mirror of
https://github.com/jazzband/django-axes.git
synced 2026-03-16 22:30:23 +00:00
038dc7cd97
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much. Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
78 lines
2.1 KiB
YAML
78 lines
2.1 KiB
YAML
name: Test
|
|
|
|
on: [push, pull_request]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
build:
|
|
name: build (Python ${{ matrix.python-version }}, Django ${{ matrix.django-version }})
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
fail-fast: false
|
|
max-parallel: 5
|
|
matrix:
|
|
python-version: ['3.7', '3.8', '3.9', '3.10', 'pypy-3.8-v7.3.7']
|
|
django-version: ['3.2', '4.0', 'main']
|
|
include:
|
|
# Tox configuration for QA environment
|
|
- python-version: '3.8'
|
|
django-version: 'qa'
|
|
# Django main
|
|
- python-version: '3.8'
|
|
django-version: 'main'
|
|
experimental: true
|
|
- python-version: '3.9'
|
|
django-version: 'main'
|
|
experimental: true
|
|
- python-version: '3.10'
|
|
django-version: 'main'
|
|
experimental: true
|
|
- python-version: 'pypy-3.8'
|
|
django-version: 'main'
|
|
experimental: true
|
|
exclude:
|
|
# Exclude Python 3.7 for Django 4.0 and Django main
|
|
- python-version: '3.7'
|
|
django-version: '4.0'
|
|
- python-version: '3.7'
|
|
django-version: 'main'
|
|
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Set up Python ${{ matrix.python-version }}
|
|
uses: actions/setup-python@v3
|
|
with:
|
|
python-version: ${{ matrix.python-version }}
|
|
|
|
- name: Get pip cache dir
|
|
id: pip-cache
|
|
run: |
|
|
echo "::set-output name=dir::$(pip cache dir)"
|
|
|
|
- name: Cache
|
|
uses: actions/cache@v3
|
|
with:
|
|
path: ${{ steps.pip-cache.outputs.dir }}
|
|
key:
|
|
${{ matrix.python-version }}-v1-${{ hashFiles('**/setup.py') }}
|
|
restore-keys: |
|
|
${{ matrix.python-version }}-v1-
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
python -m pip install --upgrade tox tox-gh-actions
|
|
|
|
- name: Tox tests
|
|
run: |
|
|
tox -v
|
|
env:
|
|
DJANGO: ${{ matrix.django-version }}
|
|
|
|
- name: Upload coverage
|
|
uses: codecov/codecov-action@v3
|
|
with:
|
|
name: Python ${{ matrix.python-version }}
|