Bump step-security/harden-runner from 2.10.1 to 2.10.2 #478
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: [ "master" ] | |
pull_request: | |
branches: [ "master" ] | |
workflow_dispatch: | |
permissions: | |
contents: read | |
actions: read | |
checks: write | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
jobs: | |
linux-ci: | |
strategy: | |
matrix: | |
include: | |
- py-version: '3.10' | |
c-compiler: 'gcc' | |
cxx-compiler: 'g++' | |
- py-version: '3.11' | |
c-compiler: 'gcc' | |
cxx-compiler: 'g++' | |
- py-version: '3.12' | |
c-compiler: 'gcc' | |
cxx-compiler: 'g++' | |
- py-version: '3.10' | |
c-compiler: 'clang' | |
cxx-compiler: 'clang++' | |
fail-fast: false | |
name: Linux ${{ matrix.c-compiler}} Python ${{ matrix.py-version }} | |
runs-on: ubuntu-latest | |
timeout-minutes: 180 | |
env: | |
MPIEXEC_FLAGS: "--allow-run-as-root --oversubscribe" | |
PYNUCLEUS_BUILD_PARALLELISM: 2 | |
OMPI_CC: ${{ matrix.c-compiler }} | |
OMPI_CXX: ${{ matrix.cxx-compiler }} | |
BUILD_PRETTY_IDENTIFIER: "Linux ${{ matrix.c-compiler }} Python ${{ matrix.py-version }}" | |
BUILD_IDENTIFIER: "Linux-${{ matrix.c-compiler }}-${{ matrix.py-version }}" | |
OMP_NUM_THREADS: 1 | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- name: Check out repo | |
if: always() | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Pull ccache cache | |
if: always() | |
id: ccache-restore | |
uses: actions/cache/restore@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
with: | |
path: /home/runner/.cache/ccache | |
key: ccache-${{ env.BUILD_IDENTIFIER }} | |
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 | |
if: always() | |
with: | |
python-version: ${{ matrix.py-version }} | |
- name: Install Ubuntu packages | |
if: always() | |
run: | | |
sudo apt-get update | |
sudo apt-get install -yq mpi-default-bin mpi-default-dev libmetis-dev libparmetis-dev libsuitesparse-dev ccache | |
- name: Get ccache config dir | |
if: always() | |
run: ccache --show-config | |
- name: Install Python dependencies | |
if: always() | |
run: make prereq && make prereq-extra | |
- name: Install | |
if: always() | |
run: python -m pip list && make install PIP_INSTALL_FLAGS="--no-use-pep517 -vvv" | |
- name: Remove ccache cache | |
if: ${{ steps.ccache-restore.outputs.cache-hit }} | |
shell: bash | |
env: | |
GH_TOKEN: ${{ github.token }} | |
run: | | |
gh extension install actions/gh-actions-cache | |
gh actions-cache delete ccache-${{ env.BUILD_IDENTIFIER }} --confirm | |
continue-on-error: true | |
- name: Push ccache cache | |
if: always() | |
uses: actions/cache/save@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
with: | |
path: /home/runner/.cache/ccache | |
key: ccache-${{ env.BUILD_IDENTIFIER }} | |
- name: Ccache report | |
if: always() | |
run: ccache -s | |
- name: Run tests | |
if: always() | |
run: python3 -m pytest --junit-xml=test-results-${{ env.BUILD_IDENTIFIER }}.xml tests/ | |
- name: Run flake8 | |
if: always() | |
run: | | |
make flake8 | |
mv flake8.xml flake8-${{ env.BUILD_IDENTIFIER }}.xml | |
- name: Run cython-lint | |
if: always() | |
run: | | |
make cython-lint | |
mv cython-lint.xml cython-lint-${{ env.BUILD_IDENTIFIER }}.xml | |
- name: Archive results | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
if: always() | |
with: | |
name: Results (${{ env.BUILD_PRETTY_IDENTIFIER }}) | |
path: | | |
test-results-${{ env.BUILD_IDENTIFIER }}.xml | |
flake8-${{ env.BUILD_IDENTIFIER }}.xml | |
cython-lint-${{ env.BUILD_IDENTIFIER }}.xml | |
- name: Report results | |
uses: dorny/test-reporter@1a288b62f8b75c0f433cbfdbc2e4800fbae50bd7 # v1 | |
if: always() | |
with: | |
name: Report (${{ env.BUILD_PRETTY_IDENTIFIER }}) | |
path: | | |
*-${{ env.BUILD_IDENTIFIER }}.xml | |
reporter: java-junit | |
fail-on-error: false | |
mac-ci: | |
strategy: | |
matrix: | |
py-version: ['3.10'] | |
fail-fast: false | |
name: Mac clang Python ${{ matrix.py-version }} | |
runs-on: macos-12 | |
timeout-minutes: 180 | |
env: | |
MPIEXEC_FLAGS: "--allow-run-as-root --oversubscribe" | |
PYNUCLEUS_BUILD_PARALLELISM: 3 | |
SUITESPARSE_INCLUDE_DIR: /usr/local/Cellar/brewsci-suite-sparse/4.5.5_2/include | |
SUITESPARSE_LIBRARY_DIR: /usr/local/Cellar/brewsci-suite-sparse/4.5.5_2/lib | |
LDFLAGS: -L/usr/local/opt/brewsci-metis/lib -L/usr/local/opt/brewsci-parmetis/lib | |
CPPFLAGS: -I/usr/local/opt/brewsci-metis/include -I/usr/local/opt/brewsci-parmetis/include | |
OMP_NUM_THREADS: 1 | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- name: Check out repo | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Pull ccache cache | |
if: always() | |
id: ccache-restore | |
uses: actions/cache/restore@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
with: | |
path: /Users/runner/Library/Caches/ccache | |
key: ccache-${{ runner.os }}-${{ matrix.py-version }} | |
- name: Setup GNU Fortran | |
uses: fortran-lang/setup-fortran@8821f57b53846d35d62632eb51c60ac6c4bff4ce # v1.6.1 | |
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 | |
with: | |
python-version: ${{ matrix.py-version }} | |
- name: Install packages | |
run: | | |
brew install open-mpi ccache | |
brew tap brewsci/num | |
brew install brewsci-metis brewsci-parmetis brewsci-suite-sparse | |
- name: Get ccache config dir | |
if: always() | |
run: ccache --show-config | |
- name: Augment path | |
run: | | |
echo "$HOME/.local/bin" >> $GITHUB_PATH | |
- name: Install Python dependencies | |
run: make prereq && make prereq-extra | |
- name: Install | |
run: PIP_INSTALL_FLAGS=-vvv make install | |
- name: Remove ccache cache | |
if: ${{ steps.ccache-restore.outputs.cache-hit }} | |
shell: bash | |
env: | |
GH_TOKEN: ${{ github.token }} | |
run: | | |
gh extension install actions/gh-actions-cache | |
gh actions-cache delete ccache-${{ runner.os }}-${{ matrix.py-version }} --confirm | |
continue-on-error: true | |
- name: Push ccache cache | |
if: always() | |
uses: actions/cache/save@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
with: | |
path: /Users/runner/Library/Caches/ccache | |
key: ccache-${{ runner.os }}-${{ matrix.py-version }} | |
- name: Ccache report | |
if: always() | |
run: ccache -s | |
- name: Run tests | |
if: always() | |
run: python3 -m pytest --junit-xml=test-results-${{ runner.os }}-${{ matrix.py-version }}.xml tests/ | |
- name: Run flake8 | |
if: always() | |
run: | | |
make flake8 | |
mv flake8.xml flake8-${{ runner.os }}-${{ matrix.py-version }}.xml | |
- name: Run cython-lint | |
if: always() | |
run: | | |
make cython-lint | |
mv cython-lint.xml cython-lint-${{ runner.os }}-${{ matrix.py-version }}.xml | |
- name: Archive results | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
if: always() | |
with: | |
name: Results ${{ github.job }} | |
path: | | |
test-results-${{ runner.os }}-${{ matrix.py-version }}.xml | |
flake8-${{ runner.os }}-${{ matrix.py-version }}.xml | |
cython-lint-${{ runner.os }}-${{ matrix.py-version }}.xml | |
- name: Report results | |
uses: dorny/test-reporter@1a288b62f8b75c0f433cbfdbc2e4800fbae50bd7 # v1 | |
if: always() | |
with: | |
name: Report (${{ github.job }}) | |
path: | | |
*-${{ runner.os }}-${{ matrix.py-version }}.xml | |
reporter: java-junit | |
fail-on-error: false |