From 5b1bd73b80d572095da62ab42669088322a4ae47 Mon Sep 17 00:00:00 2001 From: Lando Toothman <25360446+TheLandolorien@users.noreply.github.com> Date: Fri, 29 Sep 2023 23:10:09 -0400 Subject: [PATCH 1/3] chore: Add fixtures for CI testing --- .gitignore | 7 +++++-- tests/ci/fixtures/pull_request_merged.json | 5 +++++ 2 files changed, 10 insertions(+), 2 deletions(-) create mode 100644 tests/ci/fixtures/pull_request_merged.json diff --git a/.gitignore b/.gitignore index d992b4c..ff36751 100644 --- a/.gitignore +++ b/.gitignore @@ -98,8 +98,8 @@ celerybeat.pid *.sage.py # Environments -.env -.venv +.env/ +.venv/ env/ venv/ ENV/ @@ -129,3 +129,6 @@ dmypy.json # Cython debug symbols cython_debug/ + +# Configuration files +*.env \ No newline at end of file diff --git a/tests/ci/fixtures/pull_request_merged.json b/tests/ci/fixtures/pull_request_merged.json new file mode 100644 index 0000000..5c3735e --- /dev/null +++ b/tests/ci/fixtures/pull_request_merged.json @@ -0,0 +1,5 @@ +{ + "pull_request": { + "merged": true + } +} From 5f9d8773d6f1aa2912435d23f8e0a2aa530074dd Mon Sep 17 00:00:00 2001 From: ccc-service-account <145862681+ccc-service-account@users.noreply.github.com> Date: Sun, 1 Oct 2023 23:51:09 +0000 Subject: [PATCH 2/3] chore: Bump package version to v1.4.0 --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 41774c5..14b862e 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "package-name" -version = "1.3.0" +version = "1.4.0" description = "Package description" license = "MIT" authors = ["Author Name "] From d18e911805ccb9a83b5dc41e212fce81dfbbc170 Mon Sep 17 00:00:00 2001 From: Lando Toothman <25360446+TheLandolorien@users.noreply.github.com> Date: Sun, 1 Oct 2023 17:17:26 -0400 Subject: [PATCH 3/3] test: Configure GitHub Actions testing with act --- .actrc | 6 ++++ .github/hooks/pre-commit | 17 +++++++++--- .github/workflows/delivery.yml | 51 +++++++++++++++++++++++++--------- README.md | 12 ++++++++ 4 files changed, 69 insertions(+), 17 deletions(-) create mode 100644 .actrc diff --git a/.actrc b/.actrc new file mode 100644 index 0000000..ba35200 --- /dev/null +++ b/.actrc @@ -0,0 +1,6 @@ +--no-skip-checkout +--pull=false +--container-architecture linux/amd64 +--platform ubuntu-latest=ghcr.io/cloud-city-crafted/gh-runners:ubuntu-latest +--env-file .env +--secret-file secrets.env \ No newline at end of file diff --git a/.github/hooks/pre-commit b/.github/hooks/pre-commit index 01572bf..81a6ede 100755 --- a/.github/hooks/pre-commit +++ b/.github/hooks/pre-commit @@ -18,12 +18,21 @@ else exit 1 fi -linting_results=$(poetry run pylint src tests) +python_linting_results=$(poetry run pylint src tests) if [[ "$?" == "0" ]]; then - echo "✅ Linting" + echo "✅ Python Linting" else - echo "❌ Linting" - echo "$linting_results" + echo "❌ Python Linting" + echo "$python_linting_results" + exit 1 +fi + +gh_actions_linting_results=$(act --dryrun) +if [[ "$?" == "0" ]]; then + echo "✅ GitHub Actions Linting" +else + echo "❌ GitHub Actions Linting" + echo "$gh_actions_linting_results" exit 1 fi diff --git a/.github/workflows/delivery.yml b/.github/workflows/delivery.yml index 67494ca..5be5364 100644 --- a/.github/workflows/delivery.yml +++ b/.github/workflows/delivery.yml @@ -9,15 +9,20 @@ on: env: BRANCH_NAME: ${{ github.head_ref || github.ref_name }} + SERVICE_ACCOUNT_USERNAME: "ccc-service-account" + SERVICE_ACCOUNT_EMAIL_ADDRESS: "145862681+ccc-service-account@users.noreply.github.com" jobs: - test: + release: if: github.event.pull_request.merged == true runs-on: ubuntu-latest steps: - name: Checkout Source Code uses: actions/checkout@v4 + with: + ref: main + token: ${{ secrets.GITHUB_TOKEN }} - name: Install Poetry run: pipx install poetry @@ -28,25 +33,45 @@ jobs: cache: "poetry" - name: Install Python Dependencies - run: poetry install + run: poetry install --no-ansi --without dev - name: Run End-to-End Tests run: poetry run pytest tests/e2e - - name: Bump Version - id: bump-version + - name: Configure Git GPG Signing + id: configure-git-gpg + env: + GPG_PRIVATE_KEY: ${{ secrets.SERVICE_ACCOUNT_GPG_PRIVATE_KEY }} + GPG_PRIVATE_KEY_PASSPHRASE: ${{ secrets.SERVICE_ACCOUNT_GPG_PASSPHRASE }} run: | - package_version="$(poetry version ${{ startsWith(env.BRANCH_NAME, 'bug') || startsWith(env.BRANCH_NAME, 'fix') && 'patch' || 'minor' }} --short)" - git config user.name ccc-service-account - git config user.email service@cloudcitycrafted.io - git commit -am "chore: Bump package version to v$package_version" - git push - echo "new-version=$package_version" >> $GITHUB_OUTPUT + echo "$GPG_PRIVATE_KEY" | gpg --import --pinentry-mode loopback --passphrase "$GPG_PRIVATE_KEY_PASSPHRASE" + key_metadata=$(gpg --with-colons --with-keygrip --list-secret-keys $SERVICE_ACCOUNT_EMAIL_ADDRESS) + keyid=$(echo "$key_metadata" | awk -F: 'NR == 1 { print $5 }') + keyfingerprint=$(echo "$key_metadata" | awk -F: 'NR == 2 { print $10 }') + keygrip=$(echo "$key_metadata" | awk -F: 'NR == 3 { print $10 }') + echo "$GPG_PRIVATE_KEY_PASSPHRASE" | "$(gpgconf --list-dirs libexecdir)"/gpg-preset-passphrase --preset $keygrip + + git config --global user.name $SERVICE_ACCOUNT_USERNAME + git config --global user.email $SERVICE_ACCOUNT_EMAIL_ADDRESS + git config --global user.signingkey $keyid + git config --global commit.gpgsign true + git config --global tag.gpgsign true - - name: Build Package - run: poetry build + echo "gpg-key-fingerprint=$keyfingerprint" >> $GITHUB_OUTPUT - name: Create GitHub Release - run: gh release create --generate-notes --latest 'v${{ steps.bump-version.outputs.new-version }}' ./dist/*.tar.gz env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + BUMP_TYPE: ${{ startsWith(env.BRANCH_NAME, 'bug') || startsWith(env.BRANCH_NAME, 'fix') && 'patch' || 'minor' }} + run: | + package_version="$(poetry version $BUMP_TYPE --short)" + poetry build + git add pyproject.toml + git commit -m "chore: Bump package version to v$package_version" --no-verify + git push + gh release create --generate-notes "v$package_version" "./dist/*$package_version0*" + + - name: Clean Up GPG Credentials + env: + GPG_PRIVATE_KEY_FINGERPRINT: ${{ steps.configure-git-gpg.outputs.gpg-key-fingerprint }} + run: echo $GPG_PRIVATE_KEY_FINGERPRINT | xargs gpg --batch --yes --delete-secret-and-public-keys diff --git a/README.md b/README.md index ff8a227..86a4ff4 100644 --- a/README.md +++ b/README.md @@ -48,6 +48,18 @@ pytest tests/e2e # Run end-to-end tests pytest tests # Run all tests ``` +### (Optional) Running CI Workflow Tests + +Ensure [Docker](https://docs.docker.com/get-docker/) and [`act`](https://github.com/nektos/act#installation) are installed and a [github-act-cache-server](https://github.com/sp-ricard-valverde/github-act-cache-server) is up and running. + +Local workflow runs are executed via `act`. Once all dependencies are setup, you can test workflows with: + +```shell +# TBD script to run all tests +``` + +See [example `act` commands](https://github.com/nektos/act#example-commands) to better understand how to run GitHub actions locally. + ## Configuring Developer Standards Use `git` to install commit message, pre-commit, and pre-push commit hooks: