Skip to content

security: bump aioboto3 and urllib3 to avoid CVE-2024-37891 #85

security: bump aioboto3 and urllib3 to avoid CVE-2024-37891

security: bump aioboto3 and urllib3 to avoid CVE-2024-37891 #85

Workflow file for this run

name: test
on:
pull_request:
types:
- opened
- reopened
- synchronize
push:
branches:
- main
jobs:
changed-files:
runs-on: ubuntu-latest
outputs:
should_run_unit_tests: ${{ steps.check-unit-tests.outputs.src }}
should_run_integration_tests: ${{ steps.check-integration-tests.outputs.src }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- id: check-unit-tests
name: Should run unit tests
uses: dorny/paths-filter@v3
with:
filters: |
src:
- "async_batcher/**"
- "tests/**"
- "poetry.lock"
- id: check-integration-tests
name: Should run integration tests
uses: dorny/paths-filter@v3
with:
filters: |
src:
- "async_batcher/aws/**"
- "async_batcher/scylladb/**"
- "async_batcher/sqlalchemy/**"
- "tests/integration/**"
- "poetry.lock"
unit-tests:
needs: changed-files
if: ${{ needs.changed-files.outputs.should_run_unit_tests == 'true' || github.event.action == 'reopened' }}
strategy:
fail-fast: false
matrix:
os: [ "ubuntu-latest", "macos-latest", "macos-14" ]
python-version: [ "3.10", "3.11", "3.12" ]
runs-on: ${{ matrix.os }}
steps:
- name: Check out repository
uses: actions/checkout@v4
- name: Set up python ${{ matrix.python-version }}
id: setup-python
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v4
with:
path: .venv
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}
- name: Install dependencies
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
run: poetry install --no-interaction --no-root --all-extras
- name: Install library
run: poetry install --no-interaction --all-extras
- name: Run tests
run: |
source .venv/bin/activate
pytest tests/
integration-tests: # TODO: Improve this job to run just the changed integration tests
needs: changed-files
if: ${{ needs.changed-files.outputs.should_run_integration_tests == 'true' || github.event.action == 'reopened' }}
strategy:
fail-fast: false
matrix:
python-version: [ "3.10", "3.11", "3.12" ]
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v4
- name: Set up python ${{ matrix.python-version }}
id: setup-python
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v4
with:
path: .venv
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}
- name: Install dependencies
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
run: poetry install --no-interaction --no-root --all-extras
- name: Install library
run: poetry install --no-interaction --all-extras
- name: Run docker-compose
run: |
docker compose \
-f docker-compose/dynamodb.yml \
-f docker-compose/postgres.yml \
up -d --wait
# TODO: Make the ScyllaDB containers more stable then activate all the integration tests
- name: Run DynamoDB integration tests
run: |
source .venv/bin/activate
pytest tests/ -m integration_dynamodb
- name: Run Postgres integration tests
run: |
source .venv/bin/activate
pytest tests/ -m integration_postgres
linter:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v4
- name: Set up python 3.11
uses: actions/setup-python@v5
with:
python-version: 3.11
- name: Install pre-commit
run: pip install pre-commit
- name: Run pre-commit
run: pre-commit run --all-files