-
Notifications
You must be signed in to change notification settings - Fork 0
145 lines (122 loc) · 3.79 KB
/
ci.yml
File metadata and controls
145 lines (122 loc) · 3.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
concurrency:
group: ci-${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
PYTHON_VERSION: "3.12"
UV_VERSION: "0.10.4"
SECRET_KEY: test-secret-key-minimum-32-bytes-value
DATABASE_URL: postgresql+asyncpg://test_user:test_password@localhost:5432/test_db
INTEGRATION_DATABASE_URL: postgresql+asyncpg://test_user:test_password@localhost:5432/test_db
REDIS_URL: redis://localhost:6379/0
jobs:
lint:
name: Ruff Lint
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Setup uv
uses: astral-sh/setup-uv@v6
with:
version: ${{ env.UV_VERSION }}
enable-cache: true
- name: Install dependencies
run: uv sync --frozen --dev
- name: Ruff check
run: uv run ruff check .
- name: Ruff format check
run: uv run ruff format --check .
test:
name: Tests
runs-on: ubuntu-latest
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
services:
postgres:
image: postgres:16-alpine
env:
POSTGRES_DB: test_db
POSTGRES_USER: test_user
POSTGRES_PASSWORD: test_password
ports:
- 5432:5432
options: >-
--health-cmd "pg_isready -U test_user -d test_db"
--health-interval 10s
--health-timeout 5s
--health-retries 10
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Setup uv
uses: astral-sh/setup-uv@v6
with:
version: ${{ env.UV_VERSION }}
enable-cache: true
- name: Install dependencies
run: uv sync --frozen --dev
- name: Apply Alembic migrations
run: uv run alembic upgrade head
- name: Check Alembic drift
run: uv run alembic check
- name: Run tests with coverage
run: uv run pytest -q --cov=app --cov-report=term-missing --cov-report=xml --junitxml=pytest.xml
- name: SonarCloud Scan
if: ${{ env.SONAR_TOKEN != '' && vars.SONAR_PROJECT_KEY != '' && vars.SONAR_ORGANIZATION != '' }}
uses: sonarsource/sonarqube-scan-action@v6
with:
args: >
-Dsonar.projectKey=${{ vars.SONAR_PROJECT_KEY }}
-Dsonar.organization=${{ vars.SONAR_ORGANIZATION }}
-Dsonar.host.url=https://sonarcloud.io
-Dsonar.sources=app
-Dsonar.tests=tests
-Dsonar.test.inclusions=tests/**/*.py
-Dsonar.python.coverage.reportPaths=coverage.xml
-Dsonar.python.xunit.reportPath=pytest.xml
env:
SONAR_TOKEN: ${{ env.SONAR_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage report
uses: actions/upload-artifact@v4
with:
name: coverage-xml
path: coverage.xml
- name: Upload junit report
uses: actions/upload-artifact@v4
with:
name: pytest-report
path: pytest.xml
docker-build:
name: Docker Build Check
runs-on: ubuntu-latest
needs: [lint, test]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build image
uses: docker/build-push-action@v6
with:
context: .
push: false
tags: task-manager-fastapi:ci
cache-from: type=gha
cache-to: type=gha,mode=max