chore: update SBOM for Python 3.10 #53
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Tests | |
| on: | |
| push: | |
| paths-ignore: | |
| - .github/workflows/release.yml | |
| pull_request: | |
| paths-ignore: | |
| - .github/workflows/release.yml | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| python-version: | |
| - "3.10" | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Set up Python ${{ matrix.python-version-version }} | |
| uses: actions/setup-python@v2 | |
| with: | |
| python-version: ${{ matrix.python-version-version }} | |
| - name: Get pip cache | |
| id: pip-cache | |
| run: | | |
| python -c "from pip._internal.locations import USER_CACHE_DIR; print('::set-output name=dir::' + USER_CACHE_DIR)" | |
| - name: pip cache | |
| uses: actions/cache@v1 | |
| with: | |
| path: ${{ steps.pip-cache.outputs.dir }} | |
| key: ${{ runner.os }}-pip-${{ hashFiles('**/setup.py') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - name: Install dev dependencies | |
| run: | | |
| pip install -U pip setuptools wheel | |
| pip install -e .[dev] | |
| python -m pip freeze | |
| - name: Build | |
| run: | | |
| python -m build . | |
| - name: Generate SBOM | |
| run: | | |
| sbom4python --module httptest --output httptest-py${{ matrix.python-version }}.spdx | |
| sbom4python --module httptest --sbom cyclonedx --format json --output httptest-py${{ matrix.python-version }}.json | |
| - name: Compare SBOM | |
| id: diff-sbom | |
| # This would fail due to time/date of SBOM generation in SBOM header | |
| # Therefore ignore first 10 lines of file in comparison which is SBOM header | |
| run: | | |
| if [ ! -d sbom ]; then | |
| echo "changed=first-time" >> $GITHUB_OUTPUT | |
| exit 0 | |
| fi | |
| /bin/tail -n +10 sbom/httptest-py${{ matrix.python-version }}.spdx > orig | |
| /bin/tail -n +10 httptest-py${{ matrix.python-version }}.spdx > new | |
| echo "changed=$(/bin/diff -q orig new)" >> $GITHUB_OUTPUT | |
| - name: Display generated SBOM if difference detected | |
| if: ${{ steps.diff-sbom.outputs.changed }} | |
| run: | | |
| /bin/cat httptest-py${{ matrix.python-version }}.spdx | |
| - name: Update existing SBOM if difference detected | |
| if: ${{ steps.diff-sbom.outputs.changed }} | |
| run: | | |
| mkdir -pv sbom/ | |
| cp httptest-py${{ matrix.python-version }}.spdx sbom/httptest-py${{ matrix.python-version }}.spdx | |
| cp httptest-py${{ matrix.python-version }}.json sbom/httptest-py${{ matrix.python-version }}.json | |
| - name: Create Pull Request | |
| if: ${{ steps.diff-sbom.outputs.changed }} | |
| uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38 # v5.0.2 | |
| with: | |
| commit-message: "chore: update SBOM for Python ${{ matrix.python-version }}" | |
| title: "chore: update SBOM for Python ${{ matrix.python-version }}" | |
| branch: chore-sbom-py${{ matrix.python-version }} | |
| delete-branch: true | |
| author: GitHub Actions <[email protected]> | |
| add-paths: sbom | |
| unittest: | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: | |
| - ubuntu-latest | |
| - macos-latest | |
| - windows-latest | |
| python-version: | |
| - "3.7" | |
| - "3.8" | |
| - "3.9" | |
| - "3.10" | |
| - "3.11" | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Set up Python ${{ matrix.python-version-version }} | |
| uses: actions/setup-python@v2 | |
| with: | |
| python-version: ${{ matrix.python-version-version }} | |
| - name: Get pip cache | |
| id: pip-cache | |
| run: | | |
| python -c "from pip._internal.locations import USER_CACHE_DIR; print('::set-output name=dir::' + USER_CACHE_DIR)" | |
| - name: pip cache | |
| uses: actions/cache@v1 | |
| with: | |
| path: ${{ steps.pip-cache.outputs.dir }} | |
| key: ${{ runner.os }}-pip-${{ hashFiles('**/setup.py') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - name: Install dev dependencies | |
| run: | | |
| pip install -U pip setuptools wheel | |
| pip install -e .[dev] | |
| python -m pip freeze | |
| - name: Test without coverage | |
| if: ${{ matrix.python-version-version != '3.10' }} | |
| run: | | |
| python -m unittest discover -v | |
| - name: Coverage Test | |
| if: ${{ matrix.python-version-version == '3.10' && matrix.os == 'ubuntu-latest' }} | |
| run: | | |
| python -m coverage run -m unittest discover -v | |
| python -m coverage report -m | |
| - name: Upload coverage to codecov | |
| if: ${{ matrix.python-version-version == '3.10' && matrix.os == 'ubuntu-latest' }} | |
| env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| run: | | |
| pip install -U codecov | |
| codecov |