Skip to content

Bump SonarSource/sonarcloud-github-action from 3.1.0 to 4.0.0 #3393

Bump SonarSource/sonarcloud-github-action from 3.1.0 to 4.0.0

Bump SonarSource/sonarcloud-github-action from 3.1.0 to 4.0.0 #3393

Workflow file for this run

# https://docs.github.com/en/actions/using-workflows/reusing-workflows#calling-a-reusable-workflow
# https://docs.github.com/fr/actions/using-workflows/workflow-syntax-for-github-actions#exemple--inclusion-de-chemins-dacc%C3%A8s
name: Lock dependencies
on:
pull_request:
types: [opened, reopened, synchronize, labeled, unlabeled]
workflow_dispatch:
# Concurrency : auto-cancel "old" jobs ie when pushing again
# https://docs.github.com/fr/actions/using-jobs/using-concurrency
concurrency:
group: ${{ github.workflow }}-${{ github.ref || github.run_id }}
cancel-in-progress: true
defaults:
run:
shell: bash
permissions:
pull-requests: write
contents: write
jobs:
lock-deps:
if: ${{ !github.event.pull_request || contains( github.event.pull_request.labels.*.name, 'Lockfile') }}
name: "Lock dependencies using PDM"
runs-on: ubuntu-latest
continue-on-error: false # https://ncorti.com/blog/howto-github-actions-build-matrix
steps:
- name: Check if organization member
id: is_organization_member
uses: JamesSingleton/[email protected]
with:
organization: Giskard-AI
username: ${{ github.actor }}
token: ${{ secrets.GITHUB_TOKEN }}
- name: Interrupt job
if: ${{ steps.is_organization_member.outputs.result == 'false' }}
shell: bash
run: |
echo "Job failed due to user not being a member of Giskard-AI organization and the 'safe for build' label not being set on the PR"
exit 1
- name: Extract branch name
shell: bash
run: echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT
id: extract_branch
- name: Checkout code
uses: actions/[email protected]
with:
token: ${{ secrets.RELEASE_PAT_TOKEN }} # Needed to trigger other actions
ref: ${{ steps.extract_branch.outputs.branch }}
- name: Setup PDM
uses: pdm-project/setup-pdm@v4
with:
python-version: "3.10"
version: head # Issue with PDM 2.20.1: https://github.com/pdm-project/pdm/issues/3271
cache: false
- name: Install dependencies
run: rm -rf pdm.lock && pdm lock -G :all
- name: Configure git
run: |
git config --global user.name 'BotLocker'
git config --global user.email '[email protected]'
- name: Adding file
run: |
git add pdm.lock
git commit -m "Regenerating pdm.lock" --allow-empty
- name: Remove label
if: ${{ github.event.pull_request}}
run: |
gh pr edit --remove-label Lockfile
env:
GH_TOKEN: ${{ github.token }}
- name: Push to target branch
run: |
git push origin ${{ steps.extract_branch.outputs.branch }}