Skip to content
Python application

Docs ci #125

Sign in to view logs

Docs ci

Docs ci #125

Workflow file for this run

.github/workflows/python-app.yml at 6e111f3
# This workflow will install Python dependencies, run tests and lint with a single version of Python
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python
name: Python application
on:
push:
branches: [ "main" ]
tags:
- "*.*.*"
pull_request:
branches: [ "main" ]
permissions:
contents: read
id-token: write
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# Install system dependencies: Mosquitto + Postgres + OpenSSL
- name: Install system packages
run: |
sudo apt-get update
sudo apt-get install -y mosquitto mosquitto-clients postgresql postgresql-contrib openssl
# Initialize local Postgres
- name: Start Postgres
run: |
sudo service postgresql start
sudo -u postgres psql -c "CREATE USER admin WITH PASSWORD 'secret' CREATEDB;"
sudo -u postgres psql -c "CREATE DATABASE rembus_test OWNER admin;"
# Generate temporary MQTT TLS certs for local Mosquitto
- name: Generate temporary MQTT TLS certificates
run: |
mkdir -p tests/cfg
# CA
openssl req -x509 -nodes -newkey rsa:2048 -days 1 \
-subj "/CN=Rembus-Test-CA/C=IT/L=Trento" \
-keyout tests/cfg/rembus-ca.key \
-out tests/cfg/rembus-ca.crt \
-addext "keyUsage = critical, keyCertSign, cRLSign" \
-addext "basicConstraints = critical, CA:TRUE"
# Broker key + CSR
openssl req -nodes -newkey rsa:2048 \
-subj "/CN=localhost" \
-keyout tests/cfg/rembus.key \
-out tests/cfg/rembus.csr
# Create SAN config file
cat > tests/cfg/rembus.ext <<EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = localhost
IP.1 = 127.0.0.1
EOF
# Sign broker cert
openssl x509 -req -in tests/cfg/rembus.csr \
-CA tests/cfg/rembus-ca.crt -CAkey tests/cfg/rembus-ca.key \
-CAcreateserial -out tests/cfg/rembus.crt -days 1 \
-extfile tests/cfg/rembus.ext
# Start Mosquitto locally with TLS enabled
- name: Start local Mosquitto
run: |
cat > tests/cfg/mosquitto.conf <<EOF
listener 1883
allow_anonymous true
listener 8883
cafile $(pwd)/tests/cfg/rembus-ca.crt
certfile $(pwd)/tests/cfg/rembus.crt
keyfile $(pwd)/tests/cfg/rembus.key
allow_anonymous true
EOF
# Set up Python
- name: Set up Python 3.x
uses: actions/setup-python@v4
with:
python-version: "3.x"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install flake8
pip install .[test]
- name: Lint with flake8
run: |
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=80 --statistics
- name: Run tests with pytest
env:
PYTHONPATH: ${{ github.workspace }}/src
PGHOST: localhost
PGPORT: 5432
PGUSER: admin
PGPASSWORD: secret
MQTT_HOST: 127.0.0.1
MQTT_PORT: 1883
MQTTS_PORT: 8883
MQTT_CA_CERT: ${{ github.workspace }}/tests/cfg/rembus-ca.crt
MQTT_CERT: ${{ github.workspace }}/tests/cfg/rembus.crt
MQTT_KEY: ${{ github.workspace }}/tests/cfg/rembus.key
run: |
pytest tests --asyncio-mode=auto
- name: Upload coverage to Codecov
if: github.event_name == 'push'
uses: codecov/codecov-action@v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
- name: Build distribution
run: |
pip install build
python -m build
- name: Upload dist as artifact
uses: actions/upload-artifact@v4
with:
name: dist
path: dist/
publish-to-pypi:
name: Publish Python 🐍 distribution 📦 to PyPI
if: startsWith(github.ref, 'refs/tags/')
needs: build
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/p/rembus
steps:
- uses: actions/download-artifact@v4
with:
name: dist
path: dist
- name: Publish package to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
attestations: true