From a5c1219faf9acd5bc98c7d585ced0155c2ee9922 Mon Sep 17 00:00:00 2001 From: sebthom Date: Thu, 7 Mar 2024 20:33:34 +0100 Subject: [PATCH] update workflow config --- .github/dependabot.yml | 6 +++--- .github/stale.yml | 2 +- .github/workflows/build.yml | 7 +++++-- .github/workflows/codeql-analysis.yml | 24 ++++++++++++++---------- .github/workflows/update-python-deps.yml | 13 +++++++++++-- 5 files changed, 34 insertions(+), 18 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index d66d104..02bccd1 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,4 +1,4 @@ -# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates +# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file version: 2 updates: - package-ecosystem: github-actions @@ -8,8 +8,8 @@ updates: day: monday time: "17:00" commit-message: - prefix: fix - prefix-development: chore + prefix: ci + prefix-development: ci include: scope labels: - pinned diff --git a/.github/stale.yml b/.github/stale.yml index f3ece94..f50f805 100644 --- a/.github/stale.yml +++ b/.github/stale.yml @@ -1,7 +1,7 @@ # Configuration for probot-stale - https://github.com/probot/stale # Number of days of inactivity before an issue becomes stale -daysUntilStale: 120 +daysUntilStale: 90 # Number of days of inactivity before a stale issue is closed daysUntilClose: 14 diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2e05a2b..44a9a94 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -67,6 +67,9 @@ jobs: runs-on: ${{ matrix.os }} steps: + - name: Show environment variables + run: env | sort + - name: Git checkout uses: actions/checkout@v4 # https://github.com/actions/checkout @@ -208,7 +211,7 @@ jobs: - name: Publish Docker image - if: ${{ github.ref_name == 'main' && matrix.PUBLISH_RELEASE && startsWith(matrix.os, 'ubuntu') && !env.ACT }} + if: ${{ github.repository_owner == 'Second-Hand-Friends' && github.ref_name == 'main' && matrix.PUBLISH_RELEASE && startsWith(matrix.os, 'ubuntu') && !env.ACT }} run: | set -eux @@ -225,7 +228,7 @@ jobs: runs-on: ubuntu-latest needs: - build - if: ${{ github.ref_name == 'main' && !github.event.act }} + if: ${{ github.repository_owner == 'Second-Hand-Friends' && github.ref_name == 'main' && !github.event.act }} concurrency: publish-latest-release # https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idconcurrency steps: diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 5945ad4..1981408 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -1,10 +1,11 @@ -# https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning +# https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning name: "CodeQL" on: push: - branches: - - '**' + branches-ignore: # build all branches except: + - 'dependabot/**' # prevent GHA triggered twice (once for commit to the branch and once for opening/syncing the PR) + - 'dependencies/pdm' # prevent GHA triggered twice (once for commit to the branch and once for opening/syncing the PR) tags-ignore: - '**' paths-ignore: @@ -37,19 +38,19 @@ jobs: security-events: write steps: + - name: Show environment variables + run: env | sort + + - name: Git checkout uses: actions/checkout@v4 # https://github.com/actions/checkout - - uses: actions/setup-python@v5 + - name: "Install Python and PDM" # https://github.com/pdm-project/setup-pdm + uses: pdm-project/setup-pdm@v4 with: python-version: "${{ env.PYTHON_VERSION }}" - - - - uses: actions/cache@v4 - with: - path: __pypackages__ - key: ${{ runner.os }}-pypackages-${{ hashFiles('pdm.lock') }} + cache: true - name: "Install: Python dependencies" @@ -59,6 +60,9 @@ jobs: python --version python -m pip install --upgrade pip pip install --upgrade pdm + if [[ ! -e .venv ]]; then + pdm venv create || true + fi pdm install -v diff --git a/.github/workflows/update-python-deps.yml b/.github/workflows/update-python-deps.yml index 3933df8..d91a047 100644 --- a/.github/workflows/update-python-deps.yml +++ b/.github/workflows/update-python-deps.yml @@ -27,6 +27,10 @@ jobs: runs-on: ubuntu-latest steps: + - name: Show environment variables + run: env | sort + + - name: Generate GitHub Access Token uses: tibdex/github-app-token@v2 #https://github.com/tibdex/github-app-token id: generate_token @@ -43,18 +47,23 @@ jobs: token: ${{ steps.generate_token.outputs.token }} - - uses: actions/setup-python@v5 + - name: "Install Python and PDM" # https://github.com/pdm-project/setup-pdm + uses: pdm-project/setup-pdm@v4 with: python-version: "${{ env.PYTHON_VERSION }}" + cache: true - - name: Install Python dependencies + - name: "Install: Python dependencies" run: | set -eux python --version python -m pip install --upgrade pip pip install --upgrade pdm + if [[ ! -e .venv ]]; then + pdm venv create || true + fi pdm install -v