build: setup automatic PyPI publishing using Github Actions #542

Workflow file for this run

.github/workflows/hrflow_connectors.yml at 7bd1613

	name: HrFlow.ai Connectors CI/CD

	on:
	pull_request_target:
	types: [labeled, opened, synchronize, reopened]
	branches:
	- "master"
	push:
	branches:
	- "master"

	env:
	POETRY_VERSION: 1.3.1
	BASELINE_PYTHON_VERSION: 3.10.10
	NOX_ENV_DIR: ./.nox
	PYTHONPATH: ./src/

	jobs:
	commitlint:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v3
	with:
	fetch-depth: 0

	- uses: actions/setup-node@v3
	with:
	node-version: 18

	- name: Install commitlint
	run: \|
	npm install conventional-changelog-conventionalcommits
	npm install commitlint@v17.7.1

	- name: Validate current commit (last commit) with commitlint
	if: github.event_name == 'push'
	run: npx commitlint --from HEAD~1 --to HEAD --verbose


	- name: Validate PR commits with commitlint
	if: github.event_name == 'pull_request'
	run: npx commitlint --from ${{ github.event.pull_request.head.sha }}~${{ github.event.pull_request.commits }} --to ${{ github.event.pull_request.head.sha }} --verbose


	core-tests:
	runs-on: ubuntu-latest
	needs: [commitlint]
	steps:
	- name: Check permissions for job
	if: ${{ !(contains(fromJSON('["OWNER", "COLLABORATOR", "MEMBER"]'), github.event.pull_request.author_association) \|\| contains(github.event.pull_request.labels.*.name, 'run tests for fork'))}}
	uses: actions/github-script@v3
	with:
	script: \|
	core.setFailed("Not enough permissions to run Core Tests")

	- uses: actions/checkout@v3
	with:
	ref: ${{ github.event.pull_request.head.sha }}
	lfs: true

	- uses: actions/setup-python@v2
	with:
	python-version: ${{ env.BASELINE_PYTHON_VERSION }}

	- name: Load cached Poetry installation
	id: cached-poetry-install
	uses: actions/cache@v2
	with:
	path: ~/.local
	key: poetry-${{ env.POETRY_VERSION }}

	- name: Install poetry
	if: steps.cached-poetry-install.outputs.cache-hit != 'true'
	run: curl -sSL https://install.python-poetry.org \| POETRY_VERSION=$POETRY_VERSION python3 -

	- name: Add poetry to PATH
	run: export PATH="$HOME/.local/bin:$PATH"

	- name: Load cached venv
	id: cached-poetry-dependencies
	uses: actions/cache@v2
	with:
	path: .venv
	key: venv-${{ runner.os }}-${{ env.BASELINE_PYTHON_VERSION }}-${{ hashFiles('**/poetry.lock') }}

	- name: Install python dependencies
	if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
	run: POETRY_INSTALLER_PARALLEL=1 POETRY_VIRTUALENVS_IN_PROJECT=1 poetry install -E s3

	- name: Run commit hooks
	run: poetry run pre-commit run --hook-stage commit --all-files

	- name: Run push hooks
	run: poetry run pre-commit run --hook-stage push --all-files

	# This action sets up a Python environment with Nox by:
	# - Activating every version of Python that GitHub Actions supports.
	# - Installing Nox.
	# ==> https://github.com/marketplace/actions/setup-nox
	- uses: excitedleigh/setup-nox@v2.0.0

	- name: Load cached nox venvs
	id: cached-nox-venvs
	uses: actions/cache@v2
	with:
	path: ${{ env.NOX_ENV_DIR }}
	key: nox-venvs-${{ runner.os }}-${{ hashFiles('**/poetry.lock') }}

	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v2
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: eu-west-1

	- name: Get Connector Secrets
	uses: aws-actions/aws-secretsmanager-get-secrets@v1
	with:
	secret-ids: \|
	S3_STORE_TEST
	parse-json-secrets: true

	- name: Check manifest
	run: poetry run nox --envdir ${{ env.NOX_ENV_DIR }} -s manifest

	- name: Check docs
	run: poetry run nox --envdir ${{ env.NOX_ENV_DIR }} -s docs

	- name: Run Core tests
	run: poetry run nox --envdir ${{ env.NOX_ENV_DIR }} -s tests_s3
	env:
	HRFLOW_CONNECTORS_STORE_ENABLED: "1"
	HRFLOW_CONNECTORS_LOCALJSON_DIR: "/tmp/"

	connectors-integration-tests:
	runs-on: ubuntu-latest
	needs: core-tests
	steps:
	- name: Check permissions for job
	if: ${{ !(contains(fromJSON('["OWNER", "COLLABORATOR", "MEMBER"]'), github.event.pull_request.author_association) \|\| contains(github.event.pull_request.labels.*.name, 'run tests for fork'))}}
	uses: actions/github-script@v3
	with:
	script: \|
	core.setFailed("Not enough permissions to run Integration Tests")

	- uses: actions/checkout@v3
	with:
	ref: ${{ github.event.pull_request.head.sha }}
	lfs: true

	# This action sets up a Python environment with Nox by:
	# - Activating every version of Python that GitHub Actions supports.
	# - Installing Nox.
	# ==> https://github.com/marketplace/actions/setup-nox
	- uses: excitedleigh/setup-nox@v2.0.0

	- name: Load cached Poetry installation
	id: cached-poetry-install
	uses: actions/cache@v2
	with:
	path: ~/.local
	key: poetry-${{ env.POETRY_VERSION }}

	- name: Load cached nox venvs
	id: cached-nox-venvs
	uses: actions/cache@v2
	with:
	path: ${{ env.NOX_ENV_DIR }}
	key: nox-venvs-${{ runner.os }}-${{ hashFiles('**/poetry.lock') }}

	- name: Add poetry to PATH
	run: export PATH="$HOME/.local/bin:$PATH"

	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v2
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: eu-west-1

	- name: Get Connector Secrets
	uses: aws-actions/aws-secretsmanager-get-secrets@v1
	with:
	secret-ids: \|
	S3_STORE_TEST
	HRFLOW_CONNECTORS_*
	parse-json-secrets: true

	- name: Run Connector tests
	run: \|
	poetry run nox -- -s tests -- --no-cov --ignore tests/core --connector=SmartRecruiters --connector=PoleEmploi --connector=Adzuna --connector=Hubspot --connector=Waalaxy
	env:
	HRFLOW_CONNECTORS_STORE_ENABLED: "1"
	HRFLOW_CONNECTORS_LOCALJSON_DIR: "/tmp/"

	reset-labels:
	runs-on: ubuntu-latest
	if: ${{ always() }}
	needs: [core-tests, connectors-integration-tests]
	permissions:
	issues: write
	pull-requests: write
	steps:
	- name: Remove run tests for fork label
	run: \|
	curl \
	-X DELETE \
	-H 'Accept: application/vnd.github.v3+json' \
	-H 'Authorization: token ${{ github.token }}' \
	'https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.number }}/labels/run%20tests%20for%20fork'


	cd:
Check failure on line 213 in .github/workflows/hrflow_connectors.yml View workflow run for this annotation GitHub Actions / .github/workflows/hrflow_connectors.yml Invalid workflow file `You have an error in your yaml syntax on line 213`
	runs-on: ubuntu-latest
	if: github.event_name == 'push' && github.ref == 'refs/heads/master'
	needs: [core-tests, connectors-integration-tests, commitlint]
	permissions:
	id-token: write
	contents: write
	steps:
	- uses: actions/checkout@v3
	with:
	fetch-depth: 0
	lfs: true

	- name: Load cached Poetry installation
	id: cached-poetry-install
	uses: actions/cache@v2
	with:
	path: ~/.local
	key: poetry-${{ env.POETRY_VERSION }}

	- name: Prepare new release
	env:
	GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	git config user.name hrflow-cicd
	git config user.email hrflow-cicd@hrflow.ai
	poetry run semantic-release publish

	- name: Publish to TestPyPI
	uses: pypa/gh-action-pypi-publish@release/v1
	with:
	user: __token__
	password: ${{ secrets.TEST_PYPI_API_TOKEN }}
	repository_url: https://test.pypi.org/legacy/

	- name: Test install from TestPyPI
	run: \|
	pip install \
	--index-url https://test.pypi.org/simple/ \
	--extra-index-url https://pypi.org/simple \
	hrflow-hrflow-connectors==${{ }}

	- name: Publish to PyPI
	uses: pypa/gh-action-pypi-publish@release/v1
	with:
	user: __token__
	password: ${{ secrets.PYPI_API_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build: setup automatic PyPI publishing using Github Actions #542

Workflow file

build: setup automatic PyPI publishing using Github Actions #542

Jobs

Run details

Workflow file for this run

GitHub Actions / .github/workflows/hrflow_connectors.yml