Bump semgrep from 1.100.0 to 1.101.0 #213
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Run Boardwalk test suites | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
workflow_dispatch: | |
permissions: | |
contents: read | |
pull-requests: read | |
jobs: | |
python-tests: | |
name: Boardwalk Test Suite | |
runs-on: ubuntu-latest | |
steps: | |
#---------------------------------------------- | |
# check-out repo and set-up python | |
#---------------------------------------------- | |
- name: Check out repository | |
uses: actions/checkout@v4 | |
- name: Set up python | |
id: setup-python | |
uses: actions/[email protected] | |
with: | |
python-version: '3.11' | |
#---------------------------------------------- | |
# Install and configure Poetry, or restore from cache | |
#---------------------------------------------- | |
- name: Load cached Poetry installation | |
id: cached-poetry | |
uses: actions/[email protected] | |
with: | |
path: ~/.local # the path depends on the OS | |
key: poetry-0 # increment to reset cache | |
- name: Install Poetry | |
if: steps.cached-poetry.outputs.cache-hit != 'true' | |
uses: snok/install-poetry@v1 | |
with: | |
virtualenvs-create: true | |
virtualenvs-in-project: true | |
installer-parallel: true | |
#---------------------------------------------- | |
# load cached venv if cache exists | |
#---------------------------------------------- | |
- name: Load cached venv | |
id: cached-poetry-dependencies | |
uses: actions/[email protected] | |
with: | |
path: .venv | |
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }} | |
#---------------------------------------------- | |
# install dependencies if cache does not exist | |
#---------------------------------------------- | |
- name: Install dependencies | |
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true' | |
run: poetry install --no-interaction --no-root | |
#---------------------------------------------- | |
# install your root project, if required | |
#---------------------------------------------- | |
- name: Install project | |
run: poetry install --no-interaction | |
#---------------------------------------------- | |
# Add Ansible for type checking | |
#---------------------------------------------- | |
# If we need to add this for the replacement typechecker, uncomment this. | |
# - run: poetry add ansible --no-interaction | |
#---------------------------------------------- | |
# run test suites | |
#---------------------------------------------- | |
# Run pytest | |
- run: make test-pytest | |
# Commented out because we're planning on switching to a different static | |
# typechecker, and frankly whatever is taking pyright _minutes_ to run is | |
# a little excessive, for now. | |
# - run: make test-pyright | |
ansible-lint: | |
name: Ansible Lint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Run ansible-lint | |
uses: ansible/[email protected] | |
# optional (see below): | |
with: | |
args: "--config-file ${{ github.workspace }}/test/ansible-lint.yaml" | |
working_directory: ${{ github.workspace }}/test | |
ruff-lint-check: | |
name: Ruff - Linting check | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: astral-sh/ruff-action@v1 | |
ruff-formatting-check: | |
name: Ruff - Formatting check | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: astral-sh/ruff-action@v1 | |
with: | |
args: "format --check" |