[Snyk] Security upgrade python from 3.13.0b2-slim to 3.13.0rc2-slim #28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: AutoGPT Python CI | |
on: | |
push: | |
branches: [ master, development, ci-test* ] | |
paths: | |
- '.github/workflows/autogpt-ci.yml' | |
- 'autogpts/autogpt/**' | |
- '!autogpts/autogpt/tests/vcr_cassettes' | |
pull_request: | |
branches: [ master, development, release-* ] | |
paths: | |
- '.github/workflows/autogpt-ci.yml' | |
- 'autogpts/autogpt/**' | |
- '!autogpts/autogpt/tests/vcr_cassettes' | |
concurrency: | |
group: ${{ format('autogpt-ci-{0}', github.head_ref && format('{0}-{1}', github.event_name, github.event.pull_request.number) || github.sha) }} | |
cancel-in-progress: ${{ startsWith(github.event_name, 'pull_request') }} | |
defaults: | |
run: | |
working-directory: autogpts/autogpt | |
jobs: | |
lint: | |
runs-on: ubuntu-latest | |
env: | |
min-python-version: "3.10" | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Set up Python ${{ env.min-python-version }} | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ env.min-python-version }} | |
- id: get_date | |
name: Get date | |
run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT | |
- name: Set up Python dependency cache | |
uses: actions/cache@v3 | |
with: | |
path: ~/.cache/pypoetry | |
key: ${{ runner.os }}-poetry-${{ hashFiles('autogpts/autogpt/pyproject.toml') }}-${{ steps.get_date.outputs.date }} | |
- name: Install Python dependencies | |
run: | | |
curl -sSL https://install.python-poetry.org | python3 - | |
poetry install | |
- name: Lint with flake8 | |
run: poetry run flake8 | |
- name: Check black formatting | |
run: poetry run black . --check | |
if: success() || failure() | |
- name: Check isort formatting | |
run: poetry run isort . --check | |
if: success() || failure() | |
# - name: Check mypy formatting | |
# run: poetry run mypy | |
# if: success() || failure() | |
# - name: Check for unused imports and pass statements | |
# run: | | |
# cmd="autoflake --remove-all-unused-imports --recursive --ignore-init-module-imports --ignore-pass-after-docstring autogpt tests" | |
# poetry run $cmd --check || (echo "You have unused imports or pass statements, please run '${cmd} --in-place'" && exit 1) | |
test: | |
permissions: | |
contents: read | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
strategy: | |
matrix: | |
python-version: ["3.10"] | |
services: | |
minio: | |
image: minio/minio:edge-cicd | |
ports: | |
- 9000:9000 | |
options: > | |
--health-interval=10s --health-timeout=5s --health-retries=3 | |
--health-cmd="curl -f http://localhost:9000/minio/health/live" | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
submodules: true | |
- name: Configure git user Auto-GPT-Bot | |
run: | | |
git config --global user.name "Auto-GPT-Bot" | |
git config --global user.email "[email protected]" | |
- name: Checkout cassettes | |
if: ${{ startsWith(github.event_name, 'pull_request') }} | |
env: | |
PR_BASE: ${{ github.event.pull_request.base.ref }} | |
PR_BRANCH: ${{ github.event.pull_request.head.ref }} | |
PR_AUTHOR: ${{ github.event.pull_request.user.login }} | |
run: | | |
cassette_branch="${PR_AUTHOR}-${PR_BRANCH}" | |
cassette_base_branch="${PR_BASE}" | |
cd tests/vcr_cassettes | |
if ! git ls-remote --exit-code --heads origin $cassette_base_branch ; then | |
cassette_base_branch="master" | |
fi | |
if git ls-remote --exit-code --heads origin $cassette_branch ; then | |
git fetch origin $cassette_branch | |
git fetch origin $cassette_base_branch | |
git checkout $cassette_branch | |
# Pick non-conflicting cassette updates from the base branch | |
git merge --no-commit --strategy-option=ours origin/$cassette_base_branch | |
echo "Using cassettes from mirror branch '$cassette_branch'," \ | |
"synced to upstream branch '$cassette_base_branch'." | |
else | |
git checkout -b $cassette_branch | |
echo "Branch '$cassette_branch' does not exist in cassette submodule." \ | |
"Using cassettes from '$cassette_base_branch'." | |
fi | |
- name: Set up Python ${{ matrix.python-version }} | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- id: get_date | |
name: Get date | |
run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT | |
- name: Set up Python dependency cache | |
uses: actions/cache@v3 | |
with: | |
path: ~/.cache/pypoetry | |
key: ${{ runner.os }}-poetry-${{ hashFiles('autogpts/autogpt/pyproject.toml') }}-${{ steps.get_date.outputs.date }} | |
- name: Install Python dependencies | |
run: | | |
curl -sSL https://install.python-poetry.org | python3 - | |
poetry install | |
- name: Run pytest with coverage | |
run: | | |
poetry run pytest -vv \ | |
--cov=autogpt --cov-branch --cov-report term-missing --cov-report xml \ | |
--numprocesses=logical --durations=10 \ | |
tests/unit tests/integration | |
env: | |
CI: true | |
PLAIN_OUTPUT: True | |
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} | |
S3_ENDPOINT_URL: http://localhost:9000 | |
AWS_ACCESS_KEY_ID: minioadmin | |
AWS_SECRET_ACCESS_KEY: minioadmin | |
- name: Upload coverage reports to Codecov | |
uses: codecov/codecov-action@v3 | |
- id: setup_git_auth | |
name: Set up git token authentication | |
# Cassettes may be pushed even when tests fail | |
if: success() || failure() | |
run: | | |
config_key="http.${{ github.server_url }}/.extraheader" | |
base64_pat=$(echo -n "pat:${{ secrets.PAT_REVIEW }}" | base64 -w0) | |
git config "$config_key" \ | |
"Authorization: Basic $base64_pat" | |
cd tests/vcr_cassettes | |
git config "$config_key" \ | |
"Authorization: Basic $base64_pat" | |
echo "config_key=$config_key" >> $GITHUB_OUTPUT | |
- id: push_cassettes | |
name: Push updated cassettes | |
# For pull requests, push updated cassettes even when tests fail | |
if: github.event_name == 'push' || (! github.event.pull_request.head.repo.fork && (success() || failure())) | |
env: | |
PR_BRANCH: ${{ github.event.pull_request.head.ref }} | |
PR_AUTHOR: ${{ github.event.pull_request.user.login }} | |
run: | | |
if [ "${{ startsWith(github.event_name, 'pull_request') }}" = "true" ]; then | |
is_pull_request=true | |
cassette_branch="${PR_AUTHOR}-${PR_BRANCH}" | |
else | |
cassette_branch="${{ github.ref_name }}" | |
fi | |
cd tests/vcr_cassettes | |
# Commit & push changes to cassettes if any | |
if ! git diff --quiet; then | |
git add . | |
git commit -m "Auto-update cassettes" | |
git push origin HEAD:$cassette_branch | |
if [ ! $is_pull_request ]; then | |
cd ../.. | |
git add tests/vcr_cassettes | |
git commit -m "Update cassette submodule" | |
git push origin HEAD:$cassette_branch | |
fi | |
echo "updated=true" >> $GITHUB_OUTPUT | |
else | |
echo "updated=false" >> $GITHUB_OUTPUT | |
echo "No cassette changes to commit" | |
fi | |
- name: Post Set up git token auth | |
if: steps.setup_git_auth.outcome == 'success' | |
run: | | |
git config --unset-all '${{ steps.setup_git_auth.outputs.config_key }}' | |
git submodule foreach git config --unset-all '${{ steps.setup_git_auth.outputs.config_key }}' | |
- name: Apply "behaviour change" label and comment on PR | |
if: ${{ startsWith(github.event_name, 'pull_request') }} | |
run: | | |
PR_NUMBER="${{ github.event.pull_request.number }}" | |
TOKEN="${{ secrets.PAT_REVIEW }}" | |
REPO="${{ github.repository }}" | |
if [[ "${{ steps.push_cassettes.outputs.updated }}" == "true" ]]; then | |
echo "Adding label and comment..." | |
echo $TOKEN | gh auth login --with-token | |
gh issue edit $PR_NUMBER --add-label "behaviour change" | |
gh issue comment $PR_NUMBER --body "You changed AutoGPT's behaviour. The cassettes have been updated and will be merged to the submodule when this Pull Request gets merged." | |
fi | |
- name: Upload logs to artifact | |
if: always() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: test-logs | |
path: autogpts/autogpt/logs/ |