name: Python on: push: branches: - main pull_request: schedule: - cron: "0 8 * * *" concurrency: group: check-${{ github.ref }} cancel-in-progress: true jobs: build: name: test with ${{ matrix.py }} on ${{ matrix.os }} runs-on: ${{ matrix.os }} strategy: fail-fast: false matrix: py: - "3.11" - "3.10" - "3.9" - "3.8" - "3.7" os: - ubuntu-latest - macos-latest - windows-latest exclude: - os: macos-latest py: "3.7" steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - name: Setup python for test ${{ matrix.py }} uses: actions/setup-python@v5 with: python-version: ${{ matrix.py }} - name: Install tox run: python -m pip install tox-gh>=1.2 poetry - name: Setup test suite run: tox -vv --notest - name: Run test suite run: tox --skip-pkg-install env: COVERAGE_FILE: ".coverage.${{ matrix.py }}" - name: Store coverage file uses: actions/upload-artifact@v3 with: name: coverage path: .coverage.${{ matrix.py }} coverage: if: github.event_name != 'schedule' name: Coverage runs-on: ubuntu-latest needs: build permissions: pull-requests: write contents: write steps: - uses: actions/checkout@v4 - uses: actions/download-artifact@v4 id: download with: name: "coverage" - name: Coverage comment id: coverage_comment uses: py-cov-action/python-coverage-comment-action@v3 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} MERGE_COVERAGE_FILES: true ANNOTATE_MISSING_LINES: true VERBOSE: true - name: Store Pull Request comment to be posted uses: actions/upload-artifact@v3 if: steps.coverage_comment.outputs.COMMENT_FILE_WRITTEN == 'true' with: name: python-coverage-comment-action path: python-coverage-comment-action.txt gitleaks: name: gitleaks runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - uses: gitleaks/gitleaks-action@v2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }}