Merge pull request #57 from consideRatio/pr/update-github-workflows

ci: refresh github workflows

Author: consideRatio

.github/dependabot.yaml

@@ -0,0 +1,16 @@
+# dependabot.yaml reference: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+#
+# Notes:
+# - Status and logs from dependabot are provided at
+#   https://github.com/jupyterhub/firstuseauthenticator/network/updates.
+#
+version: 2
+updates:
+  # Maintain dependencies in our GitHub Workflows
+  - package-ecosystem: github-actions
+    directory: /
+    labels: [ci]
+    schedule:
+      interval: monthly
+      time: "05:00"
+      timezone: Etc/UTC

.github/workflows/release.yaml

@@ -1,20 +1,30 @@
 # Build releases and (on tags) publish to PyPI
 name: Release
 
-# always build releases (to make sure wheel-building works)
-# but only publish to PyPI on tags
+# Always tests wheel building, but only publish to PyPI on pushed tags.
 on:
-  push:
   pull_request:
+    paths-ignore:
+      - ".github/workflows/*.yaml"
+      - "!.github/workflows/release.yaml"
+  push:
+    paths-ignore:
+      - ".github/workflows/*.yaml"
+      - "!.github/workflows/release.yaml"
+    branches-ignore:
+      - "dependabot/**"
+      - "pre-commit-ci-update-config"
+    tags: ["**"]
+  workflow_dispatch:
 
 jobs:
   release:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-python@v2
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
         with:
-          python-version: 3.9
+          python-version: "3.12"
 
       - name: install build package
         run: |
@@ -28,7 +38,7 @@ jobs:
           ls -l dist
 
       - name: publish to pypi
-        uses: pypa/gh-action-pypi-publish@v1.4.1
+        uses: pypa/gh-action-pypi-publish@release/v1
         if: startsWith(github.ref, 'refs/tags/')
         with:
           user: __token__

.github/workflows/test.yaml

@@ -1,41 +1,60 @@
+# This is a GitHub workflow defining a set of jobs with a set of steps.
+# ref: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
+#
 name: Tests
 
 on:
   pull_request:
+    paths-ignore:
+      - "**.md"
+      - ".github/workflows/*.yaml"
+      - "!.github/workflows/test.yaml"
   push:
+    paths-ignore:
+      - "**.md"
+      - ".github/workflows/*.yaml"
+      - "!.github/workflows/test.yaml"
+    branches-ignore:
+      - "dependabot/**"
+      - "pre-commit-ci-update-config"
+    tags: ["**"]
   workflow_dispatch:
 
-env:
-  # pytest colors: https://github.com/pytest-dev/pytest/issues/7443
-  FORCE_COLOR: "1"
-
 jobs:
   test:
-    runs-on: ubuntu-20.04
+    runs-on: ${{ matrix.runs-on }}
     timeout-minutes: 10
 
     strategy:
       # Keep running even if one variation of the job fail
       fail-fast: false
       matrix:
-        python:
-          - "3.6"
-          - "3.7"
-          - "3.8"
-          - "3.9"
-          - "3.10"
+        include:
+          - python-version: "3.6"
+            runs-on: ubuntu-20.04
+          - python-version: "3.7"
+            runs-on: ubuntu-22.04
+          - python-version: "3.8"
+            runs-on: ubuntu-22.04
+          - python-version: "3.9"
+            runs-on: ubuntu-latest
+          - python-version: "3.10"
+            runs-on: ubuntu-latest
+          - python-version: "3.11"
+            runs-on: ubuntu-latest
+          - python-version: "3.12"
+            runs-on: ubuntu-latest
+          - python-version: "3.x"
+            runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v2
-
-      - name: Install Python ${{ matrix.python }}
-        uses: actions/setup-python@v2
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
         with:
-          python-version: ${{ matrix.python }}
+          python-version: ${{ matrix.python-version }}
 
       # preserve pip cache to speed up installation
-      - name: Cache pip
-        uses: actions/cache@v2
+      - uses: actions/cache@v4
         with:
           path: ~/.cache/pip
           # Look to see if there is a cache hit for the corresponding requirements file
@@ -51,8 +70,7 @@ jobs:
 
       - name: Run tests
         run: |
-          pytest -v --cov=firstuseauthenticator
+          pytest -v --color=yes --cov=firstuseauthenticator
 
-      - name: Submit codecov report
-        run: |
-          codecov
+      # GitHub action reference: https://github.com/codecov/codecov-action
+      - uses: codecov/codecov-action@v4

dev-requirements.txt

@@ -1,4 +1,3 @@
 pytest
 pytest-asyncio
 pytest-cov
-codecov