Chore: Bump actions/download-artifact from 8.0.0 to 8.0.1 #254
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # SPDX-License-Identifier: Apache-2.0 | |
| # SPDX-FileCopyrightText: 2025 The Linux Foundation | |
| # Action test/validation workflow | |
| name: "GitHub Action" | |
| # yamllint disable-line rule:truthy | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| branches: ["main"] | |
| permissions: {} | |
| env: | |
| # flask==0.5 contains a known security vulnerability | |
| # yamllint disable-line rule:line-length | |
| replacement_string: '[\"typer>=0.15.2\", \"jupyterlab>=4.3.6\", \"flask==0.5\"]' | |
| jobs: | |
| ### Test the GitHub Action in this Repository ### | |
| tests: | |
| name: "Run Tests 🧪" | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| timeout-minutes: 12 | |
| steps: | |
| - name: "Checkout repository" | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| # Perform setup prior to running test(s) | |
| - name: "Checkout sample project repository" | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| repository: "lfreleng-actions/test-python-project" | |
| path: "test-python-project" | |
| # Build sample Python project | |
| - name: "Build Python Project" | |
| # yamllint disable-line rule:line-length | |
| uses: lfreleng-actions/python-build-action@7ff456c72f1dd50ef212ea7222efc12693221af3 # v1.0.4 | |
| with: | |
| path_prefix: "test-python-project/" | |
| tox_build: false | |
| # Perform Python project audit | |
| - name: "Run action: ${{ github.repository }}" | |
| uses: ./ | |
| with: | |
| python_version: "${{ env.build_python }}" | |
| path_prefix: "test-python-project/" | |
| - name: "Inject known defective dependency" | |
| # yamllint disable-line rule:line-length | |
| uses: lfreleng-actions/file-sed-regex-action@e2c1c94d7936e1ded3e5fa8109416383f472ef7c # v0.1.2 | |
| with: | |
| flags: "-i -E" | |
| # yamllint disable-line rule:line-length | |
| regex: 's:^dependencies =.*$:dependencies = ${{ env.replacement_string }}:' | |
| path: "test-python-project/pyproject.toml" | |
| - name: "Check/validate string substitution" | |
| shell: bash | |
| run: | | |
| # Check/validate string substitution | |
| grep dependencies "test-python-project/pyproject.toml" | |
| # Rebuild sample Python project | |
| - name: "Rebuild Python Project" | |
| # yamllint disable-line rule:line-length | |
| uses: lfreleng-actions/python-build-action@7ff456c72f1dd50ef212ea7222efc12693221af3 # v1.0.4 | |
| with: | |
| path_prefix: "test-python-project/" | |
| tox_build: false | |
| purge_artefact_path: true | |
| # Perform audit where project has known security vulnerability | |
| - name: "Run action: ${{ github.repository }} [Failure Test]" | |
| id: tests-fail | |
| uses: ./ | |
| # Override failure | |
| continue-on-error: true | |
| with: | |
| python_version: "${{ env.build_python }}" | |
| path_prefix: "test-python-project/" | |
| - name: "Validate previous step failure" | |
| if: steps.tests-fail.outcome == 'success' | |
| shell: bash | |
| run: | | |
| # Check previous step failure | |
| echo "Error: previous step should have failed ❌" | |
| exit 1 | |
| # Perform audit where project has known security vulnerability | |
| - name: "Run action: ${{ github.repository }} [Failure Test]" | |
| id: tests-fail-permitted | |
| uses: ./ | |
| with: | |
| python_version: "${{ env.build_python }}" | |
| path_prefix: "test-python-project/" | |
| # Override failure | |
| permit_fail: true | |
| ### Test custom artefact_name support ### | |
| tests-custom-artefact-name: | |
| name: "Test Custom Artefact Name" | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| timeout-minutes: 12 | |
| steps: | |
| - name: "Checkout repository" | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: "Checkout sample project repository" | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| repository: "lfreleng-actions/test-python-project" | |
| path: "test-python-project" | |
| # Build with custom artefact name | |
| - name: "Build Python project with custom artefact name" | |
| id: build-custom | |
| # yamllint disable-line rule:line-length | |
| uses: lfreleng-actions/python-build-action@7ff456c72f1dd50ef212ea7222efc12693221af3 # v1.0.4 | |
| with: | |
| path_prefix: "test-python-project/" | |
| artefact_name: "test-python-project-x64" | |
| tox_build: false | |
| # Audit with custom artefact name | |
| # Will fail if artefact download does not work | |
| - name: "Run action with custom artefact_name" | |
| uses: ./ | |
| with: | |
| python_version: "${{ env.build_python }}" | |
| path_prefix: "test-python-project/" | |
| artefact_name: "test-python-project-x64" |