chore(deps): bump cryptography from 46.0.5 to 46.0.7 #31
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test Suite | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| # Fix: GitHub CodeQL Code Scanning alerts #1 and #2 (CWE-275, actions/missing-workflow-permissions) | |
| # Explicitly restrict GITHUB_TOKEN to read-only to follow the principle of least privilege. | |
| permissions: | |
| contents: read | |
| jobs: | |
| unit-tests: | |
| name: Unit Tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v7 | |
| with: | |
| enable-cache: true | |
| - name: Setup Python 3.12 | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: "3.12" | |
| - name: Install dependencies | |
| run: uv sync --extra dev | |
| - name: Run unit tests | |
| run: uv run pytest tests/test_version_compat.py -v --tb=short | |
| integration-tests: | |
| name: Integration Tests (PG 12-18) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Start PostgreSQL instances | |
| run: docker compose -f tests/docker/docker-compose.test.yml up -d | |
| - name: Wait for all PostgreSQL instances | |
| run: | | |
| for svc in pg12 pg13 pg14 pg15 pg16 pg17 pg18; do | |
| echo "Waiting for $svc to be healthy..." | |
| for i in $(seq 1 30); do | |
| status=$(docker compose -f tests/docker/docker-compose.test.yml ps $svc --format '{{.Health}}' 2>/dev/null || echo "unknown") | |
| if [ "$status" = "healthy" ]; then | |
| echo "$svc is ready" | |
| break | |
| fi | |
| if [ $i -eq 30 ]; then | |
| echo "Timed out waiting for $svc" | |
| docker compose -f tests/docker/docker-compose.test.yml logs $svc | |
| exit 1 | |
| fi | |
| sleep 2 | |
| done | |
| done | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v7 | |
| with: | |
| enable-cache: true | |
| - name: Setup Python 3.12 | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: "3.12" | |
| - name: Install dependencies | |
| run: uv sync --extra dev | |
| - name: Run integration tests | |
| run: uv run pytest tests/test_tools_integration.py -v --tb=short | |
| - name: Tear down PostgreSQL instances | |
| if: always() | |
| run: docker compose -f tests/docker/docker-compose.test.yml down -v |