Bump davidslusser/actions_python_bandit from 1.0.0 to 1.0.1 #85
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'Tests' | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.number }}-${{ github.event.ref }} | |
cancel-in-progress: true | |
on: # yamllint disable-line rule:truthy | |
push: | |
branches: | |
- '*' | |
pull_request: | |
branches: | |
- '*' | |
permissions: | |
contents: read | |
jobs: | |
style: | |
name: Style | |
runs-on: ubuntu-latest | |
timeout-minutes: 3 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: '3.11' | |
- uses: pre-commit/[email protected] | |
bandit: | |
name: Bandit | |
needs: style | |
runs-on: ubuntu-latest | |
steps: | |
- uses: davidslusser/[email protected] | |
with: | |
src: "mne" | |
options: "-c pyproject.toml -ll -r" | |
pip_install_command: "pip install bandit[toml]" | |
pytest: | |
name: '${{ matrix.os }} / ${{ matrix.kind }} / ${{ matrix.python }}' | |
needs: style | |
timeout-minutes: 70 | |
continue-on-error: true | |
runs-on: ${{ matrix.os }} | |
defaults: | |
run: | |
shell: bash -el {0} | |
env: | |
PYTHON_VERSION: '${{ matrix.python }}' | |
MKL_NUM_THREADS: '1' | |
OPENBLAS_NUM_THREADS: '1' | |
PYTHONUNBUFFERED: '1' | |
MNE_CI_KIND: '${{ matrix.kind }}' | |
CI_OS_NAME: '${{ matrix.os }}' | |
strategy: | |
matrix: | |
include: | |
- os: ubuntu-latest | |
python: '3.11' | |
kind: pip-pre | |
- os: ubuntu-latest | |
python: '3.12' | |
kind: conda | |
# 3.12 needs https://github.com/conda-forge/dipy-feedstock/pull/50 | |
- os: macos-14 # arm64 | |
python: '3.11' | |
kind: mamba | |
- os: macos-latest # intel | |
python: '3.11' | |
kind: mamba | |
- os: windows-latest | |
python: '3.10' | |
kind: mamba | |
- os: ubuntu-latest | |
python: '3.9' | |
kind: minimal | |
- os: ubuntu-20.04 | |
python: '3.9' | |
kind: old | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- run: ./tools/github_actions_env_vars.sh | |
# Xvfb/OpenGL | |
- uses: pyvista/setup-headless-display-action@main | |
with: | |
qt: true | |
pyvista: false | |
# Python (if pip) | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python }} | |
if: startswith(matrix.kind, 'pip') | |
# Python (if conda) | |
- name: Remove numba and dipy | |
run: | # TODO: Remove when numba 0.59 and dipy 1.8 land on conda-forge | |
sed -i '/numba/d' environment.yml | |
sed -i '/dipy/d' environment.yml | |
sed -i 's/- mne$/- mne-base/' environment.yml | |
if: matrix.os == 'ubuntu-latest' && startswith(matrix.kind, 'conda') && matrix.python == '3.12' | |
- uses: mamba-org/setup-micromamba@v1 | |
with: | |
environment-file: ${{ env.CONDA_ENV }} | |
environment-name: mne | |
create-args: >- | |
python=${{ env.PYTHON_VERSION }} | |
mamba | |
fmt!=10.2.0 | |
if: ${{ !startswith(matrix.kind, 'pip') }} | |
# Make sure we have the right Python | |
- run: python -c "import platform; assert platform.machine() == 'arm64', platform.machine()" | |
if: matrix.os == 'macos-14' | |
- run: ./tools/github_actions_dependencies.sh | |
# Minimal commands on Linux (macOS stalls) | |
- run: ./tools/get_minimal_commands.sh | |
if: ${{ startswith(matrix.os, 'ubuntu') }} | |
- run: ./tools/github_actions_infos.sh | |
# Check Qt | |
- run: ./tools/check_qt_import.sh $MNE_QT_BACKEND | |
if: ${{ env.MNE_QT_BACKEND != '' }} | |
- name: Run tests with no testing data | |
run: MNE_SKIP_TESTING_DATASET_TESTS=true pytest -m "not (ultraslowtest or pgtest)" --tb=short --cov=mne --cov-report xml -vv -rfE mne/ | |
if: matrix.kind == 'minimal' | |
- run: ./tools/get_testing_version.sh | |
- uses: actions/cache@v4 | |
with: | |
key: ${{ env.TESTING_VERSION }} | |
path: ~/mne_data | |
- run: ./tools/github_actions_download.sh | |
- run: ./tools/github_actions_test.sh | |
- uses: codecov/codecov-action@v4 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
if: success() |