diff --git a/.github/workflows/pytest_fast.yml b/.github/workflows/pytest_fast.yml index 8451b6737..dd01e0bdb 100644 --- a/.github/workflows/pytest_fast.yml +++ b/.github/workflows/pytest_fast.yml @@ -5,6 +5,11 @@ on: branches: - main pull_request: + workflow_dispatch: + +permissions: + contents: read + pull-requests: read jobs: test-build: @@ -37,10 +42,18 @@ jobs: pytest-fast: name: Pytest (Fast) runs-on: ubuntu-24.04 + permissions: + checks: write + contents: read + code-quality: write + pull-requests: read steps: # Common steps: - name: Checkout code uses: actions/checkout@v4 + with: + persist-credentials: false + ref: ${{ github.event.pull_request.head.sha || github.sha }} - name: Set up Poetry uses: snok/install-poetry@v1 with: @@ -68,7 +81,7 @@ jobs: if: always() run: | poetry run coverage html -d htmlcov - poetry run coverage xml -o htmlcov/coverage.xml + poetry run coverage xml --include="airbyte_cdk/*" -o htmlcov/coverage.xml - name: Publish Test Results uses: EnricoMi/publish-unit-test-result-action@v2 @@ -85,3 +98,11 @@ jobs: with: name: fasttest-coverage path: htmlcov/ + - name: Upload coverage to GitHub Code Quality + if: always() && hashFiles('htmlcov/coverage.xml') != '' + uses: actions/upload-code-coverage@b51da2c3c1b23e04d2d6477cfc34350b1f5cd3e9 # v1 + with: + file: htmlcov/coverage.xml + language: Python + label: code-coverage/pytest-fast + fail-on-error: false diff --git a/.github/workflows/pytest_matrix.yml b/.github/workflows/pytest_matrix.yml index 9a4cc1188..6cec2fbe3 100644 --- a/.github/workflows/pytest_matrix.yml +++ b/.github/workflows/pytest_matrix.yml @@ -16,7 +16,13 @@ on: - "unit_tests/**" - "poetry.lock" - "pyproject.toml" + - ".github/workflows/pytest_matrix.yml" pull_request: + workflow_dispatch: + +permissions: + contents: read + pull-requests: read jobs: pytest: @@ -24,6 +30,7 @@ jobs: # Don't run on forks. Run on pushes to main, and on PRs that are not from forks. if: > github.event_name == 'pull_request' || + github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && github.ref == 'refs/heads/main') strategy: matrix: @@ -40,6 +47,11 @@ jobs: fail-fast: false runs-on: "${{ matrix.os }}-latest" + permissions: + checks: write + contents: read + code-quality: write + pull-requests: read env: # Enforce UTF-8 encoding so Windows runners don't fail inside the connector code. # TODO: See if we can fully enforce this within PyAirbyte itself. @@ -48,6 +60,9 @@ jobs: # Common steps: - name: Checkout code uses: actions/checkout@v4 + with: + persist-credentials: false + ref: ${{ github.event.pull_request.head.sha || github.sha }} - id: changes uses: dorny/paths-filter@v3.0.2 with: @@ -58,25 +73,26 @@ jobs: - 'bin/**' - 'poetry.lock' - 'pyproject.toml' + - '.github/workflows/pytest_matrix.yml' - name: Set up Poetry uses: snok/install-poetry@v1 - if: steps.changes.outputs.src == 'true' + if: steps.changes.outputs.src == 'true' || github.event_name == 'workflow_dispatch' with: version: "2.0.1" - name: Set up Python uses: actions/setup-python@v5 - if: steps.changes.outputs.src == 'true' + if: steps.changes.outputs.src == 'true' || github.event_name == 'workflow_dispatch' with: python-version: ${{ matrix.python-version }} cache: "poetry" - name: Install dependencies - if: steps.changes.outputs.src == 'true' + if: steps.changes.outputs.src == 'true' || github.event_name == 'workflow_dispatch' run: poetry install --all-extras # Job-specific step(s): - name: Run Pytest timeout-minutes: 60 - if: steps.changes.outputs.src == 'true' + if: steps.changes.outputs.src == 'true' || github.event_name == 'workflow_dispatch' env: GCP_GSM_CREDENTIALS: ${{ secrets.GCP_GSM_CREDENTIALS }} run: > @@ -85,18 +101,18 @@ jobs: -m "not linting and not super_slow and not flaky" - name: Print Coverage Report - if: always() && steps.changes.outputs.src == 'true' + if: always() && (steps.changes.outputs.src == 'true' || github.event_name == 'workflow_dispatch') run: poetry run coverage report - name: Create Coverage Artifacts - if: always() && steps.changes.outputs.src == 'true' + if: always() && (steps.changes.outputs.src == 'true' || github.event_name == 'workflow_dispatch') run: | poetry run coverage html -d htmlcov - poetry run coverage xml -o htmlcov/coverage.xml + poetry run coverage xml --include="airbyte_cdk/*" -o htmlcov/coverage.xml - name: Publish Test Results uses: EnricoMi/publish-unit-test-result-action@v2 - if: always() && !cancelled() && steps.changes.outputs.src == 'true' && matrix.python-version == '3.11' + if: always() && !cancelled() && (steps.changes.outputs.src == 'true' || github.event_name == 'workflow_dispatch') && matrix.python-version == '3.11' continue-on-error: true with: check_name: "PyTest Results (Full)" @@ -104,8 +120,16 @@ jobs: files: | build/test-results/**/*.xml - name: Upload coverage to GitHub Artifacts - if: always() && steps.changes.outputs.src == 'true' + if: always() && (steps.changes.outputs.src == 'true' || github.event_name == 'workflow_dispatch') uses: actions/upload-artifact@v4 with: name: py${{ matrix.python-version }}-${{ matrix.os }}-test-coverage path: htmlcov/ + - name: Upload coverage to GitHub Code Quality + if: always() && hashFiles('htmlcov/coverage.xml') != '' && matrix.python-version == '3.11' && matrix.os == 'Ubuntu' + uses: actions/upload-code-coverage@b51da2c3c1b23e04d2d6477cfc34350b1f5cd3e9 # v1 + with: + file: htmlcov/coverage.xml + language: Python + label: code-coverage/pytest-matrix + fail-on-error: false