diff --git a/.github/workflows/test-common.yml b/.github/workflows/test-common.yml index 7204c5d7d7..35bf24387c 100644 --- a/.github/workflows/test-common.yml +++ b/.github/workflows/test-common.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: common, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-aiohttp.yml b/.github/workflows/test-integration-aiohttp.yml index f70d652f2e..002bdbc715 100644 --- a/.github/workflows/test-integration-aiohttp.yml +++ b/.github/workflows/test-integration-aiohttp.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: aiohttp, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-ariadne.yml b/.github/workflows/test-integration-ariadne.yml index 38e0d8271b..054ed19156 100644 --- a/.github/workflows/test-integration-ariadne.yml +++ b/.github/workflows/test-integration-ariadne.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: ariadne, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-arq.yml b/.github/workflows/test-integration-arq.yml index 614e53f390..909fb8f7c8 100644 --- a/.github/workflows/test-integration-arq.yml +++ b/.github/workflows/test-integration-arq.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: arq, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-asgi.yml b/.github/workflows/test-integration-asgi.yml index 9a29398fc2..7ce40e705d 100644 --- a/.github/workflows/test-integration-asgi.yml +++ b/.github/workflows/test-integration-asgi.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: asgi, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-asyncpg.yml b/.github/workflows/test-integration-asyncpg.yml index 4b2ed26671..a6b063a2cf 100644 --- a/.github/workflows/test-integration-asyncpg.yml +++ b/.github/workflows/test-integration-asyncpg.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: asyncpg, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-aws_lambda.yml b/.github/workflows/test-integration-aws_lambda.yml index 385bb4b13a..e6b3264b06 100644 --- a/.github/workflows/test-integration-aws_lambda.yml +++ b/.github/workflows/test-integration-aws_lambda.yml @@ -6,7 +6,7 @@ on: - master - release/** - pull_request: + pull_request_target: # Cancel in progress workflows on pull_requests. # https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-a-fallback-value @@ -25,7 +25,18 @@ env: ${{ github.workspace }}/dist-serverless jobs: + authorize: + name: Determine environment + environment: + ${{ github.event_name == 'pull_request_target' && + github.event.pull_request.head.repo.full_name != github.repository && + 'external' || 'internal' }} + runs-on: ubuntu-latest + steps: + - run: true + test: + needs: authorize name: aws_lambda, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} timeout-minutes: 30 @@ -42,6 +53,8 @@ jobs: steps: - uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha || github.ref }} - uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} diff --git a/.github/workflows/test-integration-beam.yml b/.github/workflows/test-integration-beam.yml index a86d6ccd7d..d6fa0b3461 100644 --- a/.github/workflows/test-integration-beam.yml +++ b/.github/workflows/test-integration-beam.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: beam, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-boto3.yml b/.github/workflows/test-integration-boto3.yml index fb246c899e..ebf1b5a80b 100644 --- a/.github/workflows/test-integration-boto3.yml +++ b/.github/workflows/test-integration-boto3.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: boto3, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-bottle.yml b/.github/workflows/test-integration-bottle.yml index 5bbdcaac53..36053829df 100644 --- a/.github/workflows/test-integration-bottle.yml +++ b/.github/workflows/test-integration-bottle.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: bottle, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-celery.yml b/.github/workflows/test-integration-celery.yml index 71623f0e1e..0c15f4d843 100644 --- a/.github/workflows/test-integration-celery.yml +++ b/.github/workflows/test-integration-celery.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: celery, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-chalice.yml b/.github/workflows/test-integration-chalice.yml index 6615aeb75d..3f6df0fa43 100644 --- a/.github/workflows/test-integration-chalice.yml +++ b/.github/workflows/test-integration-chalice.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: chalice, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-clickhouse_driver.yml b/.github/workflows/test-integration-clickhouse_driver.yml index 30561ab5a1..196ae1044b 100644 --- a/.github/workflows/test-integration-clickhouse_driver.yml +++ b/.github/workflows/test-integration-clickhouse_driver.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: clickhouse_driver, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-cloud_resource_context.yml b/.github/workflows/test-integration-cloud_resource_context.yml index f6140d823c..069a4037f9 100644 --- a/.github/workflows/test-integration-cloud_resource_context.yml +++ b/.github/workflows/test-integration-cloud_resource_context.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: cloud_resource_context, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-django.yml b/.github/workflows/test-integration-django.yml index 819fb70f1a..ee2ff3e292 100644 --- a/.github/workflows/test-integration-django.yml +++ b/.github/workflows/test-integration-django.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: django, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-falcon.yml b/.github/workflows/test-integration-falcon.yml index 09d8ff8d80..f9aa94407a 100644 --- a/.github/workflows/test-integration-falcon.yml +++ b/.github/workflows/test-integration-falcon.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: falcon, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-fastapi.yml b/.github/workflows/test-integration-fastapi.yml index 0a330b1401..78e40d791d 100644 --- a/.github/workflows/test-integration-fastapi.yml +++ b/.github/workflows/test-integration-fastapi.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: fastapi, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-flask.yml b/.github/workflows/test-integration-flask.yml index d716df171d..477c355a02 100644 --- a/.github/workflows/test-integration-flask.yml +++ b/.github/workflows/test-integration-flask.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: flask, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-gcp.yml b/.github/workflows/test-integration-gcp.yml index c6eb4adcc8..ec79ced946 100644 --- a/.github/workflows/test-integration-gcp.yml +++ b/.github/workflows/test-integration-gcp.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: gcp, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-gevent.yml b/.github/workflows/test-integration-gevent.yml index d879f5c2f5..3777e8f91b 100644 --- a/.github/workflows/test-integration-gevent.yml +++ b/.github/workflows/test-integration-gevent.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: gevent, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-gql.yml b/.github/workflows/test-integration-gql.yml index 9ebd5a16b7..b6bf9369bd 100644 --- a/.github/workflows/test-integration-gql.yml +++ b/.github/workflows/test-integration-gql.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: gql, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-graphene.yml b/.github/workflows/test-integration-graphene.yml index 5236731eb0..ece99bb5da 100644 --- a/.github/workflows/test-integration-graphene.yml +++ b/.github/workflows/test-integration-graphene.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: graphene, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-grpc.yml b/.github/workflows/test-integration-grpc.yml index 0e4f48d423..e220bbba3f 100644 --- a/.github/workflows/test-integration-grpc.yml +++ b/.github/workflows/test-integration-grpc.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: grpc, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-httpx.yml b/.github/workflows/test-integration-httpx.yml index 3c67d2370c..e577d8d22c 100644 --- a/.github/workflows/test-integration-httpx.yml +++ b/.github/workflows/test-integration-httpx.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: httpx, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-huey.yml b/.github/workflows/test-integration-huey.yml index db6c5fcbc4..add301ced6 100644 --- a/.github/workflows/test-integration-huey.yml +++ b/.github/workflows/test-integration-huey.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: huey, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-loguru.yml b/.github/workflows/test-integration-loguru.yml index 885b1534f4..3822091519 100644 --- a/.github/workflows/test-integration-loguru.yml +++ b/.github/workflows/test-integration-loguru.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: loguru, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-opentelemetry.yml b/.github/workflows/test-integration-opentelemetry.yml index 5e2722ed49..57a3a93f71 100644 --- a/.github/workflows/test-integration-opentelemetry.yml +++ b/.github/workflows/test-integration-opentelemetry.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: opentelemetry, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-pure_eval.yml b/.github/workflows/test-integration-pure_eval.yml index 30b5f8cc1b..3f3db64183 100644 --- a/.github/workflows/test-integration-pure_eval.yml +++ b/.github/workflows/test-integration-pure_eval.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: pure_eval, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-pymongo.yml b/.github/workflows/test-integration-pymongo.yml index 2a3d7697f2..7e85408f7c 100644 --- a/.github/workflows/test-integration-pymongo.yml +++ b/.github/workflows/test-integration-pymongo.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: pymongo, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-pyramid.yml b/.github/workflows/test-integration-pyramid.yml index 7a4b327b3f..5ff60c6058 100644 --- a/.github/workflows/test-integration-pyramid.yml +++ b/.github/workflows/test-integration-pyramid.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: pyramid, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-quart.yml b/.github/workflows/test-integration-quart.yml index 838683cf9c..f7027c52e9 100644 --- a/.github/workflows/test-integration-quart.yml +++ b/.github/workflows/test-integration-quart.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: quart, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-redis.yml b/.github/workflows/test-integration-redis.yml index 54ad9abe2a..d06cfc5059 100644 --- a/.github/workflows/test-integration-redis.yml +++ b/.github/workflows/test-integration-redis.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: redis, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-rediscluster.yml b/.github/workflows/test-integration-rediscluster.yml index 73ed5c1733..7fc24206d4 100644 --- a/.github/workflows/test-integration-rediscluster.yml +++ b/.github/workflows/test-integration-rediscluster.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: rediscluster, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-requests.yml b/.github/workflows/test-integration-requests.yml index bc8e4a990c..fef4be85fe 100644 --- a/.github/workflows/test-integration-requests.yml +++ b/.github/workflows/test-integration-requests.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: requests, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-rq.yml b/.github/workflows/test-integration-rq.yml index b0812c36e6..c0d846c57c 100644 --- a/.github/workflows/test-integration-rq.yml +++ b/.github/workflows/test-integration-rq.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: rq, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-sanic.yml b/.github/workflows/test-integration-sanic.yml index 27ca05eb6a..4371071fcb 100644 --- a/.github/workflows/test-integration-sanic.yml +++ b/.github/workflows/test-integration-sanic.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: sanic, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-sqlalchemy.yml b/.github/workflows/test-integration-sqlalchemy.yml index 70cbb7ff79..c06b670af7 100644 --- a/.github/workflows/test-integration-sqlalchemy.yml +++ b/.github/workflows/test-integration-sqlalchemy.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: sqlalchemy, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-starlette.yml b/.github/workflows/test-integration-starlette.yml index ad3e269075..cd3c29eef1 100644 --- a/.github/workflows/test-integration-starlette.yml +++ b/.github/workflows/test-integration-starlette.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: starlette, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-starlite.yml b/.github/workflows/test-integration-starlite.yml index 01715e1c66..dc9c98db58 100644 --- a/.github/workflows/test-integration-starlite.yml +++ b/.github/workflows/test-integration-starlite.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: starlite, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-strawberry.yml b/.github/workflows/test-integration-strawberry.yml index 16b42ec2a2..2460bfa35e 100644 --- a/.github/workflows/test-integration-strawberry.yml +++ b/.github/workflows/test-integration-strawberry.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: strawberry, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-tornado.yml b/.github/workflows/test-integration-tornado.yml index c9ccec4f38..4b4ca94dab 100644 --- a/.github/workflows/test-integration-tornado.yml +++ b/.github/workflows/test-integration-tornado.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: tornado, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/.github/workflows/test-integration-trytond.yml b/.github/workflows/test-integration-trytond.yml index 137cec7ef4..9b97004820 100644 --- a/.github/workflows/test-integration-trytond.yml +++ b/.github/workflows/test-integration-trytond.yml @@ -23,6 +23,7 @@ env: ${{ github.workspace }}/dist-serverless jobs: + test: name: trytond, python ${{ matrix.python-version }}, ${{ matrix.os }} runs-on: ${{ matrix.os }} diff --git a/scripts/split-tox-gh-actions/ci-yaml-authorize-snippet.txt b/scripts/split-tox-gh-actions/ci-yaml-authorize-snippet.txt new file mode 100644 index 0000000000..b53fae0b11 --- /dev/null +++ b/scripts/split-tox-gh-actions/ci-yaml-authorize-snippet.txt @@ -0,0 +1,9 @@ + authorize: + name: Determine environment + environment: + ${{ github.event_name == 'pull_request_target' && + github.event.pull_request.head.repo.full_name != github.repository && + 'external' || 'internal' }} + runs-on: ubuntu-latest + steps: + - run: true diff --git a/scripts/split-tox-gh-actions/ci-yaml-test-py27-snippet.txt b/scripts/split-tox-gh-actions/ci-yaml-test-py27-snippet.txt index 94723c1658..25707bef14 100644 --- a/scripts/split-tox-gh-actions/ci-yaml-test-py27-snippet.txt +++ b/scripts/split-tox-gh-actions/ci-yaml-test-py27-snippet.txt @@ -7,6 +7,7 @@ steps: - uses: actions/checkout@v4 +{{ checkout_with }} - name: Setup Test Env run: | diff --git a/scripts/split-tox-gh-actions/ci-yaml-test-snippet.txt b/scripts/split-tox-gh-actions/ci-yaml-test-snippet.txt index c2d10596ea..f7c4e7225c 100644 --- a/scripts/split-tox-gh-actions/ci-yaml-test-snippet.txt +++ b/scripts/split-tox-gh-actions/ci-yaml-test-snippet.txt @@ -7,6 +7,7 @@ steps: - uses: actions/checkout@v4 +{{ checkout_with }} - uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} diff --git a/scripts/split-tox-gh-actions/ci-yaml.txt b/scripts/split-tox-gh-actions/ci-yaml.txt index 90bd5c61ce..5d644f31b2 100644 --- a/scripts/split-tox-gh-actions/ci-yaml.txt +++ b/scripts/split-tox-gh-actions/ci-yaml.txt @@ -6,7 +6,7 @@ on: - master - release/** - pull_request: +{{ on_pull_request }} # Cancel in progress workflows on pull_requests. # https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-a-fallback-value @@ -24,6 +24,8 @@ env: ${{ github.workspace }}/dist-serverless jobs: +{{ authorize }} + {{ test }} {{ test_py27 }} diff --git a/scripts/split-tox-gh-actions/split-tox-gh-actions.py b/scripts/split-tox-gh-actions/split-tox-gh-actions.py index ea187475db..3b3a38038f 100755 --- a/scripts/split-tox-gh-actions/split-tox-gh-actions.py +++ b/scripts/split-tox-gh-actions/split-tox-gh-actions.py @@ -29,6 +29,7 @@ TEMPLATE_FILE_SERVICES = TEMPLATE_DIR / "ci-yaml-services.txt" TEMPLATE_FILE_SETUP_DB = TEMPLATE_DIR / "ci-yaml-setup-db.txt" TEMPLATE_FILE_AWS_CREDENTIALS = TEMPLATE_DIR / "ci-yaml-aws-credentials.txt" +TEMPLATE_SNIPPET_AUTHORIZE = TEMPLATE_DIR / "ci-yaml-authorize-snippet.txt" TEMPLATE_SNIPPET_TEST = TEMPLATE_DIR / "ci-yaml-test-snippet.txt" TEMPLATE_SNIPPET_TEST_PY27 = TEMPLATE_DIR / "ci-yaml-test-py27-snippet.txt" @@ -45,6 +46,10 @@ "aws_lambda", ] +FRAMEWORKS_NEEDING_SECRETS = [ + "aws_lambda", +] + MATRIX_DEFINITION = """ strategy: fail-fast: false @@ -76,30 +81,68 @@ echo "One of the dependent jobs has failed. You may need to re-run it." && exit 1 """ +CHECKOUT_WITH = """\ + with: + ref: ${{ github.event.pull_request.head.sha || github.ref }} +""" + -def write_yaml_file( - template, - current_framework, - python_versions, -): +def write_yaml_file(template, current_framework, python_versions): """Write the YAML configuration file for one framework to disk.""" py_versions = [py.replace("py", "") for py in python_versions] py27_supported = "2.7" in py_versions + template = [line for line in template] + + on_pull_request_loc = template.index("{{ on_pull_request }}\n") + if current_framework in FRAMEWORKS_NEEDING_SECRETS: + on_pull_request = " pull_request_target:\n" + else: + on_pull_request = " pull_request:\n" + + template[on_pull_request_loc] = on_pull_request + + authorize_loc = template.index("{{ authorize }}\n") + if current_framework in FRAMEWORKS_NEEDING_SECRETS: + with open(TEMPLATE_SNIPPET_AUTHORIZE, "r") as f: + authorize_snippet = f.readlines() + template = ( + template[:authorize_loc] + authorize_snippet + template[authorize_loc + 1 :] + ) + else: + template.pop(authorize_loc) + test_loc = template.index("{{ test }}\n") - f = open(TEMPLATE_SNIPPET_TEST, "r") - test_snippet = f.readlines() + with open(TEMPLATE_SNIPPET_TEST, "r") as f: + test_snippet = f.readlines() + + if current_framework in FRAMEWORKS_NEEDING_SECRETS: + test_snippet.insert(1, " needs: authorize\n") + + checkout_with_loc = test_snippet.index("{{ checkout_with }}\n") + if current_framework in FRAMEWORKS_NEEDING_SECRETS: + test_snippet[checkout_with_loc] = CHECKOUT_WITH + else: + test_snippet.pop(checkout_with_loc) template = template[:test_loc] + test_snippet + template[test_loc + 1 :] - f.close() test_py27_loc = template.index("{{ test_py27 }}\n") if py27_supported: - f = open(TEMPLATE_SNIPPET_TEST_PY27, "r") - test_py27_snippet = f.readlines() + with open(TEMPLATE_SNIPPET_TEST_PY27, "r") as f: + test_py27_snippet = f.readlines() + + if current_framework in FRAMEWORKS_NEEDING_SECRETS: + test_py27_snippet.insert(1, " needs: authorize\n") + + checkout_with_loc = test_py27_snippet.index("{{ checkout_with }}\n") + if current_framework in FRAMEWORKS_NEEDING_SECRETS: + test_py27_snippet[checkout_with_loc] = CHECKOUT_WITH + else: + test_py27_snippet.pop(checkout_with_loc) + template = ( template[:test_py27_loc] + test_py27_snippet + template[test_py27_loc + 1 :] ) - f.close() py_versions.remove("2.7") else: