From 065807fa7c6e21d336f2317b633a5ed89a9e2fe0 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Tue, 2 Sep 2025 13:27:42 +0200 Subject: [PATCH 1/6] ci: test slow and timing Signed-off-by: Jan Kowalleck --- .github/workflows/docker.yml | 18 +++++++++++++++++- .github/workflows/python.yml | 14 ++++---------- .github/workflows/release.yml | 23 ++++++++++++++++++++--- tox.ini | 2 +- 4 files changed, 42 insertions(+), 15 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 24727b99..7d252ef9 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -1,3 +1,20 @@ +# This file is part of CycloneDX Python +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + # For details of what checks are run for PRs please refer below # docs: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions @@ -41,7 +58,6 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ env.PYTHON_VERSION }} - architecture: 'x64' - name: Setup poetry ${{ env.POETRY_VERSION }} # see https://github.com/marketplace/actions/setup-poetry uses: Gr1N/setup-poetry@v9 diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index 06aa6488..a55c9cd7 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -1,5 +1,3 @@ -# encoding: utf-8 - # This file is part of CycloneDX Python # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -17,6 +15,9 @@ # SPDX-License-Identifier: Apache-2.0 # Copyright (c) OWASP Foundation. All Rights Reserved. +# For details of what checks are run for PRs please refer below +# docs: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions + name: Python CI on: @@ -57,7 +58,6 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ env.PYTHON_VERSION_DEFAULT }} - architecture: 'x64' - name: Install poetry # see https://github.com/marketplace/actions/setup-poetry uses: Gr1N/setup-poetry@v9 @@ -81,7 +81,6 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ env.PYTHON_VERSION_DEFAULT }} - architecture: 'x64' - name: Install poetry # see https://github.com/marketplace/actions/setup-poetry uses: Gr1N/setup-poetry@v9 @@ -105,7 +104,6 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ env.PYTHON_VERSION_DEFAULT }} - architecture: 'x64' - name: Install poetry # see https://github.com/marketplace/actions/setup-poetry uses: Gr1N/setup-poetry@v9 @@ -139,7 +137,6 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - architecture: 'x64' - name: Install poetry # see https://github.com/marketplace/actions/setup-poetry uses: Gr1N/setup-poetry@v9 @@ -163,7 +160,6 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ env.PYTHON_VERSION_DEFAULT }} - architecture: 'x64' - name: Install poetry # see https://github.com/marketplace/actions/setup-poetry uses: Gr1N/setup-poetry@v9 @@ -197,7 +193,6 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ env.PYTHON_VERSION_DEFAULT }} - architecture: 'x64' - name: Install self run: pip install . - name: run command @@ -206,7 +201,7 @@ jobs: build-and-test: name: Test (${{ matrix.os }} py${{ matrix.python-version }}) runs-on: ${{ matrix.os }} - timeout-minutes: 10 + timeout-minutes: 30 strategy: fail-fast: false matrix: @@ -241,7 +236,6 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - architecture: 'x64' - name: Install poetry # see https://github.com/marketplace/actions/setup-poetry uses: Gr1N/setup-poetry@v9 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ebd3062f..67911654 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,3 +1,23 @@ +# This file is part of CycloneDX Python +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + +# For details of what checks are run for PRs please refer below +# docs: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions + name: Release on: @@ -57,7 +77,6 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ env.PYTHON_VERSION_DEFAULT }} - architecture: 'x64' - name: Install poetry # see https://github.com/marketplace/actions/setup-poetry uses: Gr1N/setup-poetry@v9 @@ -81,7 +100,6 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ env.PYTHON_VERSION_DEFAULT }} - architecture: 'x64' - name: Install poetry # see https://github.com/marketplace/actions/setup-poetry uses: Gr1N/setup-poetry@v9 @@ -122,7 +140,6 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ env.PYTHON_VERSION_DEFAULT }} - architecture: 'x64' - name: Install and configure Poetry # See https://github.com/marketplace/actions/install-poetry-action uses: snok/install-poetry@v1 diff --git a/tox.ini b/tox.ini index 8ac56a82..c10c07ac 100644 --- a/tox.ini +++ b/tox.ini @@ -26,7 +26,7 @@ commands_pre = poetry install --no-root -v poetry run pip freeze commands = - poetry run coverage run --source=cyclonedx_py -m unittest discover -t . -s tests -v + poetry run coverage run --source=cyclonedx_py -m unittest discover -t . -s tests -v --durations=0 setenv = PYTHONHASHSEED=0 CDX_TEST_RECREATE_SNAPSHOTS={env:CDX_TEST_RECREATE_SNAPSHOTS:} From c58a43c4d6b7b69437ead3d0e6330836f0c56ae5 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Tue, 2 Sep 2025 14:10:37 +0200 Subject: [PATCH 2/6] wip Signed-off-by: Jan Kowalleck --- .github/workflows/python.yml | 13 ++++++++++++- tox.ini | 2 +- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index a55c9cd7..7197b290 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -223,8 +223,10 @@ jobs: include: - os: macos-13 python-version: "3.10" + unittest-args: [] - os: macos-13 python-version: "3.9" + unittest-args: [] steps: - name: Checkout # see https://github.com/actions/checkout @@ -236,6 +238,15 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} + - name: craft PY_UT_ARGS + shell: python + run: |- + import sys + PY_UT_ARGS=[] + if sys.version_info >= (3, 12): + PY_UT_ARGS.append('--durations=0') + with open(os.environ['GITHUB_ENV'], 'a') as env_file: + env_file.write(f'PY_UT_ARGS=${" ".join(PY_UT_ARGS)}\n') - name: Install poetry # see https://github.com/marketplace/actions/setup-poetry uses: Gr1N/setup-poetry@v9 @@ -246,7 +257,7 @@ jobs: - name: Ensure build successful run: poetry build - name: Run tox - run: poetry run tox r -e py -s false + run: poetry run -- tox r -e py -s false -- $PY_UT_ARGS - name: Generate coverage reports if: ${{ failure() || success() }} shell: bash diff --git a/tox.ini b/tox.ini index c10c07ac..1400b886 100644 --- a/tox.ini +++ b/tox.ini @@ -26,7 +26,7 @@ commands_pre = poetry install --no-root -v poetry run pip freeze commands = - poetry run coverage run --source=cyclonedx_py -m unittest discover -t . -s tests -v --durations=0 + poetry run coverage run --source=cyclonedx_py -m unittest discover -t . -s tests -v {posargs} setenv = PYTHONHASHSEED=0 CDX_TEST_RECREATE_SNAPSHOTS={env:CDX_TEST_RECREATE_SNAPSHOTS:} From 335fc5eb985f030499b9920f27651a3f013a6704 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Tue, 2 Sep 2025 14:13:11 +0200 Subject: [PATCH 3/6] wip Signed-off-by: Jan Kowalleck --- .github/workflows/python.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index 7197b290..5f4a2919 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -241,7 +241,7 @@ jobs: - name: craft PY_UT_ARGS shell: python run: |- - import sys + import sys, os PY_UT_ARGS=[] if sys.version_info >= (3, 12): PY_UT_ARGS.append('--durations=0') From dc0e56c9289a2ad72fdcf519cfa0106bf7374f77 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Tue, 2 Sep 2025 14:14:30 +0200 Subject: [PATCH 4/6] wip Signed-off-by: Jan Kowalleck --- .github/workflows/python.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index 5f4a2919..23bf0872 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -201,7 +201,7 @@ jobs: build-and-test: name: Test (${{ matrix.os }} py${{ matrix.python-version }}) runs-on: ${{ matrix.os }} - timeout-minutes: 30 + timeout-minutes: 180 strategy: fail-fast: false matrix: From 9fceb876b6bda84a07fb9a31eaebf75d6aab351b Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Tue, 2 Sep 2025 14:36:16 +0200 Subject: [PATCH 5/6] wip Signed-off-by: Jan Kowalleck --- .github/workflows/python.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index 23bf0872..7e604461 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -246,7 +246,7 @@ jobs: if sys.version_info >= (3, 12): PY_UT_ARGS.append('--durations=0') with open(os.environ['GITHUB_ENV'], 'a') as env_file: - env_file.write(f'PY_UT_ARGS=${" ".join(PY_UT_ARGS)}\n') + env_file.write(f'PY_UT_ARGS={" ".join(PY_UT_ARGS)}\n') - name: Install poetry # see https://github.com/marketplace/actions/setup-poetry uses: Gr1N/setup-poetry@v9 From 6671074bb886abbcd0076a130db89febd8adc350 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Tue, 2 Sep 2025 17:22:21 +0200 Subject: [PATCH 6/6] fix deps Signed-off-by: Jan Kowalleck --- pyproject.toml | 2 ++ tox.ini | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 2995129e..a10a8384 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -96,6 +96,8 @@ tomli = { version = "^2.0.1", python = "<3.11" } tox = "4.27.0" pyupgrade = "3.20.0" deptry = "0.23.0" +# for tests, use the GPL-version of jsonschema format validators - they are faster +jsonschema = { version = "*", extras = ["format"] } # min version required to be able to install some dependencies # see https://github.com/MichaelKim0407/flake8-use-fstring/issues/33 diff --git a/tox.ini b/tox.ini index 1400b886..8aa57da7 100644 --- a/tox.ini +++ b/tox.ini @@ -23,7 +23,7 @@ allowlist_externals = poetry ## deps = poetry ## << this one caused https://github.com/python-poetry/poetry/issues/6288 commands_pre = {envpython} --version - poetry install --no-root -v + # poetry install --no-root -v poetry run pip freeze commands = poetry run coverage run --source=cyclonedx_py -m unittest discover -t . -s tests -v {posargs}