build: Update codeclimate action version #285

Workflow file for this run

	---
	name: CI

	# Ensure only one job per branch.
	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	on:
	push:
	branches: [master]
	tags: ["*"]
	pull_request:
	branches: [master]
	types: [opened, synchronize]

	jobs:
	test:
	name: Test
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repo
	uses: actions/checkout@v4

	- name: Install Nix
	uses: cachix/install-nix-action@v27
	with:
	nix_path: nixpkgs=flake:nixpkgs

	- name: Install Cachix
	uses: cachix/cachix-action@v15
	with:
	name: bow
	authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'

	- name: Run tests
	run: nix develop .#ci --command make test

	- name: Upload test report
	if: always()
	uses: mikepenz/action-junit-report@v4
	with:
	check_name: Test report
	report_paths: '**/.junit.xml'

	- name: Upload coverage
	uses: paambaati/codeclimate-action@v8.0.0
	env:
	CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
	with:
	coverageLocations: \|
	${{ github.workspace }}/.coverage.xml:cobertura

	lint:
	name: ${{ matrix.lint.name }}
	runs-on: ubuntu-latest
	strategy:
	matrix:
	lint:
	- name: Lint style
	rule: lint-style
	- name: Lint types
	rule: lint-types
	- name: Lint other metrics
	rule: lint-metrics
	- name: Scan AST security
	rule: scan-sec-ast
	- name: Scan dependencies
	rule: scan-sec-deps
	steps:
	- name: Checkout repo
	uses: actions/checkout@v4

	- name: Install Nix
	uses: cachix/install-nix-action@v27
	with:
	nix_path: nixpkgs=flake:nixpkgs

	- name: Install Cachix
	uses: cachix/cachix-action@v15
	with:
	name: bow
	authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'

	- name: ${{ matrix.lint.name }}
	run: \|
	if [ "${{ matrix.lint.rule }}" = "scan-sec-deps" ]; then
	nix develop .#ci --command make ${{ matrix.lint.rule }} \|\| (echo "::warning file=scan-sec-deps::Scan dependencies failed with exit code $?.")
	else
	nix develop .#ci --command make ${{ matrix.lint.rule }}
	fi
	continue-on-error: ${{ matrix.lint.rule == 'scan-sec-deps' }}

	pub-image:
	name: Publish Docker image
	runs-on: ubuntu-latest
	needs: [lint, test]
	steps:
	- name: Checkout repo
	uses: actions/checkout@v4

	- name: Install Nix
	uses: cachix/install-nix-action@v27
	with:
	nix_path: nixpkgs=flake:nixpkgs

	- name: Install Cachix
	uses: cachix/cachix-action@v15
	with:
	name: bow
	authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'

	- name: Set image tag
	run: >
	if [ "${{ github.ref_type }}" = "tag" ] && [ -n "${{ github.ref_name }}" ]; then
	echo "IMG_TAG=$(echo ${{ github.ref_name }} \| sed 's/^v//')" >> ${GITHUB_ENV}
	else
	echo "IMG_TAG=latest" >> ${GITHUB_ENV}
	fi

	- name: Update pyproject.toml version with
	if: github.ref_type == 'tag' && github.ref_name != ''
	run: nix develop --command poetry dynamic-versioning

	- name: Capture current commit hash
	run: printf "${{ github.sha }}" > .rev && git add .rev

	- name: Build and push image to registry
	run: >
	nix build .#dockerArchiveStreamer
	&& ./result
	\| gzip --fast
	\| skopeo copy
	--dest-creds ${{ github.repository_owner }}:${{ secrets.GITHUB_TOKEN }}
	docker-archive:/dev/stdin
	docker://ghcr.io/${{ github.repository }}:${IMG_TAG}

	pub-docs:
	name: Publish documentation
	runs-on: ubuntu-latest
	needs: [lint, test]
	steps:
	- name: Checkout repo
	uses: actions/checkout@v4

	- name: Install Nix
	uses: cachix/install-nix-action@v27
	with:
	nix_path: nixpkgs=flake:nixpkgs

	- name: Install Cachix
	uses: cachix/cachix-action@v15
	with:
	name: bow
	authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'

	- name: Push to ReadTheDocs
	env:
	RTD_BUILD_API_URL: https://readthedocs.org/api/v3/projects/volt/versions/latest/builds/
	run: >
	nix develop .#ci --command
	curl -X POST -H "Authorization: Token ${{ secrets.RTD_TOKEN }}" ${RTD_BUILD_API_URL}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build: Update codeclimate action version #285

Workflow file

build: Update codeclimate action version #285

Jobs

Run details

Workflow file for this run