Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 2 additions & 3 deletions .github/workflows/changelog.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,12 +24,11 @@ jobs:
-o "$HOME/.local/bin/changelogs"
echo "d4168ee68b612224a26a39e86bfd2c923ac3dd2de12ee43d2bb65a5ea19df6b6 $HOME/.local/bin/changelogs" | sha256sum -c
chmod +x "$HOME/.local/bin/changelogs"
- name: Install Claude CLI
run: npm install -g @anthropic-ai/claude-code@2.1.97
- name: Generate changelog
env:
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
BASE_REF: ${{ github.base_ref }}
CLAUDE: npx -y @anthropic-ai/claude-code@2.1.97 --bare -p
run: |
rm -rf .claude/
CHANGED=$(git diff --name-only "origin/${BASE_REF}...HEAD")
Expand All @@ -38,7 +37,7 @@ jobs:
echo "No code changes requiring changelog, skipping"
exit 0
fi
~/.local/bin/changelogs add --ecosystem python --ai "claude --bare -p" --ref "origin/${BASE_REF}"
~/.local/bin/changelogs add --ecosystem python --ai "$CLAUDE" --ref "origin/${BASE_REF}"
- name: Commit changelog
env:
GH_TOKEN: ${{ github.token }}
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ jobs:

- name: Add venv to PATH
if: matrix.python-version == '3.12'
run: echo "$PWD/.venv/bin" >> $GITHUB_PATH
run: echo "$PWD/.venv/bin" >> "$GITHUB_PATH"

- name: Type check
if: matrix.python-version == '3.12'
Expand All @@ -74,11 +74,11 @@ jobs:
env:
PYTHON_VERSION: ${{ matrix.python-version }}
run: |
COV_REPORTS="--cov-report=term-missing"
cov_reports=(--cov-report=term-missing)
if [[ "$PYTHON_VERSION" == "3.12" ]]; then
COV_REPORTS="$COV_REPORTS --cov-report=xml:coverage.xml --cov-report=html:htmlcov"
cov_reports+=(--cov-report=xml:coverage.xml --cov-report=html:htmlcov)
fi
uv run pytest -v --cov=mpp $COV_REPORTS --cov-fail-under=90
uv run pytest -v --cov=mpp "${cov_reports[@]}" --cov-fail-under=90

- name: Upload coverage artifacts
if: always() && matrix.python-version == '3.12'
Expand Down Expand Up @@ -115,7 +115,7 @@ jobs:
- name: Resolve Tempo image digest
id: tempo-digest
run: |
digest=$(docker buildx imagetools inspect ghcr.io/tempoxyz/tempo:${TEMPO_TAG} --raw | sha256sum | cut -d' ' -f1)
digest=$(docker buildx imagetools inspect "ghcr.io/tempoxyz/tempo:${TEMPO_TAG}" --raw | sha256sum | cut -d' ' -f1)
echo "digest=${digest}" >> "$GITHUB_OUTPUT"

- name: Cache Tempo Docker image
Expand All @@ -132,8 +132,8 @@ jobs:
- name: Pull and cache Tempo image
if: steps.docker-cache.outputs.cache-hit != 'true'
run: |
docker pull ghcr.io/tempoxyz/tempo:${TEMPO_TAG}
docker save ghcr.io/tempoxyz/tempo:${TEMPO_TAG} -o /tmp/tempo-image.tar
docker pull "ghcr.io/tempoxyz/tempo:${TEMPO_TAG}"
docker save "ghcr.io/tempoxyz/tempo:${TEMPO_TAG}" -o /tmp/tempo-image.tar

- name: Start Tempo devnet and Redis
run: docker compose up -d --wait
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/conformance.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ concurrency:

jobs:
conformance-policy:
uses: tempoxyz/mpp-tools/.github/workflows/sdk-conformance-policy.yml@main
uses: tempoxyz/mpp-tools/.github/workflows/sdk-conformance-policy.yml@924710544d534332220d164bfa5747340bb85f93
with:
protocol-paths: |
src/**
Expand All @@ -31,7 +31,7 @@ jobs:

conformance:
needs: conformance-policy
uses: tempoxyz/mpp-tools/.github/workflows/sdk-conformance.yml@main
uses: tempoxyz/mpp-tools/.github/workflows/sdk-conformance.yml@924710544d534332220d164bfa5747340bb85f93
with:
adapter: python
conformance-ref: ${{ needs.conformance-policy.outputs.conformance_ref }}
3 changes: 2 additions & 1 deletion .github/workflows/pr-audit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,8 @@ jobs:
echo "$EVENTS_KEY" > "$RUNNER_TEMP/key"
echo "$EVENTS_CERT" > "$RUNNER_TEMP/cert"

curl -sf -o /dev/null -X POST ${EVENTS_ARGS} \
read -r -a events_args <<< "${EVENTS_ARGS:-}"
curl -sf -o /dev/null -X POST "${events_args[@]}" \
-H "Content-Type: application/json" \
--key "$RUNNER_TEMP/key" \
--cert "$RUNNER_TEMP/cert" \
Expand Down
24 changes: 24 additions & 0 deletions .github/workflows/scan-github-actions.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
name: Scan GitHub Actions

on:
pull_request:
paths:
- ".github/**"
push:
branches:
- main
paths:
- ".github/**"
workflow_dispatch:
schedule:
- cron: "19 7 * * 1"

permissions: {}

jobs:
scan:
name: Scan GitHub Actions
uses: tempoxyz/gh-actions/.github/workflows/scan-github-actions.yml@512158c4e90e42eef8aa7fc3fc3186a79b5b4648
permissions:
actions: read
contents: read