From 59ea6b1cf508397ef7eb9735821a01609beec3ea Mon Sep 17 00:00:00 2001 From: Guilherme Souza Date: Thu, 8 May 2025 05:26:36 -0300 Subject: [PATCH 1/4] chore: use reusable CI --- .github/workflows/ci.yml | 98 ++++------------------------------------ 1 file changed, 8 insertions(+), 90 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b48b36d..80b97cb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,98 +11,16 @@ permissions: contents: read jobs: - test: - name: Test / OS ${{ matrix.os }} / Python ${{ matrix.python-version }} - strategy: - matrix: - os: [ubuntu-latest] - python-version: ["3.9", "3.10", "3.11", "3.12", "3.13"] - runs-on: ${{ matrix.os }} - steps: - - name: Clone Repository - uses: actions/checkout@v4 - - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5 - with: - python-version: ${{ matrix.python-version }} - - - name: Set up Poetry - run: pipx install poetry==1.8.5 --python python${{ matrix.python-version }} - - - name: Run Tests - run: make run_tests - - - name: Upload coverage to Coveralls - uses: coverallsapp/github-action@v2 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - flag-name: run-${{ join(matrix.*, '-') }} - parallel: true - - finish_tests: - needs: test - name: Upload tests coveralls results - if: ${{ always() }} - runs-on: ubuntu-latest - steps: - - name: Coveralls Finished - uses: coverallsapp/github-action@v2 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - parallel-finished: true - carryforward: "run-ubuntu-latest-3.9,run-ubuntu-latest-3.10,run-ubuntu-latest-3.11,run-ubuntu-latest-3.12,run-ubuntu-latest-3.13" - - release-please: - needs: test - if: ${{ github.ref == 'refs/heads/main' && github.event_name == 'push' && github.repository_owner == 'supabase' }} - runs-on: ubuntu-latest - name: "Bump version and create changelog" - permissions: - id-token: write # IMPORTANT: this permission is mandatory for trusted publishing - contents: write # needed for github actions bot to write to repo - pull-requests: write - steps: - - uses: googleapis/release-please-action@v4 - id: release - with: - target-branch: ${{ github.ref_name }} - publish: - needs: release-please - if: ${{ startsWith(github.event.head_commit.message, 'chore(main)') && github.ref == 'refs/heads/main' && github.event_name == 'push' && github.repository_owner == 'supabase' }} - runs-on: ubuntu-latest - name: "supabase_functions: Publish to PyPi" - environment: - name: pypi - url: https://pypi.org/p/supabase_functions - permissions: - id-token: write # IMPORTANT: this permission is mandatory for trusted publishing - contents: write # needed for github actions bot to write to repo - steps: - - name: Set up Python 3.11 - uses: actions/setup-python@v5 - with: - python-version: 3.11 + ci: + uses: supabase/actions/.github/workflows/python-ci.yml@main + with: + enable-publish: true + package-name: 'supabase_functions' + secrets: + COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Clone Repository - uses: actions/checkout@v4 - with: - ref: ${{ github.ref }} - fetch-depth: 0 - - - name: Set up Poetry - run: pipx install poetry==1.8.5 --python python3.11 - - - name: Install dependencies - run: poetry install - - - name: Build package dist directory - run: poetry build - - - name: Publish package distributions to PyPI - uses: pypa/gh-action-pypi-publish@release/v1 publish_legacy: - needs: publish + needs: ci if: ${{ startsWith(github.event.head_commit.message, 'chore(main)') && github.ref == 'refs/heads/main' && github.event_name == 'push' && github.repository_owner == 'supabase' }} runs-on: ubuntu-latest name: "supafunc: Publish to PyPi" From 2b1af9b083d9ffbc7b74e57bb6edb659c8262c7c Mon Sep 17 00:00:00 2001 From: Guilherme Souza Date: Thu, 8 May 2025 05:27:58 -0300 Subject: [PATCH 2/4] adjust permissions --- .github/workflows/ci.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 80b97cb..55c4277 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,7 +8,9 @@ on: workflow_dispatch: permissions: - contents: read + contents: write + pull-requests: write + id-token: write jobs: ci: From 9fbcfa70a0dd75798411ce114fcc62d36b8d7fae Mon Sep 17 00:00:00 2001 From: Guilherme Souza Date: Thu, 8 May 2025 05:29:44 -0300 Subject: [PATCH 3/4] adjust test command --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 55c4277..0e7d475 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,6 +16,7 @@ jobs: ci: uses: supabase/actions/.github/workflows/python-ci.yml@main with: + test-command: 'make run_tests' enable-publish: true package-name: 'supabase_functions' secrets: From 7bd018ddcf64090d907f36ed9dd3454a12e0422f Mon Sep 17 00:00:00 2001 From: Guilherme Souza Date: Thu, 8 May 2025 05:32:18 -0300 Subject: [PATCH 4/4] remove permissions --- .github/workflows/ci.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0e7d475..b8fdde4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,11 +7,6 @@ on: pull_request: workflow_dispatch: -permissions: - contents: write - pull-requests: write - id-token: write - jobs: ci: uses: supabase/actions/.github/workflows/python-ci.yml@main