Bump github/codeql-action from 3.27.9 to 3.28.0 #675
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- Copyright (C) | |
| # 2023 Benjamin Thomas Schwertfeger | |
| # GitHub: https://github.com/btschwertfeger | |
| # | |
| # Workflow to apply pre-commit, build, test and upload the package to the test | |
| # index of PyPI. | |
| # | |
| # This workflow runs the whole CI of the python-kraken-sdk and serves to run the | |
| # following checks: | |
| # * pre-commit: checks the code style, syntax, formatting, etc. | |
| # * CodeQL: checks security issues | |
| # * Build: builds the python-kraken-sdk for multiple versions and os | |
| # * Build Doc: builds the documentation | |
| # * Test: Runs the unit tests for Spot and Futures. This | |
| # requires the following repository secrets to be set: | |
| # for Spot: | |
| # * SPOT_API_KEY | |
| # * SPOT_SECRET_KEY | |
| # ... see the README for information about how to generate | |
| # Spot API keys. Please also make sure to enable the | |
| # following API permissions: | |
| # * Query funds | |
| # * Deposit funds | |
| # * Query open orders & trades | |
| # * Query closed orders & trades | |
| # * Query ledger entries | |
| # * Export data | |
| # * Access WebSockets API | |
| # Disable all other permissions since we don't want to create or | |
| # cancel real orders or withdraw funds during testing. These tests | |
| # are disabled by default but having the permissions disabled is the | |
| # safest way of testing. | |
| # | |
| # for Futures: | |
| # * FUTURES_API_KEY | |
| # * FUTURES_SECRET_KEY | |
| # * FUTURES_SANDBOX_KEY | |
| # * FUTURES_SANDBOX_SECRET | |
| # | |
| # Please also make sure to set the "Read Only" permission for the | |
| # live account to not risk any funds during testing! The | |
| # demo/sandbox account requires full permissions. | |
| # | |
| name: CI/CD | |
| on: | |
| push: | |
| branches: [master] | |
| schedule: | |
| - cron: "20 16 */7 * *" | |
| release: | |
| types: [created] | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| branches: ["**"] | |
| # only run once due to API rate limits | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| ## =========================================================================== | |
| ## Checks the code logic, style and more | |
| ## | |
| Pre-Commit: | |
| uses: ./.github/workflows/_pre_commit.yaml | |
| ## =========================================================================== | |
| ## Discover vulnerabilities | |
| ## | |
| CodeQL: | |
| uses: ./.github/workflows/_codeql.yaml | |
| ## =========================================================================== | |
| ## Builds the package on multiple OS | |
| ## | |
| Build: | |
| needs: [Pre-Commit] | |
| uses: ./.github/workflows/_build.yaml | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| os: [ubuntu-latest, macos-latest, windows-latest] | |
| python-version: ["3.11", "3.12"] | |
| with: | |
| os: ${{ matrix.os }} | |
| python-version: ${{ matrix.python-version }} | |
| ## =========================================================================== | |
| ## Build the documentation | |
| ## | |
| Build-Doc: | |
| needs: [Pre-Commit] | |
| uses: ./.github/workflows/_build_doc.yaml | |
| with: | |
| os: "ubuntu-latest" | |
| python-version: "3.11" | |
| ## =========================================================================== | |
| ## Run the Spot tests | |
| ## | |
| ## (public endpoints) | |
| ## | |
| Test-Spot-Public: | |
| needs: [Pre-Commit] | |
| uses: ./.github/workflows/_test_spot_public.yaml | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, windows-latest] | |
| python-version: ["3.11", "3.12"] | |
| with: | |
| os: ${{ matrix.os }} | |
| python-version: ${{ matrix.python-version }} | |
| ## | |
| ## (private endpoints) | |
| Test-Spot-Private: | |
| if: success() && github.actor != 'dependabot[bot]' | |
| needs: [Pre-Commit] | |
| uses: ./.github/workflows/_test_spot_private.yaml | |
| strategy: | |
| max-parallel: 1 # to avoid failing tests because of API Rate limits | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, windows-latest] | |
| python-version: ["3.11", "3.12"] | |
| with: | |
| os: ${{ matrix.os }} | |
| python-version: ${{ matrix.python-version }} | |
| secrets: inherit | |
| ## =========================================================================== | |
| ## Run the NFT tests | |
| ## | |
| ## (public endpoints) | |
| ## | |
| Test-NFT-Public: | |
| needs: [Pre-Commit] | |
| uses: ./.github/workflows/_test_nft_public.yaml | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, windows-latest] | |
| python-version: ["3.11", "3.12"] | |
| with: | |
| os: ${{ matrix.os }} | |
| python-version: ${{ matrix.python-version }} | |
| ## | |
| ## (private endpoints) | |
| Test-NFT-Private: | |
| if: success() && github.actor != 'dependabot[bot]' | |
| needs: [Test-Spot-Private] | |
| uses: ./.github/workflows/_test_nft_private.yaml | |
| strategy: | |
| max-parallel: 1 # to avoid failing tests because of API Rate limits | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, windows-latest] | |
| python-version: ["3.11", "3.12"] | |
| with: | |
| os: ${{ matrix.os }} | |
| python-version: ${{ matrix.python-version }} | |
| secrets: inherit | |
| ## =========================================================================== | |
| ## Run the Futures tests | |
| ## | |
| ## (public endpoints) | |
| Test-Futures-Public: | |
| needs: [Pre-Commit] | |
| uses: ./.github/workflows/_test_futures_public.yaml | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, windows-latest] | |
| python-version: ["3.11", "3.12"] | |
| with: | |
| os: ${{ matrix.os }} | |
| python-version: ${{ matrix.python-version }} | |
| ## | |
| ## (private endpoints) | |
| Test-Futures-Private: | |
| if: success() && github.actor != 'dependabot[bot]' | |
| needs: [Pre-Commit] | |
| uses: ./.github/workflows/_test_futures_private.yaml | |
| strategy: | |
| max-parallel: 1 # to avoid failing tests because of API Rate limits | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, windows-latest] | |
| python-version: ["3.11", "3.12"] | |
| with: | |
| os: ${{ matrix.os }} | |
| python-version: ${{ matrix.python-version }} | |
| secrets: inherit | |
| ## =========================================================================== | |
| ## Generates and uploads the coverage statistics to codecov | |
| ## | |
| CodeCov: | |
| if: | | |
| (success() && github.actor == 'btschwertfeger') | |
| && (github.event_name == 'push' || github.event_name == 'release') | |
| needs: | |
| - Test-Spot-Public | |
| - Test-Spot-Private | |
| - Test-Futures-Public | |
| - Test-Futures-Private | |
| - Test-NFT-Public | |
| - Test-NFT-Private | |
| uses: ./.github/workflows/_codecov.yaml | |
| with: | |
| os: "ubuntu-latest" | |
| python-version: "3.11" | |
| secrets: inherit | |
| ## =========================================================================== | |
| ## Uploads the package to test.pypi.org on master if triggered by | |
| ## a regular commit/push. | |
| ## | |
| UploadTestPyPI: | |
| if: | | |
| (success() && github.ref == 'refs/heads/master') | |
| && (github.event_name == 'push' || github.event_name == 'release') | |
| needs: | |
| - Build | |
| - Build-Doc | |
| - CodeQL | |
| - CodeCov | |
| name: Upload development version to Test PyPI | |
| uses: ./.github/workflows/_pypi_test_publish.yaml | |
| secrets: | |
| API_TOKEN: ${{ secrets.TEST_PYPI_API_TOKEN }} | |
| ## =========================================================================== | |
| ## Upload the python-kraken-sdk to Production PyPI | |
| ## | |
| UploadPyPI: | |
| if: | | |
| success() | |
| && github.actor == 'btschwertfeger' | |
| && github.event_name == 'release' | |
| needs: | |
| - Build | |
| - Build-Doc | |
| - CodeQL | |
| - CodeCov | |
| name: Upload release to PyPI | |
| uses: ./.github/workflows/_pypi_publish.yaml | |
| secrets: | |
| API_TOKEN: ${{ secrets.PYPI_API_TOKEN }} |