Skip to content

feat: add support for CycloneDX 1.7 (basics) #1748

feat: add support for CycloneDX 1.7 (basics)

feat: add support for CycloneDX 1.7 (basics) #1748

Workflow file for this run

# For details of what checks are run for PRs please refer below
# docs: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions
name: Python CI
on:
push:
branches: ["main", "next"]
tags: [ 'v*' ]
pull_request:
workflow_dispatch:
schedule:
# schedule daily tests, since some dependencies are not intended to be pinned
# this means: at 23:42 every day
- cron: '42 23 * * *'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions: {}
env:
REPORTS_DIR: CI_reports
PYTHON_VERSION_DEFAULT: "3.14"
POETRY_VERSION: "1.8.1"
TESTS_REPORTS_ARTIFACT: tests-reports
jobs:
pyupgrade:
name: find Upgradable CodingFeatures
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout
# see https://github.com/actions/checkout
uses: actions/checkout@v5
- name: Setup Python Environment
# see https://github.com/actions/setup-python
uses: actions/setup-python@v6
with:
python-version: ${{ env.PYTHON_VERSION_DEFAULT }}
architecture: 'x64'
- name: Install poetry
# see https://github.com/marketplace/actions/setup-poetry
uses: Gr1N/setup-poetry@v9
with:
poetry-version: ${{ env.POETRY_VERSION }}
- name: Install dependencies
run: poetry install --no-root
- name: Run tox
run: poetry run tox run -e pyupgrade -s false
deptry:
name: test dependencies
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout
# see https://github.com/actions/checkout
uses: actions/checkout@v5
- name: Setup Python Environment
# see https://github.com/actions/setup-python
uses: actions/setup-python@v6
with:
python-version: ${{ env.PYTHON_VERSION_DEFAULT }}
architecture: 'x64'
- name: Install poetry
# see https://github.com/marketplace/actions/setup-poetry
uses: Gr1N/setup-poetry@v9
with:
poetry-version: ${{ env.POETRY_VERSION }}
- name: Install dependencies
run: poetry install --no-root
- name: Run tox
run: poetry run tox run -e deptry -s false
coding-standards:
name: Linting & CodingStandards
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout
# see https://github.com/actions/checkout
uses: actions/checkout@v5
- name: Setup Python Environment
# see https://github.com/actions/setup-python
uses: actions/setup-python@v6
with:
python-version: ${{ env.PYTHON_VERSION_DEFAULT }}
architecture: 'x64'
- name: Install poetry
# see https://github.com/marketplace/actions/setup-poetry
uses: Gr1N/setup-poetry@v9
with:
poetry-version: ${{ env.POETRY_VERSION }}
- name: Install dependencies
run: poetry install --no-root
- name: Run tox
run: poetry run tox run -e flake8 -s false
security-issues:
name: find Security Issues
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout
# see https://github.com/actions/checkout
uses: actions/checkout@v5
- name: Setup Python Environment
# see https://github.com/actions/setup-python
uses: actions/setup-python@v6
with:
python-version: ${{ env.PYTHON_VERSION_DEFAULT }}
architecture: 'x64'
- name: Install poetry
# see https://github.com/marketplace/actions/setup-poetry
uses: Gr1N/setup-poetry@v9
with:
poetry-version: ${{ env.POETRY_VERSION }}
- name: Install dependencies
run: poetry install --no-root
- name: Run tox
run: poetry run tox run -e bandit -s false
static-code-analysis:
name: StaticCodingAnalysis (py${{ matrix.python-version}} ${{ matrix.toxenv-factors }})
runs-on: ${{ matrix.os }}
timeout-minutes: 10
strategy:
fail-fast: false
matrix:
include:
- # test with the latest dependencies
os: ubuntu-latest
python-version: '3.14'
toxenv-factors: '-current'
- # test with the lowest dependencies
os: ubuntu-latest
python-version: '3.9'
toxenv-factors: '-lowest'
steps:
- name: Checkout
# see https://github.com/actions/checkout
uses: actions/checkout@v5
- name: Setup Python Environment
# see https://github.com/actions/setup-python
uses: actions/setup-python@v6
with:
python-version: ${{ matrix.python-version }}
architecture: 'x64'
- name: Install poetry
# see https://github.com/marketplace/actions/setup-poetry
uses: Gr1N/setup-poetry@v9
with:
poetry-version: ${{ env.POETRY_VERSION }}
- name: Install dependencies
run: poetry install --no-root
- name: Run tox
run: poetry run tox run -e mypy${{ matrix.toxenv-factors }} -s false
build-and-test:
name: Test (${{ matrix.os }} py${{ matrix.python-version }} ${{ matrix.toxenv-factors }})
runs-on: ${{ matrix.os }}
timeout-minutes: 15
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- macos-latest
- windows-latest
python-version:
- "3.14" # highest supported
- "3.13"
- "3.12"
- "3.11"
- "3.10"
- "3.9" # lowest supported
toxenv-factors:
- "-allExtras"
- "-noExtras"
exclude:
- os: macos-latest
python-version: "3.10"
- os: macos-latest
python-version: "3.9"
include:
- os: macos-13
python-version: "3.10"
toxenv-factors: "-allExtras"
- os: macos-13
python-version: "3.10"
toxenv-factors: "-noExtras"
- os: macos-13
python-version: "3.9"
toxenv-factors: "-allExtras"
- os: macos-13
python-version: "3.9"
toxenv-factors: "-noExtras"
steps:
- name: Disabled Git auto EOL CRLF transforms
run: |
git config --global core.autocrlf false
git config --global core.eol lf
- name: Checkout
# see https://github.com/actions/checkout
uses: actions/checkout@v5
- name: Create reports directory
run: mkdir ${{ env.REPORTS_DIR }}
- name: Setup Python Environment
# see https://github.com/actions/setup-python
uses: actions/setup-python@v6
with:
python-version: ${{ matrix.python-version }}
architecture: 'x64'
- name: Validate Python Environment
shell: python
run: |
import sys
print('Python %s on %s in %s' % (sys.version, sys.platform, sys.getdefaultencoding()))
- name: Install poetry
# see https://github.com/marketplace/actions/setup-poetry
uses: Gr1N/setup-poetry@v9
with:
poetry-version: ${{ env.POETRY_VERSION }}
- name: Install dependencies
run: poetry install --no-root
- name: Ensure build successful
run: poetry build
- name: Run tox
run: poetry run tox run -e py${{ matrix.toxenv-factors }} -s false
- name: Generate coverage reports
if: ${{ failure() || success() }}
shell: bash
run: |
set -eux
poetry run coverage report -m
poetry run coverage xml -o '${{ env.REPORTS_DIR }}/coverage/${{ matrix.os }}_py${{ matrix.python-version }}_${{ matrix.toxenv-factors }}.cobertura.xml'
- name: Artifact reports
if: ${{ ! cancelled() }}
# see https://github.com/actions/upload-artifact
uses: actions/upload-artifact@v4
with:
name: ${{ env.TESTS_REPORTS_ARTIFACT }}-${{ matrix.os }}-py${{ matrix.python-version }}${{ matrix.toxenv-factors }}
path: ${{ env.REPORTS_DIR }}
if-no-files-found: error
report-coverage:
name: Publish test coverage
needs: [ "build-and-test" ]
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: fetch test artifacts
# see https://github.com/actions/download-artifact
uses: actions/download-artifact@v5
with:
path: ${{ env.REPORTS_DIR }}
pattern: ${{ env.TESTS_REPORTS_ARTIFACT }}-*
merge-multiple: true
- name: Run codacy-coverage-reporter
env:
CODACY_PROJECT_TOKEN: ${{ secrets.CODACY_PROJECT_TOKEN }}
if: ${{ env.CODACY_PROJECT_TOKEN != '' }} ## see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#example-using-secrets
# see https://github.com/codacy/codacy-coverage-reporter-action
uses: codacy/codacy-coverage-reporter-action@v1
with:
project-token: ${{ env.CODACY_PROJECT_TOKEN }}
coverage-reports: ${{ env.REPORTS_DIR }}/coverage/*
examples:
name: Examples E:${{ matrix.install-extras || '<none>' }}
runs-on: ubuntu-latest
timeout-minutes: 10
strategy:
fail-fast: false
matrix:
install-extras:
- '' # none
- json-validation
- xml-validation
steps:
- name: Checkout
# see https://github.com/actions/checkout
uses: actions/checkout@v5
- name: Setup Python Environment
# see https://github.com/actions/setup-python
uses: actions/setup-python@v6
with:
python-version: '>=3.9 <=3.14' # supported version range
- name: Validate Python Environment
shell: python
run: |
import sys
print('Python %s on %s in %s' % (sys.version, sys.platform, sys.getdefaultencoding()))
- name: Install poetry
# see https://github.com/marketplace/actions/setup-poetry
uses: Gr1N/setup-poetry@v9
with:
poetry-version: ${{ env.POETRY_VERSION }}
- name: Install package and prod dependencies
run: poetry install --only=main --extras='${{ matrix.install-extras }}' -vvv
- name: run all examples
run: >
find examples -type f -name '*.py' -print0
| xargs -0 -L1 -t
poetry run python