Rewrite answer generator code to be more like the TS version #697
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # .github/workflows/ci.yml | |
| name: CI | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| pull_request_target: | |
| branches: [ "main" ] | |
| workflow_dispatch: # manual run | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| pull-requests: read | |
| contents: read | |
| id-token: write | |
| actions: read | |
| jobs: | |
| permissions-check: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # The following two steps (permissions checks) ensure that only users with write access can run this workflow on a PR (except the merge queue bot) | |
| # PRs from forks we check the permissions of the user that triggered the workflow (github.triggering_actor) | |
| # This means that if a user without write access opens a PR from a fork, they cannot run this workflow | |
| # Users with write access can still run this workflow on a PR from a fork | |
| # For PRs from the same repo, we allow the workflow to run as normal | |
| - name: Get User Permission | |
| if: ${{ github.event_name == 'pull_request_target' || github.triggering_actor != 'github-merge-queue[bot]' }} | |
| id: checkAccess | |
| uses: actions-cool/check-user-permission@v2 | |
| with: | |
| require: write | |
| username: ${{ github.triggering_actor }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Check User Permission | |
| if: ${{ (github.event_name == 'pull_request_target' || github.triggering_actor != 'github-merge-queue[bot]') && steps.checkAccess.outputs.require-result == 'false' }} | |
| run: | | |
| echo "${{ github.triggering_actor }} does not have permissions on this repo." | |
| echo "Current permission level is ${{ steps.checkAccess.outputs.user-permission }}" | |
| echo "Job originally triggered by ${{ github.actor }}" | |
| exit 1 | |
| check: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, windows-latest] | |
| python-version: ['3.12', '3.13', '3.14'] | |
| exclude: | |
| - os: windows-latest | |
| python-version: '3.13' | |
| - os: windows-latest | |
| python-version: '3.14' | |
| runs-on: ${{ matrix.os }} | |
| name: ${{ matrix.os }} check (py ${{ matrix.python-version }}) | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v7 | |
| - name: Run Check (Linux) | |
| if: runner.os == 'Linux' | |
| shell: bash | |
| run: | | |
| make check | |
| - name: Run Check (Windows) | |
| if: runner.os == 'Windows' | |
| run: | | |
| ./make.bat check | |
| format: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, windows-latest] | |
| python-version: ['3.12', '3.13', '3.14'] | |
| exclude: | |
| - os: windows-latest | |
| python-version: '3.13' | |
| - os: windows-latest | |
| python-version: '3.14' | |
| runs-on: ${{ matrix.os }} | |
| name: ${{ matrix.os }} format (py ${{ matrix.python-version }}) | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v7 | |
| - name: Run Format (Linux) | |
| if: runner.os == 'Linux' | |
| shell: bash | |
| run: | | |
| make format | |
| - name: Run Format (Windows) | |
| if: runner.os == 'Windows' | |
| run: | | |
| ./make.bat format | |
| offline-test: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, windows-latest] | |
| python-version: ['3.12', '3.13'] | |
| exclude: | |
| - os: windows-latest | |
| python-version: '3.13' | |
| runs-on: ${{ matrix.os }} | |
| name: ${{ matrix.os }} (py ${{ matrix.python-version }}) | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v7 | |
| - name: Run Test (Linux) | |
| if: runner.os == 'Linux' | |
| shell: bash | |
| run: | | |
| make test | |
| - name: Run Test (Windows) | |
| if: runner.os == 'Windows' | |
| run: | | |
| ./make.bat test | |
| online-test: | |
| needs: permissions-check | |
| environment: | |
| name: build-pipeline | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest] | |
| python-version: ['3.14'] | |
| runs-on: ${{ matrix.os }} | |
| name: ${{ matrix.os }} (py ${{ matrix.python-version }}) | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v7 | |
| - name: Install Dependencies (Linux) | |
| if: runner.os == 'Linux' | |
| shell: bash | |
| run: | | |
| make sync | |
| - name: Install Dependencies (Windows) | |
| if: runner.os == 'Windows' | |
| run: | | |
| make sync | |
| - name: Login to Azure | |
| uses: azure/login@v2.2.0 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENTID }} | |
| tenant-id: ${{ secrets.AZURE_TENANTID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTIONID }} | |
| - name: Get Keys | |
| run: | | |
| uv run python tools/get_keys.py --vault build-pipeline-kv | |
| - name: Run Test | |
| shell: bash | |
| run: | | |
| uv run pytest | |
| - name: Clean up Keys | |
| run: | | |
| node -e "try{require('fs').unlinkSync('./.env');}catch(e){}" |