pryscraper/.forgejo/workflows/ci.yml
cryptorugmunch 68722b2c22
Some checks failed
CI / lint (pull_request) Failing after 32s
CI / typecheck (pull_request) Failing after 1m37s
CI / test (pull_request) Failing after 2m24s
CI / security (pull_request) Failing after 37s
CI / gitleaks (pull_request) Successful in 35s
CI / commitlint (pull_request) Failing after 13s
ci(forgejo): use python containers and pip
2026-07-03 18:09:07 +02:00

139 lines
4.5 KiB
YAML

# SPDX-License-Identifier: MIT
# Copyright (c) 2026 Rug Munch Media LLC
# Part of Pry — https://git.rugmunch.io/RugMunchMedia/pryscraper
# Licensed under MIT. See LICENSE.
name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
PYTHON_VERSION: "3.12"
jobs:
lint:
runs-on: docker-x64
container:
image: python:3.12-slim
steps:
- name: Install Node.js for actions/checkout
run: |
apt-get update
apt-get install -y --no-install-recommends curl ca-certificates git
curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
apt-get install -y --no-install-recommends nodejs
rm -rf /var/lib/apt/lists/*
- uses: actions/checkout@v4
- name: Install ruff
run: pip install ruff
- name: Lint
run: ruff check .
- name: Format check
run: ruff format --check .
typecheck:
runs-on: docker-x64
container:
image: python:3.12-slim
steps:
- name: Install Node.js for actions/checkout
run: |
apt-get update
apt-get install -y --no-install-recommends curl ca-certificates git
curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
apt-get install -y --no-install-recommends nodejs
rm -rf /var/lib/apt/lists/*
- uses: actions/checkout@v4
- name: Install dependencies
run: |
apt-get update
apt-get install -y --no-install-recommends gcc libpq-dev
rm -rf /var/lib/apt/lists/*
pip install -e ".[dev]"
- name: Type check
run: mypy --python-version 3.12 --strict --ignore-missing-imports --exclude 'build/|dist/|.git/|__pycache__/' *.py
test:
runs-on: docker-x64
container:
image: python:3.12-slim
steps:
- name: Install Node.js for actions/checkout
run: |
apt-get update
apt-get install -y --no-install-recommends curl ca-certificates git
curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
apt-get install -y --no-install-recommends nodejs
rm -rf /var/lib/apt/lists/*
- uses: actions/checkout@v4
- name: Install dependencies
run: |
apt-get update
apt-get install -y --no-install-recommends gcc libpq-dev
rm -rf /var/lib/apt/lists/*
pip install -e ".[dev]"
- name: Test
run: pytest tests/ -v --cov=. --cov-report=term-missing --cov-fail-under=40
security:
runs-on: docker-x64
container:
image: python:3.12-slim
steps:
- name: Install Node.js for actions/checkout
run: |
apt-get update
apt-get install -y --no-install-recommends curl ca-certificates git
curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
apt-get install -y --no-install-recommends nodejs
rm -rf /var/lib/apt/lists/*
- uses: actions/checkout@v4
- name: Install bandit
run: pip install bandit
- name: Bandit
run: bandit -r . -x tests/,.venv,__pycache__
gitleaks:
runs-on: docker-x64
container:
image: python:3.12-slim
steps:
- name: Install Node.js for actions/checkout
run: |
apt-get update
apt-get install -y --no-install-recommends curl ca-certificates git
curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
apt-get install -y --no-install-recommends nodejs
rm -rf /var/lib/apt/lists/*
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install gitleaks
run: |
apt-get update
apt-get install -y --no-install-recommends wget git ca-certificates
rm -rf /var/lib/apt/lists/*
wget -qO- https://github.com/gitleaks/gitleaks/releases/download/v8.24.0/gitleaks_8.24.0_linux_x64.tar.gz | tar -xz -C /usr/local/bin gitleaks
- name: Run gitleaks
run: gitleaks detect --source . --redact --no-banner --no-git
commitlint:
if: github.event_name == 'pull_request'
runs-on: docker-x64
container:
image: node:22-slim
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install commitlint
run: npm install -g @commitlint/cli @commitlint/config-conventional
- name: Run commitlint
run: commitlint --from ${{ github.event.pull_request.base.sha }} --to ${{ github.event.pull_request.head.sha }} --verbose