build(deps): bump orjson from 3.10.11 to 3.10.15 #1572
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Github Action Workflow enforcing our code style and running tests. | |
# misnomer, but not worth changing it | |
# still not worth changing imo | |
name: Lint, Test, Build | |
# Trigger the workflow on both push (to the main repository) | |
# and pull requests (against the main repository, but from any repo). | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
# Brand new concurrency setting! This ensures that not more than one run can be triggered for the same commit. | |
# It is useful for pull requests coming from the main repository since both triggers will match. | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.repository }}-${{ github.ref }} | |
cancel-in-progress: false | |
permissions: | |
read-all | |
env: | |
# Configure pip to cache dependencies and do a user install | |
PIP_NO_CACHE_DIR: false | |
PIP_USER: 1 | |
PYTHON_VERSION: '3.10' | |
# Specify explicit paths for python dependencies and the pre-commit | |
# environment so we know which directories to cache | |
POETRY_CACHE_DIR: ${{ github.workspace }}/.cache/py-user-base | |
PYTHONUSERBASE: ${{ github.workspace }}/.cache/py-user-base | |
PRE_COMMIT_HOME: ${{ github.workspace }}/.cache/pre-commit-cache | |
jobs: | |
lint: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
steps: | |
- name: Add custom PYTHONUSERBASE to PATH | |
run: echo '${{ env.PYTHONUSERBASE }}/bin/' >> $GITHUB_PATH | |
# Checks out the repository in the current folder. | |
- name: Checks out repository | |
uses: actions/checkout@v4 | |
# Set up the right version of Python | |
- name: Set up Python ${{ env.PYTHON_VERSION }} | |
id: python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.PYTHON_VERSION }} | |
# This step caches our Python dependencies. To make sure we | |
# only restore a cache when the dependencies, the python version, | |
# the runner operating system, and the dependency location haven't | |
# changed, we create a cache key that is a composite of those states. | |
# | |
# Only when the context is exactly the same, we will restore the cache. | |
- name: Python Dependency Caching | |
uses: actions/cache@v4 | |
id: python_cache | |
with: | |
path: ${{ env.PYTHONUSERBASE }} | |
key: "python-0-${{ runner.os }}-${{ env.PYTHONUSERBASE }}-\ | |
${{ steps.python.outputs.python-version }}-\ | |
${{ hashFiles('./pyproject.toml', './poetry.lock') }}" | |
# Install our dependencies if we did not restore a dependency cache | |
- name: Install dependencies using poetry | |
# if: steps.python_cache.outputs.cache-hit != 'true' | |
run: | | |
pip install poetry==1.7.1 poetry-plugin-export==1.6.0 | |
poetry install --no-interaction --no-ansi | |
# This step caches our pre-commit environment. To make sure we | |
# do create a new environment when our pre-commit setup changes, | |
# we create a cache key based on relevant factors. | |
- name: Pre-commit Environment Caching | |
uses: actions/cache@v4 | |
with: | |
path: ${{ env.PRE_COMMIT_HOME }} | |
key: "precommit-0-${{ runner.os }}-${{ env.PRE_COMMIT_HOME }}-\ | |
${{ steps.python.outputs.python-version }}-\ | |
${{ hashFiles('./.pre-commit-config.yaml') }}" | |
# We will not run `black` here, as we will use a seperate | |
# black action. As pre-commit does not support user installs, | |
# we set PIP_USER=0 to not do a user install. | |
- name: Run pre-commit hooks | |
id: pre-commit | |
run: export PIP_USER=0; SKIP="no-commit-to-branch,black" poetry run pre-commit run --all-files | |
# Run black seperately as we don't want to reformat the files | |
# just error if something isn't formatted correctly. | |
- name: Check files with black | |
id: black | |
if: always() && (steps.pre-commit.outcome == 'success' || steps.pre-commit.outcome == 'failure') | |
run: poetry run black . --check --diff --color | |
build: | |
if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
name: Build & Push | |
needs: [lint] | |
runs-on: ubuntu-latest | |
permissions: | |
packages: write | |
steps: | |
# Create a commit SHA-based tag for the container repositories | |
- name: Create SHA Container Tag | |
id: sha_tag | |
run: | | |
tag=$(cut -c 1-7 <<< $GITHUB_SHA) | |
echo "tag=$tag" >> $GITHUB_OUTPUT | |
# Check out the current repository in the `monty` subdirectory | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
path: monty | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to Github Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
# Build and push the container to the GitHub Container | |
# Repository. The container will be tagged as "latest" | |
# and with the short SHA of the commit. | |
- name: Build and push | |
uses: docker/build-push-action@v6 | |
with: | |
context: monty/ | |
file: monty/Dockerfile | |
push: true | |
cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/monty-python:latest | |
cache-to: type=inline | |
tags: | | |
ghcr.io/${{ github.repository_owner }}/monty-python:latest | |
ghcr.io/${{ github.repository_owner }}/monty-python:${{ steps.sha_tag.outputs.tag }} | |
build-args: | | |
git_sha=${{ github.sha }} | |
artifact: | |
name: Generate Artifact | |
if: always() | |
runs-on: ubuntu-latest | |
steps: | |
# Prepare the Pull Request Payload artifact. If this fails, we | |
# we fail silently using the `continue-on-error` option. It's | |
# nice if this succeeds, but if it fails for any reason, it | |
# does not mean that our lint-test checks failed. | |
- name: Prepare Pull Request Payload artifact | |
id: prepare-artifact | |
if: always() && github.event_name == 'pull_request' | |
continue-on-error: true | |
run: cat $GITHUB_EVENT_PATH | jq '.pull_request' > pull_request_payload.json | |
# This only makes sense if the previous step succeeded. To | |
# get the original outcome of the previous step before the | |
# `continue-on-error` conclusion is applied, we use the | |
# `.outcome` value. This step also fails silently. | |
- name: Upload a Build Artifact | |
if: always() && steps.prepare-artifact.outcome == 'success' | |
continue-on-error: true | |
uses: actions/upload-artifact@v4 | |
with: | |
name: pull-request-payload | |
path: pull_request_payload.json |