* ci: Update GitHub owned actions to be referenced by SHA. Work automated using StepSecurity
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
* ci: create hash-pinned requirements files for build and publish processes
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* ci: change ci files to install build and publish dependencies using hashes
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* ci: fix path to requirements files
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* ci: rebuild the requirement.txt files using `--allow-unsafe`
The flag is needed to create hash-pinned requirements for pip and
setup-tools. Find more information about this at these issues from [pip-tools](https://github.com/jazzband/pip-tools/issues/806) and from [pip](https://github.com/pypa/pip/issues/6459).
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor(workflows): move build requirements files to a separated folder
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* fix(workflow): requirements download was erasing work from previous steps
Using the actions/checkout to download the requirements.txt was erasing
some necessary files that came from previous steps. Thus, this commit
changes moves the checkout action to the beginnig of the jobs.
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* ci: remove reference to inexistent input in pypi-publish.yml
* docs(workflows): remove comment related to a line already delated from code
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor(workflows): use a workflow-level env var to define path to build requirements file
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* fix(workflows): refer to env vars using ${{ }} sintax
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor(workflows): move build and publish requirements files
Moved from .github/workflows/requirements/ to .github/requirements/
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* docs(workflows): add comments on requirements files explaining their relation
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* ci(workflows): update build dependencies to match exactly the ones at pyproject.toml
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* ci: remove unnecessary parameter
When calling actions/checkout , we were passing the `ref` parameter as `github.ref`, but it will likely be always main, or the vary same value as the default for this parameter.
* Update dependabot config to cover build/publish dependencies
---------
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
Co-authored-by: StepSecurity Bot <bot@stepsecurity.io>
* drop python 3.6 support
* Update tests/hazmat/bindings/test_openssl.py
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
---------
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* Python 3.6 compatibility fix.
The capture_output argument to subprocess.run() was not introduced until
Python 3.7. Use stdout=subprocess.PIPE and stderr=subprocess.PIPE instead,
which is equivalent.
* Update pyproject.toml
* Black
---------
Co-authored-by: Matthew Ryan <matt.ryan@nominum.com>
Co-authored-by: Paul Kehrer <paul.l.kehrer@gmail.com>
progress-even-when-capture-no isn't in a released pytest yet, but when
https://github.com/pytest-dev/pytest/pull/10755 is released this
will work. Until then this flag will simply have no effect.
Also add a COLUMNS variable and pass it through to tox so we can limit
column width to 80 in CI
