Skip to content

Bump step-security/harden-runner from 2.7.0 to 2.7.1 #13

Bump step-security/harden-runner from 2.7.0 to 2.7.1

Bump step-security/harden-runner from 2.7.0 to 2.7.1 #13

Workflow file for this run

# This is a basic workflow to help you get started with Actions
name: CI
# Controls when the action will run. Triggers the workflow on push or pull request
# events but only for the master branch
on:
workflow_dispatch:
push:
branches: [ main ]
pull_request:
branches: [ main ]
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
permissions: # added using https://github.com/step-security/secure-repo
contents: read
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- name: Checkout repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- name: Set up Python
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
with:
python-version: '3.x'
- name: Install dependencies
run: |
pip install --no-deps --require-hashes -r requirements.txt
- name: Run tests
run: |
coverage run tests.py -b
coverage xml
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@5ecb98a3c6b747ed38dc09f787459979aebb39be # v4.3.1
with:
token: ${{ secrets.CODECOV_TOKEN }}