fix(deps): update dependency beartype to >=0.22.9,<0.23.0 #68
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Template" | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| debug_enabled: | |
| description: "Run the workflow with tmate.io debugging enabled" | |
| required: true | |
| type: boolean | |
| default: false | |
| run_build_images: | |
| description: "Run build-images job" | |
| required: false | |
| type: boolean | |
| default: false | |
| pull_request: | |
| types: [opened, labeled, reopened, synchronize] | |
| paths-ignore: | |
| - "**/*.md" | |
| - "*" | |
| - "!flake.nix" | |
| - "!flake.lock" | |
| - "!pyproject.toml" | |
| - "!uv.lock" | |
| push: | |
| branches: | |
| - "main" | |
| - "beta" | |
| paths-ignore: | |
| - "**/*.md" | |
| - "*" | |
| - "!flake.nix" | |
| - "!flake.lock" | |
| - "!pyproject.toml" | |
| - "!uv.lock" | |
| defaults: | |
| run: | |
| shell: bash | |
| permissions: | |
| contents: read | |
| packages: write | |
| attestations: write | |
| actions: write | |
| id-token: write | |
| jobs: | |
| scan: | |
| name: gitguardian | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # fetch all history so multiple commits can be scanned | |
| - name: GitGuardian scan | |
| uses: GitGuardian/ggshield-action@455483042671cc73b40d0e753baddffef7309a1f # ratchet:GitGuardian/ggshield-action@v1.37.0 | |
| env: | |
| GITHUB_PUSH_BEFORE_SHA: ${{ github.event.before }} | |
| GITHUB_PUSH_BASE_SHA: ${{ github.event.base }} | |
| GITHUB_PULL_BASE_SHA: ${{ github.event.pull_request.base.sha }} | |
| GITHUB_DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} | |
| GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }} | |
| set-variables: | |
| needs: scan | |
| runs-on: ubuntu-latest | |
| outputs: | |
| debug: ${{ steps.set-variables.outputs.debug }} | |
| skip_ci: ${{ steps.set-variables.outputs.skip_ci }} | |
| skip_tests: ${{ steps.set-variables.outputs.skip_tests }} | |
| dry_run_release: ${{ steps.set-variables.outputs.dry_run_release }} | |
| checkout_ref: ${{ steps.set-variables.outputs.checkout_ref }} | |
| checkout_rev: ${{ steps.set-variables.outputs.checkout_rev }} | |
| steps: | |
| - name: Set action variables | |
| id: set-variables | |
| run: | | |
| DEBUG="false" | |
| SKIP_CI="false" | |
| SKIP_TESTS="false" | |
| DRY_RUN_RELEASE="false" | |
| if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then | |
| DEBUG="${{ inputs.debug_enabled }}" | |
| fi | |
| if [[ "${{ github.event_name }}" == "pull_request" ]]; then | |
| if ${{ contains(github.event.pull_request.labels.*.name, 'skip-ci') }}; then | |
| SKIP_CI="true" | |
| fi | |
| if ${{ contains(github.event.pull_request.labels.*.name, 'skip-tests') }}; then | |
| SKIP_TESTS="true" | |
| fi | |
| if ${{ contains(github.event.pull_request.labels.*.name, 'actions-debug') }}; then | |
| DEBUG="true" | |
| fi | |
| if ${{ contains(github.event.pull_request.labels.*.name, 'release-dry-run') }}; then | |
| DRY_RUN_RELEASE="true" | |
| fi | |
| CHECKOUT_REF="${{ github.event.pull_request.head.ref }}" | |
| CHECKOUT_REV="${{ github.event.pull_request.head.sha }}" | |
| else | |
| CHECKOUT_REF="${{ github.ref_name }}" | |
| CHECKOUT_REV="${{ github.sha }}" | |
| fi | |
| echo "DEBUG=$DEBUG" | |
| echo "SKIP_CI=$SKIP_CI" | |
| echo "SKIP_TESTS=$SKIP_TESTS" | |
| echo "CHECKOUT_REF=$CHECKOUT_REF" | |
| echo "CHECKOUT_REV=$CHECKOUT_REV" | |
| echo "DEBUG=$DEBUG" >> $GITHUB_OUTPUT | |
| echo "SKIP_CI=$SKIP_CI" >> $GITHUB_OUTPUT | |
| echo "SKIP_TESTS=$SKIP_TESTS" >> $GITHUB_OUTPUT | |
| echo "DRY_RUN_RELEASE=$DRY_RUN_RELEASE" >> $GITHUB_OUTPUT | |
| echo "CHECKOUT_REF=$CHECKOUT_REF" >> $GITHUB_OUTPUT | |
| echo "CHECKOUT_REV=$CHECKOUT_REV" >> $GITHUB_OUTPUT | |
| test-omnix-template: | |
| needs: [set-variables] | |
| if: ${{ needs.set-variables.outputs.skip_ci != 'true' }} | |
| runs-on: ubuntu-latest | |
| concurrency: | |
| group: test-omnix-template-${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.event.pull_request.number || github.ref_name }} | |
| cancel-in-progress: true | |
| steps: | |
| - name: Install dependencies | |
| shell: bash | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -yq zstd | |
| sudo apt-get clean | |
| - name: Install Nix | |
| uses: DeterminateSystems/nix-installer-action@786fff0690178f1234e4e1fe9b536e94f5433196 # ratchet:DeterminateSystems/nix-installer-action@main | |
| with: | |
| extra-conf: "system-features = nixos-test benchmark big-parallel kvm" | |
| - name: Setup remote cache | |
| uses: cachix/cachix-action@be5295a636153b6ad194d3245f78f8e0b78dc704 # ratchet:cachix/cachix-action@master | |
| continue-on-error: true | |
| with: | |
| name: "${{ vars.CACHIX_CACHE_NAME }}" | |
| authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" | |
| extraPullNames: nix-community,pyproject-nix,sciexp,srid | |
| - name: Setup tmate debug session | |
| uses: mxschmitt/action-tmate@e5c7151931ca95bad1c6f4190c730ecf8c7dde48 # ratchet:mxschmitt/action-tmate@v3 | |
| if: ${{ needs.set-variables.outputs.debug == 'true' }} | |
| - name: Install omnix | |
| # If we don't install omnix here, it will just clutter the log of the next step | |
| run: nix --accept-flake-config profile install "github:juspay/omnix" | |
| # These tests execute the tl;dr one-liners from the README | |
| - name: Test monorepo template initialization | |
| run: | | |
| REPO_REF="github:sciexp/python-nix-template/${{ needs.set-variables.outputs.checkout_rev }}" | |
| echo "Using repository reference: $REPO_REF" | |
| pwd | |
| rm -fr pnt-mono | |
| nix --accept-flake-config run github:juspay/omnix/v1.3.0 -- init "$REPO_REF" -o pnt-mono --non-interactive --params '{ | |
| "package-name-kebab-case": "pnt-mono", | |
| "package-name-snake-case": "pnt_mono", | |
| "monorepo-package": true, | |
| "git-org": "pnt-mono", | |
| "author": "Pnt Mono", | |
| "author-email": "mono@pnt.org", | |
| "project-description": "Test monorepo template project", | |
| "vscode": true, | |
| "github-ci": true, | |
| "docs": true, | |
| "nix-template": true | |
| }' | |
| cd pnt-mono | |
| git init | |
| git config --local user.email "test@example.com" | |
| git config --local user.name "Test User" | |
| git commit --allow-empty -m "initial commit (empty)" | |
| # This needs to use a global uv (astral-sh/setup-uv) before entering | |
| # the devshell even though uv is included in the devshell | |
| nix run github:NixOS/nixpkgs/nixos-unstable#uv -- lock | |
| git add . | |
| nix develop --accept-flake-config -c pytest | |
| - name: Test single-package template initialization | |
| run: | | |
| REPO_REF="github:sciexp/python-nix-template/${{ needs.set-variables.outputs.checkout_rev }}" | |
| echo "Using repository reference: $REPO_REF" | |
| pwd | |
| rm -fr pnt-new | |
| nix --accept-flake-config run github:juspay/omnix/v1.3.0 -- init "$REPO_REF" -o pnt-new --non-interactive --params '{ | |
| "package-name-kebab-case": "pnt-new", | |
| "package-name-snake-case": "pnt_new", | |
| "monorepo-package": false, | |
| "git-org": "pnt-new", | |
| "author": "Pnt New", | |
| "author-email": "new@pnt.org", | |
| "project-description": "Test single-package template project", | |
| "vscode": true, | |
| "github-ci": true, | |
| "docs": false, | |
| "nix-template": false | |
| }' | |
| cd pnt-new | |
| git init | |
| git config --local user.email "test@example.com" | |
| git config --local user.name "Test User" | |
| git commit --allow-empty -m "initial commit (empty)" | |
| # This needs to use a global uv (astral-sh/setup-uv) before entering | |
| # the devshell even though uv is included in the devshell | |
| nix run github:NixOS/nixpkgs/nixos-unstable#uv -- lock | |
| git add . | |
| nix develop --accept-flake-config -c pytest |