From 2bebdb3e0e50fceed5bf1f53e566952503d34c57 Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Tue, 21 Apr 2026 12:42:16 +0200 Subject: [PATCH 01/15] Add selected secret environment exporter --- .support/export_secret_env.py | 103 ++++++++++++++++++++++++++++++++++ 1 file changed, 103 insertions(+) create mode 100644 .support/export_secret_env.py diff --git a/.support/export_secret_env.py b/.support/export_secret_env.py new file mode 100644 index 0000000..6447b1f --- /dev/null +++ b/.support/export_secret_env.py @@ -0,0 +1,103 @@ +"""Export selected GitHub Actions secrets into later-step environment variables.""" + +from __future__ import annotations + +import json +import os +import re +import sys +import uuid + +NAME_PATTERN = re.compile(r"^[A-Za-z_][A-Za-z0-9_]*$") + + +def workflow_escape(value: str) -> str: + """Escape text embedded in a GitHub workflow command.""" + return value.replace("%", "%25").replace("\r", "%0D").replace("\n", "%0A") + + +def fail(message: str) -> None: + print(f"::error::{workflow_escape(message)}", file=sys.stderr) + raise SystemExit(1) + + +def parse_secret_env_map(raw_map: str) -> list[tuple[str, str]]: + """Parse SECRET_NAME or ENV_NAME=SECRET_NAME mapping lines.""" + mappings: list[tuple[str, str]] = [] + seen_env_names: set[str] = set() + + for line_number, raw_line in enumerate(raw_map.splitlines(), start=1): + line = raw_line.strip() + if not line or line.startswith("#"): + continue + + if "=" in line: + env_name, secret_name = (part.strip() for part in line.split("=", 1)) + else: + env_name = secret_name = line + + if not env_name or not secret_name: + fail(f"Invalid secret env mapping on line {line_number}.") + if not NAME_PATTERN.fullmatch(env_name): + fail(f"Invalid environment variable name {env_name!r} on line {line_number}.") + if not NAME_PATTERN.fullmatch(secret_name): + fail(f"Invalid secret name {secret_name!r} on line {line_number}.") + if env_name in seen_env_names: + fail(f"Duplicate environment variable mapping for {env_name!r}.") + + seen_env_names.add(env_name) + mappings.append((env_name, secret_name)) + + return mappings + + +def load_secrets() -> dict[str, str]: + """Load the full secret object supplied only to the trusted export step.""" + raw_secrets = os.environ.get("PYIRON_ALL_SECRETS_JSON") + if not raw_secrets: + fail("PYIRON_ALL_SECRETS_JSON is required when exporting selected secrets.") + + try: + secrets = json.loads(raw_secrets) + except json.JSONDecodeError as exc: + fail(f"Failed to parse PYIRON_ALL_SECRETS_JSON: {exc}") + + if not isinstance(secrets, dict): + fail("PYIRON_ALL_SECRETS_JSON must decode to a JSON object.") + + return {str(name): str(value) for name, value in secrets.items()} + + +def append_github_env(env_name: str, value: str) -> None: + """Append one environment variable using GitHub's multiline-safe format.""" + github_env = os.environ.get("GITHUB_ENV") + if not github_env: + fail("GITHUB_ENV is not set.") + + delimiter = f"PYIRON_SECRET_{uuid.uuid4().hex}" + with open(github_env, "a", encoding="utf-8") as env_file: + env_file.write(f"{env_name}<<{delimiter}\n{value}\n{delimiter}\n") + + +def main() -> int: + mappings = parse_secret_env_map(os.environ.get("PYIRON_SECRET_ENV_MAP", "")) + if not mappings: + return 0 + + secrets = load_secrets() + missing = [secret_name for _, secret_name in mappings if secret_name not in secrets] + if missing: + fail("Requested secret(s) are not available: " + ", ".join(sorted(missing))) + + for env_name, secret_name in mappings: + value = secrets[secret_name] + if value: + print(f"::add-mask::{workflow_escape(value)}") + append_github_env(env_name, value) + + print(f"Exported {len(mappings)} selected secret environment variable(s).") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) From f7d195469e5bea6c1e4692eb6d82249ef7665883 Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Tue, 21 Apr 2026 12:42:24 +0200 Subject: [PATCH 02/15] Add selected secret export action --- export-secret-env/action.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 export-secret-env/action.yml diff --git a/export-secret-env/action.yml b/export-secret-env/action.yml new file mode 100644 index 0000000..dd42e97 --- /dev/null +++ b/export-secret-env/action.yml @@ -0,0 +1,18 @@ +name: 'Export selected secrets' +description: 'Export selected GitHub Actions secrets to later steps as environment variables' + +inputs: + secret-env-map: + description: 'Newline-separated SECRET_NAME or ENV_NAME=SECRET_NAME entries' + default: '' + required: false + +runs: + using: 'composite' + steps: + - name: Export selected secret env vars + if: ${{ inputs.secret-env-map != '' }} + shell: bash + env: + PYIRON_SECRET_ENV_MAP: ${{ inputs.secret-env-map }} + run: python "$GITHUB_ACTION_PATH/../.support/export_secret_env.py" From 29d667012ed814aa6b33e7d964b9a6c0985715a9 Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Tue, 21 Apr 2026 12:42:27 +0200 Subject: [PATCH 03/15] Wire notebook secret allowlist export --- .github/workflows/push-pull.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/workflows/push-pull.yml b/.github/workflows/push-pull.yml index 1cdb506..28bf719 100644 --- a/.github/workflows/push-pull.yml +++ b/.github/workflows/push-pull.yml @@ -96,6 +96,11 @@ on: description: 'An optional path to a file containing the names of notebooks to NOT build' default: .ci_support/exclude required: false + notebooks-secret-env-map: + type: string + description: 'Optional newline-separated SECRET_NAME or ENV_NAME=SECRET_NAME entries to export for notebook execution' + default: '' + required: false tests-env-files: type: string description: 'Paths to an arbitrary number of (space-separated) conda environment yaml files' @@ -262,6 +267,12 @@ jobs: if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} + - uses: pyiron/actions/export-secret-env@actions-4.0.13 + if: ${{ inputs.notebooks-secret-env-map != '' }} + env: + PYIRON_ALL_SECRETS_JSON: ${{ toJSON(secrets) }} + with: + secret-env-map: ${{ inputs.notebooks-secret-env-map }} - uses: pyiron/actions/build-notebooks@actions-4.0.13 with: python-version: ${{ inputs.python-version }} From 517ed75fc6b42bb909416c61e825d6af43d1cf24 Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Tue, 21 Apr 2026 12:46:58 +0200 Subject: [PATCH 04/15] Document selected secret export action --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index 3701e54..4dd93a2 100644 --- a/README.md +++ b/README.md @@ -30,6 +30,13 @@ Notebooks are found in all sub directories of `/notebooks`. The files listed in A wrapper combining `conda-incubator/setup-miniconda` and `actions/cache` along with our own `write-environment` that allows you to easily make a cached conda environment from any number (>=1) of conda environment yaml files. +### `export-secret-env` + +Exports a selected set of GitHub Actions secrets to the `$GITHUB_ENV` file so they are available in later steps of the same job. + +The `secret-env-map` input accepts newline-separated entries as either `SECRET_NAME` or `ENV_NAME=SECRET_NAME`. +This is intended for reusable workflows that receive inherited secrets, but only want to pass an explicit allowlist onward to runtime code such as notebook execution. + ### `pip-check` Builds your environment with the `cached-minforge` action and then runs `pip check`. From d4394a09460b10136deb13aa3325d1f86101b3c7 Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Tue, 21 Apr 2026 12:48:50 +0200 Subject: [PATCH 05/15] update .gitignore --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index 5aeb0ff..848f1a9 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,6 @@ *.pyc .DS_Store .idea/ +.dir-locals.el +.codex +.codex/ \ No newline at end of file From 94531f5a76d9c2021af6d6131892aa777c7e8c6a Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Tue, 21 Apr 2026 13:59:03 +0200 Subject: [PATCH 06/15] Align selected secret export shell --- export-secret-env/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/export-secret-env/action.yml b/export-secret-env/action.yml index dd42e97..ab664b3 100644 --- a/export-secret-env/action.yml +++ b/export-secret-env/action.yml @@ -12,7 +12,7 @@ runs: steps: - name: Export selected secret env vars if: ${{ inputs.secret-env-map != '' }} - shell: bash + shell: bash -l {0} env: PYIRON_SECRET_ENV_MAP: ${{ inputs.secret-env-map }} run: python "$GITHUB_ACTION_PATH/../.support/export_secret_env.py" From 8a1e3ad74b6c338d45a67b2c0131bc031eda61fc Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Tue, 21 Apr 2026 14:10:43 +0200 Subject: [PATCH 07/15] Avoid GitHub env delimiter collisions --- .support/export_secret_env.py | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/.support/export_secret_env.py b/.support/export_secret_env.py index 6447b1f..ef2319e 100644 --- a/.support/export_secret_env.py +++ b/.support/export_secret_env.py @@ -68,13 +68,22 @@ def load_secrets() -> dict[str, str]: return {str(name): str(value) for name, value in secrets.items()} +def choose_github_env_delimiter(value: str) -> str: + """Choose a delimiter that is not present as a complete value line.""" + value_lines = set(value.splitlines()) + while True: + delimiter = f"PYIRON_SECRET_{uuid.uuid4().hex}" + if delimiter not in value_lines: + return delimiter + + def append_github_env(env_name: str, value: str) -> None: """Append one environment variable using GitHub's multiline-safe format.""" github_env = os.environ.get("GITHUB_ENV") if not github_env: fail("GITHUB_ENV is not set.") - delimiter = f"PYIRON_SECRET_{uuid.uuid4().hex}" + delimiter = choose_github_env_delimiter(value) with open(github_env, "a", encoding="utf-8") as env_file: env_file.write(f"{env_name}<<{delimiter}\n{value}\n{delimiter}\n") From db592600872861fcac065dd5a194b4ffb8d2b23c Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Tue, 21 Apr 2026 14:14:57 +0200 Subject: [PATCH 08/15] Document secret export action usage --- README.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/README.md b/README.md index 4dd93a2..d687dd4 100644 --- a/README.md +++ b/README.md @@ -37,6 +37,19 @@ Exports a selected set of GitHub Actions secrets to the `$GITHUB_ENV` file so th The `secret-env-map` input accepts newline-separated entries as either `SECRET_NAME` or `ENV_NAME=SECRET_NAME`. This is intended for reusable workflows that receive inherited secrets, but only want to pass an explicit allowlist onward to runtime code such as notebook execution. +The action needs the available secrets as JSON via `PYIRON_ALL_SECRETS_JSON`. +A minimal use looks like: + +```yaml +- uses: pyiron/actions/export-secret-env@actions-4.0.13 + env: + PYIRON_ALL_SECRETS_JSON: ${{ toJSON(secrets) }} + with: + secret-env-map: | + PYIRON_TOKEN + MP_API_KEY=MATERIALS_PROJECT_API_KEY +``` + ### `pip-check` Builds your environment with the `cached-minforge` action and then runs `pip check`. From fd5167851aabad95f0a36340c8dec1e595ef7586 Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Tue, 21 Apr 2026 14:20:57 +0200 Subject: [PATCH 09/15] Fix usage example in README --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d687dd4..d1e7b35 100644 --- a/README.md +++ b/README.md @@ -46,8 +46,8 @@ A minimal use looks like: PYIRON_ALL_SECRETS_JSON: ${{ toJSON(secrets) }} with: secret-env-map: | - PYIRON_TOKEN - MP_API_KEY=MATERIALS_PROJECT_API_KEY + SECRET_NAME + ENV_VAR_NAME=SECRET_NAME ``` ### `pip-check` From c372fe1f55c0c4a09f2b721e62c68a9e7c8b3f40 Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Tue, 21 Apr 2026 14:31:43 +0200 Subject: [PATCH 10/15] black (.support/export_secret_env.py) --- .support/export_secret_env.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.support/export_secret_env.py b/.support/export_secret_env.py index ef2319e..756642b 100644 --- a/.support/export_secret_env.py +++ b/.support/export_secret_env.py @@ -39,7 +39,9 @@ def parse_secret_env_map(raw_map: str) -> list[tuple[str, str]]: if not env_name or not secret_name: fail(f"Invalid secret env mapping on line {line_number}.") if not NAME_PATTERN.fullmatch(env_name): - fail(f"Invalid environment variable name {env_name!r} on line {line_number}.") + fail( + f"Invalid environment variable name {env_name!r} on line {line_number}." + ) if not NAME_PATTERN.fullmatch(secret_name): fail(f"Invalid secret name {secret_name!r} on line {line_number}.") if env_name in seen_env_names: From 4a98f09b8459affa8706a09703bed38dd1c3918a Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Wed, 22 Apr 2026 09:25:57 +0200 Subject: [PATCH 11/15] Return parsed secret env as mapping --- .support/export_secret_env.py | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/.support/export_secret_env.py b/.support/export_secret_env.py index 756642b..fe8327e 100644 --- a/.support/export_secret_env.py +++ b/.support/export_secret_env.py @@ -21,10 +21,9 @@ def fail(message: str) -> None: raise SystemExit(1) -def parse_secret_env_map(raw_map: str) -> list[tuple[str, str]]: - """Parse SECRET_NAME or ENV_NAME=SECRET_NAME mapping lines.""" - mappings: list[tuple[str, str]] = [] - seen_env_names: set[str] = set() +def parse_secret_env_map(raw_map: str) -> dict[str, str]: + """Parse mapping lines into environment-name to secret-name pairs.""" + env_to_secret_name: dict[str, str] = {} for line_number, raw_line in enumerate(raw_map.splitlines(), start=1): line = raw_line.strip() @@ -44,13 +43,12 @@ def parse_secret_env_map(raw_map: str) -> list[tuple[str, str]]: ) if not NAME_PATTERN.fullmatch(secret_name): fail(f"Invalid secret name {secret_name!r} on line {line_number}.") - if env_name in seen_env_names: + if env_name in env_to_secret_name: fail(f"Duplicate environment variable mapping for {env_name!r}.") - seen_env_names.add(env_name) - mappings.append((env_name, secret_name)) + env_to_secret_name[env_name] = secret_name - return mappings + return env_to_secret_name def load_secrets() -> dict[str, str]: @@ -91,22 +89,26 @@ def append_github_env(env_name: str, value: str) -> None: def main() -> int: - mappings = parse_secret_env_map(os.environ.get("PYIRON_SECRET_ENV_MAP", "")) - if not mappings: + env_to_secret_name = parse_secret_env_map(os.environ.get("PYIRON_SECRET_ENV_MAP", "")) + if not env_to_secret_name: return 0 secrets = load_secrets() - missing = [secret_name for _, secret_name in mappings if secret_name not in secrets] + missing = [ + secret_name + for secret_name in env_to_secret_name.values() + if secret_name not in secrets + ] if missing: fail("Requested secret(s) are not available: " + ", ".join(sorted(missing))) - for env_name, secret_name in mappings: + for env_name, secret_name in env_to_secret_name.items(): value = secrets[secret_name] if value: print(f"::add-mask::{workflow_escape(value)}") append_github_env(env_name, value) - print(f"Exported {len(mappings)} selected secret environment variable(s).") + print(f"Exported {len(env_to_secret_name)} selected secret environment variable(s).") return 0 From e20033c9a379a4ae0fce8c23e93ad4fbf24aa0d0 Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Wed, 22 Apr 2026 09:27:06 +0200 Subject: [PATCH 12/15] black: .support/export_secret_env_.py --- .support/export_secret_env.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.support/export_secret_env.py b/.support/export_secret_env.py index fe8327e..0d61996 100644 --- a/.support/export_secret_env.py +++ b/.support/export_secret_env.py @@ -89,7 +89,9 @@ def append_github_env(env_name: str, value: str) -> None: def main() -> int: - env_to_secret_name = parse_secret_env_map(os.environ.get("PYIRON_SECRET_ENV_MAP", "")) + env_to_secret_name = parse_secret_env_map( + os.environ.get("PYIRON_SECRET_ENV_MAP", "") + ) if not env_to_secret_name: return 0 @@ -108,7 +110,9 @@ def main() -> int: print(f"::add-mask::{workflow_escape(value)}") append_github_env(env_name, value) - print(f"Exported {len(env_to_secret_name)} selected secret environment variable(s).") + print( + f"Exported {len(env_to_secret_name)} selected secret environment variable(s)." + ) return 0 From 543fac619701e06dd7c0bde83fd41f0633da1adf Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Thu, 23 Apr 2026 15:47:04 +0200 Subject: [PATCH 13/15] run .support/update_actions_tag.sh --- .github/workflows/dependabot-pr.yml | 2 +- .github/workflows/hatch-release.yml | 4 +-- .github/workflows/pr-labeled.yml | 4 +-- .github/workflows/push-pull.yml | 32 ++++++++++++------------ .github/workflows/pyproject-release.yml | 4 +-- .github/workflows/tests-and-coverage.yml | 4 +-- README.md | 4 +-- build-docs/action.yml | 4 +-- build-notebooks/action.yml | 4 +-- cached-miniforge/action.yml | 2 +- pip-check/action.yml | 2 +- unit-tests/action.yml | 4 +-- 12 files changed, 35 insertions(+), 35 deletions(-) diff --git a/.github/workflows/dependabot-pr.yml b/.github/workflows/dependabot-pr.yml index 29d6560..272ebc8 100644 --- a/.github/workflows/dependabot-pr.yml +++ b/.github/workflows/dependabot-pr.yml @@ -25,7 +25,7 @@ jobs: ref: ${{ github.event.pull_request.head.ref }} # Check out the head of the actual branch, not the PR fetch-depth: 0 # otherwise, you will fail to push refs to dest repo token: ${{ secrets.DEPENDABOT_WORKFLOW_TOKEN }} - - uses: pyiron/actions/update-env-files@actions-4.0.13 + - uses: pyiron/actions/update-env-files@main - name: UpdateDependabotPR commit run: | git config --local user.email "pyiron@mpie.de" diff --git a/.github/workflows/hatch-release.yml b/.github/workflows/hatch-release.yml index e1af388..c6eb9d3 100644 --- a/.github/workflows/hatch-release.yml +++ b/.github/workflows/hatch-release.yml @@ -106,11 +106,11 @@ jobs: - name: Install npm dependencies if: inputs.use-node run: npm install - - uses: pyiron/actions/cached-miniforge@actions-4.0.13 + - uses: pyiron/actions/cached-miniforge@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.env-files }} - - uses: pyiron/actions/update-pyproject-dependencies@actions-4.0.13 + - uses: pyiron/actions/update-pyproject-dependencies@main with: input-toml: ${{ inputs.input-toml }} lower-bound-yaml: ${{ inputs.lower-bound-yaml }} diff --git a/.github/workflows/pr-labeled.yml b/.github/workflows/pr-labeled.yml index f86b78e..6ae134d 100644 --- a/.github/workflows/pr-labeled.yml +++ b/.github/workflows/pr-labeled.yml @@ -48,10 +48,10 @@ jobs: tests-and-coverage: if: contains(github.event.pull_request.labels.*.name, 'run_coverage') - uses: pyiron/actions/.github/workflows/tests-and-coverage.yml@actions-4.0.13 + uses: pyiron/actions/.github/workflows/tests-and-coverage.yml@main secrets: inherit code-ql: if: contains(github.event.pull_request.labels.*.name, 'run_CodeQL') - uses: pyiron/actions/.github/workflows/codeql.yml@actions-4.0.13 + uses: pyiron/actions/.github/workflows/codeql.yml@main secrets: inherit diff --git a/.github/workflows/push-pull.yml b/.github/workflows/push-pull.yml index 28bf719..3998fe5 100644 --- a/.github/workflows/push-pull.yml +++ b/.github/workflows/push-pull.yml @@ -217,11 +217,11 @@ jobs: ref: ${{ github.event.pull_request.head.ref }} # Check out the head of the actual branch, not the PR fetch-depth: 0 # otherwise, you will fail to push refs to dest repo if: ${{ inputs.do-commit-updated-env }} - - uses: pyiron/actions/write-docs-env@actions-4.0.13 + - uses: pyiron/actions/write-docs-env@main with: env-files: ${{ inputs.docs-env-files }} if: ${{ inputs.do-commit-updated-env }} - - uses: pyiron/actions/write-environment@actions-4.0.13 + - uses: pyiron/actions/write-environment@main with: env-files: ${{ inputs.notebooks-env-files }} output-env-file: .binder/environment.yml @@ -248,11 +248,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@actions-4.0.13 + - uses: pyiron/actions/add-to-python-path@main if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/build-docs@actions-4.0.13 + - uses: pyiron/actions/build-docs@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.docs-env-files }} @@ -263,17 +263,17 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@actions-4.0.13 + - uses: pyiron/actions/add-to-python-path@main if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/export-secret-env@actions-4.0.13 + - uses: pyiron/actions/export-secret-env@main if: ${{ inputs.notebooks-secret-env-map != '' }} env: PYIRON_ALL_SECRETS_JSON: ${{ toJSON(secrets) }} with: secret-env-map: ${{ inputs.notebooks-secret-env-map }} - - uses: pyiron/actions/build-notebooks@actions-4.0.13 + - uses: pyiron/actions/build-notebooks@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.notebooks-env-files }} @@ -310,11 +310,11 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@actions-4.0.13 + - uses: pyiron/actions/add-to-python-path@main if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/unit-tests@actions-4.0.13 + - uses: pyiron/actions/unit-tests@main with: python-version: ${{ matrix.python-version }} env-files: ${{ inputs.tests-env-files }} @@ -327,7 +327,7 @@ jobs: coverage: needs: commit-updated-env if: ${{ inputs.do-codecov || inputs.do-coveralls || inputs.do-codacy }} - uses: pyiron/actions/.github/workflows/tests-and-coverage.yml@actions-4.0.13 + uses: pyiron/actions/.github/workflows/tests-and-coverage.yml@main secrets: inherit with: tests-env-files: ${{ inputs.tests-env-files }} @@ -347,11 +347,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@actions-4.0.13 + - uses: pyiron/actions/add-to-python-path@main if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/unit-tests@actions-4.0.13 + - uses: pyiron/actions/unit-tests@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.tests-env-files }} @@ -366,11 +366,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@actions-4.0.13 + - uses: pyiron/actions/add-to-python-path@main if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/unit-tests@actions-4.0.13 + - uses: pyiron/actions/unit-tests@main with: python-version: ${{ inputs.alternate-tests-python-version }} env-files: ${{ inputs.alternate-tests-env-files }} @@ -386,7 +386,7 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/pip-check@actions-4.0.13 + - uses: pyiron/actions/pip-check@main with: python-version: ${{ inputs.python-version }} @@ -441,7 +441,7 @@ jobs: python-version: ${{ inputs.python-version }} architecture: x64 - if: ${{ inputs.mypy-env-files != '' }} - uses: pyiron/actions/cached-miniforge@actions-4.0.13 + uses: pyiron/actions/cached-miniforge@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.mypy-env-files }} diff --git a/.github/workflows/pyproject-release.yml b/.github/workflows/pyproject-release.yml index ece5f32..72703e5 100644 --- a/.github/workflows/pyproject-release.yml +++ b/.github/workflows/pyproject-release.yml @@ -83,11 +83,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/cached-miniforge@actions-4.0.13 + - uses: pyiron/actions/cached-miniforge@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.env-files }} - - uses: pyiron/actions/update-pyproject-dependencies@actions-4.0.13 + - uses: pyiron/actions/update-pyproject-dependencies@main with: input-toml: ${{ inputs.input-toml }} lower-bound-yaml: ${{ inputs.lower-bound-yaml }} diff --git a/.github/workflows/tests-and-coverage.yml b/.github/workflows/tests-and-coverage.yml index fa27700..b95fa3f 100644 --- a/.github/workflows/tests-and-coverage.yml +++ b/.github/workflows/tests-and-coverage.yml @@ -69,11 +69,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@actions-4.0.13 + - uses: pyiron/actions/add-to-python-path@main if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/unit-tests@actions-4.0.13 + - uses: pyiron/actions/unit-tests@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.tests-env-files }} diff --git a/README.md b/README.md index d1e7b35..be6dbd1 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ The action needs the available secrets as JSON via `PYIRON_ALL_SECRETS_JSON`. A minimal use looks like: ```yaml -- uses: pyiron/actions/export-secret-env@actions-4.0.13 +- uses: pyiron/actions/export-secret-env@main env: PYIRON_ALL_SECRETS_JSON: ${{ toJSON(secrets) }} with: @@ -139,7 +139,7 @@ on: jobs: pyiron: - uses: pyiron/actions/.github/workflows/push-pull.yml@actions-4.0.13 + uses: pyiron/actions/.github/workflows/push-pull.yml@main secrets: inherit ``` diff --git a/build-docs/action.yml b/build-docs/action.yml index ff82744..0339b7c 100644 --- a/build-docs/action.yml +++ b/build-docs/action.yml @@ -21,11 +21,11 @@ inputs: runs: using: 'composite' steps: - - uses: pyiron/actions/cached-miniforge@actions-4.0.13 + - uses: pyiron/actions/cached-miniforge@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.standard-docs-env-file }} ${{ inputs.env-files }} - - uses: pyiron/actions/pyiron-config@actions-4.0.13 + - uses: pyiron/actions/pyiron-config@main - name: Build sphinx documentation shell: bash -l {0} run: | diff --git a/build-notebooks/action.yml b/build-notebooks/action.yml index 2504ebf..ae45028 100644 --- a/build-notebooks/action.yml +++ b/build-notebooks/action.yml @@ -28,11 +28,11 @@ inputs: runs: using: 'composite' steps: - - uses: pyiron/actions/cached-miniforge@actions-4.0.13 + - uses: pyiron/actions/cached-miniforge@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.standard-notebooks-env-file }} ${{ inputs.env-files }} - - uses: pyiron/actions/pyiron-config@actions-4.0.13 + - uses: pyiron/actions/pyiron-config@main - name: Build notebooks shell: bash -l {0} run: $GITHUB_ACTION_PATH/../.support/build_notebooks.sh ${{ inputs.notebooks-dir }} ${{ inputs.exclusion-file }} ${{ inputs.kernel }} diff --git a/cached-miniforge/action.yml b/cached-miniforge/action.yml index b4b5176..1d176bb 100644 --- a/cached-miniforge/action.yml +++ b/cached-miniforge/action.yml @@ -62,7 +62,7 @@ inputs: runs: using: "composite" steps: - - uses: pyiron/actions/write-environment@actions-4.0.13 + - uses: pyiron/actions/write-environment@main with: env-files: ${{ inputs.env-files }} - name: Calculate cache label info diff --git a/pip-check/action.yml b/pip-check/action.yml index 3646304..b94825b 100644 --- a/pip-check/action.yml +++ b/pip-check/action.yml @@ -13,7 +13,7 @@ inputs: runs: using: 'composite' steps: - - uses: pyiron/actions/cached-miniforge@actions-4.0.13 + - uses: pyiron/actions/cached-miniforge@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.env-files }} diff --git a/unit-tests/action.yml b/unit-tests/action.yml index 497d5c1..e98caa2 100644 --- a/unit-tests/action.yml +++ b/unit-tests/action.yml @@ -72,11 +72,11 @@ runs: echo "ENV_FILES = ${ENV_FILES}" echo "env_files=$ENV_FILES" >> $GITHUB_OUTPUT - - uses: pyiron/actions/cached-miniforge@actions-4.0.13 + - uses: pyiron/actions/cached-miniforge@main with: python-version: ${{ inputs.python-version }} env-files: ${{ steps.prepare-env-files.outputs.env_files }} - - uses: pyiron/actions/pyiron-config@actions-4.0.13 + - uses: pyiron/actions/pyiron-config@main - name: Test shell: bash -l {0} run: | From f702b90c9eb00a255cf8247c2f6a5f211864daba Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Thu, 23 Apr 2026 15:57:03 +0200 Subject: [PATCH 14/15] run .support/update_actions_tag.sh --- .github/workflows/dependabot-pr.yml | 2 +- .github/workflows/hatch-release.yml | 4 +-- .github/workflows/pr-labeled.yml | 4 +-- .github/workflows/push-pull.yml | 32 ++++++++++++------------ .github/workflows/pyproject-release.yml | 4 +-- .github/workflows/tests-and-coverage.yml | 4 +-- README.md | 4 +-- build-docs/action.yml | 4 +-- build-notebooks/action.yml | 4 +-- cached-miniforge/action.yml | 2 +- pip-check/action.yml | 2 +- unit-tests/action.yml | 4 +-- 12 files changed, 35 insertions(+), 35 deletions(-) diff --git a/.github/workflows/dependabot-pr.yml b/.github/workflows/dependabot-pr.yml index 272ebc8..b8011ae 100644 --- a/.github/workflows/dependabot-pr.yml +++ b/.github/workflows/dependabot-pr.yml @@ -25,7 +25,7 @@ jobs: ref: ${{ github.event.pull_request.head.ref }} # Check out the head of the actual branch, not the PR fetch-depth: 0 # otherwise, you will fail to push refs to dest repo token: ${{ secrets.DEPENDABOT_WORKFLOW_TOKEN }} - - uses: pyiron/actions/update-env-files@main + - uses: pyiron/actions/update-env-files@notebook-envvars - name: UpdateDependabotPR commit run: | git config --local user.email "pyiron@mpie.de" diff --git a/.github/workflows/hatch-release.yml b/.github/workflows/hatch-release.yml index c6eb9d3..639539b 100644 --- a/.github/workflows/hatch-release.yml +++ b/.github/workflows/hatch-release.yml @@ -106,11 +106,11 @@ jobs: - name: Install npm dependencies if: inputs.use-node run: npm install - - uses: pyiron/actions/cached-miniforge@main + - uses: pyiron/actions/cached-miniforge@notebook-envvars with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.env-files }} - - uses: pyiron/actions/update-pyproject-dependencies@main + - uses: pyiron/actions/update-pyproject-dependencies@notebook-envvars with: input-toml: ${{ inputs.input-toml }} lower-bound-yaml: ${{ inputs.lower-bound-yaml }} diff --git a/.github/workflows/pr-labeled.yml b/.github/workflows/pr-labeled.yml index 6ae134d..b11cf93 100644 --- a/.github/workflows/pr-labeled.yml +++ b/.github/workflows/pr-labeled.yml @@ -48,10 +48,10 @@ jobs: tests-and-coverage: if: contains(github.event.pull_request.labels.*.name, 'run_coverage') - uses: pyiron/actions/.github/workflows/tests-and-coverage.yml@main + uses: pyiron/actions/.github/workflows/tests-and-coverage.yml@notebook-envvars secrets: inherit code-ql: if: contains(github.event.pull_request.labels.*.name, 'run_CodeQL') - uses: pyiron/actions/.github/workflows/codeql.yml@main + uses: pyiron/actions/.github/workflows/codeql.yml@notebook-envvars secrets: inherit diff --git a/.github/workflows/push-pull.yml b/.github/workflows/push-pull.yml index 3998fe5..d7b2b46 100644 --- a/.github/workflows/push-pull.yml +++ b/.github/workflows/push-pull.yml @@ -217,11 +217,11 @@ jobs: ref: ${{ github.event.pull_request.head.ref }} # Check out the head of the actual branch, not the PR fetch-depth: 0 # otherwise, you will fail to push refs to dest repo if: ${{ inputs.do-commit-updated-env }} - - uses: pyiron/actions/write-docs-env@main + - uses: pyiron/actions/write-docs-env@notebook-envvars with: env-files: ${{ inputs.docs-env-files }} if: ${{ inputs.do-commit-updated-env }} - - uses: pyiron/actions/write-environment@main + - uses: pyiron/actions/write-environment@notebook-envvars with: env-files: ${{ inputs.notebooks-env-files }} output-env-file: .binder/environment.yml @@ -248,11 +248,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@main + - uses: pyiron/actions/add-to-python-path@notebook-envvars if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/build-docs@main + - uses: pyiron/actions/build-docs@notebook-envvars with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.docs-env-files }} @@ -263,17 +263,17 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@main + - uses: pyiron/actions/add-to-python-path@notebook-envvars if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/export-secret-env@main + - uses: pyiron/actions/export-secret-env@notebook-envvars if: ${{ inputs.notebooks-secret-env-map != '' }} env: PYIRON_ALL_SECRETS_JSON: ${{ toJSON(secrets) }} with: secret-env-map: ${{ inputs.notebooks-secret-env-map }} - - uses: pyiron/actions/build-notebooks@main + - uses: pyiron/actions/build-notebooks@notebook-envvars with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.notebooks-env-files }} @@ -310,11 +310,11 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@main + - uses: pyiron/actions/add-to-python-path@notebook-envvars if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/unit-tests@main + - uses: pyiron/actions/unit-tests@notebook-envvars with: python-version: ${{ matrix.python-version }} env-files: ${{ inputs.tests-env-files }} @@ -327,7 +327,7 @@ jobs: coverage: needs: commit-updated-env if: ${{ inputs.do-codecov || inputs.do-coveralls || inputs.do-codacy }} - uses: pyiron/actions/.github/workflows/tests-and-coverage.yml@main + uses: pyiron/actions/.github/workflows/tests-and-coverage.yml@notebook-envvars secrets: inherit with: tests-env-files: ${{ inputs.tests-env-files }} @@ -347,11 +347,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@main + - uses: pyiron/actions/add-to-python-path@notebook-envvars if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/unit-tests@main + - uses: pyiron/actions/unit-tests@notebook-envvars with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.tests-env-files }} @@ -366,11 +366,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@main + - uses: pyiron/actions/add-to-python-path@notebook-envvars if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/unit-tests@main + - uses: pyiron/actions/unit-tests@notebook-envvars with: python-version: ${{ inputs.alternate-tests-python-version }} env-files: ${{ inputs.alternate-tests-env-files }} @@ -386,7 +386,7 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/pip-check@main + - uses: pyiron/actions/pip-check@notebook-envvars with: python-version: ${{ inputs.python-version }} @@ -441,7 +441,7 @@ jobs: python-version: ${{ inputs.python-version }} architecture: x64 - if: ${{ inputs.mypy-env-files != '' }} - uses: pyiron/actions/cached-miniforge@main + uses: pyiron/actions/cached-miniforge@notebook-envvars with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.mypy-env-files }} diff --git a/.github/workflows/pyproject-release.yml b/.github/workflows/pyproject-release.yml index 72703e5..9f8d343 100644 --- a/.github/workflows/pyproject-release.yml +++ b/.github/workflows/pyproject-release.yml @@ -83,11 +83,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/cached-miniforge@main + - uses: pyiron/actions/cached-miniforge@notebook-envvars with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.env-files }} - - uses: pyiron/actions/update-pyproject-dependencies@main + - uses: pyiron/actions/update-pyproject-dependencies@notebook-envvars with: input-toml: ${{ inputs.input-toml }} lower-bound-yaml: ${{ inputs.lower-bound-yaml }} diff --git a/.github/workflows/tests-and-coverage.yml b/.github/workflows/tests-and-coverage.yml index b95fa3f..fd1cbbd 100644 --- a/.github/workflows/tests-and-coverage.yml +++ b/.github/workflows/tests-and-coverage.yml @@ -69,11 +69,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@main + - uses: pyiron/actions/add-to-python-path@notebook-envvars if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/unit-tests@main + - uses: pyiron/actions/unit-tests@notebook-envvars with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.tests-env-files }} diff --git a/README.md b/README.md index be6dbd1..67d4bed 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ The action needs the available secrets as JSON via `PYIRON_ALL_SECRETS_JSON`. A minimal use looks like: ```yaml -- uses: pyiron/actions/export-secret-env@main +- uses: pyiron/actions/export-secret-env@notebook-envvars env: PYIRON_ALL_SECRETS_JSON: ${{ toJSON(secrets) }} with: @@ -139,7 +139,7 @@ on: jobs: pyiron: - uses: pyiron/actions/.github/workflows/push-pull.yml@main + uses: pyiron/actions/.github/workflows/push-pull.yml@notebook-envvars secrets: inherit ``` diff --git a/build-docs/action.yml b/build-docs/action.yml index 0339b7c..8cf81d8 100644 --- a/build-docs/action.yml +++ b/build-docs/action.yml @@ -21,11 +21,11 @@ inputs: runs: using: 'composite' steps: - - uses: pyiron/actions/cached-miniforge@main + - uses: pyiron/actions/cached-miniforge@notebook-envvars with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.standard-docs-env-file }} ${{ inputs.env-files }} - - uses: pyiron/actions/pyiron-config@main + - uses: pyiron/actions/pyiron-config@notebook-envvars - name: Build sphinx documentation shell: bash -l {0} run: | diff --git a/build-notebooks/action.yml b/build-notebooks/action.yml index ae45028..831f03e 100644 --- a/build-notebooks/action.yml +++ b/build-notebooks/action.yml @@ -28,11 +28,11 @@ inputs: runs: using: 'composite' steps: - - uses: pyiron/actions/cached-miniforge@main + - uses: pyiron/actions/cached-miniforge@notebook-envvars with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.standard-notebooks-env-file }} ${{ inputs.env-files }} - - uses: pyiron/actions/pyiron-config@main + - uses: pyiron/actions/pyiron-config@notebook-envvars - name: Build notebooks shell: bash -l {0} run: $GITHUB_ACTION_PATH/../.support/build_notebooks.sh ${{ inputs.notebooks-dir }} ${{ inputs.exclusion-file }} ${{ inputs.kernel }} diff --git a/cached-miniforge/action.yml b/cached-miniforge/action.yml index 1d176bb..877cfd8 100644 --- a/cached-miniforge/action.yml +++ b/cached-miniforge/action.yml @@ -62,7 +62,7 @@ inputs: runs: using: "composite" steps: - - uses: pyiron/actions/write-environment@main + - uses: pyiron/actions/write-environment@notebook-envvars with: env-files: ${{ inputs.env-files }} - name: Calculate cache label info diff --git a/pip-check/action.yml b/pip-check/action.yml index b94825b..a369fd5 100644 --- a/pip-check/action.yml +++ b/pip-check/action.yml @@ -13,7 +13,7 @@ inputs: runs: using: 'composite' steps: - - uses: pyiron/actions/cached-miniforge@main + - uses: pyiron/actions/cached-miniforge@notebook-envvars with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.env-files }} diff --git a/unit-tests/action.yml b/unit-tests/action.yml index e98caa2..53f9300 100644 --- a/unit-tests/action.yml +++ b/unit-tests/action.yml @@ -72,11 +72,11 @@ runs: echo "ENV_FILES = ${ENV_FILES}" echo "env_files=$ENV_FILES" >> $GITHUB_OUTPUT - - uses: pyiron/actions/cached-miniforge@main + - uses: pyiron/actions/cached-miniforge@notebook-envvars with: python-version: ${{ inputs.python-version }} env-files: ${{ steps.prepare-env-files.outputs.env_files }} - - uses: pyiron/actions/pyiron-config@main + - uses: pyiron/actions/pyiron-config@notebook-envvars - name: Test shell: bash -l {0} run: | From cab82cdcc9ec36ff3d23d1d97b1fa8c32aef86b4 Mon Sep 17 00:00:00 2001 From: mbruns91 Date: Fri, 24 Apr 2026 10:54:48 +0200 Subject: [PATCH 15/15] run .support/update_actions_tag.sh: re-taget main --- .github/workflows/dependabot-pr.yml | 2 +- .github/workflows/hatch-release.yml | 4 +-- .github/workflows/pr-labeled.yml | 4 +-- .github/workflows/push-pull.yml | 32 ++++++++++++------------ .github/workflows/pyproject-release.yml | 4 +-- .github/workflows/tests-and-coverage.yml | 4 +-- README.md | 4 +-- build-docs/action.yml | 4 +-- build-notebooks/action.yml | 4 +-- cached-miniforge/action.yml | 2 +- pip-check/action.yml | 2 +- unit-tests/action.yml | 4 +-- 12 files changed, 35 insertions(+), 35 deletions(-) diff --git a/.github/workflows/dependabot-pr.yml b/.github/workflows/dependabot-pr.yml index b8011ae..272ebc8 100644 --- a/.github/workflows/dependabot-pr.yml +++ b/.github/workflows/dependabot-pr.yml @@ -25,7 +25,7 @@ jobs: ref: ${{ github.event.pull_request.head.ref }} # Check out the head of the actual branch, not the PR fetch-depth: 0 # otherwise, you will fail to push refs to dest repo token: ${{ secrets.DEPENDABOT_WORKFLOW_TOKEN }} - - uses: pyiron/actions/update-env-files@notebook-envvars + - uses: pyiron/actions/update-env-files@main - name: UpdateDependabotPR commit run: | git config --local user.email "pyiron@mpie.de" diff --git a/.github/workflows/hatch-release.yml b/.github/workflows/hatch-release.yml index 639539b..c6eb9d3 100644 --- a/.github/workflows/hatch-release.yml +++ b/.github/workflows/hatch-release.yml @@ -106,11 +106,11 @@ jobs: - name: Install npm dependencies if: inputs.use-node run: npm install - - uses: pyiron/actions/cached-miniforge@notebook-envvars + - uses: pyiron/actions/cached-miniforge@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.env-files }} - - uses: pyiron/actions/update-pyproject-dependencies@notebook-envvars + - uses: pyiron/actions/update-pyproject-dependencies@main with: input-toml: ${{ inputs.input-toml }} lower-bound-yaml: ${{ inputs.lower-bound-yaml }} diff --git a/.github/workflows/pr-labeled.yml b/.github/workflows/pr-labeled.yml index b11cf93..6ae134d 100644 --- a/.github/workflows/pr-labeled.yml +++ b/.github/workflows/pr-labeled.yml @@ -48,10 +48,10 @@ jobs: tests-and-coverage: if: contains(github.event.pull_request.labels.*.name, 'run_coverage') - uses: pyiron/actions/.github/workflows/tests-and-coverage.yml@notebook-envvars + uses: pyiron/actions/.github/workflows/tests-and-coverage.yml@main secrets: inherit code-ql: if: contains(github.event.pull_request.labels.*.name, 'run_CodeQL') - uses: pyiron/actions/.github/workflows/codeql.yml@notebook-envvars + uses: pyiron/actions/.github/workflows/codeql.yml@main secrets: inherit diff --git a/.github/workflows/push-pull.yml b/.github/workflows/push-pull.yml index d7b2b46..3998fe5 100644 --- a/.github/workflows/push-pull.yml +++ b/.github/workflows/push-pull.yml @@ -217,11 +217,11 @@ jobs: ref: ${{ github.event.pull_request.head.ref }} # Check out the head of the actual branch, not the PR fetch-depth: 0 # otherwise, you will fail to push refs to dest repo if: ${{ inputs.do-commit-updated-env }} - - uses: pyiron/actions/write-docs-env@notebook-envvars + - uses: pyiron/actions/write-docs-env@main with: env-files: ${{ inputs.docs-env-files }} if: ${{ inputs.do-commit-updated-env }} - - uses: pyiron/actions/write-environment@notebook-envvars + - uses: pyiron/actions/write-environment@main with: env-files: ${{ inputs.notebooks-env-files }} output-env-file: .binder/environment.yml @@ -248,11 +248,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@notebook-envvars + - uses: pyiron/actions/add-to-python-path@main if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/build-docs@notebook-envvars + - uses: pyiron/actions/build-docs@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.docs-env-files }} @@ -263,17 +263,17 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@notebook-envvars + - uses: pyiron/actions/add-to-python-path@main if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/export-secret-env@notebook-envvars + - uses: pyiron/actions/export-secret-env@main if: ${{ inputs.notebooks-secret-env-map != '' }} env: PYIRON_ALL_SECRETS_JSON: ${{ toJSON(secrets) }} with: secret-env-map: ${{ inputs.notebooks-secret-env-map }} - - uses: pyiron/actions/build-notebooks@notebook-envvars + - uses: pyiron/actions/build-notebooks@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.notebooks-env-files }} @@ -310,11 +310,11 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@notebook-envvars + - uses: pyiron/actions/add-to-python-path@main if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/unit-tests@notebook-envvars + - uses: pyiron/actions/unit-tests@main with: python-version: ${{ matrix.python-version }} env-files: ${{ inputs.tests-env-files }} @@ -327,7 +327,7 @@ jobs: coverage: needs: commit-updated-env if: ${{ inputs.do-codecov || inputs.do-coveralls || inputs.do-codacy }} - uses: pyiron/actions/.github/workflows/tests-and-coverage.yml@notebook-envvars + uses: pyiron/actions/.github/workflows/tests-and-coverage.yml@main secrets: inherit with: tests-env-files: ${{ inputs.tests-env-files }} @@ -347,11 +347,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@notebook-envvars + - uses: pyiron/actions/add-to-python-path@main if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/unit-tests@notebook-envvars + - uses: pyiron/actions/unit-tests@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.tests-env-files }} @@ -366,11 +366,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@notebook-envvars + - uses: pyiron/actions/add-to-python-path@main if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/unit-tests@notebook-envvars + - uses: pyiron/actions/unit-tests@main with: python-version: ${{ inputs.alternate-tests-python-version }} env-files: ${{ inputs.alternate-tests-env-files }} @@ -386,7 +386,7 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/pip-check@notebook-envvars + - uses: pyiron/actions/pip-check@main with: python-version: ${{ inputs.python-version }} @@ -441,7 +441,7 @@ jobs: python-version: ${{ inputs.python-version }} architecture: x64 - if: ${{ inputs.mypy-env-files != '' }} - uses: pyiron/actions/cached-miniforge@notebook-envvars + uses: pyiron/actions/cached-miniforge@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.mypy-env-files }} diff --git a/.github/workflows/pyproject-release.yml b/.github/workflows/pyproject-release.yml index 9f8d343..72703e5 100644 --- a/.github/workflows/pyproject-release.yml +++ b/.github/workflows/pyproject-release.yml @@ -83,11 +83,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/cached-miniforge@notebook-envvars + - uses: pyiron/actions/cached-miniforge@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.env-files }} - - uses: pyiron/actions/update-pyproject-dependencies@notebook-envvars + - uses: pyiron/actions/update-pyproject-dependencies@main with: input-toml: ${{ inputs.input-toml }} lower-bound-yaml: ${{ inputs.lower-bound-yaml }} diff --git a/.github/workflows/tests-and-coverage.yml b/.github/workflows/tests-and-coverage.yml index fd1cbbd..b95fa3f 100644 --- a/.github/workflows/tests-and-coverage.yml +++ b/.github/workflows/tests-and-coverage.yml @@ -69,11 +69,11 @@ jobs: runs-on: ${{ inputs.runner }} steps: - uses: actions/checkout@v4 - - uses: pyiron/actions/add-to-python-path@notebook-envvars + - uses: pyiron/actions/add-to-python-path@main if: inputs.extra-python-paths != '' with: path-dirs: ${{ inputs.extra-python-paths }} - - uses: pyiron/actions/unit-tests@notebook-envvars + - uses: pyiron/actions/unit-tests@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.tests-env-files }} diff --git a/README.md b/README.md index 67d4bed..be6dbd1 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ The action needs the available secrets as JSON via `PYIRON_ALL_SECRETS_JSON`. A minimal use looks like: ```yaml -- uses: pyiron/actions/export-secret-env@notebook-envvars +- uses: pyiron/actions/export-secret-env@main env: PYIRON_ALL_SECRETS_JSON: ${{ toJSON(secrets) }} with: @@ -139,7 +139,7 @@ on: jobs: pyiron: - uses: pyiron/actions/.github/workflows/push-pull.yml@notebook-envvars + uses: pyiron/actions/.github/workflows/push-pull.yml@main secrets: inherit ``` diff --git a/build-docs/action.yml b/build-docs/action.yml index 8cf81d8..0339b7c 100644 --- a/build-docs/action.yml +++ b/build-docs/action.yml @@ -21,11 +21,11 @@ inputs: runs: using: 'composite' steps: - - uses: pyiron/actions/cached-miniforge@notebook-envvars + - uses: pyiron/actions/cached-miniforge@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.standard-docs-env-file }} ${{ inputs.env-files }} - - uses: pyiron/actions/pyiron-config@notebook-envvars + - uses: pyiron/actions/pyiron-config@main - name: Build sphinx documentation shell: bash -l {0} run: | diff --git a/build-notebooks/action.yml b/build-notebooks/action.yml index 831f03e..ae45028 100644 --- a/build-notebooks/action.yml +++ b/build-notebooks/action.yml @@ -28,11 +28,11 @@ inputs: runs: using: 'composite' steps: - - uses: pyiron/actions/cached-miniforge@notebook-envvars + - uses: pyiron/actions/cached-miniforge@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.standard-notebooks-env-file }} ${{ inputs.env-files }} - - uses: pyiron/actions/pyiron-config@notebook-envvars + - uses: pyiron/actions/pyiron-config@main - name: Build notebooks shell: bash -l {0} run: $GITHUB_ACTION_PATH/../.support/build_notebooks.sh ${{ inputs.notebooks-dir }} ${{ inputs.exclusion-file }} ${{ inputs.kernel }} diff --git a/cached-miniforge/action.yml b/cached-miniforge/action.yml index 877cfd8..1d176bb 100644 --- a/cached-miniforge/action.yml +++ b/cached-miniforge/action.yml @@ -62,7 +62,7 @@ inputs: runs: using: "composite" steps: - - uses: pyiron/actions/write-environment@notebook-envvars + - uses: pyiron/actions/write-environment@main with: env-files: ${{ inputs.env-files }} - name: Calculate cache label info diff --git a/pip-check/action.yml b/pip-check/action.yml index a369fd5..b94825b 100644 --- a/pip-check/action.yml +++ b/pip-check/action.yml @@ -13,7 +13,7 @@ inputs: runs: using: 'composite' steps: - - uses: pyiron/actions/cached-miniforge@notebook-envvars + - uses: pyiron/actions/cached-miniforge@main with: python-version: ${{ inputs.python-version }} env-files: ${{ inputs.env-files }} diff --git a/unit-tests/action.yml b/unit-tests/action.yml index 53f9300..e98caa2 100644 --- a/unit-tests/action.yml +++ b/unit-tests/action.yml @@ -72,11 +72,11 @@ runs: echo "ENV_FILES = ${ENV_FILES}" echo "env_files=$ENV_FILES" >> $GITHUB_OUTPUT - - uses: pyiron/actions/cached-miniforge@notebook-envvars + - uses: pyiron/actions/cached-miniforge@main with: python-version: ${{ inputs.python-version }} env-files: ${{ steps.prepare-env-files.outputs.env_files }} - - uses: pyiron/actions/pyiron-config@notebook-envvars + - uses: pyiron/actions/pyiron-config@main - name: Test shell: bash -l {0} run: |