Bump step-security/harden-runner from 2.7.1 to 2.8.1 #38
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: xhydro-lstm Testing Suite | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - .cruft.json | |
| - CHANGELOG.rst | |
| - README.rst | |
| - pyproject.toml | |
| - tests/test_xhydro_lstm.py | |
| - xhydro_lstm/__init__.py | |
| pull_request: | |
| concurrency: | |
| # For a given workflow, if we push to the same branch, cancel all previous builds on that branch except on master. | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} | |
| permissions: | |
| contents: read | |
| jobs: | |
| lint: | |
| name: Lint (Python${{ matrix.python-version }}) | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| python-version: | |
| - "3.x" | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout Repository | |
| uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| - name: Set up Python${{ matrix.python-version }} | |
| uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install tox | |
| run: | | |
| python -m pip install tox | |
| - name: Run linting suite | |
| run: | | |
| python -m tox -e lint | |
| test-pypi: | |
| name: Test with Python${{ matrix.python-version }} (Python${{ matrix.python-version }} + tox) | |
| needs: lint | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| include: | |
| - tox-env: "py38" | |
| python-version: "3.8" | |
| - tox-env: "py39" | |
| python-version: "3.9" | |
| - tox-env: "py310" | |
| python-version: "3.10" | |
| - tox-env: "py311" | |
| python-version: "3.11" | |
| - tox-env: "py312" | |
| python-version: "3.12" | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout Repository | |
| uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| - name: Set up Python${{ matrix.python-version }} | |
| uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install tox | |
| run: | | |
| python -m pip install tox | |
| - name: Test with tox | |
| run: | | |
| python -m tox -e ${{ matrix.tox-env }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| COVERALLS_FLAG_NAME: run-${{ matrix.tox-env }} | |
| COVERALLS_PARALLEL: true | |
| COVERALLS_SERVICE_NAME: github | |
| test-conda: | |
| name: Test with Python${{ matrix.python-version }} (Anaconda) | |
| needs: lint | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| python-version: ["3.9", "3.10", "3.11"] | |
| defaults: | |
| run: | |
| shell: bash -l {0} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout Repository | |
| uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| - name: Setup Conda (Micromamba) with Python${{ matrix.python-version }} | |
| uses: mamba-org/setup-micromamba@422500192359a097648154e8db4e39bdb6c6eed7 # v1.8.1 | |
| with: | |
| cache-downloads: true | |
| environment-file: environment-dev.yml | |
| create-args: >- | |
| mamba | |
| python=${{ matrix.python-version }} | |
| - name: Conda and Mamba versions | |
| run: | | |
| mamba --version | |
| echo "micromamba $(micromamba --version)" | |
| - name: Install xhydro-lstm | |
| run: | | |
| python -m pip install --no-deps . | |
| - name: Check versions | |
| run: | | |
| conda list | |
| python -m pip check || true | |
| - name: Test with pytest | |
| run: | | |
| python -m pytest --cov xhydro_lstm | |
| - name: Report coverage | |
| run: | | |
| python -m coveralls | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| COVERALLS_FLAG_NAME: run-Python${{ matrix.python-version }}-conda | |
| COVERALLS_PARALLEL: true | |
| COVERALLS_SERVICE_NAME: github | |
| finish: | |
| needs: | |
| - test-pypi | |
| - test-conda | |
| runs-on: ubuntu-latest | |
| container: python:3-slim | |
| steps: | |
| - name: Coveralls Finished | |
| run: | | |
| python -m pip install --upgrade coveralls | |
| python -m coveralls --finish | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| COVERALLS_SERVICE_NAME: github |