From 76a71fee201f805e4afc954e6622146b1a6d45ba Mon Sep 17 00:00:00 2001 From: suecarmol Date: Wed, 7 May 2025 22:00:04 -0600 Subject: [PATCH 1/9] Remove staging branch on dockerpublish --- .github/workflows/dockerpublish.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/dockerpublish.yml b/.github/workflows/dockerpublish.yml index 1f0534ee..38db81f9 100644 --- a/.github/workflows/dockerpublish.yml +++ b/.github/workflows/dockerpublish.yml @@ -5,7 +5,6 @@ on: # Publish `master` as Docker `latest` image. branches: - master - - staging # Run tests for any PRs. pull_request: From 84c04c6545b348f14f2d6f081d109ceb150e26b3 Mon Sep 17 00:00:00 2001 From: suecarmol Date: Thu, 8 May 2025 17:43:50 -0600 Subject: [PATCH 2/9] Add CI and Coverage GitHub actions --- .github/workflows/ci.yml | 44 ++++++++++++++++++++++++++++++++++ .github/workflows/coverage.yml | 36 ++++++++++++++++++++++++++++ 2 files changed, 80 insertions(+) create mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/coverage.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..0f41cf14 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,44 @@ +# .github/workflows/ci.yml +name: CI + +on: + pull_request: + push: + branches: + - "master" + +jobs: + test: + name: Run tests & display coverage + runs-on: ubuntu-latest + permissions: + # Gives the action the necessary permissions for publishing new + # comments in pull requests. + pull-requests: write + # Gives the action the necessary permissions for pushing data to the + # python-coverage-comment-action branch, and for editing existing + # comments (to avoid publishing multiple comments in the same PR) + contents: write + steps: + - uses: actions/checkout@v4 + - name: Build and Start Images + run: | + cp template.env .env + docker compose up -d --build + - name: Install everything, run the tests, produce the .coverage file + run: docker compose exec -T externallinks /app/bin/django_wait_for_db.sh python django_wait_for_migrations.py coverage run manage.py test + + - name: Coverage comment + id: coverage_comment + uses: py-cov-action/python-coverage-comment-action@v3 + with: + GITHUB_TOKEN: ${{ github.token }} + + - name: Store Pull Request comment to be posted + uses: actions/upload-artifact@v4 + if: steps.coverage_comment.outputs.COMMENT_FILE_WRITTEN == 'true' + with: + # If you use a different name, update COMMENT_ARTIFACT_NAME accordingly + name: python-coverage-comment-action + # If you use a different name, update COMMENT_FILENAME accordingly + path: python-coverage-comment-action.txt diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml new file mode 100644 index 00000000..099c23d7 --- /dev/null +++ b/.github/workflows/coverage.yml @@ -0,0 +1,36 @@ +# .github/workflows/coverage.yml +name: Post coverage comment + +on: + workflow_run: + workflows: ["CI"] + types: + - completed + +jobs: + test: + name: Run tests & display coverage + runs-on: ubuntu-latest + if: github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success' + permissions: + # Gives the action the necessary permissions for publishing new + # comments in pull requests. + pull-requests: write + # Gives the action the necessary permissions for editing existing + # comments (to avoid publishing multiple comments in the same PR) + contents: write + # Gives the action the necessary permissions for looking up the + # workflow that launched this workflow, and download the related + # artifact that contains the comment to be published + actions: read + steps: + # DO NOT run actions/checkout here, for security reasons + # For details, refer to https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ + - name: Post comment + uses: py-cov-action/python-coverage-comment-action@v3 + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_PR_RUN_ID: ${{ github.event.workflow_run.id }} + # Update those if you changed the default values: + # COMMENT_ARTIFACT_NAME: python-coverage-comment-action + # COMMENT_FILENAME: python-coverage-comment-action.txt From 1b01512c691c4788ffadffbc3e3dbdb170a08403 Mon Sep 17 00:00:00 2001 From: suecarmol Date: Thu, 8 May 2025 21:45:17 -0600 Subject: [PATCH 3/9] Remove version from docker-compose file and change test command --- .github/workflows/ci.yml | 2 +- docker-compose.yml | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0f41cf14..e0f4802e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -26,7 +26,7 @@ jobs: cp template.env .env docker compose up -d --build - name: Install everything, run the tests, produce the .coverage file - run: docker compose exec -T externallinks /app/bin/django_wait_for_db.sh python django_wait_for_migrations.py coverage run manage.py test + run: docker compose exec -T externallinks /app/bin/django_wait_for_db.sh python django_wait_for_migrations.py test - name: Coverage comment id: coverage_comment diff --git a/docker-compose.yml b/docker-compose.yml index 5e019793..794d74ff 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,5 +1,4 @@ --- -version: "3.8" volumes: mysql: From e71e2b80122cfb482886814c360055037f8f3a68 Mon Sep 17 00:00:00 2001 From: suecarmol Date: Thu, 8 May 2025 22:04:07 -0600 Subject: [PATCH 4/9] Add .coveragerc file --- .coveragerc | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 .coveragerc diff --git a/.coveragerc b/.coveragerc new file mode 100644 index 00000000..e8e65692 --- /dev/null +++ b/.coveragerc @@ -0,0 +1,26 @@ +[run] +branch = True +relative_files = True + +[report] +; Regexes for lines to exclude from consideration +exclude_also = + ; Don't complain about missing debug-only code: + def __repr__ + if self\.debug + + ; Don't complain if tests don't hit defensive assertion code: + raise AssertionError + raise NotImplementedError + + ; Don't complain if non-runnable code isn't run: + if 0: + if __name__ == .__main__.: + + ; Don't complain about abstract methods, they aren't run: + @(abc\.)?abstractmethod + +ignore_errors = True + +[html] +directory = coverage_html_report From fdb1e632e2efb9a7143a17016d6b336351204341 Mon Sep 17 00:00:00 2001 From: suecarmol Date: Fri, 9 May 2025 18:36:19 -0600 Subject: [PATCH 5/9] Change how to obtain GH secrets on CI --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e0f4802e..04a91f93 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -32,7 +32,7 @@ jobs: id: coverage_comment uses: py-cov-action/python-coverage-comment-action@v3 with: - GITHUB_TOKEN: ${{ github.token }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Store Pull Request comment to be posted uses: actions/upload-artifact@v4 From cecd540e493ee1222b99ce893854cfdb597c726c Mon Sep 17 00:00:00 2001 From: suecarmol Date: Fri, 9 May 2025 18:44:21 -0600 Subject: [PATCH 6/9] Change actions permission to write --- .github/workflows/coverage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 099c23d7..3cdd3af9 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -22,7 +22,7 @@ jobs: # Gives the action the necessary permissions for looking up the # workflow that launched this workflow, and download the related # artifact that contains the comment to be published - actions: read + actions: write steps: # DO NOT run actions/checkout here, for security reasons # For details, refer to https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ From 7d1de360d7c868e5f7b81fe31d0f2a420a851fe4 Mon Sep 17 00:00:00 2001 From: suecarmol Date: Fri, 9 May 2025 21:29:11 -0600 Subject: [PATCH 7/9] Add debug option TODO: remove later --- .github/workflows/ci.yml | 1 + .github/workflows/coverage.yml | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 04a91f93..b74103c9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -42,3 +42,4 @@ jobs: name: python-coverage-comment-action # If you use a different name, update COMMENT_FILENAME accordingly path: python-coverage-comment-action.txt + ACTIONS_RUNNER_DEBUG: true diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 3cdd3af9..f90046a3 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -22,7 +22,7 @@ jobs: # Gives the action the necessary permissions for looking up the # workflow that launched this workflow, and download the related # artifact that contains the comment to be published - actions: write + actions: read steps: # DO NOT run actions/checkout here, for security reasons # For details, refer to https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ @@ -31,6 +31,7 @@ jobs: with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_PR_RUN_ID: ${{ github.event.workflow_run.id }} + ACTIONS_RUNNER_DEBUG: true # Update those if you changed the default values: # COMMENT_ARTIFACT_NAME: python-coverage-comment-action # COMMENT_FILENAME: python-coverage-comment-action.txt From 3b648a862bffc77607a62223770a981a7cdc401f Mon Sep 17 00:00:00 2001 From: suecarmol Date: Fri, 9 May 2025 21:33:36 -0600 Subject: [PATCH 8/9] Remove DEBUG variables They're supposed to go in the repo --- .github/workflows/ci.yml | 1 - .github/workflows/coverage.yml | 1 - 2 files changed, 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b74103c9..04a91f93 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -42,4 +42,3 @@ jobs: name: python-coverage-comment-action # If you use a different name, update COMMENT_FILENAME accordingly path: python-coverage-comment-action.txt - ACTIONS_RUNNER_DEBUG: true diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index f90046a3..099c23d7 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -31,7 +31,6 @@ jobs: with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_PR_RUN_ID: ${{ github.event.workflow_run.id }} - ACTIONS_RUNNER_DEBUG: true # Update those if you changed the default values: # COMMENT_ARTIFACT_NAME: python-coverage-comment-action # COMMENT_FILENAME: python-coverage-comment-action.txt From 5db41560d32dd9279871b1b1dd1e3aaf64e7139e Mon Sep 17 00:00:00 2001 From: suecarmol Date: Thu, 15 May 2025 18:41:54 -0600 Subject: [PATCH 9/9] Change directory in coveragerc --- .coveragerc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.coveragerc b/.coveragerc index e8e65692..764f6561 100644 --- a/.coveragerc +++ b/.coveragerc @@ -23,4 +23,4 @@ exclude_also = ignore_errors = True [html] -directory = coverage_html_report +directory = htmlcov