Ll/vectara #585
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test Python with Secrets | |
| on: | |
| push: | |
| branches: [main] | |
| paths: | |
| - '**' | |
| - '!k8s-operator/**' | |
| - '!webui/**' | |
| - '!.all-contributorsrc' | |
| - '!README.md' | |
| workflow_dispatch: | |
| pull_request_target: | |
| types: [ opened, synchronize ] | |
| paths: | |
| - '**' | |
| - '!k8s-operator/**' | |
| - '!webui/**' | |
| - '!.all-contributorsrc' | |
| - '!README.md' | |
| jobs: | |
| examples-test: | |
| runs-on: ubuntu-latest | |
| services: | |
| mongodb: | |
| image: mongo:latest | |
| ports: | |
| - 27017:27017 | |
| steps: | |
| # https://michaelheap.com/access-secrets-from-forks/ | |
| # Allow contributors to run the tests with secret access if it is kicked off by a maintainer | |
| - name: Get User Permission | |
| id: checkAccess | |
| uses: actions-cool/check-user-permission@v2 | |
| with: | |
| require: write | |
| username: ${{ github.triggering_actor }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Check User Permission | |
| if: steps.checkAccess.outputs.require-result == 'false' | |
| run: | | |
| echo "${{ github.triggering_actor }} does not have permissions on this repo." | |
| echo "Current permission level is ${{ steps.checkAccess.outputs.user-permission }}" | |
| echo "Job originally triggered by ${{ github.actor }}" | |
| exit 1 | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} # This is dangerous without the first access check | |
| - name: Check secrets | |
| run: | | |
| if [ -z "${{ secrets.OPENAI_API_KEY }}" ]; then | |
| echo "Error: OPENAI_API_KEY is not set" | |
| exit 1 | |
| fi | |
| if [ -z "${{ secrets.AZURE_AD_CLIENT_ID }}" ] || [ -z "${{ secrets.AZURE_AD_CLIENT_SECRET }}" ] || [ -z "${{ secrets.AZURE_AD_TENANT_ID }}" ] || [ -z "${{ secrets.AZURE_AD_TEST_CLIENT_ID }}" ] || [ -z "${{ secrets.AZURE_AD_TEST_CLIENT_SECRET }}" ]; then | |
| echo "Error: One or more Azure secrets are not set" | |
| exit 1 | |
| fi | |
| - name: Install poetry | |
| run: pipx install poetry | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.12' | |
| cache: 'poetry' | |
| - run: poetry install | |
| working-directory: examples | |
| - run: poetry run playwright install | |
| working-directory: examples | |
| - run: poetry run ruff format . | |
| working-directory: examples | |
| - run: poetry run ruff check . | |
| working-directory: examples | |
| - run: mkdir -p /tmp/eidolon | |
| working-directory: examples | |
| - run: poetry run pytest | |
| env: | |
| OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} | |
| EIDOLON_DATA_DIR: /tmp/eidolon | |
| AZURE_CLIENT_ID: ${{ secrets.AZURE_AD_CLIENT_ID }} | |
| AZURE_CLIENT_SECRET: ${{ secrets.AZURE_AD_CLIENT_SECRET }} | |
| AZURE_TENANT_ID: ${{ secrets.AZURE_AD_TENANT_ID }} | |
| AZURE_AD_TEST_CLIENT_ID: ${{ secrets.AZURE_AD_TEST_CLIENT_ID }} | |
| AZURE_AD_TEST_CLIENT_SECRET: ${{ secrets.AZURE_AD_TEST_CLIENT_SECRET }} | |
| working-directory: examples | |
| - uses: actions/upload-artifact@v4 | |
| if: ${{ !success() }} | |
| with: | |
| name: server-logs | |
| path: /tmp/eidolon_test_logs/ | |
| test-quickstart-no-mongodb: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # https://michaelheap.com/access-secrets-from-forks/ | |
| # Allow contributors to run the tests with secret access if it is kicked off by a maintainer | |
| - name: Get User Permission | |
| id: checkAccess | |
| uses: actions-cool/check-user-permission@v2 | |
| with: | |
| require: write | |
| username: ${{ github.triggering_actor }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Check User Permission | |
| if: steps.checkAccess.outputs.require-result == 'false' | |
| run: | | |
| echo "${{ github.triggering_actor }} does not have permissions on this repo." | |
| echo "Current permission level is ${{ steps.checkAccess.outputs.user-permission }}" | |
| echo "Job originally triggered by ${{ github.actor }}" | |
| exit 1 | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} # This is dangerous without the first access check | |
| - name: Check secrets | |
| run: | | |
| if [ -z "${{ secrets.OPENAI_API_KEY }}" ]; then | |
| echo "Error: OPENAI_API_KEY is not set" | |
| exit 1 | |
| fi | |
| - name: Install poetry | |
| run: pipx install poetry | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.12' | |
| cache: 'poetry' | |
| - run: poetry install | |
| working-directory: examples | |
| - run: poetry run pytest tests/test_quickstart.py | |
| env: | |
| OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} | |
| working-directory: examples |