chore(deps): update sonarsource/sonarqube-scan-action action to v4 #165
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: poetry-build | |
on: | |
push: | |
branches: ['**/**'] | |
pull_request: | |
branches: [main] | |
types: [opened, synchronize, reopened, ready_for_review] | |
jobs: | |
verify-with-tox: | |
runs-on: ubuntu-latest | |
steps: | |
- name: π Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
fetch-depth: 0 | |
- name: 𧱠Install Poetry | |
run: curl -sSL https://install.python-poetry.org | python3 - | |
- name: 𧱠Setup Python | |
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 | |
with: | |
python-version: '3.12' | |
cache: poetry | |
- name: 𧱠Install dependencies | |
run: poetry install | |
- name: π§ͺ Run tests | |
run: poetry run tox | |
- name: SonarCloud scan for PR | |
uses: sonarsource/sonarqube-scan-action@bfd4e558cda28cda6b5defafb9232d191be8c203 # v4.2.1 | |
if: github.event_name == 'pull_request' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
with: | |
args: | | |
-Dsonar.pullrequest.base=${{ github.base_ref }} | |
-Dsonar.pullrequest.branch=${{ github.head_ref }} | |
-Dsonar.pullrequest.key=${{ github.event.pull_request.number }} | |
- name: SonarCloud scan for Push | |
uses: sonarsource/sonarqube-scan-action@bfd4e558cda28cda6b5defafb9232d191be8c203 # v4.2.1 | |
if: github.event_name == 'push' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
with: | |
args: | | |
-Dsonar.branch.name=${{ github.head_ref }} | |
release-please: | |
needs: verify-with-tox | |
runs-on: ubuntu-latest | |
if: github.ref == 'refs/heads/main' | |
permissions: | |
contents: write | |
pull-requests: write | |
steps: | |
- name: π release-please | |
id: release | |
uses: googleapis/release-please-action@db8f2c60ee802b3748b512940dde88eabd7b7e01 # v3 | |
with: | |
release-type: python | |
include-v-in-tag: false | |
outputs: | |
release_created: ${{ steps.release.outputs.releases_created }} | |
version: ${{ steps.release.outputs.version }} | |
build-and-publish: | |
needs: release-please | |
runs-on: ubuntu-latest | |
if: ${{ needs.release-please.outputs.release_created == 'true' }} | |
permissions: | |
# id-token: write # IMPORTANT: this permission is mandatory for trusted publishing for PyPI | |
contents: write # Required for uploading artifacts to GitHub release | |
steps: | |
- name: π Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
fetch-depth: 0 | |
- name: 𧱠Install Poetry | |
run: curl -sSL https://install.python-poetry.org | python3 - | |
- name: 𧱠Setup Python | |
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 | |
with: | |
python-version: '3.12' | |
cache: poetry | |
- name: 𧱠Install dependencies | |
run: poetry install | |
- name: π¦ Build the package | |
run: poetry build | |
- name: π¦ Publish artifacts to GitHub release | |
env: | |
GH_TOKEN: ${{ github.token }} | |
run: gh release upload "${{ needs.release-please.outputs.version }}" dist/*.{tar.gz,whl} | |
# - name: π¦ Publish artifacts to PyPI/TestPyPI | |
# env: | |
# name: testpypi | |
# url: https://test.pypi.org/p/python-requirements-inspector | |
# name: pypi | |
# url: https://pypi.org/p/python-requirements-inspector | |
# uses: pypa/gh-action-pypi-publish@release/v1 | |
# with: | |
# repository-url: https://test.pypi.org/legacy/ # it must be removed when publishing to PyPI | |
# verbose: true |