Skip to content

FE-128 dedup GitHub actions #35

FE-128 dedup GitHub actions

FE-128 dedup GitHub actions #35

# generates a requirements.txt file from poetry.lock and commits it to the branch that triggered the workflow,
# for SourceClear to use to scan for vulnerabilities.
name: Generate requirements file
on:
pull_request:
branches:
- main
jobs:
generate-requirements-file:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v3
- name: Set up python
id: setup-python
uses: actions/setup-python@v4
with:
python-version: 3.9.16
- name: Install Poetry
uses: snok/[email protected]
with:
version: 1.1.9
virtualenvs-create: true
virtualenvs-in-project: true
installer-parallel: true
- name: Generate requirements.txt
run: poetry export -f requirements.txt --without-hashes --no-interaction --output requirements.txt
working-directory: ${{ github.workspace }}/orchestration
- name: Commit requirements.txt
run: |
git config --local user.email "[email protected]"
git config --local user.name "dsp-fieldeng-bot"
git add orchestration/requirements.txt
git commit -m "Update requirements.txt" --allow-empty
- name: Get branch name
id: branch-name
uses: tj-actions/branch-names@v7
- name: Push changes
uses: ad-m/github-push-action@master
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
branch: ${{ steps.branch-name.outputs.current_branch }} # Pushes to the branch the action is run on
force: true