Skip to content

Commit b2ed978

Browse files
fede-kamelfede-kamel
authored
Merge branch 'main' into fix/2110-http-error-propagation
2 parents bb47a5d + e8e6484 commit b2ed978

14 files changed

Lines changed: 180 additions & 73 deletions

.github/workflows/claude.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,12 +30,13 @@ jobs:
3030
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3131
with:
3232
fetch-depth: 1
33+
persist-credentials: false
3334

3435
- name: Run Claude Code
3536
id: claude
3637
uses: anthropics/claude-code-action@2f8ba26a219c06cfb0f468eef8d97055fa814f97 # v1.0.53
3738
with:
38-
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
39+
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} # zizmor: ignore[secrets-outside-env]
3940
use_commit_signing: true
4041
additional_permissions: |
4142
actions: read

.github/workflows/comment-on-release.yml

Lines changed: 16 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -16,13 +16,16 @@ jobs:
1616
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
1717
with:
1818
fetch-depth: 0
19+
persist-credentials: false
1920

2021
- name: Get previous release
2122
id: previous_release
2223
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
24+
env:
25+
CURRENT_TAG: ${{ github.event.release.tag_name }}
2326
with:
2427
script: |
25-
const currentTag = '${{ github.event.release.tag_name }}';
28+
const currentTag = process.env.CURRENT_TAG;
2629
2730
// Get all releases
2831
const { data: releases } = await github.rest.repos.listReleases({
@@ -54,10 +57,13 @@ jobs:
5457
- name: Get merged PRs between releases
5558
id: get_prs
5659
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
60+
env:
61+
CURRENT_TAG: ${{ github.event.release.tag_name }}
62+
PREVIOUS_TAG_JSON: ${{ steps.previous_release.outputs.result }}
5763
with:
5864
script: |
59-
const currentTag = '${{ github.event.release.tag_name }}';
60-
const previousTag = ${{ steps.previous_release.outputs.result }};
65+
const currentTag = process.env.CURRENT_TAG;
66+
const previousTag = JSON.parse(process.env.PREVIOUS_TAG_JSON);
6167
6268
if (!previousTag) {
6369
console.log('No previous release found, skipping');
@@ -104,11 +110,15 @@ jobs:
104110
105111
- name: Comment on PRs
106112
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
113+
env:
114+
PR_NUMBERS_JSON: ${{ steps.get_prs.outputs.result }}
115+
RELEASE_TAG: ${{ github.event.release.tag_name }}
116+
RELEASE_URL: ${{ github.event.release.html_url }}
107117
with:
108118
script: |
109-
const prNumbers = ${{ steps.get_prs.outputs.result }};
110-
const releaseTag = '${{ github.event.release.tag_name }}';
111-
const releaseUrl = '${{ github.event.release.html_url }}';
119+
const prNumbers = JSON.parse(process.env.PR_NUMBERS_JSON);
120+
const releaseTag = process.env.RELEASE_TAG;
121+
const releaseUrl = process.env.RELEASE_URL;
112122
113123
const comment = `This pull request is included in [${releaseTag}](${releaseUrl})`;
114124

.github/workflows/conformance.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,8 @@ jobs:
1919
continue-on-error: true
2020
steps:
2121
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
22+
with:
23+
persist-credentials: false
2224
- uses: astral-sh/setup-uv@803947b9bd8e9f986429fa0c5a41c367cd732b41 # v7.2.1
2325
with:
2426
enable-cache: true
@@ -34,6 +36,8 @@ jobs:
3436
continue-on-error: true
3537
steps:
3638
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
39+
with:
40+
persist-credentials: false
3741
- uses: astral-sh/setup-uv@803947b9bd8e9f986429fa0c5a41c367cd732b41 # v7.2.1
3842
with:
3943
enable-cache: true

.github/workflows/deploy-docs.yml

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,59 @@
1+
name: Deploy Docs
2+
3+
on:
4+
push:
5+
branches:
6+
- main
7+
- v1.x
8+
paths:
9+
- docs/**
10+
- mkdocs.yml
11+
- src/mcp/**
12+
- scripts/build-docs.sh
13+
- pyproject.toml
14+
- uv.lock
15+
- .github/workflows/deploy-docs.yml
16+
workflow_dispatch:
17+
18+
concurrency:
19+
group: deploy-docs
20+
cancel-in-progress: false
21+
22+
jobs:
23+
deploy-docs:
24+
runs-on: ubuntu-latest
25+
26+
permissions:
27+
contents: read
28+
pages: write
29+
id-token: write
30+
31+
environment:
32+
name: github-pages
33+
url: ${{ steps.deployment.outputs.page_url }}
34+
35+
steps:
36+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
37+
with:
38+
persist-credentials: false
39+
40+
- name: Install uv
41+
uses: astral-sh/setup-uv@803947b9bd8e9f986429fa0c5a41c367cd732b41 # v7.2.1
42+
with:
43+
enable-cache: true
44+
version: 0.9.5
45+
46+
- name: Build combined docs (v1.x at /, main at /v2/)
47+
run: bash scripts/build-docs.sh site
48+
49+
- name: Configure Pages
50+
uses: actions/configure-pages@45bfe0192ca1faeb007ade9deae92b16b8254a0d # v6.0.0
51+
52+
- name: Upload Pages artifact
53+
uses: actions/upload-pages-artifact@fc324d3547104276b827a68afc52ff2a11cc49c9 # v5.0.0
54+
with:
55+
path: site
56+
57+
- name: Deploy to GitHub Pages
58+
id: deployment
59+
uses: actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128 # v5.0.0

.github/workflows/publish-docs-manually.yml

Lines changed: 0 additions & 35 deletions
This file was deleted.

.github/workflows/publish-pypi.yml

Lines changed: 6 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -4,18 +4,23 @@ on:
44
release:
55
types: [published]
66

7+
permissions:
8+
contents: read
9+
710
jobs:
811
release-build:
912
name: Build distribution
1013
runs-on: ubuntu-latest
1114
needs: [checks]
1215
steps:
1316
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
17+
with:
18+
persist-credentials: false
1419

1520
- name: Install uv
1621
uses: astral-sh/setup-uv@803947b9bd8e9f986429fa0c5a41c367cd732b41 # v7.2.1
1722
with:
18-
enable-cache: true
23+
enable-cache: false
1924
version: 0.9.5
2025

2126
- name: Set up Python 3.12
@@ -51,32 +56,3 @@ jobs:
5156

5257
- name: Publish package distributions to PyPI
5358
uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # release/v1
54-
55-
docs-publish:
56-
runs-on: ubuntu-latest
57-
needs: ["pypi-publish"]
58-
permissions:
59-
contents: write
60-
steps:
61-
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
62-
- name: Configure Git Credentials
63-
run: |
64-
git config user.name github-actions[bot]
65-
git config user.email 41898282+github-actions[bot]@users.noreply.github.com
66-
67-
- name: Install uv
68-
uses: astral-sh/setup-uv@803947b9bd8e9f986429fa0c5a41c367cd732b41 # v7.2.1
69-
with:
70-
enable-cache: true
71-
version: 0.9.5
72-
73-
- run: echo "cache_id=$(date --utc '+%V')" >> $GITHUB_ENV
74-
- uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
75-
with:
76-
key: mkdocs-material-${{ env.cache_id }}
77-
path: .cache
78-
restore-keys: |
79-
mkdocs-material-
80-
81-
- run: uv sync --frozen --group docs
82-
- run: uv run --frozen --no-sync mkdocs gh-deploy --force

.github/workflows/shared.yml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ jobs:
1414
runs-on: ubuntu-latest
1515
steps:
1616
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
17+
with:
18+
persist-credentials: false
1719

1820
- uses: astral-sh/setup-uv@803947b9bd8e9f986429fa0c5a41c367cd732b41 # v7.2.1
1921
with:
@@ -57,6 +59,8 @@ jobs:
5759

5860
steps:
5961
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
62+
with:
63+
persist-credentials: false
6064

6165
- name: Install uv
6266
uses: astral-sh/setup-uv@803947b9bd8e9f986429fa0c5a41c367cd732b41 # v7.2.1
@@ -83,6 +87,8 @@ jobs:
8387
runs-on: ubuntu-latest
8488
steps:
8589
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
90+
with:
91+
persist-credentials: false
8692

8793
- uses: astral-sh/setup-uv@803947b9bd8e9f986429fa0c5a41c367cd732b41 # v7.2.1
8894
with:

.github/workflows/weekly-lockfile-update.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,8 @@ jobs:
1515
runs-on: ubuntu-latest
1616
steps:
1717
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
18+
with:
19+
persist-credentials: false
1820

1921
- uses: astral-sh/setup-uv@803947b9bd8e9f986429fa0c5a41c367cd732b41 # v7.2.1
2022
with:

.github/workflows/zizmor.yml

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
name: GitHub Actions Security Analysis
2+
3+
on:
4+
push:
5+
branches: ["main"]
6+
pull_request:
7+
branches: ["**"]
8+
9+
permissions: {}
10+
11+
jobs:
12+
zizmor:
13+
runs-on: ubuntu-latest
14+
15+
permissions:
16+
security-events: write # Required for upload-sarif (used by zizmor-action) to upload SARIF files.
17+
18+
steps:
19+
- name: Checkout repository
20+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
21+
with:
22+
persist-credentials: false
23+
24+
- name: Run zizmor 🌈
25+
uses: zizmorcore/zizmor-action@5f14fd08f7cf1cb1609c1e344975f152c7ee938d # v0.5.6

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -143,6 +143,7 @@ venv.bak/
143143

144144
# mkdocs documentation
145145
/site
146+
/.worktrees/
146147

147148
# mypy
148149
.mypy_cache/

0 commit comments

Comments
 (0)