mirror of
https://github.com/pytorch/pytorch.git
synced 2025-10-20 12:54:11 +08:00
79e8dc7d53
Pin actions from repos external to the PyTorch project to their shasums for security. This is a best practice as Git tags are not immutable. https://openssf.org/blog/2024/08/12/mitigating-attack-vectors-in-github-workflows/ Pull Request resolved: https://github.com/pytorch/pytorch/pull/152110 Approved by: https://github.com/seemethere, https://github.com/ZainRizvi
34 lines
947 B
YAML
34 lines
947 B
YAML
name: Update PyTorch Labels in S3
|
|
|
|
on:
|
|
label:
|
|
workflow_dispatch:
|
|
|
|
concurrency:
|
|
group: 1
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
update-labels-in-S3:
|
|
runs-on: ubuntu-22.04
|
|
if: ${{ github.repository == 'pytorch/pytorch' }}
|
|
permissions:
|
|
id-token: write
|
|
contents: read
|
|
steps:
|
|
- name: Checkout PyTorch
|
|
uses: pytorch/pytorch/.github/actions/checkout-pytorch@main
|
|
with:
|
|
fetch-depth: 1
|
|
submodules: false
|
|
- name: configure aws credentials
|
|
id: aws_creds
|
|
uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0
|
|
with:
|
|
role-to-assume: arn:aws:iam::308535385114:role/gha_workflow_update_pytorch_labels
|
|
aws-region: us-east-1
|
|
- name: Update PyTorch labels list in S3
|
|
run: |
|
|
python3 -m pip install boto3==1.35.42
|
|
.github/scripts/export_pytorch_labels.py pytorch pytorch
|