Skip to content

PYTHON-4970 Adopt zizmor GitHub Actions security scanner #1413

PYTHON-4970 Adopt zizmor GitHub Actions security scanner

PYTHON-4970 Adopt zizmor GitHub Actions security scanner #1413

Workflow file for this run

name: Python Tests
on:
push:
branches: ["main"]
pull_request:
concurrency:
group: tests-${{ github.ref }}
cancel-in-progress: true
defaults:
run:
working-directory: ./bindings/python
shell: bash -eux {0}
jobs:
pre-commit:
name: pre-commit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- uses: actions/setup-python@v5
- uses: pre-commit/action@v3.0.1
with:
extra_args: --all-files --hook-stage=manual
build:
# supercharge/mongodb-github-action requires containers so we don't test other platforms
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: ["ubuntu-latest", "macos-latest", "windows-latest"]
python-version: ["3.9", "3.10", "3.11", "3.12", "3.13"]
fail-fast: false
name: CPython ${{ matrix.python-version }}-${{ matrix.os }}
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
cache: 'pip'
cache-dependency-path: '**/pyproject.toml'
- name: Set up env
run: |
echo "LIBBSON_INSTALL_DIR=$PWD/libbson" >> $GITHUB_ENV
echo "LD_LIBRARY_PATH=$PWD/libbson/lib" >> $GITHUB_ENV
- name: Start MongoDB on Linux
if: ${{ startsWith(runner.os, 'Linux') }}
uses: supercharge/mongodb-github-action@1.11.0
with:
mongodb-version: 4.4
mongodb-replica-set: test-rs
- name: Start MongoDB on MacOS
if: ${{ startsWith(runner.os, 'macOS') }}
run: |
brew tap mongodb/brew
brew update
brew install mongodb-community@7.0
mkdir data
mongod --fork --dbpath=$(pwd)/data --logpath=$PWD/mongo.log
# Install pkg-config
brew install pkg-config
- name: Start MongoDB on Windows
if: ${{ startsWith(runner.os, 'Windows') }}
shell: powershell
run: |
mkdir data
mongod --remove
mongod --install --dbpath=$(pwd)/data --logpath=$PWD/mongo.log
net start MongoDB
- name: Install tox
run: |
python -m pip install tox
- name: Install libbson
run: |
tox -e build-libbson
- name: Ensure imports with no test deps
run: |
echo "LIBBSON_INSTALL_DIR=$LIBBSON_INSTALL_DIR"
tox -e import-check
- name: Run the tests
run: |
tox -e test
- name: Check the manifest
run: |
tox -e manifest
docs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: 3.9
cache: 'pip'
cache-dependency-path: '**/pyproject.toml'
- name: Install tox
run: |
python -m pip install tox
- name: Build docs
shell: bash -l {0}
run: |
NO_EXT=1 tox -e docs
- name: Run linkcheck
shell: bash -l {0}
run: |
NO_EXT=1 tox -e linkcheck