Merge pull request #1 from cta-observatory/basic_structure

Basic structure

.github/workflows/ci.yml

@@ -0,0 +1,58 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - "**"
+  pull_request:
+
+env:
+  PYTEST_ADDOPTS: --color=yes
+  GITHUB_PR_NUMBER: ${{ github.event.number }}
+
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Python setup
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+          check-latest: true
+
+      - name: Install dependencies
+        run: |
+          pip install -e ".[tests]"
+
+      - name: Tests
+        run: pytest --cov --cov-report=xml
+
+      - name: Store info for sonar
+        env:
+          REF_NAME: ${{ github.ref_name }}
+          REF_TYPE: ${{ github.ref_type }}
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+          SOURCE_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name }}
+          SOURCE_BRANCH: ${{ github.event.pull_request.head.ref }}
+          TARGET_BRANCH: ${{ github.event.pull_request.base.ref }}
+        run: |
+          echo "PR_NUMBER=${PR_NUMBER}" >> sonar_env
+          echo "SOURCE_REPOSITORY=${SOURCE_REPOSITORY}" >> sonar_env
+          echo "SOURCE_BRANCH=${SOURCE_BRANCH}" >> sonar_env
+          echo "TARGET_BRANCH=${TARGET_BRANCH}" >> sonar_env
+          cat sonar_env
+
+      # upload coverage report for sonar workflow
+      - uses: actions/upload-artifact@v4
+        with:
+          name: ctapipe-coverage-report
+          path: |
+            coverage.xml
+            sonar_env

.github/workflows/sonar.yml

@@ -0,0 +1,71 @@
+# This workflow is triggered by the completion of our CI workflow
+# It then checks out the pull request repository / branch, runs the
+# sonar scanner, downloads the coverage report and uploads the report
+# to the sonarqube server. This is necessary as forks don't have access
+# to secrets and SONAR_TOKEN is required to upload reports.
+#
+# Adapted from https://github.com/medplum/medplum/
+
+name: Sonar
+
+on:
+  workflow_run:
+    workflows: [CI]
+    types: [completed]
+
+jobs:
+  sonar:
+    name: Sonar
+    runs-on: ubuntu-latest
+    if: github.event.workflow_run.conclusion == 'success'
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          repository: ${{ github.event.workflow_run.head_repository.full_name }}
+          ref: ${{ github.event.workflow_run.head_branch }}
+          fetch-depth: 0
+
+      - name: 'Download code coverage'
+        uses: actions/github-script@v7
+        with:
+          script: |
+            let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
+               owner: context.repo.owner,
+               repo: context.repo.repo,
+               run_id: context.payload.workflow_run.id,
+            });
+            let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
+              return artifact.name == "ctapipe-coverage-report"
+            })[0];
+            let download = await github.rest.actions.downloadArtifact({
+               owner: context.repo.owner,
+               repo: context.repo.repo,
+               artifact_id: matchArtifact.id,
+               archive_format: 'zip',
+            });
+            let fs = require('fs');
+            fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/ctapipe-coverage-report.zip`, Buffer.from(download.data));
+
+      - name: 'Unzip code coverage'
+        run: unzip ctapipe-coverage-report.zip -d coverage
+
+      - name: Check artifact
+        run: ls -l coverage
+
+      - name: Set environment
+        run: |
+          cat coverage/sonar_env >> "$GITHUB_ENV"
+          cat coverage/sonar_env
+
+      - name: Sonarqube Scan
+        uses: SonarSource/sonarqube-scan-action@v4
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: https://sonar-cta-dpps.zeuthen.desy.de
+        with:
+          args: >
+            -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }}
+            -Dsonar.pullrequest.key=${{ env.PR_NUMBER }}
+            -Dsonar.pullrequest.branch=${{ env.SOURCE_BRANCH }}
+            -Dsonar.pullrequest.base=${{ env.TARGET_BRANCH }}

pyproject.toml

@@ -0,0 +1,40 @@
+[build-system]
+requires = ["setuptools>=64"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "test_sonar"
+version = "0.1.0"
+
+description = "Test sonarqube integration on github"
+readme = "README.md"
+authors = [
+    {name = "Maximilian Linhoff", email = "[email protected]"},
+]
+license = {text = "MIT License"}
+requires-python = ">=3.10"
+
+[project.optional-dependencies]
+
+tests = [
+    "pytest >= 7.0",
+    "pytest-cov",
+]
+
+[tool.pytest.ini_options]
+minversion = "7"
+testpaths = ["src"]
+log_cli_level = "INFO"
+xfail_strict = true
+
+# print summary of failed tests, force errors if settings are misspelled
+addopts = ["-ra", "--strict-config", "--strict-markers"]
+norecursedirs = [
+    ".git",
+    "_build",
+    "build",
+]
+
+[tool.coverage.run]
+include = ["src/*"]
+relative_files = true

src/test_sonar/__init__.py

@@ -0,0 +1,7 @@
+def fib(n):
+    if n < 0:
+        raise ValueError(f"n must be >=0, got {n}")
+    if n < 2:
+        return n
+
+    return fib(n - 1) + fib(n - 2)

src/test_sonar/test_fib.py

@@ -0,0 +1,18 @@
+import pytest
+
+
+FIBS = [0, 1, 1, 2, 3, 5, 8, 13, 21, 34, 55, 89, 144]
+
+@pytest.mark.parametrize(("n", "expected"), enumerate(FIBS))
+def test_fib(n, expected):
+    from test_sonar import fib
+    assert fib(n) == expected
+
+def test_negative():
+    from test_sonar import fib
+
+    with pytest.raises(ValueError, match="n must be >=0, got -1"):
+        fib(-1)
+
+    with pytest.raises(ValueError, match="n must be >=0, got -100"):
+        fib(-100)