ci: secure the license file #645
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| - pull_request | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup UV | |
| uses: astral-sh/setup-uv@v3 | |
| - name: Install UV Python | |
| run: uv python install | |
| - name: Setup development environment | |
| run: make dev | |
| - name: Run linter | |
| run: make lint | |
| - name: Format code | |
| run: make fmt | |
| test: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| python-version: | |
| - "3.8" | |
| - "3.9" | |
| - "3.10" | |
| - "3.11" | |
| - "3.12" | |
| - "3.13" | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup UV | |
| uses: astral-sh/setup-uv@v3 | |
| - name: Install UV Python for matrix version | |
| run: uv python install ${{ matrix.python-version }} | |
| - name: Setup development environment | |
| run: make dev | |
| - name: Run tests | |
| run: make test | |
| setup-integration-test: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| versions: ${{ steps.versions.outputs.versions }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Get integration versions | |
| id: versions | |
| working-directory: ./integration | |
| # The `jq` command is "output compact, raw input, slurp, split on new lines, and remove the last element". This results in a JSON array of Connect versions (e.g., ["2025.01.0", "2024.12.0"]). | |
| run: | | |
| versions=$(make print-versions | jq -c -Rs 'split("\n") | .[:-1]') | |
| echo "versions=$versions" >> "$GITHUB_OUTPUT" | |
| integration-test: | |
| runs-on: ubuntu-latest | |
| needs: setup-integration-test | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| CONNECT_VERSION: ${{ fromJson(needs.setup-integration-test.outputs.versions) }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Setup UV | |
| uses: astral-sh/setup-uv@v3 | |
| - name: Install UV Python | |
| run: uv python install | |
| - name: Configure Connect license | |
| working-directory: ./integration | |
| run: | | |
| cat << EOF > connect.lic | |
| ${{ secrets.CONNECT_LICENSE }} | |
| EOF | |
| chmod 600 connect.lic | |
| - name: Run integration tests | |
| working-directory: ./integration | |
| run: make ${{ matrix.CONNECT_VERSION }} | |
| - name: Upload integration test report | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: ${{ matrix.CONNECT_VERSION }} - Integration Test Report | |
| path: integration/reports/*.xml | |
| integration-test-report: | |
| needs: integration-test | |
| runs-on: ubuntu-latest | |
| permissions: | |
| checks: write | |
| pull-requests: write | |
| if: always() | |
| steps: | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: artifacts | |
| - name: Publish integration test results | |
| uses: EnricoMi/publish-unit-test-result-action@v2 | |
| with: | |
| check_name: integration-test-results | |
| comment_mode: off | |
| files: "artifacts/**/*.xml" | |
| report_individual_runs: true | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup UV | |
| uses: astral-sh/setup-uv@v3 | |
| - name: Install UV Python | |
| run: uv python install | |
| - name: Setup development environment | |
| run: make dev | |
| - name: Build project | |
| run: make build |