diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index e3cbafc756..1b6d2c748e 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -22,7 +22,7 @@ jobs: security-events: write # for github/codeql-action/autobuild to send a status report name: Analyze runs-on: ubuntu-latest - timeout-minutes: 12 + timeout-minutes: 15 strategy: fail-fast: false @@ -30,16 +30,12 @@ jobs: language: [ 'python' ] steps: - - name: Checkout repository - uses: actions/checkout@master - + - uses: actions/checkout@v6 - name: Initialize CodeQL uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} - - name: Autobuild uses: github/codeql-action/autobuild@v3 - - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/depsreview.yaml b/.github/workflows/depsreview.yaml index cfd4e8de44..26958ac754 100644 --- a/.github/workflows/depsreview.yaml +++ b/.github/workflows/depsreview.yaml @@ -1,9 +1,8 @@ -name: 'Dependency Review' +name: Dependency Review on: pull_request: - branches: - - trunk + branches: [ trunk ] permissions: contents: read # for actions/checkout to fetch code @@ -16,12 +15,11 @@ jobs: dependency-review: name: Dependency Review runs-on: ubuntu-latest + timeout-minutes: 15 steps: - - name: 'Checkout Repository' - uses: actions/checkout@v4 - - - name: 'Dependency Review' + - uses: actions/checkout@v6 + - name: Dependency Review uses: actions/dependency-review-action@v4 # TODO: We really want one check for direct prod dependencies where we # only allows ASF, MIT, BSD and nother one for testing / dev diff --git a/.github/workflows/install_test.yml b/.github/workflows/install-tests.yml similarity index 72% rename from .github/workflows/install_test.yml rename to .github/workflows/install-tests.yml index 7a2a0dd2d7..32dae1c8b9 100644 --- a/.github/workflows/install_test.yml +++ b/.github/workflows/install-tests.yml @@ -13,36 +13,27 @@ permissions: jobs: install_and_verify: name: Install - runs-on: ${{ matrix.os }} - timeout-minutes: 2 + runs-on: ubuntu-latest + timeout-minutes: 5 strategy: fail-fast: false matrix: - os: - - "ubuntu-latest" python_version: - - 3.7 - - 3.8 - - 3.9 + - "3.6" + - "3.7" + - "3.8" + - "3.9" - "3.10" - "3.11" - "pypy-3.7" - "pypy-3.8" - "pypy-3.9" - include: - # python 3.6 is not supported with ubuntu-latest anymore so we need to - # use ubuntu 20.04 - - python_version: 3.6 - os: ubuntu-20.04 steps: - - uses: actions/checkout@master - with: - fetch-depth: 1 - + - uses: actions/checkout@v6 - name: Use Python ${{ matrix.python_version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ matrix.python_version }} @@ -58,13 +49,10 @@ jobs: verify_checksums: name: Verify Artifacts Checksum runs-on: ubuntu-latest - timeout-minutes: 2 + timeout-minutes: 5 steps: - - uses: actions/checkout@master - with: - fetch-depth: 1 - + - uses: actions/checkout@v6 - name: Verify Checksums run: | LAST_STABLE_VERSION=$(curl -s --fail https://pypi.org/pypi/apache-libcloud/json | jq ".releases | to_entries | last | .key" -r) diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index f2140c7a55..f8ddd815c5 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -4,11 +4,9 @@ name: Integration Tests on: push: - branches: - - trunk + branches: [ trunk ] pull_request: - branches: - - trunk + branches: [ trunk ] schedule: - cron: '0 1 * * *' @@ -32,15 +30,12 @@ jobs: strategy: matrix: - python_version: [3.9] + python_version: [ 3.9 ] steps: - - uses: actions/checkout@master - with: - fetch-depth: 1 - + - uses: actions/checkout@v6 - name: Use Python ${{ matrix.python_version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ matrix.python_version }} @@ -50,7 +45,7 @@ jobs: sudo DEBIAN_FRONTEND=noninteractive apt-get install -yq gcc libvirt-dev - name: Cache Python Dependencies - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('requirements-tests.txt', 'integration/storage/requirements.txt') }} diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 48a51f35d9..f08def1dcc 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -44,12 +44,9 @@ jobs: - ubuntu-latest steps: - - uses: actions/checkout@master - with: - fetch-depth: 1 - + - uses: actions/checkout@v6 - name: Use Python ${{ matrix.python_version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ matrix.python_version }} @@ -59,7 +56,7 @@ jobs: sudo DEBIAN_FRONTEND=noninteractive apt-get install -yq gcc libvirt-dev - name: Cache Python Dependencies - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('requirements-tests.txt', '') }} @@ -67,17 +64,14 @@ jobs: ${{ runner.os }}-pip- - name: Install Python Dependencies - run: | - pip install -r requirements-ci.txt + run: pip install -r requirements-ci.txt - name: Run unit tests tox target - run: | - tox -e py${{ matrix.python_version }} + run: tox -e py${{ matrix.python_version }} - name: Run dist install checks tox target if: ${{ matrix.python_version != 'pypy-3.9' && matrix.python_version != 'pypy-3.10' }} - run: | - tox -e py${{ matrix.python_version }}-dist,py${{ matrix.python_version }}-dist-wheel + run: tox -e py${{ matrix.python_version }}-dist,py${{ matrix.python_version }}-dist-wheel code_coverage: name: Generate Code Coverage @@ -85,15 +79,12 @@ jobs: strategy: matrix: - python_version: [3.9] + python_version: [ 3.9 ] steps: - - uses: actions/checkout@master - with: - fetch-depth: 1 - + - uses: actions/checkout@v6 - name: Use Python ${{ matrix.python_version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ matrix.python_version }} @@ -103,7 +94,7 @@ jobs: sudo DEBIAN_FRONTEND=noninteractive apt-get install -yq graphviz gcc libvirt-dev - name: Cache Python Dependencies - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('requirements-tests.txt') }} @@ -111,12 +102,10 @@ jobs: ${{ runner.os }}-pip- - name: Install Python Dependencies - run: | - pip install -r requirements-ci.txt + run: pip install -r requirements-ci.txt - name: Run Checks - run: | - tox -e coverage-ci + run: tox -e coverage-ci - name: Upload Coverage to codecov.io uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0 @@ -133,15 +122,12 @@ jobs: strategy: matrix: - python_version: [3.9] + python_version: [ 3.9 ] steps: - - uses: actions/checkout@master - with: - fetch-depth: 1 - + - uses: actions/checkout@v6 - name: Use Python ${{ matrix.python_version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ matrix.python_version }} @@ -151,7 +137,7 @@ jobs: sudo DEBIAN_FRONTEND=noninteractive apt-get install -yq graphviz gcc libvirt-dev - name: Cache Python Dependencies - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('requirements-lint.txt') }} @@ -159,16 +145,13 @@ jobs: ${{ runner.os }}-pip- - name: Install Python Dependencies - run: | - pip install -r requirements-ci.txt + run: pip install -r requirements-ci.txt - name: Run shellcheck - run: | - shellcheck dist/*.sh contrib/*.sh + run: shellcheck dist/*.sh contrib/*.sh - name: Run Python Checks - run: | - tox -e black-check,isort-check,pyupgrade,checks,import-timings,lint,pylint,mypy + run: tox -e black-check,isort-check,pyupgrade,checks,import-timings,lint,pylint,mypy build_test_release_artifact: name: Build and Test Release Artifact @@ -176,20 +159,17 @@ jobs: strategy: matrix: - python_version: [3.9] + python_version: [ 3.9 ] steps: - - uses: actions/checkout@master - with: - fetch-depth: 1 - + - uses: actions/checkout@v6 - name: Use Python ${{ matrix.python_version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ matrix.python_version }} - name: Cache Python Dependencies - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('requirements-lint.txt') }} @@ -253,17 +233,12 @@ jobs: strategy: matrix: - python_version: [3.9] + python_version: [ 3.9 ] steps: - - uses: actions/checkout@master - with: - fetch-depth: 1 - + - uses: actions/checkout@v6 - name: Build Testing Docker Image - run: | - docker build -f contrib/Dockerfile -t libcloud_runtest_img . - + run: docker build -f contrib/Dockerfile -t libcloud_runtest_img . - name: Verify Image Works # This step runs checks under various Python versions and it's slow so # we only run it on nightly basis @@ -273,29 +248,26 @@ jobs: security_checks: name: Run Security Checks - runs-on: ubuntu-20.04 + runs-on: ubuntu-latest strategy: matrix: - python_version: [3.9] + python_version: [ "3.10" ] steps: - - uses: actions/checkout@master - with: - fetch-depth: 1 - + - uses: actions/checkout@v6 - name: Install OS / deb dependencies run: | sudo DEBIAN_FRONTEND=noninteractive apt-get update sudo DEBIAN_FRONTEND=noninteractive apt-get install -yq gcc libvirt-dev - name: Use Python ${{ matrix.python_version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ matrix.python_version }} - name: Cache Python Dependencies - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('requirements-lint.txt') }} @@ -303,13 +275,13 @@ jobs: ${{ runner.os }}-pip- - name: Install Python Dependencies - run: | - pip install -r requirements-ci.txt + run: pip install -r requirements-ci.txt - name: Install Library Into Virtualenv run: | python -m venv venv/ source venv/bin/activate + python -m pip install --upgrade pip python -m pip install . - name: Run Pip Audit Check On Main Library Dependencies @@ -324,8 +296,7 @@ jobs: PYSEC-2023-228 - name: Cleanup - run: | - rm -rf venv/ || true + run: rm -rf venv/ || true - name: Run Pip Audit Check On All Development And Test Dependencies uses: ./.github/actions/gh-action-pip-audit/ # v1.0.0 @@ -336,8 +307,7 @@ jobs: GHSA-r9hx-vwmv-q579 - name: Run Bandit Check - run: | - tox -e bandit + run: tox -e bandit micro-benchmarks: name: Micro Benchmarks @@ -345,15 +315,12 @@ jobs: strategy: matrix: - python_version: [3.9] + python_version: [ 3.9 ] steps: - - uses: actions/checkout@master - with: - fetch-depth: 1 - + - uses: actions/checkout@v6 - name: Use Python ${{ matrix.python_version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ matrix.python_version }} @@ -363,7 +330,7 @@ jobs: sudo DEBIAN_FRONTEND=noninteractive apt-get install -yq graphviz gcc libvirt-dev - name: Cache Python Dependencies - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('requirements-tests.txt') }} @@ -371,12 +338,10 @@ jobs: ${{ runner.os }}-pip- - name: Install Python Dependencies - run: | - pip install -r requirements-ci.txt + run: pip install -r requirements-ci.txt - name: Run Micro Benchmarks - run: | - tox -e micro-benchmarks + run: tox -e micro-benchmarks docs: name: Build and upload Documentation @@ -384,30 +349,25 @@ jobs: strategy: matrix: - python_version: [3.9] + python_version: [ 3.9 ] steps: - - name: Print Environment Info - id: printenv - run: | - printenv | sort - - - uses: actions/checkout@master - with: - fetch-depth: 1 - + - uses: actions/checkout@v6 - name: Use Python ${{ matrix.python_version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ matrix.python_version }} + - name: Print Environment Info + run: printenv | sort + - name: Install OS / deb dependencies run: | sudo DEBIAN_FRONTEND=noninteractive apt-get update sudo DEBIAN_FRONTEND=noninteractive apt-get install -yq graphviz gcc libvirt-dev - name: Cache Python Dependencies - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('requirements-docs.txt') }} @@ -415,12 +375,10 @@ jobs: ${{ runner.os }}-pip- - name: Install Python Dependencies - run: | - pip install -r requirements-ci.txt + run: pip install -r requirements-ci.txt - name: Build Docs - run: | - tox -e docs + run: tox -e docs - name: Trigger ReadTheDocs build if: ${{ github.ref_name == 'trunk' }} diff --git a/.github/workflows/publish_dev_artifact.yml b/.github/workflows/publish_dev_artifact.yml index 9c2e12a263..f8e1f31a33 100644 --- a/.github/workflows/publish_dev_artifact.yml +++ b/.github/workflows/publish_dev_artifact.yml @@ -23,20 +23,14 @@ jobs: timeout-minutes: 5 steps: - - name: Print Environment Info - id: printenv - run: | - printenv | sort - - - uses: actions/checkout@master - with: - fetch-depth: 1 - + - uses: actions/checkout@v6 - name: Use Python ${{ matrix.python_version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: 3.9 + - name: Print Environment Info + run: printenv | sort - name: Install Dependencies run: | pip install --upgrade pip @@ -52,7 +46,7 @@ jobs: ls -la dist | grep .whl - name: Store dev artifacts - .tar.gz - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v6 with: name: libcloud-dev-tarball retention-days: 60 @@ -61,7 +55,7 @@ jobs: dist/*.tar.gz - name: Store dev artifacts - .whl - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v6 with: name: libcloud-dev-wheel retention-days: 60 diff --git a/.github/workflows/publish_pricing_to_s3.yml b/.github/workflows/publish_pricing_to_s3.yml index 681acc8505..fc8e44204b 100644 --- a/.github/workflows/publish_pricing_to_s3.yml +++ b/.github/workflows/publish_pricing_to_s3.yml @@ -17,34 +17,27 @@ jobs: strategy: matrix: - python_version: [3.9] + python_version: [ 3.9 ] steps: - - name: Print Environment Info - id: printenv - run: | - printenv | sort - - - uses: actions/checkout@master - with: - fetch-depth: 1 - + - uses: actions/checkout@v6 - name: Use Python ${{ matrix.python_version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ matrix.python_version }} + - name: Print Environment Info + run: printenv | sort + - name: Install Python Dependencies - run: | - pip install -r requirements-ci.txt + run: pip install -r requirements-ci.txt - name: Generate and publish pricing data env: GCE_API_KEY: ${{ secrets.GCE_API_KEY }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_ACCESS_KEY_SECRET: ${{ secrets.AWS_ACCESS_KEY_SECRET }} - run: | - script -e -c "tox -escrape-and-publish-provider-prices" + run: script -e -c "tox -escrape-and-publish-provider-prices" - name: Verify files can be downloaded # Verify that the permissions are correct and files can be downloaded publicly diff --git a/tox.ini b/tox.ini index 7c2ebbb491..d6288b5479 100644 --- a/tox.ini +++ b/tox.ini @@ -27,9 +27,9 @@ basepython = pypypy3.10: pypy3.10 pypypy-3.10: pypy3.10 pypyjion: pyjion - {docs,checks,black,black-check,lint,pylint,bandit,mypy,micro-benchmarks,coverage,import-timings,isort,isort-check,pyupgrade}: python3.9 + {docs,checks,black,black-check,lint,pylint,mypy,micro-benchmarks,coverage,import-timings,isort,isort-check,pyupgrade}: python3.9 {py3.9,py3.9-dist,py3.9-dist-wheel,py3.9-windows,integration-storage}: python3.9 - {py3.10,py3.10-dist,py3.10-dist-wheel}: python3.10 + {py3.10,py3.10-dist,py3.10-dist-wheel,bandit}: python3.10 {py3.11,py3.11-dist,py3.11-dist-wheel}: python3.11 {py3.12,py3.12-dist,py3.12-dist-wheel}: python3.12 {py3.13-dev,py3.13-dev-dist,py3.13-dev-dist-wheel}: python3.13