Template repository for GitHub Actions written in Python
This template could be the starting point for develop GitHub Actions in python.
This project will be maintenance by poetry.
This template repository provides a skeleton to invent a docker containernized GitHub Action written in python. It provides a workflow skeleton:
- on
push- all branches
- integration.yml
- create-requirements.yml
- branches:
main, master- tag.yml
- all branches
- on
pull_request_target- pr_labler.yml
- on
pull_request- types:
labeled, unlabeled, opened, edited, reopened, synchronize, ready_for_review- pr.yml
- types:
- on
push- type:
tag- release.yml
- type:
The dependencies are managed by poetry, so you have to start, install the base tools:
$ cd [project root]
$ npm ci
$ pip install poetry
$ poetry sync --with testAfter this, you can customize the skeleton for your project
pyproject.toml
$ poetry init --name="repalce with your project name" \
--author='{name: "replace with authors name", email: "replace with authors email"}' \
--license="MIT" \
--description="Short description of your package"This workflow is for code quality and testing
name: Integration Test
permissions:
contents: read
pull-requests: write
on: [push]
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.12.10
uses: actions/[email protected]
with:
python-version: "3.12.10"
- name: Install dependencies
run: |
pip install poetry
poetry install --with test
- name: Lint
run: poetry run flake8 src/ tests/
- name: Tests
run: poetry run pytest --cov --cov-branch --cov-report xml:coverage/cov.xml --cov-report lcov:coverage/cov.info
- name: Upload results to Codecov
uses: codecov/codecov-action@v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
slug: jfheinrich-eu/pipreqs-action
files: coverage/cov.xml
verbose: true
- name: Generate Code Coverage report
id: code-coverage
uses: barecheck/code-coverage-action@v1
with:
barecheck-github-app-token: ${{ secrets.BARECHECK_GITHUB_APP_TOKEN }}
lcov-file: "coverage/cov.info"
send-summary-comment: true
show-annotations: ''This workflow creates or updates the requirements.txt file.
name: Create requirements.txt
permissions:
contents: write
pull-requests: write
on: [push]
jobs:
create-requirements:
name: Create requirements
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.12.10
uses: actions/[email protected]
with:
python-version: "3.12.10"
- name: Install dependencies
run: |
pip install poetry poetry-plugin-export
poetry sync --with test
- name: Automatic requirements.txt for Python Project
run: |
poetry export --without-hashes --format=requirements.txt --with test --output tmp_requirements.txt
diff requirements.txt tmp_requirements.txt >/dev/null 2>&1
if [ $? -ne 0 ]; then mv -f tmp_requirements.txt requirements.txt; fi
- uses: dorny/paths-filter@v3
id: changes
with:
filters: |
src:
- 'requirements.txt'
- name: Commit changes
if: steps.changes.outputs.src == 'true'
uses: stefanzweifel/git-auto-commit-action@v5
with:
branch: ${{ github.ref_name }}
commit_message: 'Updated requirements file on ${{ github.ref_name }} [skip ci]'
file_pattern: requirements.txtThis workflow provides the tagging, release creation and creation of the release notes.
To create the release notes it use the commit message block between these markers:
<!--- START AUTOGENERATED NOTES --->
<!--- END AUTOGENERATED NOTES --->The generated version number is v prefixed.
name: Release
permissions:
contents: write
pull-requests: write
on:
push:
branches:
- main
- master
jobs:
bump-tag-version:
name: Bump and Tag Version
runs-on: ubuntu-latest
defaults:
run:
shell: bash
env:
PSONO_CI_API_KEY_ID: ${{ secrets.PSONO_API_KEY_ID }}
PSONO_CI_API_SECRET_KEY_HEX: ${{ secrets.PSONO_API_SECRET_KEY_HEX }}
PSONO_CI_SERVER_URL: ${{ vars.PSONO_SERVER_URL }}
PSONO_GITHUB_TOKEN_ID: ${{ secrets.PSONO_GITHUB_CLI_TOKEN}}
steps:
- name: Get GitHub Token
id: github-token
uses: jfheinrich-eu/[email protected]
with:
ci_api_key_id: ${{ secrets.PSONO_API_KEY_ID }}
ci_api_secret_key_hex: ${{ secrets.PSONO_API_SECRET_KEY_HEX }}
ci_server_url: ${{ vars.PSONO_SERVER_URL }}
secret_id: ${{ secrets.PSONO_GITHUB_CLI_TOKEN }}
secret_type: 'secret'
secret_fields: "password"
mask_secrets: password
- uses: actions/checkout@v4
- uses: jefflinse/[email protected]
name: Bump and Tag Version
with:
mode: bump
repo-token: ${{ steps.github-token.outputs.secret1 }}
major-label: major release
minor-label: minor release
patch-label: patch release
noop-labels: |
documentation change
skip-release
dependencies
require-release-notes: true
release-notes-prefix: '<!--- START AUTOGENERATED NOTES --->'
release-notes-suffix: '<!--- END AUTOGENERATED NOTES --->'
with-v: true
base-branch: falseProvides an automatically labeling on new pull requests, based on the files in the commit
name: Pull Request Labeler
permissions:
contents: read
pull-requests: write
on: pull_request_target
jobs:
triage:
runs-on: ubuntu-latest
steps:
- uses: actions/labeler@v5
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
configuration-path: .github/pr_labeler.yml
sync-labels: falseGenerates the pull request description
name: Release Info
permissions:
contents: read
pull-requests: write
on:
pull_request:
types: [labeled, unlabeled, opened, edited, reopened, synchronize, ready_for_review]
jobs:
generate-pr-description:
if: ${{ github.actor != 'dependabot[bot]' }}
name: Generate the description on the pull request
runs-on: ubuntu-latest
defaults:
run:
shell: bash
steps:
- uses: actions/checkout@v4
- uses: octue/[email protected]
id: pr-description
with:
pull_request_url: ${{ github.event.pull_request.url }}
api_token: ${{ secrets.GITHUB_TOKEN }}
- name: Update pull request body
uses: riskledger/update-pr-description@v2
with:
body: ${{ steps.pr-description.outputs.pull_request_description }}
token: ${{ secrets.GITHUB_TOKEN }}
check-pr:
if: ${{ github.actor != 'dependabot[bot]' }}
needs: generate-pr-description
name: Validate Release Label and Notes
runs-on: ubuntu-latest
defaults:
run:
shell: bash
steps:
- uses: actions/checkout@v4
- name: Fetch secrets
id: fetch-secrets
uses: jfheinrich-eu/[email protected]
with:
ci_api_key_id: ${{ secrets.PSONO_API_KEY_ID }}
ci_api_secret_key_hex: ${{ secrets.PSONO_API_SECRET_KEY_HEX }}
ci_server_url: 'https://your-psono-server.com'
secret_id: ${{ secrets.PSONO_GITHUB_CLI_TOKEN }}
secret_type: 'secret'
secret_fields: 'password'
mask_secrets: 'password'
- uses: jefflinse/[email protected]
name: Validate Pull Request Metadata
with:
mode: validate
repo-token: ${{ steps.fetch-secrets.outputs.secret1 }}
major-label: major release
minor-label: minor release
patch-label: patch release
noop-labels: |
documentation change
dependencies
skip-release
require-release-notes: true
release-notes-prefix: '<!--- START AUTOGENERATED NOTES --->'
release-notes-suffix: '<!--- END AUTOGENERATED NOTES --->'
with-v: false
base-branch: falseThis workflow runs on a release tag, e.g. v1.5.20 and generates the CHANGELOG.md file.
name: Create new release
permissions:
contents: write
pull-requests: write
on:
push:
tags:
- 'v[0-9]+.[0-9]+.[0-9]+'
jobs:
release:
runs-on: ubuntu-latest
defaults:
run:
shell: bash
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Update CHANGELOG
id: changelog
uses: requarks/changelog-action@v1
with:
token: ${{ github.token }}
tag: ${{ github.ref_name }}
- name: Create Release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref_name }}
release_name: 'Release ${{ github.ref_name }}'
body: ${{ steps.changelog.outputs.changes }}
- name: Commit CHANGELOG.md
uses: stefanzweifel/git-auto-commit-action@v5
with:
branch: main
commit_message: 'docs: update CHANGELOG.md for ${{ github.ref_name }} [skip ci]'
file_pattern: CHANGELOG.mdTo use this template, you have to click on Use this template on the GitHub repository page.
- @jfheinrich - Idea & Initial work
See also the list of contributors who participated in this project.