Add explicit permission to workflow #400
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Tests | |
| on: | |
| push: | |
| pull_request: | |
| schedule: | |
| - cron: "0 6 * * 1" | |
| permissions: | |
| contents: read | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.ref_name }} | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| python-version: ["3.9", "3.10", "3.11", "3.12", "3.13", "3.14"] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v7 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install project | |
| run: uv sync --locked | |
| - name: Check lockfile | |
| run: uv lock --check | |
| - name: Check code style | |
| run: | | |
| uv run ruff check --output-format=github | |
| uv run ruff format --check | |
| - name: Execute tests | |
| run: | | |
| uv run pytest --cov-report lcov --cov portion | |
| - name: Upload coverage to Coveralls | |
| uses: coverallsapp/github-action@v2 |