--- name: Linting concurrency: github_ci on: workflow_call: jobs: pre-commit-ci: name: Pre-Commit runs-on: ubuntu-latest env: PYTHON_VERSION: "3.11" steps: - name: Check out the codebase uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # 4.1.1 with: ref: ${{ github.event.pull_request.head.sha }} - name: Set up Python ${{ env.PYTHON_VERSION }} uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # 4.7.1 with: python-version: ${{ env.PYTHON_VERSION }} cache: 'pip' # caching pip dependencies - name: Cache pip uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # 3.3.2 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('./requirements.txt') }} restore-keys: | ${{ runner.os }}-pip- - name: Cache Ansible uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # 3.3.2 with: path: ~/.ansible/collections key: ${{ runner.os }}-ansible-${{ hashFiles('collections/requirements.txt') }} restore-keys: | ${{ runner.os }}-ansible- - name: Install dependencies run: | echo "::group::Upgrade pip" python3 -m pip install --upgrade pip echo "::endgroup::" echo "::group::Install Python requirements from requirements.txt" python3 -m pip install -r requirements.txt echo "::endgroup::" echo "::group::Install Ansible role requirements from collections/requirements.yml" ansible-galaxy install -r collections/requirements.yml echo "::endgroup::" - name: Run pre-commit uses: pre-commit/action@646c83fcd040023954eafda54b4db0192ce70507 # 3.0.0 ensure-pinned-actions: name: Ensure SHA Pinned Actions runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # 4.1.1 - name: Ensure SHA pinned actions uses: zgosalvez/github-actions-ensure-sha-pinned-actions@af2eb3226618e2494e3d9084f515ad6dcf16e229 # 2.0.1 with: allowlist: | aws-actions/ docker/login-action