Skip to content

Enable export of non-attributable transfers #1220

Enable export of non-attributable transfers

Enable export of non-attributable transfers #1220

Workflow file for this run

name: Pycroft CI
on:
push:
branches: [ master, develop ]
pull_request:
jobs:
pre-commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
# TODO: find a way to shallow clone precisely pr_base..pr_head;
# wee need this context to do an adequate `darker` report.
# as it stands this is wasteful.
# assuming no PR has more than 50 commits.
fetch-depth: 50
- uses: actions/setup-python@v5
with:
python-version: '3.11'
cache: 'pip'
- name: "Run pre-commit hooks for HEAD"
uses: pre-commit/[email protected]
if: github.event_name != 'pull_request'
- name: "Run pre-commit hooks for PR range"
uses: pre-commit/[email protected]
with:
extra_args: >
--from-ref=${{ github.event.pull_request.base.sha }}
--to-ref=${{ github.event.pull_request.head.sha }}
if: github.event_name == 'pull_request'
python-lint:
runs-on: ubuntu-latest
steps:
- name: Check out pycroft and submodules
uses: actions/checkout@v4
with:
submodules: recursive
- uses: actions/setup-python@v5
with:
python-version: '3.11'
# cache: 'pip'
- name: set up `uv`
run: pip install uv && uv pip list
- name: restore uv cache
uses: actions/cache/restore@v4
id: cache-uv-restore
with:
path: ~/.cache/uv
key: uv
- name: install pip dependencies with uv
run: >
uv pip sync --system requirements.dev.txt
&& uv pip install --system . deps/wtforms-widgets
&& uv pip list --system
id: pip-install
- name: save uv cache
uses: actions/cache/save@v4
id: cache-uv-save
with:
path: ~/.cache/uv
key: uv
# now come the tests
- name: Execute ruff
run: ruff check --output-format=github .
if: success() || steps.pip-install.conclusion == 'success'
- name: Execute mypy
run: ./scripts/run_mypy.sh
if: success() || steps.pip-install.conclusion == 'success'
# docs stuff
- name: Build sphinx docs
run: make SPHINXOPTS="-EN -w sphinx.log" -C doc html
if: success() || steps.pip-install.conclusion == 'success'
- name: Render sphinx warnings as annotations
run: python ./scripts/render_sphinx_log.py doc/sphinx.log
if: success() || steps.pip-install.conclusion == 'success'
- name: Publish sphinx docs as pages artifact
uses: actions/upload-pages-artifact@v3
with:
path: doc/_build/html
# see https://github.com/actions/deploy-pages#usage
deploy-docs:
if: (github.event_name == 'push') && (github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/master')
# Add a dependency to the build job
needs: python-lint
# Grant GITHUB_TOKEN the permissions required to make a Pages deployment
permissions:
pages: write # to deploy to Pages
id-token: write # to verify the deployment originates from an appropriate source
# Deploy to the github-pages environment. see
# https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment
# for general information abotu environments.
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
runs-on: ubuntu-latest
steps:
- name: Deploy sphinx docs to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4
npm-build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: oven-sh/setup-bun@v1
with:
bun-version: 1.1.3
- run: bun install --frozen-lockfile
- run: bun run bundle --prod
- name: Check for outdated NPM packages
run: bun x npm-check-updates --root --format group >> "${GITHUB_STEP_SUMMARY}"
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
submodules: 'true'
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: v0.10.0
- name: Fix permissions
run: sudo chmod -R a+rw .
- name: print buildx definition
run: docker buildx bake --file docker-compose.prod.yml --print
- name: Build the Docker image
run: docker buildx bake --file docker-compose.prod.yml --load
- name: Login to GitLab Registry
uses: docker/login-action@v3
with:
registry: registry.agdsn.de
username: "github-actions"
password: ${{ secrets.GITLAB_REGISTRY_PASSWORD }}
- name: Tag built image
run: docker tag agdsn/pycroft-prod:latest registry.agdsn.de/agdsn/coreos/pycroft/pycroft:${GITHUB_REF##*/}
- name: Push to GitLab registry
run: docker push registry.agdsn.de/agdsn/coreos/pycroft/pycroft:${GITHUB_REF##*/}
test:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
submodules: 'true'
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: v0.10.0
- name: Fix permissions
run: sudo chmod -R a+rw .
- name: print buildx definition
run: docker buildx bake --print
- name: Build
run: docker buildx bake --load
- name: Run test-app entrypoints
run: docker compose -f docker-compose.test.yml run --rm --no-deps test-app
- name: Start
run: docker compose -f docker-compose.test.yml up --quiet-pull --wait --wait-timeout=60 test-app
- name: list npm packages for debug output
run: docker compose -f docker-compose.test.yml run --rm test-app shell bun pm ls --all
- name: Run esbuild
run: docker compose -f docker-compose.test.yml run --rm test-app bun run bundle --prod
- name: Run tests
run: >
docker compose -f docker-compose.test.yml run --rm test-app
test -m "not legacy"
--junitxml=junit/test-results.xml
--cov=pycroft --cov=web --cov=ldap_sync --cov=hades_logs --cov-append
--cov-report html --cov-report xml
- name: Publish Test Report
uses: mikepenz/action-junit-report@v4
if: always() # always run even if the previous step fails
with:
report_paths: 'junit/test-*.xml'
- name: Publish coverage XML report as markdown comment
uses: irongut/[email protected]
with:
filename: coverage.xml
badge: true
fail_below_min: false
format: markdown
hide_branch_rate: false
hide_complexity: true
indicators: true
output: both
thresholds: '60 80'
- name: Add Coverage to PR summary
run: cat code-coverage-results.md >> $GITHUB_STEP_SUMMARY
- name: Publish coverage HTML report as artifact
uses: actions/upload-artifact@v4
if: always()
with:
name: coverage
path: htmlcov