diff options
Diffstat (limited to '.github')
| -rw-r--r-- | .github/generate_release.py | 2 | ||||
| -rw-r--r-- | .github/markdownlint.yaml | 98 | ||||
| -rw-r--r-- | .github/markdownlintignore | 0 | ||||
| -rw-r--r-- | .github/workflows/code-testing.yml | 19 | ||||
| -rw-r--r-- | .github/workflows/codspeed.yml | 22 | ||||
| -rw-r--r-- | .github/workflows/on-demand.yml | 2 | ||||
| -rw-r--r-- | .github/workflows/pr-triage.yml | 4 | ||||
| -rw-r--r-- | .github/workflows/release.yml | 2 | ||||
| -rw-r--r-- | .github/workflows/secret-scanner.yml | 19 | ||||
| -rw-r--r-- | .github/workflows/sonar.yml | 44 |
10 files changed, 189 insertions, 23 deletions
diff --git a/.github/generate_release.py b/.github/generate_release.py index 97f139b..8cd4337 100644 --- a/.github/generate_release.py +++ b/.github/generate_release.py @@ -30,7 +30,7 @@ class SafeDumper(yaml.SafeDumper): https://github.com/yaml/pyyaml/issues/234#issuecomment-765894586. """ - # pylint: disable=R0901,W0613,W1113 + # pylint: disable=R0901 def increase_indent(self, flow=False, *args, **kwargs): return super().increase_indent(flow=flow, indentless=False) diff --git a/.github/markdownlint.yaml b/.github/markdownlint.yaml new file mode 100644 index 0000000..1804cf7 --- /dev/null +++ b/.github/markdownlint.yaml @@ -0,0 +1,98 @@ +# markdownlint configuration +# the definitive list of rules for markdownlint can be found: +# https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md +# +# only deviations from the defaults are noted here or where there's an opinion +# being expressed. + +# default state for all rules +default: + true + +# heading style +MD003: + style: "atx" + +# unordered list style +MD004: + style: "dash" + +# unorderd list indentation (2-spaces) +# keep it tight yo! +MD007: + indent: 2 + +# line length +MD013: + false + # a lot of debate whether to wrap or not wrap + +# multiple headings with the same content +# siblings_only is set here to allow for common header values in structured +# documents +MD024: + siblings_only: true + +# Multiple top-level headings in the same document +MD025: + front_matter_title: "" + +# MD029/ol-prefix - Ordered list item prefix +MD029: + # List style + style: "ordered" + +# fenced code should be surrounded by blank lines default: true +MD031: + true + +# lists should be surrounded by blank lines default: true +MD032: + true + +# MD033/no-inline-html - Inline HTML +MD033: + false + +# bare URL - bare URLs should be wrapped in angle brackets +# <https://eos.arista.com> +MD034: + false + +# horizontal rule style default: consistent +MD035: + style: "---" + +# first line in a file to be a top-level heading +# since we're using front-matter, this +MD041: + false + +# proper-names - proper names to have the correct capitalization +# probably not entirely helpful in a technical writing environment. +MD044: + false + +# block style - disabled to allow for admonitions +MD046: + false + +# MD048/code-fence-style - Code fence style +MD048: + # Code fence style + style: "backtick" + +# MD049/Emphasis style should be consistent +MD049: + # Emphasis style should be consistent + style: "asterisk" + +# MD050/Strong style should be consistent +MD050: + # Strong style should be consistent + style: "asterisk" + +# MD037/no-space-in-emphasis - Spaces inside emphasis markers +# This incorrectly catches stars used in table contents, so *foo | *bar is triggered to remove the space between | and *bar. +MD037: + false diff --git a/.github/markdownlintignore b/.github/markdownlintignore new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/.github/markdownlintignore diff --git a/.github/workflows/code-testing.yml b/.github/workflows/code-testing.yml index d8b2879..3a66c5c 100644 --- a/.github/workflows/code-testing.yml +++ b/.github/workflows/code-testing.yml @@ -122,7 +122,7 @@ jobs: test-documentation: name: Build offline documentation for testing runs-on: ubuntu-20.04 - needs: [lint-python, type-python, test-python] + needs: [test-python] steps: - uses: actions/checkout@v4 - name: Setup Python @@ -133,3 +133,20 @@ jobs: run: pip install .[doc] - name: "Build mkdocs documentation offline" run: mkdocs build + benchmarks: + name: Benchmark ANTA for Python 3.12 + runs-on: ubuntu-latest + needs: [test-python] + steps: + - uses: actions/checkout@v4 + - name: Setup Python + uses: actions/setup-python@v5 + with: + python-version: "3.12" + - name: Install dependencies + run: pip install .[dev] + - name: Run benchmarks + uses: CodSpeedHQ/action@v3 + with: + token: ${{ secrets.CODSPEED_TOKEN }} + run: pytest --codspeed --no-cov --log-cli-level INFO tests/benchmark
\ No newline at end of file diff --git a/.github/workflows/codspeed.yml b/.github/workflows/codspeed.yml new file mode 100644 index 0000000..c9c2323 --- /dev/null +++ b/.github/workflows/codspeed.yml @@ -0,0 +1,22 @@ +--- +name: Run benchmarks manually +on: + workflow_dispatch: + +jobs: + benchmarks: + name: Benchmark ANTA for Python 3.12 + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Setup Python + uses: actions/setup-python@v5 + with: + python-version: "3.12" + - name: Install dependencies + run: pip install .[dev] + - name: Run benchmarks + uses: CodSpeedHQ/action@v3 + with: + token: ${{ secrets.CODSPEED_TOKEN }} + run: pytest --codspeed --no-cov --log-cli-level INFO tests/benchmark diff --git a/.github/workflows/on-demand.yml b/.github/workflows/on-demand.yml index 85e7c41..695a0c6 100644 --- a/.github/workflows/on-demand.yml +++ b/.github/workflows/on-demand.yml @@ -39,7 +39,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . file: Dockerfile diff --git a/.github/workflows/pr-triage.yml b/.github/workflows/pr-triage.yml index 75c2b89..cdc2bca 100644 --- a/.github/workflows/pr-triage.yml +++ b/.github/workflows/pr-triage.yml @@ -13,7 +13,7 @@ jobs: # https://github.com/marketplace/actions/auto-author-assign runs-on: ubuntu-latest steps: - - uses: toshimaru/auto-author-assign@v2.1.0 + - uses: toshimaru/auto-author-assign@v2.1.1 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" @@ -22,7 +22,7 @@ jobs: steps: # Please look up the latest version from # https://github.com/amannn/action-semantic-pull-request/releases - - uses: amannn/action-semantic-pull-request@v5.5.2 + - uses: amannn/action-semantic-pull-request@v5.5.3 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6b9088f..d32be46 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -100,7 +100,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . file: Dockerfile diff --git a/.github/workflows/secret-scanner.yml b/.github/workflows/secret-scanner.yml index 8210953..80a0fe7 100644 --- a/.github/workflows/secret-scanner.yml +++ b/.github/workflows/secret-scanner.yml @@ -10,21 +10,6 @@ jobs: scan_secret: name: Scan incoming changes runs-on: ubuntu-latest - container: - image: ghcr.io/aristanetworks/secret-scanner-service:main - options: --name sss-scanner - steps: - - name: Checkout ${{ github.ref }} - # Hitting https://github.com/actions/checkout/issues/334 so trying v1 - uses: actions/checkout@v1 - with: - fetch-depth: 0 + steps: - name: Run scanner - run: | - git config --global --add safe.directory $GITHUB_WORKSPACE - scanner commit . github ${{ github.repository }} \ - --markdown-file job_summary.md \ - ${{ github.event_name == 'pull_request' && format('--since-commit {0}', github.event.pull_request.base.sha) || ''}} - - name: Write result to summary - run: cat ./job_summary.md >> $GITHUB_STEP_SUMMARY - if: ${{ always() }} + uses: aristanetworks/secret-scanner-service-public@main diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml new file mode 100644 index 0000000..81db36e --- /dev/null +++ b/.github/workflows/sonar.yml @@ -0,0 +1,44 @@ +--- +name: Analysis with Sonarlint and publish to SonarCloud +on: + push: + branches: + - main + # Need to do this to be able to have coverage on PR across forks. + pull_request_target: + +# TODO this can be made better by running only coverage, it happens that today +# in tox gh-actions we have configured 3.11 to run the report side in +# pyproject.toml + +jobs: + sonarcloud: + name: Run Sonarlint analysis and upload to SonarCloud. + if: github.repository == 'aristanetworks/anta' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: Setup Python + uses: actions/setup-python@v5 + with: + python-version: 3.11 + - name: Install dependencies + run: pip install tox tox-gh-actions + - name: "Run pytest via tox for ${{ matrix.python }}" + run: tox + - name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + # Using ACTION_STEP_DEBUG to trigger verbose when debugging in Github Action + args: > + -Dsonar.scm.revision=${{ github.event.pull_request.head.sha }} + -Dsonar.pullrequest.key=${{ github.event.number }} + -Dsonar.pullrequest.branch=${{ github.event.pull_request.head.ref }} + -Dsonar.pullrequest.base=${{ github.event.pull_request.base.ref }} + -Dsonar.verbose=${{ secrets.ACTIONS_STEP_DEBUG }} |