build(deps): bump github/codeql-action from 3.27.0 to 3.28.2 #1471
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
push: | |
branches: | |
- master | |
pull_request: | |
jobs: | |
build: | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- ubuntu-20.04 | |
- ubuntu-latest # Don't use this in production! | |
python: | |
- "3.8" | |
- "3.9" | |
- "3.10" | |
- "3.11" | |
- "3.12" | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
fetch-depth: 0 | |
- name: Setup Python ${{ matrix.python }} | |
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 | |
with: | |
python-version: ${{ matrix.python }} | |
- uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
with: | |
path: ~/.cache/pip | |
key: ${{ matrix.os }}-pip-${{ secrets.CACHE_SEED }}-${{ matrix.python }}-${{ hashFiles('./poetry.lock') }} | |
restore-keys: ${{ matrix.os }}-pip-${{ secrets.CACHE_SEED }}-${{ matrix.python }}- | |
- name: Upgrade pip | |
run: pip install --upgrade pip | |
- name: Install Poetry | |
run: pip install poetry | |
- name: Install Python dependencies | |
run: poetry install --no-root | |
- name: Lint Last Commit | |
if: github.event_name == 'push' | |
run: poetry run gitlint | |
- name: Lint All Commits on Pull Request | |
if: github.event_name == 'pull_request' | |
run: poetry run gitlint --commits "origin/${{ github.base_ref }}...HEAD" | |
- name: Format | |
run: poetry run pre-commit run --all-files | |
- name: Test | |
run: poetry run coverage run --module pytest | |
- name: Verify test coverage | |
run: poetry run coverage html | |
- name: Archive code coverage report | |
uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1 | |
with: | |
name: code-coverage-report | |
path: htmlcov | |
if: ${{ failure() }} | |
finalise: | |
if: always() | |
needs: | |
- build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Decide whether the needed jobs succeeded or failed | |
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # v1.2.2 | |
with: | |
jobs: ${{ toJSON(needs) }} |