generated from nhcarrigan/template
naomi
6b5fa40599
CI / dependency-pin-check-typescript (push) Successful in 4s
CI / dependency-pin-check-python (push) Successful in 3s
CI / typescript (push) Successful in 9m38s
CI / python (push) Successful in 9m23s
Security Scan and Upload / Security & DefectDojo Upload (push) Successful in 1m6s
### Explanation _No response_ ### Issue _No response_ ### Attestations - [ ] I have read and agree to the [Code of Conduct](https://docs.nhcarrigan.com/community/coc/) - [ ] I have read and agree to the [Community Guidelines](https://docs.nhcarrigan.com/community/guide/). - [ ] My contribution complies with the [Contributor Covenant](https://docs.nhcarrigan.com/dev/covenant/). ### Dependencies - [ ] I have pinned the dependencies to a specific patch version. ### Style - [ ] I have run the linter and resolved any errors. - [ ] My pull request uses an appropriate title, matching the conventional commit standards. - [ ] My scope of feat/fix/chore/etc. correctly matches the nature of changes in my pull request. ### Tests - [ ] My contribution adds new code, and I have added tests to cover it. - [ ] My contribution modifies existing code, and I have updated the tests to reflect these changes. - [ ] All new and existing tests pass locally with my changes. - [ ] Code coverage remains at or above the configured threshold. ### Documentation _No response_ ### Versioning _No response_ Co-authored-by: Hikari <hikari@nhcarrigan.com> Reviewed-on: #1 Co-authored-by: Naomi Carrigan <commits@nhcarrigan.com> Co-committed-by: Naomi Carrigan <commits@nhcarrigan.com>
91 lines
2.1 KiB
YAML
91 lines
2.1 KiB
YAML
name: CI
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
pull_request:
|
|
branches: [main]
|
|
|
|
jobs:
|
|
dependency-pin-check-typescript:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Copy TypeScript files to root
|
|
run: |
|
|
cp typescript/package.json .
|
|
cp typescript/package-lock.json . 2>/dev/null || true
|
|
cp typescript/pnpm-lock.yaml . 2>/dev/null || true
|
|
- uses: naomi-lgbt/dependency-pin-check@main
|
|
with:
|
|
language: typescript
|
|
dev-dependencies: true
|
|
peer-dependencies: true
|
|
optional-dependencies: true
|
|
|
|
dependency-pin-check-python:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Copy Python files to root
|
|
run: |
|
|
cp python/requirements.txt .
|
|
cp python/pyproject.toml .
|
|
# Create empty package.json to prevent ENOENT error
|
|
echo '{}' > package.json
|
|
- uses: naomi-lgbt/dependency-pin-check@main
|
|
with:
|
|
language: python
|
|
dev-dependencies: true
|
|
|
|
typescript:
|
|
needs: dependency-pin-check-typescript
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: pnpm/action-setup@v4
|
|
with:
|
|
version: 10.15.0
|
|
|
|
- uses: actions/setup-node@v4
|
|
with:
|
|
node-version: 24
|
|
cache: 'pnpm'
|
|
cache-dependency-path: typescript/pnpm-lock.yaml
|
|
|
|
- name: Install dependencies
|
|
run: make install-ts
|
|
|
|
- name: Run ESLint
|
|
run: make lint-ts
|
|
|
|
- name: Build TypeScript
|
|
run: make build
|
|
|
|
- name: Run tests
|
|
run: make test
|
|
|
|
python:
|
|
needs: dependency-pin-check-python
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/setup-python@v5
|
|
with:
|
|
python-version: '3.12'
|
|
|
|
- name: Install uv
|
|
uses: astral-sh/setup-uv@v5
|
|
with:
|
|
enable-cache: true
|
|
|
|
- name: Install dependencies
|
|
run: make install-py
|
|
|
|
- name: Run Ruff linter
|
|
run: make lint-py
|
|
|
|
- name: Check Ruff formatting
|
|
run: make format-check-py |