Skip to content

build(deps): bump github/codeql-action from 3.27.5 to 3.27.6 #1419

build(deps): bump github/codeql-action from 3.27.5 to 3.27.6

build(deps): bump github/codeql-action from 3.27.5 to 3.27.6 #1419

Workflow file for this run

name: Build
on:
push:
branches:
- master
pull_request:
jobs:
build:
strategy:
fail-fast: false
runs-on: ubuntu-22.04
steps:
- uses: actions/[email protected]
with:
fetch-depth: 0
- name: Get Python version
run: echo "python_version=$(cat .python-version)" >> "$GITHUB_ENV"
- name: Setup Python ${{ matrix.python }}
uses: actions/[email protected]
with:
python-version: ${{ env.python_version }}
- uses: actions/[email protected]
with:
path: ~/.cache/pip
key:
${{ runner.os }}-pip-${{ secrets.CACHE_SEED }}-${{ env.python_version }}-${{
hashFiles('./poetry.lock') }}
restore-keys: ${{ runner.os }}-pip-${{ secrets.CACHE_SEED }}-${{ env.python_version }}-
- name: Upgrade pip
run: python -m pip install --upgrade pip
- name: Install Poetry
run: python -m pip install poetry
- name: Install Python dependencies
run: python -m poetry install
- name: Use Node.js for CDK deployment
uses: actions/[email protected]
with:
node-version-file: '.nvmrc'
registry-url: https://registry.npmjs.org
- name: Cache Node.js packages
uses: actions/[email protected]
with:
path: ~/.npm
key:
${{ runner.os }}-node-${{ secrets.CACHE_SEED }}-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-${{ secrets.CACHE_SEED }}-
- name: Install Node.js dependencies
run: npm ci --production
- name: Add local Node packages to PATH
run: echo "./node_modules/.bin:$PATH" >> $GITHUB_PATH
- name: Lint Last Commit
if: github.event_name == 'push'
run: poetry run gitlint
- name: Lint All Commits on Pull Request
if: github.event_name == 'pull_request'
run: poetry run gitlint --commits "origin/${{ github.base_ref }}...HEAD"
- name: Format
run: poetry run pre-commit run --all-files
- name: Test CDK stacks synthesize
run: poetry run cdk synthesize
build-nix-shell:
runs-on: ubuntu-20.04
steps:
- uses: actions/[email protected]
- uses: cachix/install-nix-action@V27
- uses: cachix/cachix-action@v15
with:
name: linz
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- run: nix-shell --pure --run 'cdk synth'
finalise:
if: always()
needs:
- build
- build-nix-shell
runs-on: ubuntu-latest
steps:
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/[email protected]
with:
jobs: ${{ toJSON(needs) }}