[CI] Small nitpick changes (#7016)

* use global pin for requests

* unify on yaml for workflo files

* format workflow files

* pin action versions

* fix pinned version

* use system venv

* switch args

* remove uv for now and add setting for pyyaml

* fix qc args

* bix doc paths

.github/workflows/backport.yaml

@@ -7,7 +7,7 @@ name: Backport
 
 on:
   pull_request_target:
-    types: [ "labeled", "closed" ]
+    types: ["labeled", "closed"]
 
 jobs:
   backport:

.github/workflows/check_translations.yaml

@@ -15,13 +15,12 @@ permissions:
   contents: read
 
 jobs:
-
   check:
     runs-on: ubuntu-latest
 
     env:
       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      INVENTREE_DB_NAME: './test_db.sqlite'
+      INVENTREE_DB_NAME: "./test_db.sqlite"
       INVENTREE_DB_ENGINE: django.db.backends.sqlite3
       INVENTREE_DEBUG: info
       INVENTREE_MEDIA_ROOT: ./media

.github/workflows/docker.yaml

@@ -15,14 +15,18 @@ name: Docker
 
 on:
   release:
-    types: [ published ]
+    types: [published]
 
   push:
     branches:
-      - 'master'
+      - "master"
   pull_request:
     branches:
-      - 'master'
+      - "master"
+
+env:
+  requests_version: 2.31.0
+  pyyaml_version: 6.0.1
 
 permissions:
   contents: read
@@ -76,8 +80,8 @@ jobs:
           python-version: ${{ env.python_version }}
       - name: Version Check
         run: |
-          pip install requests==2.31.0
-          pip install pyyaml==6.0.1
+          pip install requests==${{ env.requests_version }}
+          pip install pyyaml==${{ env.pyyaml_version }}
           python3 .github/scripts/version_check.py
           echo "git_commit_hash=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
           echo "git_commit_date=$(git show -s --format=%ci)" >> $GITHUB_ENV

.github/workflows/qc_checks.yaml

@@ -4,15 +4,17 @@ name: QC
 
 on:
   push:
-    branches-ignore: [ 'l10*' ]
+    branches-ignore: ["l10*"]
   pull_request:
-    branches-ignore: [ 'l10*' ]
+    branches-ignore: ["l10*"]
 
 env:
   python_version: 3.9
   node_version: 18
   # The OS version must be set per job
   server_start_sleep: 60
+  requests_version: 2.31.0
+  pyyaml_version: 6.0.1
 
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   INVENTREE_DB_ENGINE: sqlite3
@@ -63,12 +65,11 @@ jobs:
           contains(github.event.pull_request.labels.*.name, 'dependency') ||
           contains(github.event.pull_request.labels.*.name, 'full-run')
 
-
   javascript:
     name: Style - Classic UI [JS]
     runs-on: ubuntu-20.04
 
-    needs: [ 'pre-commit' ]
+    needs: ["pre-commit"]
 
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4.1.1
@@ -98,12 +99,12 @@ jobs:
         uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # pin@v5.1.0
         with:
           python-version: ${{ env.python_version }}
-          cache: 'pip'
+          cache: "pip"
       - name: Run pre-commit Checks
         uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # pin@v3.0.1
       - name: Check Version
         run: |
-          pip install requests==2.31.0
+          pip install requests==${{ env.requests_version }}
           python3 .github/scripts/version_check.py
 
   mkdocs:
@@ -121,7 +122,7 @@ jobs:
           python-version: ${{ env.python_version }}
       - name: Check Config
         run: |
-          pip install pyyaml==6.0.1
+          pip install pyyaml==${{ env.pyyaml_version }}
           pip install -r docs/requirements.txt
           python docs/ci/check_mkdocs_config.py
       - name: Check Links
@@ -129,8 +130,8 @@ jobs:
         with:
           folder-path: docs
           config-file: docs/mlc_config.json
-          check-modified-files-only: 'yes'
-          use-quiet-mode: 'yes'
+          check-modified-files-only: "yes"
+          use-quiet-mode: "yes"
 
   schema:
     name: Tests - API Schema Documentation
@@ -167,7 +168,7 @@ jobs:
       - name: Download public schema
         if: needs.paths-filter.outputs.api == 'false'
         run: |
-          pip install requests==2.31.0 >/dev/null 2>&1
+          pip install requests==${{ env.requests_version }} >/dev/null 2>&1
           version="$(python3 .github/scripts/version_check.py only_version 2>&1)"
           echo "Version: $version"
           url="https://raw.githubusercontent.com/inventree/schema/main/export/${version}/api.yaml"
@@ -186,7 +187,7 @@ jobs:
         id: version
         if: github.ref == 'refs/heads/master' && needs.paths-filter.outputs.api == 'true'
         run: |
-          pip install requests==2.31.0 >/dev/null 2>&1
+          pip install requests==${{ env.requests_version }} >/dev/null 2>&1
           version="$(python3 .github/scripts/version_check.py only_version 2>&1)"
           echo "Version: $version"
           echo "version=$version" >> "$GITHUB_OUTPUT"
@@ -221,7 +222,7 @@ jobs:
     name: Tests - inventree-python
     runs-on: ubuntu-20.04
 
-    needs: [ 'pre-commit', 'paths-filter' ]
+    needs: ["pre-commit", "paths-filter"]
     if: needs.paths-filter.outputs.server == 'true' || needs.paths-filter.outputs.force == 'true'
 
     env:
@@ -263,7 +264,7 @@ jobs:
     name: Tests - DB [SQLite] + Coverage
     runs-on: ubuntu-20.04
 
-    needs: [ 'pre-commit', 'paths-filter' ]
+    needs: ["pre-commit", "paths-filter"]
     if: needs.paths-filter.outputs.server == 'true' || needs.paths-filter.outputs.force == 'true'
     continue-on-error: true # continue if a step fails so that coverage gets pushed
 
@@ -300,7 +301,7 @@ jobs:
           git-branch: ${{ github.ref }}
           parallel: true
       - name: Upload coverage reports to Codecov
-        uses: codecov/codecov-action@v4.3.0
+        uses: codecov/codecov-action@84508663e988701840491b86de86b666e8a86bed # pin@v4.3.0
         if: always()
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
@@ -310,14 +311,14 @@ jobs:
   postgres:
     name: Tests - DB [PostgreSQL]
     runs-on: ubuntu-20.04
-    needs: [ 'pre-commit', 'paths-filter' ]
+    needs: ["pre-commit", "paths-filter"]
     if: needs.paths-filter.outputs.server == 'true' || needs.paths-filter.outputs.force == 'true'
 
     env:
       INVENTREE_DB_ENGINE: django.db.backends.postgresql
       INVENTREE_DB_USER: inventree
       INVENTREE_DB_PASSWORD: password
-      INVENTREE_DB_HOST: '127.0.0.1'
+      INVENTREE_DB_HOST: "127.0.0.1"
       INVENTREE_DB_PORT: 5432
       INVENTREE_DEBUG: info
       INVENTREE_CACHE_HOST: localhost
@@ -355,7 +356,7 @@ jobs:
     name: Tests - DB [MySQL]
     runs-on: ubuntu-20.04
 
-    needs: [ 'pre-commit', 'paths-filter' ]
+    needs: ["pre-commit", "paths-filter"]
     if: needs.paths-filter.outputs.server == 'true' || needs.paths-filter.outputs.force == 'true'
 
     env:
@@ -363,7 +364,7 @@ jobs:
       INVENTREE_DB_ENGINE: django.db.backends.mysql
       INVENTREE_DB_USER: root
       INVENTREE_DB_PASSWORD: password
-      INVENTREE_DB_HOST: '127.0.0.1'
+      INVENTREE_DB_HOST: "127.0.0.1"
       INVENTREE_DB_PORT: 3306
       INVENTREE_DEBUG: info
       INVENTREE_PLUGINS_ENABLED: true
@@ -406,7 +407,7 @@ jobs:
       INVENTREE_DB_NAME: inventree
       INVENTREE_DB_USER: inventree
       INVENTREE_DB_PASSWORD: password
-      INVENTREE_DB_HOST: '127.0.0.1'
+      INVENTREE_DB_HOST: "127.0.0.1"
       INVENTREE_DB_PORT: 5432
       INVENTREE_DEBUG: info
       INVENTREE_PLUGINS_ENABLED: false
@@ -440,7 +441,7 @@ jobs:
           git-commit: ${{ github.sha }}
           git-branch: ${{ github.ref }}
       - name: Upload coverage reports to Codecov
-        uses: codecov/codecov-action@v4.3.0
+        uses: codecov/codecov-action@84508663e988701840491b86de86b666e8a86bed # pin@v4.3.0
         if: always()
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
@@ -507,7 +508,7 @@ jobs:
     name: Tests - Platform UI
     runs-on: ubuntu-20.04
     timeout-minutes: 60
-    needs: [ 'pre-commit', 'paths-filter' ]
+    needs: ["pre-commit", "paths-filter"]
     if: needs.paths-filter.outputs.frontend == 'true' || needs.paths-filter.outputs.force == 'true'
     env:
       INVENTREE_DB_ENGINE: sqlite3
@@ -535,7 +536,7 @@ jobs:
       - name: Run Playwright tests
         id: tests
         run: cd src/frontend && npx nyc playwright test
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # pin@v4
         if: ${{ !cancelled() && steps.tests.outcome == 'failure' }}
         with:
           name: playwright-report
@@ -545,7 +546,7 @@ jobs:
         if: always()
         run: cd src/frontend && npx nyc report --report-dir ./coverage --temp-dir .nyc_output --reporter=lcov --exclude-after-remap false
       - name: Upload coverage reports to Codecov
-        uses: codecov/codecov-action@v4.3.0
+        uses: codecov/codecov-action@84508663e988701840491b86de86b666e8a86bed # pin@v4.3.0
         if: always()
         with:
           token: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/release.yaml

@@ -3,13 +3,15 @@
 name: Publish release notes
 on:
   release:
-    types: [ published ]
+    types: [published]
+
+env:
+  requests_version: 2.31.0
 
 permissions:
   contents: read
 
 jobs:
-
   stable:
     runs-on: ubuntu-latest
     env:
@@ -19,7 +21,7 @@ jobs:
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4.1.1
       - name: Version Check
         run: |
-          pip install requests==2.31.0
+          pip install requests==${{ env.requests_version }}
           python3 .github/scripts/version_check.py
       - name: Push to Stable Branch
         uses: ad-m/github-push-action@d91a481090679876dfc4178fef17f286781251df # pin@v0.8.0

.github/workflows/scorecard.yaml

@@ -10,9 +10,9 @@ on:
   # To guarantee Maintained check is occasionally updated. See
   # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
   schedule:
-    - cron: '32 0 * * 0'
+    - cron: "32 0 * * 0"
   push:
-    branches: [ "master" ]
+    branches: ["master"]
 
 # Declare default permissions as read only.
 permissions: read-all

.github/workflows/stale.yaml

@@ -3,14 +3,13 @@ name: Mark stale issues and pull requests
 
 on:
   schedule:
-    - cron: '24 11 * * *'
+    - cron: "24 11 * * *"
 
 permissions:
   contents: read
 
 jobs:
   stale:
-
     runs-on: ubuntu-latest
     permissions:
       issues: write
@@ -20,9 +19,9 @@ jobs:
       - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # pin@v9.0.0
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
-          stale-issue-message: 'This issue seems stale. Please react to show this is still important.'
-          stale-pr-message: 'This PR seems stale. Please react to show this is still important.'
-          stale-issue-label: 'inactive'
-          stale-pr-label: 'inactive'
-          start-date: '2022-01-01'
+          stale-issue-message: "This issue seems stale. Please react to show this is still important."
+          stale-pr-message: "This PR seems stale. Please react to show this is still important."
+          stale-issue-label: "inactive"
+          stale-pr-label: "inactive"
+          start-date: "2022-01-01"
           exempt-all-milestones: true

.github/workflows/translations.yaml

@@ -14,14 +14,13 @@ permissions:
 
 jobs:
   build:
-
     runs-on: ubuntu-latest
     permissions:
       contents: write
 
     env:
       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      INVENTREE_DB_NAME: './test_db.sqlite'
+      INVENTREE_DB_NAME: "./test_db.sqlite"
       INVENTREE_DB_ENGINE: django.db.backends.sqlite3
       INVENTREE_DEBUG: info
       INVENTREE_MEDIA_ROOT: ./media