Migrate CI to protected runners and JFrog PyPI proxy #2843

Workflow file for this run

.github/workflows/code-quality-checks.yml at dc079d1

	name: Code Quality Checks

	on: [pull_request]

	permissions:
	contents: read
	id-token: write

	jobs:
	run-unit-tests:
	runs-on:
	group: databricks-protected-runner-group
	labels: linux-ubuntu-latest
	strategy:
	matrix:
	python-version: ["3.9", "3.10", "3.11", "3.12", "3.13", "3.14"]
	dependency-version: ["default", "min"]
	# Optimize matrix - test min/max on subset of Python versions
	exclude:
	- python-version: "3.12"
	dependency-version: "min"
	- python-version: "3.13"
	dependency-version: "min"

	name: "Unit Tests (Python ${{ matrix.python-version }}, ${{ matrix.dependency-version }} deps)"

	steps:
	- name: Check out repository
	uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
	- name: Setup JFrog
	uses: ./.github/actions/setup-jfrog
	- name: Set up python ${{ matrix.python-version }}
	id: setup-python
	uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
	with:
	python-version: ${{ matrix.python-version }}
	- name: Install Poetry
	run: \|
	pip install poetry==2.2.1
	poetry config virtualenvs.create true
	poetry config virtualenvs.in-project true
	poetry config installer.parallel true
	- name: Configure Poetry for JFrog
	run: \|
	poetry config repositories.jfrog https://databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple
	poetry config http-basic.jfrog gha-service-account "${JFROG_ACCESS_TOKEN}"
	poetry source add --priority=primary jfrog https://databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple
	poetry lock
	- name: Load cached venv
	id: cached-poetry-dependencies
	uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
	with:
	path: .venv
	key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ matrix.dependency-version }}-${{ github.event.repository.name }}-${{ hashFiles('**/poetry.lock') }}
	- name: Install dependencies
	if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
	run: poetry install --no-interaction --no-root
	- name: Install library
	run: poetry install --no-interaction
	- name: Install Python tools for custom versions
	if: matrix.dependency-version != 'default'
	run: poetry run pip install toml packaging
	- name: Generate requirements file
	if: matrix.dependency-version != 'default'
	run: \|
	poetry run python scripts/dependency_manager.py ${{ matrix.dependency-version }} --output requirements-${{ matrix.dependency-version }}.txt
	echo "Generated requirements for ${{ matrix.dependency-version }} versions:"
	cat requirements-${{ matrix.dependency-version }}.txt
	- name: Override with custom dependency versions
	if: matrix.dependency-version != 'default'
	run: poetry run pip install -r requirements-${{ matrix.dependency-version }}.txt
	- name: Show installed versions
	run: \|
	echo "=== Dependency Version: ${{ matrix.dependency-version }} ==="
	poetry run pip list
	- name: Run tests
	run: poetry run python -m pytest tests/unit

	run-unit-tests-with-arrow:
	runs-on:
	group: databricks-protected-runner-group
	labels: linux-ubuntu-latest
	strategy:
	matrix:
	python-version: ["3.9", "3.10", "3.11", "3.12", "3.13", "3.14"]
	dependency-version: ["default", "min"]
	exclude:
	- python-version: "3.12"
	dependency-version: "min"
	- python-version: "3.13"
	dependency-version: "min"

	name: "Unit Tests + PyArrow (Python ${{ matrix.python-version }}, ${{ matrix.dependency-version }} deps)"

	steps:
	- name: Check out repository
	uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2
	- name: Setup JFrog
	uses: ./.github/actions/setup-jfrog
	- name: Set up python ${{ matrix.python-version }}
	id: setup-python
	uses: actions/setup-python@e9aba2c848f5ebd159c070c61ea2c4e2b122355e # v2
	with:
	python-version: ${{ matrix.python-version }}
	- name: Install Poetry
	run: \|
	pip install poetry==2.2.1
	poetry config virtualenvs.create true
	poetry config virtualenvs.in-project true
	poetry config installer.parallel true
	- name: Configure Poetry for JFrog
	run: \|
	poetry config repositories.jfrog https://databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple
	poetry config http-basic.jfrog gha-service-account "${JFROG_ACCESS_TOKEN}"
	poetry source add --priority=primary jfrog https://databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple
	poetry lock
	- name: Load cached venv
	id: cached-poetry-dependencies
	uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
	with:
	path: .venv-pyarrow
	key: venv-pyarrow-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ matrix.dependency-version }}-${{ github.event.repository.name }}-${{ hashFiles('**/poetry.lock') }}
	- name: Install dependencies
	if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
	run: poetry install --no-interaction --no-root
	- name: Install Kerberos system dependencies
	run: \|
	sudo apt-get update
	sudo apt-get install -y libkrb5-dev
	- name: Install library
	run: poetry install --no-interaction --all-extras
	- name: Install Python tools for custom versions
	if: matrix.dependency-version != 'default'
	run: poetry run pip install toml packaging
	- name: Generate requirements file with pyarrow
	if: matrix.dependency-version != 'default'
	run: \|
	poetry run python scripts/dependency_manager.py ${{ matrix.dependency-version }} --output requirements-${{ matrix.dependency-version }}-arrow.txt
	echo "Generated requirements for ${{ matrix.dependency-version }} versions with PyArrow:"
	cat requirements-${{ matrix.dependency-version }}-arrow.txt
	- name: Override with custom dependency versions
	if: matrix.dependency-version != 'default'
	run: poetry run pip install -r requirements-${{ matrix.dependency-version }}-arrow.txt
	- name: Show installed versions
	run: \|
	echo "=== Dependency Version: ${{ matrix.dependency-version }} with PyArrow ==="
	poetry run pip list
	- name: Run tests
	run: poetry run python -m pytest tests/unit

	check-linting:
	runs-on:
	group: databricks-protected-runner-group
	labels: linux-ubuntu-latest
	strategy:
	matrix:
	python-version: ["3.9", "3.10", "3.11", "3.12", "3.13", "3.14"]
	steps:
	- name: Check out repository
	uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
	- name: Setup JFrog
	uses: ./.github/actions/setup-jfrog
	- name: Set up python ${{ matrix.python-version }}
	id: setup-python
	uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
	with:
	python-version: ${{ matrix.python-version }}
	- name: Install Poetry
	run: \|
	pip install poetry==2.2.1
	poetry config virtualenvs.create true
	poetry config virtualenvs.in-project true
	poetry config installer.parallel true
	- name: Configure Poetry for JFrog
	run: \|
	poetry config repositories.jfrog https://databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple
	poetry config http-basic.jfrog gha-service-account "${JFROG_ACCESS_TOKEN}"
	poetry source add --priority=primary jfrog https://databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple
	poetry lock
	- name: Load cached venv
	id: cached-poetry-dependencies
	uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
	with:
	path: .venv
	key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ github.event.repository.name }}-${{ hashFiles('**/poetry.lock') }}
	- name: Install dependencies
	if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
	run: poetry install --no-interaction --no-root
	- name: Install library
	run: poetry install --no-interaction
	- name: Black
	run: poetry run black --check src

	check-types:
	runs-on:
	group: databricks-protected-runner-group
	labels: linux-ubuntu-latest
	strategy:
	matrix:
	python-version: ["3.9", "3.10", "3.11", "3.12", "3.13", "3.14"]
	steps:
	- name: Check out repository
	uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
	- name: Setup JFrog
	uses: ./.github/actions/setup-jfrog
	- name: Set up python ${{ matrix.python-version }}
	id: setup-python
	uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
	with:
	python-version: ${{ matrix.python-version }}
	- name: Install Poetry
	run: \|
	pip install poetry==2.2.1
	poetry config virtualenvs.create true
	poetry config virtualenvs.in-project true
	poetry config installer.parallel true
	- name: Configure Poetry for JFrog
	run: \|
	poetry config repositories.jfrog https://databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple
	poetry config http-basic.jfrog gha-service-account "${JFROG_ACCESS_TOKEN}"
	poetry source add --priority=primary jfrog https://databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple
	poetry lock
	- name: Load cached venv
	id: cached-poetry-dependencies
	uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
	with:
	path: .venv
	key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ github.event.repository.name }}-${{ hashFiles('**/poetry.lock') }}
	- name: Install dependencies
	if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
	run: poetry install --no-interaction --no-root
	- name: Install library
	run: poetry install --no-interaction
	- name: Mypy
	run: \|
	mkdir .mypy_cache # Workaround for bad error message "error: --install-types failed (no mypy cache directory)"; see https://github.com/python/mypy/issues/10768#issuecomment-2178450153
	poetry run mypy --install-types --non-interactive src

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Migrate CI to protected runners and JFrog PyPI proxy #2843

Workflow file

Migrate CI to protected runners and JFrog PyPI proxy #2843

Uh oh!

Workflow file for this run