS_REGION }}

	- name: Configure AWS CodeArtifact
	id: config_aws_codeartifact
	run: \|
	pip install twine

	twinePass="$(aws codeartifact get-authorization-token --domain ${{ env.AWS_DOMAIN }} --domain-owner ${{ secrets.AWS_ACCOUNT_ID }} --query authorizationToken --output text)"
	twineRepo="$(aws codeartifact get-repository-endpoint --domain ${{ env.AWS_DOMAIN }} --domain-owner ${{ secrets.AWS_ACCOUNT_ID }} --repository ${{ env.AWS_REPO }} --format pypi --query repositoryEndpoint --output text)"
	echo "TWINE_USERNAME=aws" >> $GITHUB_ENV
	echo "TWINE_PASSWORD=$twinePass" >> $GITHUB_ENV
	echo "TWINE_REPOSITORY_URL=$twineRepo" >> $GITHUB_ENV

	- name: Upload to AWS CodeArtifact
	id: upload_aws_codeartifact
	run: \|
	twine upload --repository-url ${{ env.TWINE_REPOSITORY_URL }} "dist/${{ env.MIN_PY_VER }}/${{ env.WHL_NAME }}"

	- name: Staging Version Upload Notification (TBD)
	id: staging_upload_notification
	run: \|
	echo "Package is ready for testing"
	echo " App Name: ${{ env.APP_NAME }}"
	echo " Version: ${{ env.VERSION }}"
	echo ""
	echo "To install, use the commands:"
	echo ' CODEARTIFACT_AUTH_TOKEN=`aws codeartifact get-authorization-token --domain ${{ env.AWS_DOMAIN }} --domain-owner ${{ secrets.AWS_ACCOUNT_ID }} --region ${{ secrets.AWS_ACCOUNT_ID }} --query authorizationToken --output text`'
	echo ' pip install --no-cache-dir --index-url=https://aws:$CODEARTIFACT_AUTH_TOKEN@${{ env.AWS_DOMAIN }}-${{ secrets.AWS_ACCOUNT_ID }}.d.codeartifact.${{ secrets.AWS_REGION }}.amazonaws.com/pypi/${{ secrets.AWS_REPO }}/simple/ ${{ env.APP_NAME }}'

	publish-release:
	if: ${{ startsWith(github.ref, 'refs/tags/v') }}
	needs: [build-and-test]
	runs-on: ubuntu-latest

	steps:
	- name: Get Environment Variables
	id: get_env_vars
	run: \|
	echo "MIN_PY_VER=${{ needs.build-and-test.outputs.min_py_ver }}" >> $GITHUB_ENV
	echo "APP_DIR=${{ needs.build-and-test.outputs.app_dir }}" >> $GITHUB_ENV
	echo "VERSION=${{ needs.build-and-test.outputs.version }}" >> $GITHUB_ENV
	echo "WHL_NAME=${{ needs.build-and-test.outputs.whl_name }}" >> $GITHUB_ENV
	echo "SOURCE_BRANCH=${{ needs.build-and-test.outputs.source_branch }}" >> $GITHUB_ENV

	- name: Restore whl
	id: restore_whl
	uses: actions/cache@v3
	with:
	path: dist/${{ env.MIN_PY_VER }}/${{ env.WHL_NAME }}
	key: ${{ env.MIN_PY_VER }}_${{ env.APP_DIR }}_${{ github.run_id }}

	- name: Publish to PyPI (Test)
	if: startsWith(github.ref, 'refs/tags/v')
	run: \|
	echo "packages_dir: dist/${{ env.MIN_PY_VER }}"

	- name: Publish to PyPI
	if: startsWith(github.ref, 'refs/tags/v')
	uses: pypa/gh-action-pypi-publish@release/v1
	with:
	skip_existing: true
	user: __token__
	password: ${{ secrets.PYPI_API_TOKEN }}
	packages_dir: dist/${{ needs.build-and-test.outputs.min_py_ver }}

	# - uses: actions/checkout@v3
	# - name: Create Release
	# if: startsWith(github.ref, 'refs/tags/v')
	# uses: ncipollo/release-action@v1
	# with:
	# token: ${{ secrets.GITHUB_TOKEN }}
	# allowUpdates: true
	# artifacts: dist/${{needs.build-and-test.outputs.min_py_ver}}/${{needs.build-and-test.outputs.app_dir}}-${{needs.build-and-test.outputs.version}}-py3-none-any.whl
	# prerelease: ${{ needs.build-and-test.outputs.release != 'true' }}
	# generateReleaseNotes: true
	# - name: Publish to Confluence - Public
	# if: startsWith(github.ref, 'refs/tags/v')
	# uses: cupcakearmy/confluence-markdown-sync@v1
	# with:
	# from: README.md
	# to: 2225406280
	# cloud: whitesource
	# user: ${{ secrets.CONFLUENCE_USER }}
	# token: ${{ secrets.CONFLUENCE_TOKEN }}
	# - name: Publish to Confluence - Internal
	# if: startsWith(github.ref, 'refs/tags/v')
	# uses: cupcakearmy/confluence-markdown-sync@v1
	# with:
	# from: README.md
	# to: 2313290370
	# cloud: whitesource
	# user: ${{ secrets.CONFLUENCE_USER }}
	# token: ${{ secrets.CONFLUENCE_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CI #425

Workflow file

CI #425

Jobs

Run details

Workflow file for this run