Merge pull request #731 from airtai/dev #677
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Pipeline | |
on: | |
push: | |
branches-ignore: | |
# - main | |
- dev | |
workflow_dispatch: | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ${{ github.repository }} | |
jobs: | |
static-analysis: | |
strategy: | |
matrix: | |
python-version: ["3.9", "3.10", "3.11", "3.12"] | |
fail-fast: false | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Install Dependencies and library | |
shell: bash | |
run: | | |
set -ux | |
python -m pip install --upgrade pip | |
pip install -e ".[submodules,docs,lint,test-core]" | |
- name: Run mypy | |
shell: bash | |
run: mypy fastagency_studio tests | |
- name: Run bandit | |
shell: bash | |
run: bandit -c pyproject.toml -r fastagency_studio | |
- name: Run Semgrep | |
shell: bash | |
run: semgrep scan --config auto --error | |
unit-test-wasp: | |
if: github.ref != 'refs/heads/dev' && github.ref != 'refs/heads/main' && github.event.pull_request.draft == false | |
runs-on: ubuntu-22.04 | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout repository with cached git lfs | |
uses: nschloe/action-cached-lfs-checkout@v1 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- name: Install wasp | |
run: curl -sSL https://get.wasp-lang.dev/installer.sh | sh -s -- -v 0.14.0 | |
- name: Temporary wasp fix | |
run: | | |
PATCH_FILE_PATH=$(cat $(whereis wasp | cut -d " " -f 2) | tail -1 | cut -d " " -f 1 | cut -d "=" -f 2)/Generator/templates/server/package.json | |
echo $PATCH_FILE_PATH | |
sed -i 's/"postinstall": "patch-package"/"postinstall": ""/' $PATCH_FILE_PATH | |
- name: Run client tests | |
run: cd app && wasp test client run --silent | |
- name: Build wasp | |
run: cd app && wasp build | |
- name: Build frontend | |
run: cd app && cd .wasp/build/web-app && npm install && REACT_APP_API_URL=$REACT_APP_API_URL npm run build | |
pre-commit-check: | |
runs-on: ubuntu-latest | |
env: | |
SKIP: "static-analysis" | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
- name: Set $PY environment variable | |
run: echo "PY=$(python -VV | sha256sum | cut -d' ' -f1)" >> $GITHUB_ENV | |
- uses: actions/cache@v4 | |
with: | |
path: ~/.cache/pre-commit | |
key: pre-commit|${{ env.PY }}|${{ hashFiles('.pre-commit-config.yaml') }} | |
- name: Install Dependencies | |
run: pip install .[submodules,docs,testing] | |
- name: Prisma | |
run: prisma generate | |
- uses: pre-commit/action@v3.0.1 | |
# https://github.com/marketplace/actions/alls-green#why | |
check: # This job does nothing and is only used for the branch protection | |
if: github.event.pull_request.draft == false | |
needs: | |
- static-analysis | |
- pre-commit-check | |
- unit-test-wasp | |
runs-on: ubuntu-latest | |
steps: | |
- name: Decide whether the needed jobs succeeded or failed | |
uses: re-actors/alls-green@release/v1 # nosemgrep | |
with: | |
jobs: ${{ toJSON(needs) }} |