diff --git a/.github/workflows/python-package.yml b/.github/workflows/python-package.yml index 2d04016..3da19bb 100644 --- a/.github/workflows/python-package.yml +++ b/.github/workflows/python-package.yml @@ -1,29 +1,28 @@ name: Python package test on: + schedule: + - cron: '0 8 * * 1,4' push: branches: [main] - paths-ignore: - - "docs/**" + tags: ['*'] pull_request: - branches: [main] - paths-ignore: - - "docs/**" - schedule: - - cron: '0 8 * * 1,4' + branches: ['**'] workflow_call: inputs: override-deps-artifact: description: "Name of artifact containing updated lockfiles" required: false - type: string + type: string + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true jobs: lint: name: "📝 Pre-commit / Code Quality" runs-on: ubuntu-latest - # Skip linting when triggered by the Sync Workflow (it just updated locks) - if: github.event_name != 'workflow_call' steps: - uses: actions/checkout@v4 - name: ⚡ Install uv @@ -36,9 +35,6 @@ jobs: setup: name: "🏗️ Build Py${{ matrix.python-version }}" needs: lint - if: | - always() && - (needs.lint.result == 'success' || needs.lint.result == 'skipped') runs-on: ubuntu-latest strategy: matrix: @@ -48,7 +44,7 @@ jobs: - uses: actions/checkout@v4 - name: 📥 Apply Dependency Overrides - if: "${{ inputs.override-deps-artifact != '' }}" + if: "${{ inputs.override-deps-artifact != '' && inputs.override-deps-artifact != 'null' }}" uses: actions/download-artifact@v4 with: name: ${{ inputs.override-deps-artifact }} @@ -184,7 +180,9 @@ jobs: fi uv tool install coverage - mv all-results/.coverage* . + if ls all-results/.coverage* 1> /dev/null 2>&1; then + mv all-results/.coverage* . + fi cat < .coveragerc [run] @@ -199,18 +197,19 @@ jobs: echo "Merging coverage files with path remapping..." # 2️⃣ COMBINE & REPORT # We use the rcfile to ensure the mapping is applied during the merge - uv tool run coverage combine --rcfile=.coveragerc + uv tool run coverage combine --append --rcfile=.coveragerc || echo "No extra coverage files to combine." # ENFORCE 85% (or your chosen threshold) - OUTPUT=$(uv tool run coverage report --show-missing --fail-under=85 2>&1) || EXIT_CODE=$? + REPORT_OUTPUT=$(uv tool run coverage report --show-missing --fail-under=85 2>&1) + EXIT_CODE=$? - echo "$OUTPUT" + echo "$REPORT_OUTPUT" echo '```' >> $GITHUB_STEP_SUMMARY - echo "$OUTPUT" >> $GITHUB_STEP_SUMMARY + echo "$REPORT_OUTPUT" >> $GITHUB_STEP_SUMMARY echo '```' >> $GITHUB_STEP_SUMMARY - if [ "${EXIT_CODE:-0}" -ne 0 ]; then + if [ $EXIT_CODE -ne 0 ]; then echo "❌ **Coverage Failed:** Python 3.13 coverage is below 85%." >> $GITHUB_STEP_SUMMARY exit $EXIT_CODE else diff --git a/.github/workflows/sync-dependencies.yml b/.github/workflows/sync-dependencies.yml index f1247ca..acb5ff0 100644 --- a/.github/workflows/sync-dependencies.yml +++ b/.github/workflows/sync-dependencies.yml @@ -3,16 +3,17 @@ name: sync-dependencies on: schedule: - cron: '0 0 * * *' - workflow_dispatch: - pull_request: - paths: - - "pyproject.toml" - - "uv.lock" push: branches: [main] + tags: ['*'] + paths: + - "pyproject.toml" + - "uv.lock" + pull_request: paths: - "pyproject.toml" - "uv.lock" + workflow_dispatch: jobs: sync-and-prepare: @@ -74,7 +75,11 @@ jobs: echo "### ✅ Everything is Up-to-Date" >> $GITHUB_STEP_SUMMARY echo "No changes detected in \`uv.lock\`." >> $GITHUB_STEP_SUMMARY - echo "💤 **Action:** Skipping tests and PR creation." >> $GITHUB_STEP_SUMMARY + if [ "${{ github.event_name }}" == "pull_request" ] || [ "${{ startsWith(github.ref, 'refs/tags/') }}" == "true" ]; then + echo "🚀 **Action:** Standard tests will verify the state." >> $GITHUB_STEP_SUMMARY + else + echo "💤 **Action:** Skipping tests and PR creation." >> $GITHUB_STEP_SUMMARY + fi fi - name: 📤 Upload Updated Deps @@ -82,24 +87,24 @@ jobs: uses: actions/upload-artifact@v4 with: name: updated-deps + retention-days: 1 path: | uv.lock conda/meta.yaml run-tests: needs: sync-and-prepare - if: needs.sync-and-prepare.outputs.sync_needed == 'true' uses: ./.github/workflows/python-package.yml with: - override-deps-artifact: updated-deps + override-deps-artifact: ${{ needs.sync-and-prepare.outputs.sync_needed == 'true' && 'updated-deps' || 'null' }} secrets: inherit finalize: needs: [sync-and-prepare, run-tests] if: | always() && - needs.run-tests.result == 'success' && - needs.sync-and-prepare.outputs.sync_needed == 'true' + needs.sync-and-prepare.outputs.sync_needed == 'true' && + (needs.run-tests.result == 'success' || needs.run-tests.result == 'skipped' ) runs-on: ubuntu-latest permissions: contents: write @@ -109,6 +114,7 @@ jobs: with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.ref || github.ref }} + token: ${{ secrets.MAPCHETE_PAT_CONTAINER_IMAGES_TOKEN }} - name: 📥 Download Verified Artifacts uses: actions/download-artifact@v4 @@ -131,7 +137,7 @@ jobs: if: github.event_name != 'pull_request' uses: peter-evans/create-pull-request@v7 with: - token: ${{ secrets.GITHUB_TOKEN }} + token: ${{ secrets.MAPCHETE_PAT_CONTAINER_IMAGES_TOKEN }} commit-message: "chore: update uv.lock and conda recipe" title: "chore(deps): sync uv and conda" body: |