Fix some issues pointed out by zizmor. (#644) #1810
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# Copyright (c) Ansible Project | |
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) | |
# SPDX-License-Identifier: GPL-3.0-or-later | |
name: antsibull-build tests | |
on: | |
push: | |
branches: [main] | |
pull_request: | |
branches: [main] | |
# Run once per week (Monday at 04:00 UTC) | |
schedule: | |
- cron: '0 4 * * 1' | |
env: | |
FORCE_COLOR: "1" | |
OTHER_ANTSIBULL_MODE: local | |
jobs: | |
build: | |
name: 'Build Ansible community distribution (${{ matrix.name }})' | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
include: | |
- name: Ansible 8 | |
options: '-e antsibull_ansible_version=8.99.0' | |
python: '3.9' | |
antsibull_changelog_ref: 0.31.0 | |
antsibull_core_ref: main | |
antsibull_docs_parser_ref: 1.1.0 | |
antsibull_docutils_ref: 1.0.0 | |
antsibull_fileutils_ref: main | |
- name: Ansible 9 | |
options: '-e antsibull_ansible_version=9.99.0' | |
python: '3.11' | |
antsibull_changelog_ref: main | |
antsibull_core_ref: main | |
antsibull_docs_parser_ref: main | |
antsibull_docutils_ref: main | |
antsibull_fileutils_ref: main | |
- name: Ansible 10 | |
options: '-e antsibull_ansible_version=10.99.0' | |
python: '3.12' | |
antsibull_changelog_ref: main | |
antsibull_core_ref: main | |
antsibull_docs_parser_ref: main | |
antsibull_docutils_ref: main | |
antsibull_fileutils_ref: main | |
- name: Ansible 11 | |
options: '-e antsibull_ansible_version=11.99.0' | |
python: '3.13' | |
antsibull_changelog_ref: main | |
antsibull_core_ref: main | |
antsibull_docs_parser_ref: main | |
antsibull_docutils_ref: main | |
antsibull_fileutils_ref: main | |
steps: | |
- name: Check out antsibull-build | |
uses: actions/checkout@v4 | |
with: | |
path: antsibull-build | |
persist-credentials: false | |
- name: Check out dependent project antsibull-changelog | |
uses: actions/checkout@v4 | |
with: | |
repository: ansible-community/antsibull-changelog | |
path: antsibull-changelog | |
ref: ${{ matrix.antsibull_changelog_ref }} | |
persist-credentials: false | |
- name: Check out dependent project antsibull-core | |
uses: actions/checkout@v4 | |
with: | |
repository: ansible-community/antsibull-core | |
path: antsibull-core | |
ref: ${{ matrix.antsibull_core_ref }} | |
persist-credentials: false | |
- name: Check out dependent project antsibull-docs-parser | |
uses: actions/checkout@v4 | |
with: | |
repository: ansible-community/antsibull-docs-parser | |
path: antsibull-docs-parser | |
ref: ${{ matrix.antsibull_docs_parser_ref }} | |
persist-credentials: false | |
- name: Check out dependent project antsibull-docutils | |
uses: actions/checkout@v4 | |
with: | |
repository: ansible-community/antsibull-docutils | |
path: antsibull-docutils | |
ref: ${{ matrix.antsibull_docutils_ref }} | |
persist-credentials: false | |
- name: Check out dependent project antsibull-fileutils | |
uses: actions/checkout@v4 | |
with: | |
repository: ansible-community/antsibull-fileutils | |
path: antsibull-fileutils | |
ref: ${{ matrix.antsibull_fileutils_ref }} | |
persist-credentials: false | |
- name: Set up Python ${{ matrix.python }} | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python }} | |
# Use pip manually to ensure the correct Python is used | |
- name: Install nox | |
run: pip install --user -U nox | |
- name: "Test building a release: ${{ matrix.name }}" | |
run: | | |
nox -e coverage_release -- ${{ matrix.options }} | |
env: | |
# Since antsibull was renamed to antsibull-build, paths during the bytecompile test | |
# are too long and bytecompile fails with "OSError: AF_UNIX path too long". | |
ANTSIBULL_COVERAGE_RELEASE_FORCE_TMPDIR: /tmp | |
working-directory: antsibull-build | |
- name: Report coverage | |
run: | | |
nox -v -e coverage | |
working-directory: antsibull-build | |
- name: Upload coverage | |
uses: codecov/codecov-action@v5 | |
with: | |
working-directory: antsibull-build | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} |