.github/workflows/ci.yml

name: CI

on:
  push:
    branches:
    - main
  pull_request:

jobs:

  dist:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: "3.x"
      - run: python -m pip install --upgrade pip build wheel twine
      - run: python -m build --sdist --wheel
      - run: python -m twine check dist/*
      - uses: actions/upload-artifact@v4
        with:
          path: dist/*

  lint:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        lint-command:
          - bandit -r . -x ./tests
          - black --check --diff .
          - flake8 .
          - isort --check-only --diff .
          - pydocstyle .
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: "3.x"
          cache: 'pip'
          cache-dependency-path: 'linter-requirements.txt'
      - run: python -m pip install -r linter-requirements.txt
      - run: ${{ matrix.lint-command }}

  PyTest:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version:
          - "3.8"
          - "3.9"
          - "3.10"
          - "3.11"

    steps:
    - uses: actions/checkout@v4
    - uses: actions/setup-python@v5
      with:
        python-version: ${{ matrix.python-version }}
    - run: python -m pip install --upgrade pip setuptools
    - run: python -m pip install -e .[test]
    - run: relint --version
    - run: py.test --cov=.
    - uses: codecov/codecov-action@v5


  extras:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        extras:
          - "regex"

    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: "3.x"
      - run: python -m pip install --upgrade pip setuptools
      - run: python -m pip install -e .[test,${{ matrix.extras }}]
      - run: relint --version
      - run: py.test --cov=.
      - uses: codecov/codecov-action@v5

  analyze:
    name: CodeQL Analyze
    needs: [PyTest,extras]
    runs-on: ubuntu-latest
    permissions:
      actions: read
      contents: read
      security-events: write
    strategy:
      fail-fast: false
      matrix:
        language: [ python ]
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Initialize CodeQL
        uses: github/codeql-action/init@v3
        with:
          languages: ${{ matrix.language }}
          queries: +security-and-quality
      - name: Autobuild
        uses: github/codeql-action/autobuild@v3
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v3
        with:
          category: "/language:${{ matrix.language }}"