Skip to content

build(deps): bump step-security/harden-runner from 2.9.0 to 2.9.1 #112

build(deps): bump step-security/harden-runner from 2.9.0 to 2.9.1

build(deps): bump step-security/harden-runner from 2.9.0 to 2.9.1 #112

Workflow file for this run

# SPDX-License-Identifier: Apache-2.0
name: Lint
on:
push:
branches:
- "main"
paths:
- '**.py'
- 'src/instructlab/schema/v*/**/*.json'
- 'pyproject.toml'
- 'tox.ini'
- 'scripts/**'
- '.github/workflows/lint.yml' # This workflow
pull_request:
branches:
- "main"
paths:
- '**.py'
- 'src/instructlab/schema/v*/**/*.json'
- 'pyproject.toml'
- 'tox.ini'
- 'scripts/**'
- '.github/workflows/lint.yml' # This workflow
env:
LC_ALL: en_US.UTF-8
defaults:
run:
shell: bash
permissions:
contents: read
jobs:
lint:
runs-on: ubuntu-latest
name: "${{ matrix.lint.name }}"
strategy:
fail-fast: false
matrix:
lint:
- name: "jsonschema"
commands: |
tox -e jsonschema
- name: "ruff"
commands: |
tox -e ruffcheck
- name: "pylint"
commands: |
echo "::add-matcher::.github/workflows/matchers/pylint.json"
tox -e pylint
- name: "mypy"
commands: |
echo "::add-matcher::.github/workflows/matchers/mypy.json"
tox -e mypy
steps:
- name: "Harden Runner"
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- name: "Checkout"
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: "Setup Python"
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
with:
python-version: "3.11"
- name: "Install tox"
run: |
python -m pip install --upgrade pip
python -m pip install tox tox-gh
- name: "${{ matrix.lint.name }}"
run: |
${{ matrix.lint.commands }}
env:
RUFF_OUTPUT_FORMAT: github