From 5f7d5fbcd2e3aab84ddd1f95435733766a7043cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20Robert?= Date: Sun, 27 Oct 2024 15:41:19 +0100 Subject: [PATCH] TST: use exact commit sha for github actions --- .github/workflows/lint_python.yml | 6 +++--- .github/workflows/test.yml | 33 ++++++++++++++++++------------- 2 files changed, 22 insertions(+), 17 deletions(-) diff --git a/.github/workflows/lint_python.yml b/.github/workflows/lint_python.yml index dbcf479..02cf749 100644 --- a/.github/workflows/lint_python.yml +++ b/.github/workflows/lint_python.yml @@ -4,11 +4,11 @@ jobs: lint_python: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: 3.x - - uses: astral-sh/setup-uv@v2 + - uses: astral-sh/setup-uv@3b9817b1bf26186f03ab8277bab9b827ea5cc254 # v3.2.0 - run: uv venv - run: uv pip compile pyproject.toml | uv pip install -r - - run: shopt -s globstar diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a253bd7..fc06e9d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -55,10 +55,11 @@ jobs: cancel-in-progress: true steps: - - uses: actions/checkout@v4 - - uses: astral-sh/setup-uv@v2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: astral-sh/setup-uv@3b9817b1bf26186f03ab8277bab9b827ea5cc254 # v3.2.0 with: enable-cache: true + cache-dependency-glob: pyproject.toml - name: Build run: | @@ -139,10 +140,11 @@ jobs: cancel-in-progress: true steps: - - uses: actions/checkout@v4 - - uses: astral-sh/setup-uv@v2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: astral-sh/setup-uv@3b9817b1bf26186f03ab8277bab9b827ea5cc254 # v3.2.0 with: enable-cache: true + cache-dependency-glob: pyproject.toml - name: Run mypy run: | @@ -159,17 +161,18 @@ jobs: cancel-in-progress: true steps: - - uses: actions/checkout@v4 - - uses: astral-sh/setup-uv@v2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: astral-sh/setup-uv@3b9817b1bf26186f03ab8277bab9b827ea5cc254 # v3.2.0 with: enable-cache: true + cache-dependency-glob: pyproject.toml - name: Build run: | uvx --python 3.12 --with-requirements=requirements/docs.txt --from sphinx \ sphinx-build -M html docs/source site -W - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: site path: site @@ -183,10 +186,11 @@ jobs: cancel-in-progress: true steps: - - uses: actions/checkout@v4 - - uses: astral-sh/setup-uv@v2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: astral-sh/setup-uv@3b9817b1bf26186f03ab8277bab9b827ea5cc254 # v3.2.0 with: enable-cache: true + cache-dependency-glob: pyproject.toml - run: uvx check-manifest build-artifacts: @@ -194,15 +198,16 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: astral-sh/setup-uv@v2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: astral-sh/setup-uv@3b9817b1bf26186f03ab8277bab9b827ea5cc254 # v3.2.0 with: enable-cache: true + cache-dependency-glob: pyproject.toml - run: uv build - run: uvx twine check dist/* - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: dist path: dist @@ -227,11 +232,11 @@ jobs: id-token: write steps: - - uses: actions/download-artifact@v4 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: dist path: dist - name: Publish package distributions to PyPI if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') - uses: pypa/gh-action-pypi-publish@release/v1 + uses: pypa/gh-action-pypi-publish@f7600683efdcb7656dec5b29656edb7bc586e597 # v1.10.3