Skip to content

chore: remove Python from the repository tooling #10

chore: remove Python from the repository tooling

chore: remove Python from the repository tooling #10

Workflow file for this run

name: Continuous Integration
permissions: read-all
on:
pull_request:
branches:
- main
- devs/**
concurrency:
# yamllint disable-line rule:line-length
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
linters:
timeout-minutes: 5
runs-on: ubuntu-24.04
steps:
- name: Checkout 🛎️
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
- name: Check workflow files
uses: docker://rhysd/actionlint:1.7.12@sha256:b1934ee5f1c509618f2508e6eb47ee0d3520686341fec936f3b79331f9315667
with:
args: -color
# yamllint and semgrep run from their published images (no host Python),
# matching the actionlint step above. Renovate manages the tags + digests.
- name: Lint YAML 🔍
uses: docker://cytopia/yamllint:1@sha256:596fb19eb71e55ba5b2fa56d8c18a615ec82adc8d3bf2d73918cb78c8f3240fb
with:
args: .
- name: Security scan 🔒
uses: docker://semgrep/semgrep:1.167.0@sha256:06938c1f365d3f67b8cedd8bc117607ae64253f88a0e768e9da9408548927dd6
with:
# Set the entrypoint explicitly: this image has no ENTRYPOINT, and
# pinning it keeps the step correct if a digest bump reintroduces one.
entrypoint: semgrep
args: --config=auto --error
autodoc:
timeout-minutes: 5
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
- name: Regenerate documentation
run: ./generate-doc.sh
- name: Verify Changed files
run: |
if ! git diff --exit-code -- README.md; then
echo "::error::Action documentation is out of date. Run \`./generate-doc.sh\`"
exit 1
fi
test-install:
timeout-minutes: 5
# One runner per target triple install.sh supports, so every detection +
# extraction path is exercised: linux+macos on both x86_64 and aarch64.
# (Windows is added once install.sh ships a Windows path.)
strategy:
fail-fast: false
matrix:
os:
- ubuntu-24.04 # x86_64-unknown-linux-gnu
- ubuntu-24.04-arm # aarch64-unknown-linux-gnu
- macos-15-intel # x86_64-apple-darwin
- macos-15 # aarch64-apple-darwin
runs-on: ${{ matrix.os }}
defaults:
run:
shell: bash
steps:
- name: Checkout 🛎️
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
- name: Install pinned mergify-cli
id: pinned
uses: ./
with:
mergify_cli_version: 2026.6.16.1
- name: Assert pinned install
env:
VERSION: ${{ steps.pinned.outputs.mergify_cli_version }}
run: |
# Compare against the literal requested version (not the action's own
# readback), so a regression that installs the wrong version fails CI.
test "$VERSION" = "2026.6.16.1"
test "$(mergify --version | awk '{print $NF}')" = "2026.6.16.1"
- name: Install latest mergify-cli
id: latest
uses: ./
with:
mergify_cli_version: latest
- name: Assert latest install
env:
VERSION: ${{ steps.latest.outputs.mergify_cli_version }}
run: |
test -n "$VERSION"
test "$(mergify --version | awk '{print $NF}')" = "$VERSION"
all-greens:
if: ${{ !cancelled() }}
needs:
- linters
- autodoc
- test-install
runs-on: ubuntu-latest
steps:
- name: Verify all jobs succeeded
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # release/v1
with:
jobs: ${{ toJSON(needs) }}