name: Build on: push: branches: - master jobs: tests: name: Tests runs-on: docker container: image: python:3.11-alpine steps: - name: "Setup env" run: | apk add --no-cache git nodejs pip install tox - name: "Get repo" uses: actions/checkout@v4 - name: "Tests" run: tox sonarqube: name: SonarQube runs-on: docker if: github.ref == 'refs/heads/master' container: image: alpine steps: - name: "Setup env" run: apk add --no-cache git nodejs bash curl jq - name: "Get repo" uses: actions/checkout@v4 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: "SonarQube Scan" uses: https://github.com/sonarsource/sonarqube-scan-action@master env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} # If you wish to fail your job when the Quality Gate is red, uncomment the # following lines. This would typically be used to fail a deployment. - name: "SonarQube Quality gate" uses: https://github.com/sonarsource/sonarqube-quality-gate-action@master timeout-minutes: 5 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} deploy: name: Deploy runs-on: docker needs: - tests - sonarqube if: github.ref == 'refs/heads/master' container: image: python:3.11-alpine steps: - name: "Setup env" run: | apk add --no-cache git nodejs pip install build twine - name: "Get repo" uses: actions/checkout@v4 with: fetch-depth: 0 - name: "Build" run: python -m build - name: "Push" uses: https://github.com/pypa/gh-action-pypi-publish@release/v1 with: user: "${{ env.GITHUB_ACTOR }}" password: "${{ secrets.PACKAGE_TOKEN }}" repository-url: "${{ env.GITHUB_SERVER_URL }}/api/packages/${{ env.GITHUB_REPOSITORY_OWNER }}/pypi"