Fixed unsecured tempfile.mktemp() command usage #5480
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
paths-ignore: | |
- 'docs/**' | |
- '**/*.rst' | |
- '**/*.md' | |
branches: | |
- master | |
- '[0-9].[0-9]' | |
pull_request: | |
branches: | |
- master | |
- '[0-9].[0-9]' | |
schedule: | |
- cron: '0 1 * * *' # nightly build | |
concurrency: | |
group: ${{ github.event.pull_request.number || github.ref }}-integration | |
cancel-in-progress: true | |
permissions: | |
contents: read # to fetch code (actions/checkout) | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
# this speeds up coverage with Python 3.12: https://github.com/nedbat/coveragepy/issues/1665 | |
COVERAGE_CORE: sysmon | |
REDIS_IMAGE: redis:latest | |
REDIS_STACK_IMAGE: redis/redis-stack-server:latest | |
CURRENT_REDIS_VERSION: '7.4.1' | |
jobs: | |
dependency-audit: | |
name: Dependency audit | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: pypa/gh-action-pip-audit@v1.0.8 | |
with: | |
inputs: requirements.txt dev_requirements.txt | |
ignore-vulns: | | |
GHSA-w596-4wvx-j9j6 # subversion related git pull, dependency for pytest. There is no impact here. | |
lint: | |
name: Code linters | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: 3.9 | |
cache: 'pip' | |
- name: run code linters | |
run: | | |
pip install -r dev_requirements.txt | |
invoke linters | |
redis_version: | |
runs-on: ubuntu-latest | |
outputs: | |
CURRENT: ${{ env.CURRENT_REDIS_VERSION }} | |
steps: | |
- name: Compute outputs | |
run: | | |
echo "CURRENT=${{ env.CURRENT_REDIS_VERSION }}" >> $GITHUB_OUTPUT | |
tests: | |
runs-on: ubuntu-latest | |
timeout-minutes: 60 | |
needs: redis_version | |
strategy: | |
max-parallel: 15 | |
fail-fast: false | |
matrix: | |
redis-version: [ '${{ needs.redis_version.outputs.CURRENT }}', '7.2.6', '6.2.16'] | |
python-version: ['3.8', '3.12'] | |
parser-backend: ['plain'] | |
event-loop: ['asyncio'] | |
env: | |
ACTIONS_ALLOW_UNSECURE_COMMANDS: true | |
name: Redis ${{ matrix.redis-version }}; Python ${{ matrix.python-version }}; RESP Parser:${{matrix.parser-backend}}; EL:${{matrix.event-loop}} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Run tests | |
uses: ./.github/actions/run-tests | |
with: | |
python-version: ${{ matrix.python-version }} | |
parser-backend: ${{ matrix.parser-backend }} | |
redis-version: ${{ matrix.redis-version }} | |
python-compatibility-tests: | |
runs-on: ubuntu-latest | |
needs: [ redis_version, tests ] | |
timeout-minutes: 60 | |
strategy: | |
max-parallel: 15 | |
fail-fast: false | |
matrix: | |
redis-version: [ '${{ needs.redis_version.outputs.CURRENT }}' ] | |
python-version: ['3.9', '3.10', '3.11', 'pypy-3.9', 'pypy-3.10'] | |
parser-backend: [ 'plain' ] | |
event-loop: [ 'asyncio' ] | |
env: | |
ACTIONS_ALLOW_UNSECURE_COMMANDS: true | |
name: Redis ${{ matrix.redis-version }}; Python ${{ matrix.python-version }}; RESP Parser:${{matrix.parser-backend}}; EL:${{matrix.event-loop}} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Run tests | |
uses: ./.github/actions/run-tests | |
with: | |
python-version: ${{ matrix.python-version }} | |
parser-backend: ${{ matrix.parser-backend }} | |
redis-version: ${{ matrix.redis-version }} | |
hiredis-tests: | |
runs-on: ubuntu-latest | |
needs: [redis_version, tests] | |
timeout-minutes: 60 | |
strategy: | |
max-parallel: 15 | |
fail-fast: false | |
matrix: | |
redis-version: [ '${{ needs.redis_version.outputs.CURRENT }}' ] | |
python-version: [ '3.8', '3.12'] | |
parser-backend: [ 'hiredis' ] | |
hiredis-version: [ '>=3.0.0', '<3.0.0' ] | |
event-loop: [ 'asyncio' ] | |
env: | |
ACTIONS_ALLOW_UNSECURE_COMMANDS: true | |
name: Redis ${{ matrix.redis-version }}; Python ${{ matrix.python-version }}; RESP Parser:${{matrix.parser-backend}} (${{ matrix.hiredis-version }}); EL:${{matrix.event-loop}} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Run tests | |
uses: ./.github/actions/run-tests | |
with: | |
python-version: ${{ matrix.python-version }} | |
parser-backend: ${{ matrix.parser-backend }} | |
redis-version: ${{ matrix.redis-version }} | |
hiredis-version: ${{ matrix.hiredis-version }} | |
uvloop-tests: | |
runs-on: ubuntu-latest | |
needs: [redis_version, tests] | |
timeout-minutes: 60 | |
strategy: | |
max-parallel: 15 | |
fail-fast: false | |
matrix: | |
redis-version: [ '${{ needs.redis_version.outputs.CURRENT }}' ] | |
python-version: [ '3.8', '3.12' ] | |
parser-backend: [ 'plain' ] | |
event-loop: [ 'uvloop' ] | |
env: | |
ACTIONS_ALLOW_UNSECURE_COMMANDS: true | |
name: Redis ${{ matrix.redis-version }}; Python ${{ matrix.python-version }}; RESP Parser:${{matrix.parser-backend}}; EL:${{matrix.event-loop}} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Run tests | |
uses: ./.github/actions/run-tests | |
with: | |
python-version: ${{ matrix.python-version }} | |
parser-backend: ${{ matrix.parser-backend }} | |
redis-version: ${{ matrix.redis-version }} | |
event-loop: ${{ matrix.event-loop }} | |
build-and-test-package: | |
name: Validate building and installing the package | |
runs-on: ubuntu-latest | |
needs: [tests] | |
strategy: | |
fail-fast: false | |
matrix: | |
extension: ['tar.gz', 'whl'] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: 3.9 | |
- name: Run installed unit tests | |
env: | |
REDIS_VERSION: ${{ env.CURRENT_REDIS_VERSION }} | |
REDIS_IMAGE: "redis:${{ env.CURRENT_REDIS_VERSION }}" | |
CLIENT_LIBS_TEST_IMAGE: "redislabs/client-libs-test:${{ env.CURRENT_REDIS_VERSION }}" | |
run: | | |
bash .github/workflows/install_and_test.sh ${{ matrix.extension }} | |
install-package-from-commit: | |
name: Install package from commit hash | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12', 'pypy-3.9', 'pypy-3.10'] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
cache: 'pip' | |
- name: install from pip | |
run: | | |
pip install --quiet git+${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git@${GITHUB_SHA} |