Fix linter warnings

Signed-off-by: Gaëtan Lehmann <gaetan.lehmann@vates.tech>

Author: glehmann

.github/workflows/docker.yml

@@ -1,27 +1,33 @@
 name: Build and Push Docker Image to GHCR
 
-on: push
+on:
+  push:
+    branches:
+      - 'master'
+  pull_request:
 
-permissions:
-  contents: read # Required to checkout the repo code
-  packages: write # Required to push packages to GHCR
+permissions: {}
 
 jobs:
   xcp-ng-build-env-82:
     runs-on: ubuntu-latest
+    permissions:
+      packages: write # Required to push packages to GHCR
     steps:
       - uses: actions/checkout@v4
-      - uses: docker/setup-buildx-action@v3
+        with:
+          persist-credentials: false
+      - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435
         with:
           driver: docker-container
-      - uses: docker/login-action@v3
+      - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1
         if: github.ref == 'refs/heads/master'
         with:
           registry: ghcr.io
           username: ${{ github.actor }} # Uses the GitHub user/org name that triggered the workflow
           password: ${{ secrets.GITHUB_TOKEN }} # Automatically provided by GitHub
       - run: echo "VERSION=$(cat ./src/xcp_ng_dev/files/version.txt | tr -d '\n')" >> $GITHUB_ENV
-      - uses: docker/build-push-action@v5 # Using v5 for latest features
+      - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83
         with:
           context: ./src/xcp_ng_dev/
           file: ./src/xcp_ng_dev/files/Dockerfile-8.x
@@ -36,19 +42,23 @@ jobs:
 
   xcp-ng-build-env-83:
     runs-on: ubuntu-latest
+    permissions:
+      packages: write # Required to push packages to GHCR
     steps:
       - uses: actions/checkout@v4
-      - uses: docker/setup-buildx-action@v3
+        with:
+          persist-credentials: false
+      - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435
         with:
           driver: docker-container
-      - uses: docker/login-action@v3
+      - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1
         if: github.ref == 'refs/heads/master'
         with:
           registry: ghcr.io
           username: ${{ github.actor }} # Uses the GitHub user/org name that triggered the workflow
           password: ${{ secrets.GITHUB_TOKEN }} # Automatically provided by GitHub
       - run: echo "VERSION=$(cat ./src/xcp_ng_dev/files/version.txt | tr -d '\n')" >> $GITHUB_ENV
-      - uses: docker/build-push-action@v5 # Using v5 for latest features
+      - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83
         with:
           context: ./src/xcp_ng_dev/
           file: ./src/xcp_ng_dev/files/Dockerfile-8.x
@@ -62,19 +72,23 @@ jobs:
   # TODO: uncomment once we have a public xcp-ng 9.0 repository
   # xcp-ng-build-env-90:
   #   runs-on: ubuntu-latest
+  #   permissions:
+  #     packages: write # Required to push packages to GHCR
   #   steps:
   #     - uses: actions/checkout@v4
-  #     - uses: docker/setup-buildx-action@v3
+  #       with:
+  #         persist-credentials: false
+  #     - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435
   #       with:
   #         driver: docker-container
-  #     - uses: docker/login-action@v3
+  #     - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1
   #       if: github.ref == 'refs/heads/master'
   #       with:
   #         registry: ghcr.io
   #         username: ${{ github.actor }} # Uses the GitHub user/org name that triggered the workflow
   #         password: ${{ secrets.GITHUB_TOKEN }} # Automatically provided by GitHub
   #     - run: echo "VERSION=$(cat ./src/xcp_ng_dev/files/version.txt | tr -d '\n')" >> $GITHUB_ENV
-  #     - uses: docker/build-push-action@v5 # Using v5 for latest features
+  #     - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83
   #       with:
   #         context: ./src/xcp_ng_dev/
   #         file: ./src/xcp_ng_dev/files/Dockerfile-9.x

.github/workflows/main.yaml

@@ -6,19 +6,18 @@ on:
       - 'master'
   pull_request:
 
+permissions: {}
+
 jobs:
   test:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
-    - name: Install uv
-      uses: astral-sh/setup-uv@v6
-      with:
-        version: "0.7.x"
-    - name: Install dependencies
-      run: uv sync --frozen
-    - name: Test
-      # use script to provide a tty (workaround of systematic "docker -t"?)
-      shell: 'script -q -e -c "bash {0}"'
-      run: |
-        uv run ./test/test.sh
+      - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+      - uses: ./.github/actions/uv-setup/
+      - name: Test
+        # use script to provide a tty (workaround of systematic "docker -t"?)
+        shell: 'script -q -e -c "bash {0}"'
+        run: |
+          ./test/test.sh

src/xcp_ng_dev/cli.py

@@ -10,8 +10,8 @@
 
 import argparse
 import os
-import subprocess
 import shutil
+import subprocess
 import sys
 from pathlib import Path
 
@@ -35,9 +35,7 @@
 def is_podman(runner):
     if os.path.basename(runner) == "podman":
         return True
-    if subprocess.getoutput(f"{runner} --version").startswith("podman "):
-        return True
-    return False
+    return subprocess.getoutput(f"{runner} --version").startswith("podman ")
 
 def read_version():
     with open(Path(__file__).parent / 'files/version.txt') as f: