7 Add option to update the NVD cache only #65
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| paths-ignore: | |
| - 'README.md' | |
| - '.gitignore' | |
| branches: [ main ] | |
| tags: | |
| - 'v*' | |
| pull_request: | |
| branches: [ main ] | |
| jobs: | |
| prebuild: | |
| name: Job Info | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.checkbuild.outputs.version }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - run: git fetch --tags --force | |
| - name: Run Info | |
| id: checkbuild | |
| run: | | |
| if [[ "$GITHUB_REF" == *"tags/v"* ]]; then | |
| VER=$GITHUB_REF_NAME | |
| else | |
| VER=$(git describe --tags --always --match v* --abbrev=0 | sed 's/^.//' | sed 's/:/-/') | |
| fi | |
| echo "version=$VER" >> $GITHUB_OUTPUT | |
| - name: Install dependencies | |
| run: pipx install black flake8 | |
| - name: Check Code Formating | |
| run: black -l 120 -t py37 -t py38 -t py39 -t py310 -t py311 --preview --check icsbom/ | |
| - name: Check Code Quality | |
| run: flake8 --max-line-length 120 icsbom/ | |
| - name: Check Reuse Compliance | |
| uses: fsfe/reuse-action@v4 | |
| with: | |
| args: spdx | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| needs: prebuild | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - run: git fetch --tags --force | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.9' | |
| - name: Install dependencies | |
| run: | | |
| pipx install poetry | |
| poetry --version | |
| poetry config virtualenvs.in-project true | |
| poetry install -vv | |
| - name: Build icsbom | |
| run: | | |
| poetry version "${{needs.prebuild.outputs.version}}" | |
| poetry build | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: icsbom_artifact | |
| path: dist/* | |
| release_continous: | |
| if: (github.ref == 'refs/heads/main') && !(contains(github.ref, '/tags/v')) | |
| name: release_continous | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download assets | |
| uses: actions/download-artifact@v4 | |
| - name: Deploy Continuous | |
| uses: crowbarmaster/GH-Automatic-Releases@latest | |
| with: | |
| repo_token: "${{secrets.DEPLOYTOKEN}}" | |
| automatic_release_tag: "continuous" | |
| title: "Continuous Build" | |
| files: | | |
| icsbom_artifact/* | |
| release: | |
| if: contains(github.ref, '/tags/v') | |
| name: release | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download assets | |
| uses: actions/download-artifact@v4 | |
| - name: Deploy Release | |
| uses: crowbarmaster/GH-Automatic-Releases@latest | |
| with: | |
| repo_token: "${{secrets.DEPLOYTOKEN}}" | |
| prerelease: false | |
| files: | | |
| icsbom_artifact/* | |
| - name: Release PyPi Package | |
| uses: pypa/gh-action-pypi-publish@27b31702a0e7fc50959f5ad993c78deac1bdfc29 | |
| with: | |
| user: __token__ | |
| password: ${{ secrets.PYPI_DEPLOY }} | |
| packages_dir: icsbom_artifact/ |