-
Notifications
You must be signed in to change notification settings - Fork 16
126 lines (107 loc) · 3.8 KB
/
Copy pathpush.yml
File metadata and controls
126 lines (107 loc) · 3.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
name: build
on:
pull_request:
types: [opened, synchronize]
merge_group:
types: [checks_requested]
push:
# Always run on push to main. The build cache can only be reused
# if it was saved by a run from the repository's default branch.
# The run result will be identical to that from the merge queue
# because the commit is identical, yet we need to perform it to
# seed the build cache.
branches:
- main
permissions:
contents: read
jobs:
ci:
strategy:
fail-fast: false
matrix:
python: [ '3.10', '3.11', '3.12', '3.13', '3.14' ]
runs-on:
group: databrickslabs-protected-runner-group
labels: linux-ubuntu-latest
permissions:
id-token: write # JFrog OIDC
env:
UV_PYTHON: "${{ matrix.python }}"
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup uv
uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1
with:
version: "0.11.2"
checksum: "7ac2ca0449c8d68dae9b99e635cd3bc9b22a4cb1de64b7c43716398447d42981" # uv-x86_64-unknown-linux-gnu.tar.gz
- name: Setup for JFrog
uses: ./.github/actions/jfrog-auth
- name: Initialize the project
run: make dev
- name: Run unit tests
run: make test
- name: Publish test coverage
uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
with:
token: ${{ secrets.CODECOV_TOKEN }}
fmt:
runs-on:
group: databrickslabs-protected-runner-group
labels: linux-ubuntu-latest
permissions:
id-token: write # JFrog OIDC
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup uv
uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1
with:
version: "0.11.2"
checksum: "7ac2ca0449c8d68dae9b99e635cd3bc9b22a4cb1de64b7c43716398447d42981" # uv-x86_64-unknown-linux-gnu.tar.gz
- name: Setup for JFrog
uses: ./.github/actions/jfrog-auth
- name: Initialize the project
run: make dev
- name: Format all files
run: make fmt
- name: Fail on differences
run: git diff --exit-code
lint-uv:
runs-on:
group: databrickslabs-protected-runner-group
labels: linux-ubuntu-latest
permissions:
# JFrog OIDC authentication.
id-token: write
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Deepening checkout to find merge-base
if: github.event.pull_request || github.event.merge_group
env:
BASE_SHA: "${{ github.event.pull_request.base.sha || github.event.merge_group.base_sha }}"
run: |
_depth=32
_max=512
until git merge-base "${BASE_SHA}" HEAD > /dev/null 2>&1
do
if [[ "${_max}" -lt "${_depth}" ]]
then
# Give up deepening, just fetch the rest of the repo.
git fetch --unshallow origin "${BASE_SHA}" "${GITHUB_REF}"
break
fi
git fetch --deepen "${_depth}" origin "${BASE_SHA}" "${GITHUB_REF}"
_depth=$((_depth * 2))
done
printf '%s=%s\n' 'BASE_SHA' "${BASE_SHA}" >> "${GITHUB_ENV}"
- name: Setup uv
uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1
with:
version: "0.11.2"
checksum: "7ac2ca0449c8d68dae9b99e635cd3bc9b22a4cb1de64b7c43716398447d42981"
- name: Setup for JFrog
uses: ./.github/actions/jfrog-auth
- name: Linting project lock-files
run: ./.github/scripts/lint-uv