Skip to content

Commit 4107853

Browse files
cameronraysmithcameronraysmith
committed
refactor(ci): separate test template job to workflow
Signed-off-by: Cameron Smith <cameron.ray.smith@gmail.com>
1 parent 65be690 commit 4107853

File tree

1 file changed

+221
-0
lines changed

1 file changed

+221
-0
lines changed

.github/workflows/template.yaml

Lines changed: 221 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,221 @@
1+
name: "Template"
2+
3+
on:
4+
workflow_dispatch:
5+
inputs:
6+
debug_enabled:
7+
description: "Run the workflow with tmate.io debugging enabled"
8+
required: true
9+
type: boolean
10+
default: false
11+
run_build_images:
12+
description: "Run build-images job"
13+
required: false
14+
type: boolean
15+
default: false
16+
pull_request:
17+
types: [opened, labeled, reopened, synchronize]
18+
paths-ignore:
19+
- "**/*.md"
20+
- "*"
21+
- "!flake.nix"
22+
- "!flake.lock"
23+
- "!pyproject.toml"
24+
- "!uv.lock"
25+
push:
26+
branches:
27+
- "main"
28+
- "beta"
29+
paths-ignore:
30+
- "**/*.md"
31+
- "*"
32+
- "!flake.nix"
33+
- "!flake.lock"
34+
- "!pyproject.toml"
35+
- "!uv.lock"
36+
37+
defaults:
38+
run:
39+
shell: bash
40+
41+
permissions:
42+
contents: read
43+
packages: write
44+
attestations: write
45+
actions: write
46+
id-token: write
47+
48+
jobs:
49+
scan:
50+
name: gitguardian
51+
runs-on: ubuntu-latest
52+
steps:
53+
- name: Checkout
54+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4
55+
with:
56+
fetch-depth: 0 # fetch all history so multiple commits can be scanned
57+
- name: GitGuardian scan
58+
uses: GitGuardian/ggshield-action@455483042671cc73b40d0e753baddffef7309a1f # ratchet:GitGuardian/ggshield-action@v1.37.0
59+
env:
60+
GITHUB_PUSH_BEFORE_SHA: ${{ github.event.before }}
61+
GITHUB_PUSH_BASE_SHA: ${{ github.event.base }}
62+
GITHUB_PULL_BASE_SHA: ${{ github.event.pull_request.base.sha }}
63+
GITHUB_DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
64+
GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }}
65+
66+
set-variables:
67+
needs: scan
68+
runs-on: ubuntu-latest
69+
outputs:
70+
debug: ${{ steps.set-variables.outputs.debug }}
71+
skip_ci: ${{ steps.set-variables.outputs.skip_ci }}
72+
skip_tests: ${{ steps.set-variables.outputs.skip_tests }}
73+
dry_run_release: ${{ steps.set-variables.outputs.dry_run_release }}
74+
checkout_ref: ${{ steps.set-variables.outputs.checkout_ref }}
75+
checkout_rev: ${{ steps.set-variables.outputs.checkout_rev }}
76+
77+
steps:
78+
- name: Set action variables
79+
id: set-variables
80+
run: |
81+
DEBUG="false"
82+
SKIP_CI="false"
83+
SKIP_TESTS="false"
84+
DRY_RUN_RELEASE="false"
85+
86+
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
87+
DEBUG="${{ inputs.debug_enabled }}"
88+
fi
89+
90+
if [[ "${{ github.event_name }}" == "pull_request" ]]; then
91+
if ${{ contains(github.event.pull_request.labels.*.name, 'skip-ci') }}; then
92+
SKIP_CI="true"
93+
fi
94+
if ${{ contains(github.event.pull_request.labels.*.name, 'skip-tests') }}; then
95+
SKIP_TESTS="true"
96+
fi
97+
if ${{ contains(github.event.pull_request.labels.*.name, 'actions-debug') }}; then
98+
DEBUG="true"
99+
fi
100+
if ${{ contains(github.event.pull_request.labels.*.name, 'release-dry-run') }}; then
101+
DRY_RUN_RELEASE="true"
102+
fi
103+
CHECKOUT_REF="${{ github.event.pull_request.head.ref }}"
104+
CHECKOUT_REV="${{ github.event.pull_request.head.sha }}"
105+
else
106+
CHECKOUT_REF="${{ github.ref_name }}"
107+
CHECKOUT_REV="${{ github.sha }}"
108+
fi
109+
110+
echo "DEBUG=$DEBUG"
111+
echo "SKIP_CI=$SKIP_CI"
112+
echo "SKIP_TESTS=$SKIP_TESTS"
113+
echo "CHECKOUT_REF=$CHECKOUT_REF"
114+
echo "CHECKOUT_REV=$CHECKOUT_REV"
115+
116+
echo "DEBUG=$DEBUG" >> $GITHUB_OUTPUT
117+
echo "SKIP_CI=$SKIP_CI" >> $GITHUB_OUTPUT
118+
echo "SKIP_TESTS=$SKIP_TESTS" >> $GITHUB_OUTPUT
119+
echo "DRY_RUN_RELEASE=$DRY_RUN_RELEASE" >> $GITHUB_OUTPUT
120+
echo "CHECKOUT_REF=$CHECKOUT_REF" >> $GITHUB_OUTPUT
121+
echo "CHECKOUT_REV=$CHECKOUT_REV" >> $GITHUB_OUTPUT
122+
123+
test-omnix-template:
124+
needs: [set-variables]
125+
if: ${{ needs.set-variables.outputs.skip_ci != 'true' }}
126+
runs-on: ubuntu-latest
127+
concurrency:
128+
group: test-omnix-template-${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.event.pull_request.number || github.ref_name }}
129+
cancel-in-progress: true
130+
steps:
131+
- name: Install dependencies
132+
shell: bash
133+
run: |
134+
sudo apt-get update
135+
sudo apt-get install -yq zstd
136+
sudo apt-get clean
137+
138+
- name: Install Nix
139+
uses: DeterminateSystems/nix-installer-action@a48face58194521af687ce7df4c802b1b558e743 # ratchet:DeterminateSystems/nix-installer-action@main
140+
with:
141+
extra-conf: "system-features = nixos-test benchmark big-parallel kvm"
142+
143+
- name: Setup remote cache
144+
uses: cachix/cachix-action@be5295a636153b6ad194d3245f78f8e0b78dc704 # ratchet:cachix/cachix-action@master
145+
continue-on-error: true
146+
with:
147+
name: "${{ vars.CACHIX_CACHE_NAME }}"
148+
authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
149+
extraPullNames: nix-community,pyproject-nix,sciexp,srid
150+
151+
- name: Setup tmate debug session
152+
uses: mxschmitt/action-tmate@e5c7151931ca95bad1c6f4190c730ecf8c7dde48 # ratchet:mxschmitt/action-tmate@v3
153+
if: ${{ needs.set-variables.outputs.debug == 'true' }}
154+
155+
- name: Install omnix
156+
# If we don't install omnix here, it will just clutter the log of the next step
157+
run: nix --accept-flake-config profile install "github:juspay/omnix"
158+
159+
# These tests execute the tl;dr one-liners from the README
160+
- name: Test monorepo template initialization
161+
run: |
162+
REPO_REF="github:sciexp/python-nix-template/${{ needs.set-variables.outputs.checkout_rev }}"
163+
echo "Using repository reference: $REPO_REF"
164+
165+
pwd
166+
rm -fr pnt-mono
167+
168+
nix --accept-flake-config run github:juspay/omnix -- init "$REPO_REF" -o pnt-mono --non-interactive --params '{
169+
"package-name-kebab-case": "pnt-mono",
170+
"package-name-snake-case": "pnt_mono",
171+
"monorepo-package": true,
172+
"git-org": "pnt-mono",
173+
"author": "Pnt Mono",
174+
"author-email": "mono@pnt.org",
175+
"vscode": true,
176+
"github-ci": true,
177+
"nix-template": true
178+
}'
179+
180+
cd pnt-mono
181+
git init
182+
git config --local user.email "test@example.com"
183+
git config --local user.name "Test User"
184+
git commit --allow-empty -m "initial commit (empty)"
185+
git add .
186+
187+
nix develop --accept-flake-config -c pytest
188+
189+
- name: Test single-package template initialization
190+
run: |
191+
REPO_REF="github:sciexp/python-nix-template/${{ needs.set-variables.outputs.checkout_rev }}"
192+
echo "Using repository reference: $REPO_REF"
193+
194+
pwd
195+
rm -fr pnt-new
196+
197+
nix --accept-flake-config run github:juspay/omnix -- init "$REPO_REF" -o pnt-new --non-interactive --params '{
198+
"package-name-kebab-case": "pnt-new",
199+
"package-name-snake-case": "pnt_new",
200+
"monorepo-package": false,
201+
"git-org": "pnt-new",
202+
"author": "Pnt New",
203+
"author-email": "new@pnt.org",
204+
"vscode": true,
205+
"github-ci": true,
206+
"nix-template": false
207+
}'
208+
209+
cd pnt-new
210+
git init
211+
git config --local user.email "test@example.com"
212+
git config --local user.name "Test User"
213+
git commit --allow-empty -m "initial commit (empty)"
214+
git add .
215+
216+
# This needs to use a global uv (astral-sh/setup-uv) before entering
217+
# the devshell even though uv is included in the devshell
218+
nix run nixpkgs#uv -- lock
219+
git add .
220+
221+
nix develop --accept-flake-config -c pytest

0 commit comments

Comments
 (0)