Merge pull request #168 from uc-cdis/chore/ci #402
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# push will run on every pushed commit to any branch (so this will rerun the tests | |
# once a branch gets merged to main in addition to any new commits on any branch) | |
on: push | |
name: CI | |
concurrency: | |
group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}' | |
cancel-in-progress: true | |
jobs: | |
Security: | |
name: Security Pipeline | |
uses: uc-cdis/.github/.github/workflows/securitypipeline.yaml@master | |
with: | |
python-poetry: 'true' | |
secrets: inherit | |
UnitTest: | |
name: Python Unit Test with Postgres | |
uses: uc-cdis/.github/.github/workflows/python_unit_test.yaml@master | |
with: | |
test-script: 'tests/ci_commands_script.sh' | |
python-version: '3.9' | |
use-cache: true | |
# this creates linter settings and uploads to an artifact so the configs can be pulled and used across jobs | |
LintConfig: | |
name: Get Lint Config | |
uses: uc-cdis/.github/.github/workflows/lint-create-config.yaml@master | |
with: | |
python-module-name: "gen3discoveryai" | |
# # (optional) modify the linter configurations from above. You could omit this if you didn't need to do this | |
# CustomizeLintConfig: | |
# runs-on: ubuntu-latest | |
# name: Customize Lint Config | |
# needs: [LintConfig] | |
# steps: | |
# - uses: actions/download-artifact@v4 | |
# with: | |
# # this is uploaded by the lint-create-config.yaml workflow | |
# name: linters-config | |
# path: .github/linters | |
# | |
# # modify default isort to specify the module name for proper formatting | |
# - run: echo "known_first_party=gen3discoveryai" >> .github/linters/.isort.cfg | |
# | |
# # now we need to re-upload the artifacts with the changes | |
# - uses: actions/upload-artifact@v4 | |
# with: | |
# name: linters-config | |
# path: | | |
# .github/linters/ | |
# if-no-files-found: error | |
RequiredLint: | |
name: Run Required Linters | |
needs: [LintConfig] | |
uses: uc-cdis/.github/.github/workflows/required_lint_check.yaml@master | |
with: | |
python-version: '3.9' | |
use-cache: true | |
InformationalLint: | |
name: Run Informational Linters | |
needs: [LintConfig, UnitTest] | |
if: github.ref != 'refs/heads/main' | |
uses: uc-cdis/.github/.github/workflows/optional_lint_check.yaml@master | |
with: | |
python-version: '3.9' | |
use-cache: true | |
ImageBuildAndPush: | |
name: Build Image and Push | |
uses: uc-cdis/.github/.github/workflows/image_build_push.yaml@master | |
needs: [RequiredLint, Security, UnitTest] | |
with: | |
BUILD_PLATFORMS: "linux/amd64" | |
secrets: | |
ECR_AWS_ACCESS_KEY_ID: ${{ secrets.ECR_AWS_ACCESS_KEY_ID }} | |
ECR_AWS_SECRET_ACCESS_KEY: ${{ secrets.ECR_AWS_SECRET_ACCESS_KEY }} | |
QUAY_USERNAME: ${{ secrets.QUAY_USERNAME }} | |
QUAY_ROBOT_TOKEN: ${{ secrets.QUAY_ROBOT_TOKEN }} |