Skip to content

chore(deps): update sonarsource/sonarqube-scan-action action to v4 #165

chore(deps): update sonarsource/sonarqube-scan-action action to v4

chore(deps): update sonarsource/sonarqube-scan-action action to v4 #165

Workflow file for this run

---
name: poetry-build
on:
push:
branches: ['**/**']
pull_request:
branches: [main]
types: [opened, synchronize, reopened, ready_for_review]
jobs:
verify-with-tox:
runs-on: ubuntu-latest
steps:
- name: πŸ“„ Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- name: 🧱 Install Poetry
run: curl -sSL https://install.python-poetry.org | python3 -
- name: 🧱 Setup Python
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5
with:
python-version: '3.12'
cache: poetry
- name: 🧱 Install dependencies
run: poetry install
- name: πŸ§ͺ Run tests
run: poetry run tox
- name: SonarCloud scan for PR
uses: sonarsource/sonarqube-scan-action@bfd4e558cda28cda6b5defafb9232d191be8c203 # v4.2.1
if: github.event_name == 'pull_request'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
args: |
-Dsonar.pullrequest.base=${{ github.base_ref }}
-Dsonar.pullrequest.branch=${{ github.head_ref }}
-Dsonar.pullrequest.key=${{ github.event.pull_request.number }}
- name: SonarCloud scan for Push
uses: sonarsource/sonarqube-scan-action@bfd4e558cda28cda6b5defafb9232d191be8c203 # v4.2.1
if: github.event_name == 'push'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
args: |
-Dsonar.branch.name=${{ github.head_ref }}
release-please:
needs: verify-with-tox
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
permissions:
contents: write
pull-requests: write
steps:
- name: πŸš€ release-please
id: release
uses: googleapis/release-please-action@db8f2c60ee802b3748b512940dde88eabd7b7e01 # v3
with:
release-type: python
include-v-in-tag: false
outputs:
release_created: ${{ steps.release.outputs.releases_created }}
version: ${{ steps.release.outputs.version }}
build-and-publish:
needs: release-please
runs-on: ubuntu-latest
if: ${{ needs.release-please.outputs.release_created == 'true' }}
permissions:
# id-token: write # IMPORTANT: this permission is mandatory for trusted publishing for PyPI
contents: write # Required for uploading artifacts to GitHub release
steps:
- name: πŸ“„ Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- name: 🧱 Install Poetry
run: curl -sSL https://install.python-poetry.org | python3 -
- name: 🧱 Setup Python
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5
with:
python-version: '3.12'
cache: poetry
- name: 🧱 Install dependencies
run: poetry install
- name: πŸ“¦ Build the package
run: poetry build
- name: πŸ“¦ Publish artifacts to GitHub release
env:
GH_TOKEN: ${{ github.token }}
run: gh release upload "${{ needs.release-please.outputs.version }}" dist/*.{tar.gz,whl}
# - name: πŸ“¦ Publish artifacts to PyPI/TestPyPI
# env:
# name: testpypi
# url: https://test.pypi.org/p/python-requirements-inspector
# name: pypi
# url: https://pypi.org/p/python-requirements-inspector
# uses: pypa/gh-action-pypi-publish@release/v1
# with:
# repository-url: https://test.pypi.org/legacy/ # it must be removed when publishing to PyPI
# verbose: true