ref(huey): Use new scopes API #1523
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test AWS Lambda | |
on: | |
push: | |
branches: | |
- master | |
- release/** | |
- sentry-sdk-2.0 | |
# XXX: We are using `pull_request_target` instead of `pull_request` because we want | |
# this to run on forks with access to the secrets necessary to run the test suite. | |
# Prefer to use `pull_request` when possible. | |
pull_request_target: | |
types: [labeled, opened, reopened, synchronize] | |
# Cancel in progress workflows on pull_requests. | |
# https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-a-fallback-value | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
permissions: | |
contents: read | |
# `write` is needed to remove the `Trigger: tests using secrets` label | |
pull-requests: write | |
env: | |
SENTRY_PYTHON_TEST_AWS_ACCESS_KEY_ID: ${{ secrets.SENTRY_PYTHON_TEST_AWS_ACCESS_KEY_ID }} | |
SENTRY_PYTHON_TEST_AWS_SECRET_ACCESS_KEY: ${{ secrets.SENTRY_PYTHON_TEST_AWS_SECRET_ACCESS_KEY }} | |
BUILD_CACHE_KEY: ${{ github.sha }} | |
CACHED_BUILD_PATHS: | | |
${{ github.workspace }}/dist-serverless | |
jobs: | |
check-permissions: | |
name: permissions check | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/[email protected] | |
with: | |
persist-credentials: false | |
- name: Check permissions on PR | |
if: github.event_name == 'pull_request_target' | |
run: | | |
python3 -uS .github/workflows/scripts/trigger_tests_on_label.py \ | |
--repo-id ${{ github.event.repository.id }} \ | |
--pr ${{ github.event.number }} \ | |
--event ${{ github.event.action }} \ | |
--username "$ARG_USERNAME" \ | |
--label-names "$ARG_LABEL_NAMES" | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# these can contain special characters | |
ARG_USERNAME: ${{ github.event.pull_request.user.login }} | |
ARG_LABEL_NAMES: ${{ toJSON(github.event.pull_request.labels.*.name) }} | |
- name: Check permissions on repo branch | |
if: github.event_name == 'push' | |
run: true | |
test-aws_lambda-pinned: | |
name: AWS Lambda (pinned) | |
timeout-minutes: 30 | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
python-version: ["3.9"] | |
# python3.6 reached EOL and is no longer being supported on | |
# new versions of hosted runners on Github Actions | |
# ubuntu-20.04 is the last version that supported python3.6 | |
# see https://github.com/actions/setup-python/issues/544#issuecomment-1332535877 | |
os: [ubuntu-20.04] | |
needs: check-permissions | |
steps: | |
- uses: actions/[email protected] | |
with: | |
ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Setup Test Env | |
run: | | |
pip install coverage "tox>=3,<4" | |
- name: Erase coverage | |
run: | | |
coverage erase | |
- name: Test aws_lambda pinned | |
run: | | |
set -x # print commands that are executed | |
./scripts/runtox.sh --exclude-latest "py${{ matrix.python-version }}-aws_lambda" --cov=tests --cov=sentry_sdk --cov-report= --cov-branch | |
- name: Generate coverage XML | |
run: | | |
coverage combine .coverage* | |
coverage xml -i | |
- uses: codecov/codecov-action@v4 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: coverage.xml | |
check_required_tests: | |
name: All AWS Lambda tests passed | |
needs: test-aws_lambda-pinned | |
# Always run this, even if a dependent job failed | |
if: always() | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Check for failures | |
if: contains(needs.test-aws_lambda-pinned.result, 'failure') || contains(needs.test-aws_lambda-pinned.result, 'skipped') | |
run: | | |
echo "One of the dependent jobs has failed. You may need to re-run it." && exit 1 |