-
Notifications
You must be signed in to change notification settings - Fork 11
124 lines (109 loc) · 4.56 KB
/
ci-python.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
name: vaas-python-ci
on:
push:
branches:
- main
paths:
- "python/**"
- ".github/workflows/ci-python.yaml"
tags:
- "py*"
pull_request:
branches:
- main
paths:
- "python/**"
- ".github/workflows/ci-python.yaml"
workflow_dispatch:
inputs:
environment:
type: choice
description: "Test environment"
options:
- production
- staging
- develop
default: "production"
env:
CLIENT_ID: ${{ secrets.CLIENT_ID }}
CLIENT_SECRET: ${{secrets.CLIENT_SECRET}}
VAAS_URL: "wss://gateway.production.vaas.gdatasecurity.de"
TOKEN_URL: "https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token"
VAAS_CLIENT_ID: ${{ secrets.VAAS_CLIENT_ID }}
VAAS_USER_NAME: ${{ secrets.VAAS_USER_NAME }}
VAAS_PASSWORD: ${{secrets.VAAS_PASSWORD}}
jobs:
build-python:
name: Build & Test Python SDK
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
- name: set staging environment
if: (inputs.environment == 'staging' || (startsWith(github.ref, 'refs/tags/py') && endsWith(github.ref, '-beta')))
run: |
echo "CLIENT_ID=${{ secrets.STAGING_CLIENT_ID }}" >> $GITHUB_ENV
echo "CLIENT_SECRET=${{ secrets.STAGING_CLIENT_SECRET }}" >> $GITHUB_ENV
echo "VAAS_URL=wss://gateway.staging.vaas.gdatasecurity.de" >> $GITHUB_ENV
echo "TOKEN_URL=https://account-staging.gdata.de/realms/vaas-staging/protocol/openid-connect/token" >> $GITHUB_ENV
echo "VAAS_CLIENT_ID=${{ secrets.STAGING_VAAS_CLIENT_ID }}" >> $GITHUB_ENV
echo "VAAS_USER_NAME=${{ secrets.STAGING_VAAS_USER_NAME }}" >> $GITHUB_ENV
echo "VAAS_PASSWORD=${{ secrets.STAGING_VAAS_PASSWORD }}" >> $GITHUB_ENV
- name: set develop environment
if: (inputs.environment == 'develop' || (startsWith(github.ref, 'refs/tags/py') && endsWith(github.ref, '-alpha')))
run: |
echo "CLIENT_ID=${{ secrets.DEVELOP_CLIENT_ID }}" >> $GITHUB_ENV
echo "CLIENT_SECRET=${{ secrets.DEVELOP_CLIENT_SECRET }}" >> $GITHUB_ENV
echo "VAAS_URL=wss://gateway.develop.vaas.gdatasecurity.de" >> $GITHUB_ENV
echo "TOKEN_URL=https://account-staging.gdata.de/realms/vaas-develop/protocol/openid-connect/token" >> $GITHUB_ENV
echo "VAAS_CLIENT_ID=${{ secrets.DEVELOP_VAAS_CLIENT_ID }}" >> $GITHUB_ENV
echo "VAAS_USER_NAME=${{ secrets.DEVELOP_VAAS_USER_NAME }}" >> $GITHUB_ENV
echo "VAAS_PASSWORD=${{ secrets.DEVELOP_VAAS_PASSWORD }}" >> $GITHUB_ENV
- name: set up Python
uses: actions/setup-python@v5
with:
python-version: 3.x
- name: install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
working-directory: python
- name: run tests
run: python -m unittest -v tests/test_*
working-directory: python
- name: install example requirements
run: pip install -r requirements.txt
working-directory: python/examples/VaasExample
- name: run example scan file
env:
SCAN_PATH: "main.py"
run: python main.py
working-directory: python/examples/VaasExample
- name: run example scan url
run: python main_url.py
working-directory: python/examples/VaasExample
- name: extract version
if: startsWith(github.ref, 'refs/tags/py')
run: |
echo "RELEASE_VERSION=${GITHUB_REF#refs/*/py}" >> $GITHUB_ENV
echo $RELEASE_VERSION
- name: set version
if: startsWith(github.ref, 'refs/tags/py')
run: |
sed -i "s/version = 0.0.0/version = $RELEASE_VERSION/g" ./python/setup.cfg
cat ./python/setup.cfg
- name: build wheel
run: python -m build
working-directory: python
- name: publish a Python distribution to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
if: startsWith(github.ref, 'refs/tags/py')
with:
packages_dir: python/dist
user: __token__
password: ${{ secrets.PYPI_TOKEN }}
- name: Microsoft Teams Notification
uses: skitionek/notify-microsoft-teams@master
if: failure()
with:
webhook_url: ${{ secrets.MSTEAMS_WEBHOOK }}
overwrite: "{title: `Failed workflow on for VaaS-SDK ${workflow}`, sections: [{activityTitle: 'build failed', activitySubtitle: `Failed workflow on for VaaS-SDK ${workflow}`, activityImage: 'https://adaptivecards.io/content/cats/3.png'}], themeColor: '#ff0000'}"