Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump actions/download-artifact, pin hashes for all actions, add Dependabot config #22

Merged
merged 3 commits into from
Sep 4, 2024
Merged

Bump actions/download-artifact, pin hashes for all actions, add Dependabot config #22

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
3723f2e
Bump actions/download-artifact from 3 to 4.1.7 in /.github/workflows
dependabot[bot] Sep 4, 2024
c22da8f
Add Dependabot configuration set to "weekly"
agriyakhetarpal Sep 4, 2024
bf61857
Bump all actions versions, use hashes for versions
agriyakhetarpal Sep 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
version: 2
updates:
# Maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
groups:
actions:
patterns:
- "*"
37 changes: 19 additions & 18 deletions .github/workflows/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,15 +12,15 @@ jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Setup Python
uses: actions/setup-python@v4
uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
with:
python-version: "3.12"

- name: Set up Node.js
uses: actions/setup-node@v4
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
with:
node-version: "20"

Expand All @@ -30,23 +30,24 @@ jobs:
python -m build .

- name: Store the distribution packages
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: python-package-distributions
path: dist/
if-no-files-found: error

test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Setup Python
uses: actions/setup-python@v4
uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
with:
python-version: "3.12"

- name: Set up Node.js
uses: actions/setup-node@v4
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
with:
node-version: "20"

Expand All @@ -60,7 +61,7 @@ jobs:
--cov=pyodide-build \
pyodide_build

- uses: codecov/codecov-action@v4
- uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
with:
fail_ci_if_error: false

Expand All @@ -71,7 +72,7 @@ jobs:
run-integration-test: ${{ steps.check-integration-test-trigger.outputs.trigger }}

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
ref: ${{ github.event.pull_request.head.sha }}

Expand All @@ -84,18 +85,18 @@ jobs:
needs: [check-integration-test-trigger]
if: needs.check-integration-test-trigger.outputs.run-integration-test
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
# include tags so that hatch-vcs can infer the version
fetch-depth: 0

- name: Setup Python
uses: actions/setup-python@v4
uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
with:
python-version: "3.12"

- name: Set up Node.js
uses: actions/setup-node@v4
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
with:
node-version: "20"

Expand All @@ -110,7 +111,7 @@ jobs:
echo EMSCRIPTEN_VERSION=$(pyodide config get emscripten_version) >> $GITHUB_ENV

- name: Install Emscripten
uses: mymindstorm/setup-emsdk@v12
uses: mymindstorm/setup-emsdk@6ab9eb1bda2574c4ddb79809fc9247783eaf9021 # v14
with:
version: ${{ env.EMSCRIPTEN_VERSION }}

Expand All @@ -120,8 +121,7 @@ jobs:
make test-recipe

publish:
name: >-
Publish to PyPI
name: Publish to PyPI
needs:
- build
runs-on: ubuntu-latest
Expand All @@ -133,9 +133,10 @@ jobs:
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
- name: Download all the dists
uses: actions/download-artifact@v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: python-package-distributions
path: dist/
merge-multiple: true

- name: Publish distribution 📦 to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
uses: pypa/gh-action-pypi-publish@0ab0b79471669eb3a4d647e625009c62f9f3b241 # v1.10.1
Loading