chore: Refactor and standardize workflows

MountainGod2 · Nov 4, 2024 · 96101b5 · 96101b5
1 parent 87a848b
commit 96101b5
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 60 deletions.
diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
@@ -3,70 +3,63 @@ name: Continuous Deployment
 on:
   workflow_run:
     workflows: ["Continuous Integration"]
-    types:
-      - completed
+    types: [completed]
 
 env:
   UV_CACHE_DIR: /tmp/.uv-cache
 
 jobs:
-  cd:
-    name: CD - Release Deployment
+  release:
+    name: Release Deployment
     runs-on: ubuntu-latest
-    concurrency: cd
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
     permissions:
-      id-token: write
       contents: write
+      id-token: write
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
 
     steps:
-      - name: Setup | Checkout Repository at Workflow SHA
+      - name: Setup | Checkout Repository
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
           ref: ${{ github.sha }}
 
-      - name: Setup | Force Correct Release Branch
-        run: git checkout -B ${{ github.ref_name }} ${{ github.sha }}
-
-      - name: Setup | UV Environment
+      - name: Setup | Configure UV Environment
         uses: astral-sh/setup-uv@v3
         with:
           enable-cache: true
           cache-dependency-glob: uv.lock
 
-      - name: Setup | Install and Sync Dependencies
+      - name: Dependencies | Install and Sync Dependencies
         run: uv sync
 
-      - name: Release | Run Python Semantic Release
+      - name: Release | Python Semantic Release
         id: release
         uses: python-semantic-release/python-semantic-release@v9
         with:
-          github_token: '${{ secrets.GH_PAT }}'
+          github_token: ${{ secrets.GH_PAT }}
           git_committer_name: 'MountainGod2'
           git_committer_email: '[email protected]'
-          ssh_private_signing_key: '${{ secrets.GIT_COMMIT_SSH_PRIV_KEY }}'
-          ssh_public_signing_key: '${{ secrets.GIT_COMMIT_SSH_PUB_KEY }}'
 
-      - name: Deploy | Publish to TestPyPI
+      - name: Publish | PyPI Test
         if: steps.release.outputs.released == 'true'
         uses: pypa/[email protected]
         with:
           repository-url: 'https://test.pypi.org/legacy/'
           attestations: false
 
-      - name: Deploy | Test Install from TestPyPI
+      - name: Publish | PyPI Test Install
         if: steps.release.outputs.released == 'true'
         run: uv pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple chaturbate-poller
 
-      - name: Deploy | Publish to PyPI
+      - name: Publish | PyPI Release
         if: steps.release.outputs.released == 'true'
         uses: pypa/[email protected]
         with:
           attestations: false
 
-      - name: Deploy | Publish Release to GitHub
+      - name: Publish | GitHub Release
         if: steps.release.outputs.released == 'true'
         uses: python-semantic-release/publish-action@v9
         with:
-          github_token: '${{ secrets.GH_PAT }}'
+          github_token: ${{ secrets.GH_PAT }}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -2,48 +2,46 @@ name: Continuous Integration
 
 on:
   push:
-    branches:
-      - main
+    branches: [main]
   pull_request:
-    branches:
-      - main
+    branches: [main]
 
 jobs:
-  ci:
-    name: CI - Code Quality and Documentation Build
+  test:
     runs-on: ubuntu-latest
     strategy:
       matrix:
         python-version: [3.11, 3.12, 3.13]
       fail-fast: true
     timeout-minutes: 20
+
     env:
-      UV_CACHE_DIR: /tmp/uv-cache-${{ matrix.python-version }}
+      UV_CACHE_DIR: /tmp/.uv-cache-${{ matrix.python-version }}
 
     steps:
       - name: Setup | Checkout Repository
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
-      - name: Setup | UV Environment
+      - name: Setup | Configure UV Environment
         uses: astral-sh/setup-uv@v3
         with:
           enable-cache: true
           cache-dependency-glob: uv.lock
 
-      - name: Cache UV Dependencies
+      - name: Dependencies | Cache UV Dependencies
         uses: actions/cache@v4
         with:
           path: ${{ env.UV_CACHE_DIR }}
           key: "uv-${{ matrix.python-version }}-${{ runner.os }}-${{ hashFiles('uv.lock') }}"
           restore-keys: |
             uv-${{ matrix.python-version }}-${{ runner.os }}
 
-      - name: Install and Sync Dependencies
+      - name: Dependencies | Install and Sync Dependencies
         run: uv sync
 
-      - name: Run Code Quality Checks (Formatting, Linting, Type Checks, Tests)
+      - name: Tests | Code Quality Checks and Tests
         run: |
           uv run ruff format ./
           uv run ruff check --fix ./
@@ -52,30 +50,19 @@ jobs:
           uv run pytest ./
           uv run bandit -c pyproject.toml -r ./
 
-      - name: Build Documentation
-        if: matrix.python-version == '3.13'
+      - name: Documentation | Build and Deploy Docs
+        if: success() && matrix.python-version == '3.13'
         run: uv run --group=docs make clean html --directory docs/
 
-      - name: Deploy Documentation to GitHub Pages
-        if: success() && matrix.python-version == '3.11'
-        uses: peaceiris/actions-gh-pages@v4
-        with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          publish_dir: docs/_build/html
-
-      - name: Scan Codebase with SonarCloud
+      - name: SonarCloud | Scan Codebase
         if: matrix.python-version == '3.13'
         uses: SonarSource/sonarcloud-github-action@v3
         env:
-          SONAR_TOKEN: '${{ secrets.SONAR_TOKEN }}'
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 
-      - name: Upload Test Coverage Report to Codecov
+      - name: Codecov | Upload Coverage Report
         if: success() && matrix.python-version == '3.13'
         uses: codecov/codecov-action@v4
         with:
-          token: '${{ secrets.CODECOV_TOKEN }}'
+          token: ${{ secrets.CODECOV_TOKEN }}
           file: ./coverage.xml
-          fail_ci_if_error: true
-
-      - name: Minimize UV Cache
-        run: uv cache prune --ci
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -1,32 +1,30 @@
 name: CodeQL Analysis
 
 on:
-  workflow_run:
-    workflows: ["Continuous Integration"]
-    types:
-      - completed
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
 
 jobs:
   analyze:
-    name: 'CodeQL Analysis - Python'
+    name: CodeQL Analysis - Python
     runs-on: ubuntu-latest
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
     permissions:
       security-events: write
       actions: read
       contents: read
 
     steps:
-      - name: Checkout Repository
+      - name: Setup | Checkout Repository
         uses: actions/checkout@v4
 
-      - name: Initialize CodeQL
+      - name: Setup | Initialize CodeQL
         uses: github/codeql-action/init@v3
         with:
           languages: 'python'
-          build-mode: 'none'
 
-      - name: Perform CodeQL Analysis
+      - name: Analyze | Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v3
         with:
           category: '/language:python'