From 28f78567df14dd52a49c772c1e934fa39ccb4920 Mon Sep 17 00:00:00 2001 From: user Date: Sun, 22 Feb 2026 06:51:50 +0100 Subject: [PATCH] refactor: use native container directive for CI jobs Replace manual podman run invocations with the runner's container: directive for lint, test, and secrets jobs. Cleaner step definitions, no volume mounts needed. Co-Authored-By: Claude Opus 4.6 --- .gitea/workflows/ci.yml | 36 ++++++++++++++++-------------------- 1 file changed, 16 insertions(+), 20 deletions(-) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index f1710c7..3f5b0f4 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -9,44 +9,40 @@ on: jobs: lint: runs-on: linux + container: + image: python:3.12-alpine steps: - uses: actions/checkout@v4 + - name: Install ruff + run: pip install --no-cache-dir -q ruff - name: Lint - run: | - podman run --rm \ - -v "$PWD:/app:ro" \ - -w /app \ - python:3.12-alpine \ - sh -c "pip install --no-cache-dir -q ruff && \ - ruff check src/ tests/" + run: ruff check src/ tests/ test: runs-on: linux needs: [lint] + container: + image: python:3.12-alpine steps: - uses: actions/checkout@v4 - - name: Test + - name: Install deps run: | - podman run --rm \ - -v "$PWD:/app:ro" \ - -w /app \ - python:3.12-alpine \ - sh -c "pip install --no-cache-dir -q -r requirements.txt && \ - pip install --no-cache-dir -q pytest pytest-asyncio && \ - PYTHONPATH=src pytest tests/ -v" + pip install --no-cache-dir -q -r requirements.txt + pip install --no-cache-dir -q pytest pytest-asyncio + - name: Test + run: PYTHONPATH=src pytest tests/ -v secrets: runs-on: linux + container: + image: ghcr.io/gitleaks/gitleaks:latest + options: --entrypoint "" steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - name: Scan for secrets - run: | - podman run --rm \ - -v "$PWD:/scan:ro" \ - ghcr.io/gitleaks/gitleaks:latest \ - detect --source /scan -v + run: gitleaks detect --source . -v build: runs-on: linux