name: Pre-commit on: workflow_dispatch: permissions: contents: read jobs: pre-commit: if: ${{ github.event.pull_request.user.login != 'dependabot[bot]' }} runs-on: ubuntu-latest permissions: contents: write pull-requests: write steps: - name: Harden Runner uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit - name: Checkout repository uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Set up Python uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: 3.12 cache: 'pip' # caching pip dependencies - name: Run Pre-Commit Hooks run: | pip install --require-hashes -r ./.github/scripts/requirements_pre_commit.txt - run: pre-commit run --all-files -c .pre-commit-config.yaml continue-on-error: true - name: Set up git config run: | git config --global user.name "github-actions[bot]" git config --global user.email "github-actions[bot]@users.noreply.github.com" - name: git add run: | git add . git diff --staged --quiet || git commit -m ":file_folder: pre-commit > Made via .github/workflows/pre_commit.yml" || echo "pre-commit: no changes" - name: Create Pull Request uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6 with: token: ${{ secrets.GITHUB_TOKEN }} commit-message: "ci: 🤖 format everything with pre-commit" committer: GitHub Action author: GitHub Action signoff: true branch: pre-commit title: "🤖 format everything with pre-commit by " body: | Auto-generated by [create-pull-request][1] [1]: https://github.com/peter-evans/create-pull-request draft: false delete-branch: true labels: github-actions sign-commits: true