-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathnoxfile.py
146 lines (127 loc) · 4.21 KB
/
noxfile.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
"""Nox configuration file for managing build, test and deploy sessions and dependencies."""
import json
from pathlib import Path
import nox
nox.options.reuse_existing_virtualenvs = True
nox.options.default_venv_backend = "uv"
_JUNITXML_ARG = "--junitxml=junit.xml"
def _setup_venv(session: nox.Session, all_extras: bool = True) -> None:
"""Install dependencies for the given session using uv."""
args = ["uv", "sync", "--frozen"]
if all_extras:
args.append("--all-extras")
session.run_install(
*args,
env={
"UV_PROJECT_ENVIRONMENT": session.virtualenv.location,
"UV_PYTHON": str(session.python),
},
)
@nox.session(python=["3.13"])
def lint(session: nox.Session) -> None:
"""Run linting checks using ruff."""
_setup_venv(session)
session.run("ruff", "check", ".")
session.run(
"ruff",
"format",
"--check",
".",
)
@nox.session(python=["3.13"])
def docs(session: nox.Session) -> None:
"""Build documentation and concatenate README."""
_setup_venv(session)
# Concatenate README files
header = Path("_readme_header.md").read_text(encoding="utf-8")
main = Path("_readme_main.md").read_text(encoding="utf-8")
footer = Path("_readme_footer.md").read_text(encoding="utf-8")
readme_content = f"{header}\n\n{main}\n\n{footer}"
Path("README.md").write_text(readme_content, encoding="utf-8")
# Build docs
session.run("make", "-C", "docs", "html", external=True)
@nox.session(python=["3.13"])
def audit(session: nox.Session) -> None:
"""Perform security audit and output vulnerabilities."""
_setup_venv(session)
session.run("pip-audit", "-f", "json", "-o", "vulnerabilities.json")
session.run("jq", ".", "vulnerabilities.json", external=True)
session.run("pip-licenses", "--format=json", "--output-file=licenses.json")
session.run("jq", ".", "licenses.json", external=True)
# Read and parse licenses.json
licenses_data = json.loads(Path("licenses.json").read_text(encoding="utf-8"))
licenses_inverted: dict[str, list[dict[str, str]]] = {}
for pkg in licenses_data:
license_name = pkg["License"]
package_info = {"Name": pkg["Name"], "Version": pkg["Version"]}
if license_name not in licenses_inverted:
licenses_inverted[license_name] = []
licenses_inverted[license_name].append(package_info)
# Write inverted data
Path("licenses-inverted.json").write_text(
json.dumps(licenses_inverted, indent=2),
encoding="utf-8",
)
session.run("jq", ".", "licenses-inverted.json", external=True)
session.run("cyclonedx-py", "environment", "-o", "sbom.json")
session.run("jq", ".", "sbom.json", external=True)
@nox.session(python=["3.11", "3.12", "3.13"])
def test(session: nox.Session) -> None:
"""Run all test sessions and clean coverage data."""
_setup_venv(session)
session.run("rm", "-rf", ".coverage", external=True)
session.run(
"pytest",
"--disable-warnings",
_JUNITXML_ARG,
"-n",
"auto",
"--dist",
"loadgroup",
"-m",
"not sequential",
)
session.run(
"pytest",
"--cov-append",
"--disable-warnings",
_JUNITXML_ARG,
"-n",
"auto",
"--dist",
"loadgroup",
"-m",
"sequential",
)
session.run(
"bash",
"-c",
(
"docker compose ls --format json | jq -r '.[].Name' | "
"grep ^pytest | xargs -I {} docker compose -p {} down --remove-orphans"
),
external=True,
)
@nox.session(python=["3.11", "3.12", "3.13"])
def test_no_extras(session: nox.Session) -> None:
"""Run test sessions without extra dependencies."""
_setup_venv(session, all_extras=False)
session.run(
"pytest",
"--cov-append",
"--disable-warnings",
_JUNITXML_ARG,
"-n",
"1",
"-m",
"no_extras",
)
session.run(
"bash",
"-c",
(
"docker compose ls --format json | jq -r '.[].Name' | "
"grep ^pytest | xargs -I {} docker compose -p {} down --remove-orphans"
),
external=True,
)