Skip to content

Commit e0bf96c

Browse files
docs: Update github_actions docs for setup-pixi version 0.9.6 (#6174)
Co-authored-by: Pavel Zwerschke <pavelzw@gmail.com>
1 parent 520620e commit e0bf96c

1 file changed

Lines changed: 37 additions & 22 deletions

File tree

docs/integration/ci/github_actions.md

Lines changed: 37 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ We created [prefix-dev/setup-pixi](https://github.com/prefix-dev/setup-pixi) to
88
## Usage
99

1010
```yaml
11-
- uses: prefix-dev/setup-pixi@v0.9.4
11+
- uses: prefix-dev/setup-pixi@v0.9.6
1212
with:
1313
pixi-version: v0.69.0
1414
cache: true
@@ -19,7 +19,7 @@ We created [prefix-dev/setup-pixi](https://github.com/prefix-dev/setup-pixi) to
1919
2020
!!!warning "Pin your action versions"
2121
Since pixi is not yet stable, the API of this action may change between minor versions.
22-
Please pin the versions of this action to a specific version (i.e., `prefix-dev/setup-pixi@v0.9.4`) to avoid breaking changes.
22+
Please pin the versions of this action to a specific version (i.e., `prefix-dev/setup-pixi@v0.9.6`) to avoid breaking changes.
2323
You can automatically update the version of this action by using [Dependabot](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot).
2424

2525
Put the following in your `.github/dependabot.yml` file to enable Dependabot for your GitHub Actions:
@@ -66,7 +66,7 @@ As there is no lockfile for global environments, the cache will expire at the en
6666
This can be done by setting the `cache-write` argument.
6767

6868
```yaml
69-
- uses: prefix-dev/setup-pixi@v0.9.4
69+
- uses: prefix-dev/setup-pixi@v0.9.6
7070
with:
7171
cache: true
7272
cache-write: ${{ github.event_name == 'push' && github.ref_name == 'main' }}
@@ -111,7 +111,7 @@ test:
111111
environment: [py311, py312]
112112
steps:
113113
- uses: actions/checkout@v4
114-
- uses: prefix-dev/setup-pixi@v0.9.4
114+
- uses: prefix-dev/setup-pixi@v0.9.6
115115
with:
116116
environments: ${{ matrix.environment }}
117117
```
@@ -121,7 +121,7 @@ test:
121121
The following example will install both the `py311` and the `py312` environment on the runner.
122122

123123
```yaml
124-
- uses: prefix-dev/setup-pixi@v0.9.4
124+
- uses: prefix-dev/setup-pixi@v0.9.6
125125
with:
126126
environments: >- # (1)!
127127
py311
@@ -149,7 +149,7 @@ For instance, the `keyring`, or `gcloud` executables. The following example show
149149
By default, global environments are not cached. You can enable caching by setting the `global-cache` input to `true`.
150150

151151
```yaml
152-
- uses: prefix-dev/setup-pixi@v0.9.4
152+
- uses: prefix-dev/setup-pixi@v0.9.6
153153
with:
154154
global-environments: |
155155
google-cloud-sdk
@@ -182,7 +182,7 @@ Specify the token using the `auth-token` input argument.
182182
This form of authentication (bearer token in the request headers) is mainly used at [prefix.dev](https://prefix.dev).
183183

184184
```yaml
185-
- uses: prefix-dev/setup-pixi@v0.9.4
185+
- uses: prefix-dev/setup-pixi@v0.9.6
186186
with:
187187
auth-host: prefix.dev
188188
auth-token: ${{ secrets.PREFIX_DEV_TOKEN }}
@@ -194,7 +194,7 @@ Specify the username and password using the `auth-username` and `auth-password`
194194
This form of authentication (HTTP Basic Auth) is used in some enterprise environments with [artifactory](https://jfrog.com/artifactory) for example.
195195

196196
```yaml
197-
- uses: prefix-dev/setup-pixi@v0.9.4
197+
- uses: prefix-dev/setup-pixi@v0.9.6
198198
with:
199199
auth-host: custom-artifactory.com
200200
auth-username: ${{ secrets.PIXI_USERNAME }}
@@ -207,7 +207,7 @@ Specify the conda-token using the `conda-token` input argument.
207207
This form of authentication (token is encoded in URL: `https://my-quetz-instance.com/t/<token>/get/custom-channel`) is used at [anaconda.org](https://anaconda.org) or with [quetz instances](https://github.com/mamba-org/quetz).
208208

209209
```yaml
210-
- uses: prefix-dev/setup-pixi@v0.9.4
210+
- uses: prefix-dev/setup-pixi@v0.9.6
211211
with:
212212
auth-host: anaconda.org # (1)!
213213
auth-conda-token: ${{ secrets.CONDA_TOKEN }}
@@ -221,7 +221,7 @@ Specify the S3 key pair using the `auth-access-key-id` and `auth-secret-access-k
221221
You can also specify the session token using the `auth-session-token` input argument.
222222

223223
```yaml
224-
- uses: prefix-dev/setup-pixi@v0.9.4
224+
- uses: prefix-dev/setup-pixi@v0.9.6
225225
with:
226226
auth-host: s3://my-s3-bucket
227227
auth-s3-access-key-id: ${{ secrets.ACCESS_KEY_ID }}
@@ -233,12 +233,27 @@ You can also specify the session token using the `auth-session-token` input argu
233233

234234
See the [S3 section](../../deployment/s3.md) for more information about S3 authentication.
235235

236+
#### Restricting credentials to the install step
237+
238+
If you only want pixi to use the authenticated remote channel during the action's own install step
239+
(and not in any subsequent step of the workflow), set `persist-credentials: false`. The action will
240+
then run `pixi auth logout <auth-host>` after `pixi install` has completed but before the action
241+
returns, so that later steps cannot reach the private channel anymore.
242+
243+
```yaml
244+
- uses: prefix-dev/setup-pixi@v0.9.6
245+
with:
246+
auth-host: prefix.dev
247+
auth-token: ${{ secrets.PREFIX_DEV_TOKEN }}
248+
persist-credentials: false
249+
```
250+
236251
#### PyPI keyring provider
237252

238253
You can specify whether to use keyring to look up credentials for PyPI.
239254

240255
```yml
241-
- uses: prefix-dev/setup-pixi@v0.9.4
256+
- uses: prefix-dev/setup-pixi@v0.9.6
242257
with:
243258
pypi-keyring-provider: subprocess # one of 'subprocess', 'disabled'
244259
```
@@ -314,15 +329,15 @@ To this end, `setup-pixi` adds all environment variables set when executing `pix
314329
As a result, all installed binaries can be accessed without having to call `pixi run`.
315330

316331
```yaml
317-
- uses: prefix-dev/setup-pixi@v0.9.4
332+
- uses: prefix-dev/setup-pixi@v0.9.6
318333
with:
319334
activate-environment: true
320335
```
321336

322337
If you are installing multiple environments, you will need to specify the name of the environment that you want to be activated.
323338

324339
```yaml
325-
- uses: prefix-dev/setup-pixi@v0.9.4
340+
- uses: prefix-dev/setup-pixi@v0.9.6
326341
with:
327342
environments: >-
328343
py311
@@ -339,7 +354,7 @@ You can specify whether `setup-pixi` should run `pixi install --frozen` or `pixi
339354
See the [official documentation](../../reference/cli/pixi/install.md#update-options) for more information about the `--frozen` and `--locked` flags.
340355

341356
```yaml
342-
- uses: prefix-dev/setup-pixi@v0.9.4
357+
- uses: prefix-dev/setup-pixi@v0.9.6
343358
with:
344359
locked: true
345360
# or
@@ -369,7 +384,7 @@ The second type is the debug logging of the pixi executable.
369384
This can be specified by setting the `log-level` input.
370385

371386
```yaml
372-
- uses: prefix-dev/setup-pixi@v0.9.4
387+
- uses: prefix-dev/setup-pixi@v0.9.6
373388
with:
374389
log-level: vvv # (1)!
375390
```
@@ -396,7 +411,7 @@ If nothing is specified, `post-cleanup` will default to `true`.
396411
On self-hosted runners, you also might want to alter the default pixi install location to a temporary location. You can use `pixi-bin-path: ${{ runner.temp }}/bin/pixi` to do this.
397412

398413
```yaml
399-
- uses: prefix-dev/setup-pixi@v0.9.4
414+
- uses: prefix-dev/setup-pixi@v0.9.6
400415
with:
401416
post-cleanup: true
402417
pixi-bin-path: ${{ runner.temp }}/bin/pixi # (1)!
@@ -412,7 +427,7 @@ You can also use a preinstalled local version of pixi on the runner by not setti
412427
This can be overwritten by setting the `manifest-path` input argument.
413428

414429
```yaml
415-
- uses: prefix-dev/setup-pixi@v0.9.4
430+
- uses: prefix-dev/setup-pixi@v0.9.6
416431
with:
417432
manifest-path: pyproject.toml
418433
```
@@ -422,7 +437,7 @@ This can be overwritten by setting the `manifest-path` input argument.
422437
If you're working with a monorepo where your pixi project is in a subdirectory, you can use the `working-directory` input to specify where pixi should look for manifest files (`pixi.toml` or `pyproject.toml`).
423438

424439
```yml
425-
- uses: prefix-dev/setup-pixi@v0.9.4
440+
- uses: prefix-dev/setup-pixi@v0.9.6
426441
with:
427442
working-directory: ./packages/my-project
428443
```
@@ -441,7 +456,7 @@ This will make pixi look for `pixi.toml` or `pyproject.toml` in the `./packages/
441456
You can combine `working-directory` with `manifest-path` if needed:
442457

443458
```yml
444-
- uses: prefix-dev/setup-pixi@v0.9.4
459+
- uses: prefix-dev/setup-pixi@v0.9.6
445460
with:
446461
working-directory: ./packages/my-project
447462
manifest-path: custom-pixi.toml
@@ -452,7 +467,7 @@ You can combine `working-directory` with `manifest-path` if needed:
452467
If you only want to install pixi and not install the current workspace, you can use the `run-install` option.
453468

454469
```yml
455-
- uses: prefix-dev/setup-pixi@v0.9.4
470+
- uses: prefix-dev/setup-pixi@v0.9.6
456471
with:
457472
run-install: false
458473
```
@@ -463,7 +478,7 @@ You can also download pixi from a custom URL by setting the `pixi-url` input arg
463478
Optionally, you can combine this with the `pixi-url-headers` input argument to supply additional headers for the download request, such as a bearer token.
464479

465480
```yml
466-
- uses: prefix-dev/setup-pixi@v0.9.4
481+
- uses: prefix-dev/setup-pixi@v0.9.6
467482
with:
468483
pixi-url: https://pixi-mirror.example.com/releases/download/v0.48.0/pixi-x86_64-unknown-linux-musl
469484
pixi-url-headers: '{"Authorization": "Bearer ${{ secrets.PIXI_MIRROR_BEARER_TOKEN }}"}'
@@ -479,7 +494,7 @@ It will be rendered with the following variables:
479494
By default, `pixi-url` is equivalent to the following template:
480495

481496
```yml
482-
- uses: prefix-dev/setup-pixi@v0.9.4
497+
- uses: prefix-dev/setup-pixi@v0.9.6
483498
with:
484499
pixi-url: |
485500
{{#if latest~}}

0 commit comments

Comments
 (0)