├── .github ├── CODE_OF_CONDUCT.md ├── FUNDING.yml ├── SECURITY.md ├── dependabot.yml └── workflows │ └── ci.yml ├── .pre-commit-config.yaml ├── CHANGELOG.md ├── LICENSE ├── README.md └── action.yml /.github/CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Contributor Covenant Code of Conduct 2 | 3 | ## Our Pledge 4 | 5 | We as members, contributors, and leaders pledge to make participation in our 6 | community a harassment-free experience for everyone, regardless of age, body 7 | size, visible or invisible disability, ethnicity, sex characteristics, gender 8 | identity and expression, level of experience, education, socioeconomic status, 9 | nationality, personal appearance, race, caste, color, religion, or sexual 10 | identity and orientation. 11 | 12 | We pledge to act and interact in ways that contribute to an open, welcoming, 13 | diverse, inclusive, and healthy community. 14 | 15 | ## Our Standards 16 | 17 | Examples of behavior that contributes to a positive environment for our 18 | community include: 19 | 20 | * Demonstrating empathy and kindness toward other people 21 | * Being respectful of differing opinions, viewpoints, and experiences 22 | * Giving and gracefully accepting constructive feedback 23 | * Accepting responsibility and apologizing to those affected by our mistakes, 24 | and learning from the experience 25 | * Focusing on what is best not just for us as individuals, but for the overall 26 | community 27 | 28 | Examples of unacceptable behavior include: 29 | 30 | * The use of sexualized language or imagery, and sexual attention or advances of 31 | any kind 32 | * Trolling, insulting or derogatory comments, and personal or political attacks 33 | * Public or private harassment 34 | * Publishing others' private information, such as a physical or email address, 35 | without their explicit permission 36 | * Other conduct which could reasonably be considered inappropriate in a 37 | professional setting 38 | 39 | ## Enforcement Responsibilities 40 | 41 | Community leaders are responsible for clarifying and enforcing our standards of 42 | acceptable behavior and will take appropriate and fair corrective action in 43 | response to any behavior that they deem inappropriate, threatening, offensive, 44 | or harmful. 45 | 46 | Community leaders have the right and responsibility to remove, edit, or reject 47 | comments, commits, code, wiki edits, issues, and other contributions that are 48 | not aligned to this Code of Conduct, and will communicate reasons for moderation 49 | decisions when appropriate. 50 | 51 | ## Scope 52 | 53 | This Code of Conduct applies within all community spaces, and also applies when 54 | an individual is officially representing the community in public spaces. 55 | Examples of representing our community include using an official e-mail address, 56 | posting via an official social media account, or acting as an appointed 57 | representative at an online or offline event. 58 | 59 | ## Enforcement 60 | 61 | Instances of abusive, harassing, or otherwise unacceptable behavior may be 62 | reported to the community leaders responsible for enforcement at 63 | . 64 | All complaints will be reviewed and investigated promptly and fairly. 65 | 66 | All community leaders are obligated to respect the privacy and security of the 67 | reporter of any incident. 68 | 69 | ## Enforcement Guidelines 70 | 71 | Community leaders will follow these Community Impact Guidelines in determining 72 | the consequences for any action they deem in violation of this Code of Conduct: 73 | 74 | ### 1. Correction 75 | 76 | **Community Impact**: Use of inappropriate language or other behavior deemed 77 | unprofessional or unwelcome in the community. 78 | 79 | **Consequence**: A private, written warning from community leaders, providing 80 | clarity around the nature of the violation and an explanation of why the 81 | behavior was inappropriate. A public apology may be requested. 82 | 83 | ### 2. Warning 84 | 85 | **Community Impact**: A violation through a single incident or series of 86 | actions. 87 | 88 | **Consequence**: A warning with consequences for continued behavior. No 89 | interaction with the people involved, including unsolicited interaction with 90 | those enforcing the Code of Conduct, for a specified period of time. This 91 | includes avoiding interactions in community spaces as well as external channels 92 | like social media. Violating these terms may lead to a temporary or permanent 93 | ban. 94 | 95 | ### 3. Temporary Ban 96 | 97 | **Community Impact**: A serious violation of community standards, including 98 | sustained inappropriate behavior. 99 | 100 | **Consequence**: A temporary ban from any sort of interaction or public 101 | communication with the community for a specified period of time. No public or 102 | private interaction with the people involved, including unsolicited interaction 103 | with those enforcing the Code of Conduct, is allowed during this period. 104 | Violating these terms may lead to a permanent ban. 105 | 106 | ### 4. Permanent Ban 107 | 108 | **Community Impact**: Demonstrating a pattern of violation of community 109 | standards, including sustained inappropriate behavior, harassment of an 110 | individual, or aggression toward or disparagement of classes of individuals. 111 | 112 | **Consequence**: A permanent ban from any sort of public interaction within the 113 | community. 114 | 115 | ## Attribution 116 | 117 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], 118 | version 2.1, available at 119 | [https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1]. 120 | 121 | Community Impact Guidelines were inspired by 122 | [Mozilla's code of conduct enforcement ladder][Mozilla CoC]. 123 | 124 | For answers to common questions about this code of conduct, see the FAQ at 125 | [https://www.contributor-covenant.org/faq][FAQ]. Translations are available at 126 | [https://www.contributor-covenant.org/translations][translations]. 127 | 128 | [homepage]: https://www.contributor-covenant.org 129 | [v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html 130 | [Mozilla CoC]: https://github.com/mozilla/diversity 131 | [FAQ]: https://www.contributor-covenant.org/faq 132 | [translations]: https://www.contributor-covenant.org/translations 133 | -------------------------------------------------------------------------------- /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | --- 2 | github: hynek 3 | -------------------------------------------------------------------------------- /.github/SECURITY.md: -------------------------------------------------------------------------------- 1 | # Security Policy 2 | 3 | ## Supported Versions 4 | 5 | Only the latest version is supported. 6 | 7 | 8 | ## Reporting a Vulnerability 9 | 10 | If you think you found a vulnerability, please use [GitHub's security advisory form](https://github.com/hynek/setup-cached-uv/security/advisories/new), or email Hynek Schlawack at . 11 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: 2 3 | updates: 4 | - package-ecosystem: github-actions 5 | directory: / 6 | schedule: 7 | interval: monthly 8 | -------------------------------------------------------------------------------- /.github/workflows/ci.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: CI 3 | 4 | on: 5 | push: 6 | branches: [main] 7 | pull_request: 8 | workflow_dispatch: 9 | 10 | env: 11 | FORCE_COLOR: "1" # Make tools pretty. 12 | 13 | jobs: 14 | check-install-no-date-suffix: 15 | runs-on: ${{ matrix.runs-on }} 16 | strategy: 17 | matrix: 18 | runs-on: [ubuntu-latest, macos-latest, windows-latest] 19 | 20 | steps: 21 | - uses: actions/checkout@v4 22 | with: 23 | path: action 24 | 25 | - uses: ./action 26 | with: 27 | cache-date-suffix: "" 28 | 29 | - run: | 30 | uv venv 31 | uv pip install attrs 32 | 33 | 34 | check-hash-deps-path: 35 | runs-on: ${{ matrix.runs-on }} 36 | strategy: 37 | matrix: 38 | runs-on: [ubuntu-latest, macos-latest, windows-latest] 39 | 40 | steps: 41 | - uses: actions/checkout@v4 42 | with: 43 | path: action 44 | 45 | - uses: ./action 46 | with: 47 | cache-suffix: -LE-SUFFIX 48 | cache-dependency-path: "**/LICENSE" 49 | 50 | - run: | 51 | uv venv 52 | uv pip install attrs 53 | -------------------------------------------------------------------------------- /.pre-commit-config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | ci: 3 | autoupdate_schedule: monthly 4 | 5 | repos: 6 | - repo: https://github.com/codespell-project/codespell 7 | rev: v2.3.0 8 | hooks: 9 | - id: codespell 10 | 11 | - repo: https://github.com/pre-commit/pre-commit-hooks 12 | rev: v5.0.0 13 | hooks: 14 | - id: trailing-whitespace 15 | - id: end-of-file-fixer 16 | - id: check-yaml 17 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Changelog 2 | 3 | All notable changes to this project will be documented in this file. 4 | 5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). 6 | 7 | 8 | ## [Unreleased](https://github.com/hynek/setup-cached-uv/compare/v2.3.0...main) 9 | 10 | 11 | ## [2.3.0](https://github.com/hynek/setup-cached-uv/compare/v2.2.1...v2.3.0) 12 | 13 | ### Changed 14 | 15 | - The default value for `cache-dependency-path` is now `pyproject.toml`. 16 | This means that changes to packaging metadata of modern Python packages will invalidate the cache. 17 | [#19](https://github.com/hynek/setup-cached-uv/pull/19) 18 | 19 | 20 | ## [2.2.1](https://github.com/hynek/setup-cached-uv/compare/v2.2.0...v2.2.1) 21 | 22 | ### Fixed 23 | 24 | - Quoting around cache dir handling. 25 | [#18](https://github.com/hynek/setup-cached-uv/pull/18) 26 | 27 | 28 | ## [2.2.0](https://github.com/hynek/setup-cached-uv/compare/v2.1.0...v2.2.0) 29 | 30 | ### Changed 31 | 32 | - The default cache path for Windows is now `D:\a\_temp\scu-uv-cache`. 33 | [#16](https://github.com/hynek/setup-cached-uv/pull/16) 34 | 35 | 36 | ## [2.1.0](https://github.com/hynek/setup-cached-uv/compare/v2.0.0...v2.1.0) - 2024-08-15 37 | 38 | ### Changed 39 | 40 | - When installing on Linux and macOS, it is now enforced to use TLS 1.2 to protect against downgrade attacks. 41 | [#14](https://github.com/hynek/setup-cached-uv/pull/14) 42 | 43 | 44 | ## [2.0.0](https://github.com/hynek/setup-cached-uv/compare/v1.3.0...v2.0.0) - 2024-07-26 45 | 46 | ### Added 47 | 48 | - Automatic cache pruning. 49 | If caching is active, we now automatically run `uv cache prune --ci` that shrinks the cache directory to only downloaded files. 50 | This make the cache smaller and therefore faster to save and restore. 51 | [#9](https://github.com/hynek/setup-cached-uv/pull/9) 52 | 53 | - The current calendar week is now added to the cache key by default. 54 | This means that the cache is refreshed weekly. 55 | 56 | You can tweak the behavior using the `cache-date-suffix` input. 57 | Setting it to `""` disables this feature, any other value is interpreted as an argument to the `date` CLI command. 58 | [#11](https://github.com/hynek/setup-cached-uv/pull/11) 59 | 60 | 61 | ### Changed 62 | 63 | - The name of the workflow and of the current job are now part of the cache key. 64 | While this means that you can't share a cache between jobs, this should be only a minor inconvenience in practice and make it do the right thing in the vast majority of cases. 65 | 66 | If this is a problem for you, please open an issue and tell us about your use-case. 67 | We can always add an option to set the whole key explicitly. 68 | [#10](https://github.com/hynek/setup-cached-uv/pull/10) 69 | 70 | 71 | ## [1.3.0](https://github.com/hynek/setup-cached-uv/compare/v1.2.0...v1.3.0) - 2024-07-26 72 | 73 | ### Fixed 74 | 75 | - The cache directory couldn't actually be... cached ...due to path restrictions (anymore?) so we moved it into `/tmp/` and made it configurable using the new action input `uv-cache-path`. 76 | [#8](https://github.com/hynek/setup-cached-uv/pull/8) 77 | 78 | 79 | ## [1.2.0](https://github.com/hynek/setup-cached-uv/compare/v1.1.0...v1.2.0) - 2024-07-22 80 | 81 | ### Added 82 | 83 | - Option to conditionally disable caching by setting `if-use-cache` to anything else than `'true'`. 84 | 85 | *uv* is increadibly fast at installing wheels, while GitHub Actions's caching is rather slow. 86 | But it's still faster than building missing wheels for exotic platforms (say, PyPy). 87 | 88 | This option allows you activate caching only when it's helpful. 89 | [#6](https://github.com/hynek/setup-cached-uv/pull/6) 90 | 91 | 92 | ## [1.1.0](https://github.com/hynek/setup-cached-uv/compare/v1.0.0...v1.1.0) - 2024-04-08 93 | 94 | ### Added 95 | 96 | - Support for multiple caches per workflow by adding two types of suffixes. 97 | [#2](https://github.com/hynek/setup-cached-uv/pull/2) 98 | 99 | 100 | ## [1.0.0](https://github.com/hynek/setup-cached-uv/tree/v1.0.0) - 2024-03-31 101 | 102 | ### Added 103 | 104 | - Everything. 105 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2024 Hynek Schlawack 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Setup *uv* and Handle Its Cache 2 | 3 | > [!NOTE] 4 | > Note that there's now an official [*astral-sh/setup-uv*](https://github.com/astral-sh/setup-uv) action. 5 | > 6 | > As far as we can tell, the cache-handling of this action is currently more straight-forward, though. 7 | 8 | This action will download and install the latest version of [*uv*](https://github.com/astral-sh/uv) using the official installer and handle its package cache for you. 9 | 10 | ```yaml 11 | jobs: 12 | tests: 13 | runs-on: ubuntu-latest # or macOS, or Windows 14 | steps: 15 | - uses: hynek/setup-cached-uv@v2 16 | 17 | - run: uv ... 18 | ``` 19 | 20 | 21 | ## Cache Management 22 | 23 | > [!CAUTION] 24 | > It’s important to understand that once a cache of a certain key has been created, it will be used in all subsequent jobs within the same workflow and will **not** be updated. 25 | > 26 | > This means that if you create the cache in the first job that installs only, say, *build* and *twine*, and later load the cache again and install more packages, those packages will **not** be cached for the next run. 27 | > 28 | > A cache also [doesn’t expire as long as it has been used in the last 7 days](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy). 29 | > That does **not** mean that you’re getting obsolete package versions – just that they’re not cached. 30 | 31 | To work around this, *setup-cached-uv* gives you several ways to invalidate the cache by adding suffixes to the cache key. 32 | This way you can have multiple caches per workflow that contain different sets of packages and have them expire periodically, even if in constant use. 33 | 34 | By default, the operating system of the runner, the name of the workflow, the job name, the hash of `pyproject.toml`, and the current calendar week are automatically added to the cache key. 35 | Meaning, without adding suffixes yourself, the cache keys look something like `uv-Linux-CI-tests-353c57572883b1d60a6434334a19edf10ed7c51947d8235b0a2b9fb77d3bf949-46`. 36 | 37 | This means that by default, each job on each operating system has an own cache that expires once per week or whenever `pyproject.toml` changes. 38 | 39 | To keep the caches small, this action automatically runs `uv cache prune --ci` before saving the cache. 40 | This keeps the files that have been downloaded, but removes any temporary files that are not needed for the cache to work, and that will only slow cache operations down. 41 | 42 | 43 | ### Optional Inputs 44 | 45 | #### `cache-dependency-path` 46 | 47 | A path to a file whose contents is hashed and appended to the cache name. 48 | May contain glob-style patterns and match more than one file. 49 | Internally, the GitHub Actions function [`hashFiles`](https://docs.github.com/en/actions/learn-github-actions/expressions#hashfiles) is used to hash the passed path. 50 | 51 | Using this with a fully pinned [`uv.lock`](https://docs.astral.sh/uv/concepts/projects/) or `requirements.txt` file is the most efficient use of this action because it automatically invalidates the cache when your dependencies or their versions change. 52 | 53 | You may want to set `cache-date-suffix` to `""` if you use this input with an all-encompassing lockfile. 54 | 55 | The default is `pyproject.toml` which invalidates the cache whenever a modern Python package changes its packaging metadata, but is not enough to be the only driver for cache invalidation. 56 | 57 | 58 | #### `cache-suffix` 59 | 60 | A static string to append to the cache key. 61 | This could, for example, be the Python version if the dependencies differ significantly between versions. 62 | 63 | 64 | #### `cache-date-suffix` 65 | 66 | If not empty, it’s interpreted as an argument to [`date`](https://man7.org/linux/man-pages/man1/date.1.html) and its output is appended to the cache key. 67 | 68 | The default is `+%V` which is the calendar week number. 69 | This means that the cache is refreshed weekly. 70 | 71 | You may want to set this to `""` if `cache-dependency-path` is enough to invalidate the cache (in other words: it's pointing to a complete lockfile). 72 | 73 | 74 | #### `uv-cache-path` 75 | 76 | The path to *uv*’s cache. 77 | Due to path restrictions, it’s impossible to cache the default path, so we moved it to a path beneath `/tmp` for Linux/macOS and `D:\a\_temp` on Windows. 78 | You can change it to elsewhere using this input, but make sure that [*actions/cache*](https://github.com/actions/cache) can find it. 79 | 80 | 81 | #### `if-use-cache` 82 | 83 | This defaults to `true`, but can be used to disable the cache, since GitHub’s default caching speed can be slower than an uncached *uv*. 84 | For example, if you have dependencies that don’t provide prebuilt PyPy wheels, you can only cache that run like this: 85 | 86 | ```yaml 87 | # ... 88 | - uses: hynek/setup-cached-uv@v2 89 | with: 90 | if-use-cache: ${{ startsWith(matrix.python-version, 'pypy') }} 91 | # ... 92 | ``` 93 | 94 | 95 | ### Examples 96 | 97 | Check out [our CI](.github/workflows/ci.yml) to see some inputs in action. 98 | 99 | 100 | ## License 101 | 102 | The scripts and documentation in this project are released under the [MIT License](LICENSE). 103 | -------------------------------------------------------------------------------- /action.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Setup uv and Handle Its Cache 3 | description: Downloads and installs the Python uv packaging manager and handles its cache. 4 | author: Hynek Schlawack 5 | branding: 6 | icon: package 7 | color: purple 8 | 9 | inputs: 10 | cache-suffix: 11 | description: A suffix to append to the cache key. 12 | required: false 13 | default: "" 14 | 15 | cache-date-suffix: 16 | description: Arguments to pass to the date command to generate a cache key suffix. 17 | required: false 18 | default: "+%V" 19 | 20 | cache-dependency-path: 21 | description: Hash this file and use it as part of the cache key. 22 | required: false 23 | default: "pyproject.toml" 24 | 25 | use-cache-if: 26 | description: Save the cache. 27 | required: false 28 | default: "true" 29 | 30 | uv-cache-path: 31 | description: Where to put uv's cache directory. 32 | required: false 33 | default: NOT_SET 34 | 35 | runs: 36 | using: composite 37 | 38 | steps: 39 | - name: Install uv on Linux or macOS 40 | run: | 41 | if [ "${{ inputs.uv-cache-path }}" = "NOT_SET" ]; then 42 | UV_CACHE_DIR="/tmp/scu-uv-cache" 43 | else 44 | UV_CACHE_DIR="${{ inputs.uv-cache-path }}" 45 | fi 46 | 47 | echo "UV_CACHE_DIR=$UV_CACHE_DIR" >>$GITHUB_ENV 48 | 49 | curl \ 50 | --location \ 51 | --silent \ 52 | --show-error \ 53 | --fail \ 54 | --proto '=https' \ 55 | --tlsv1.2 \ 56 | https://astral.sh/uv/install.sh | bash 57 | shell: bash 58 | if: runner.os != 'Windows' 59 | 60 | - name: Install uv on Windows 61 | run: | 62 | if ("${{ inputs.uv-cache-path }}" -eq "NOT_SET") { 63 | $UV_CACHE_DIR = "D:\a\_temp\scu-uv-cache" 64 | } else { 65 | $UV_CACHE_DIR = "${{ inputs.uv-cache-path }}" 66 | } 67 | 68 | echo "UV_CACHE_DIR=$UV_CACHE_DIR" >> $env:GITHUB_ENV 69 | 70 | irm https://astral.sh/uv/install.ps1 | iex 71 | shell: pwsh 72 | if: runner.os == 'Windows' 73 | 74 | - name: Check cache dir 75 | shell: bash 76 | run: echo "uv cache dir is $(uv cache dir)" 77 | 78 | - name: Compute cache key suffix by hashing ${{ inputs.cache-dependency-path }} 79 | run: > 80 | echo 81 | "HASH_CACHE_SUFFIX=-${{ hashFiles(inputs.cache-dependency-path) }}" 82 | >>$GITHUB_ENV 83 | shell: bash 84 | if: inputs.cache-dependency-path != '' && inputs.use-cache-if == 'true' 85 | 86 | - name: Compute date-based cache key suffix 87 | run: > 88 | echo 89 | "DATE_CACHE_SUFFIX=-$(date ${{ inputs.cache-date-suffix }})" 90 | >>$GITHUB_ENV 91 | shell: bash 92 | if: inputs.cache-date-suffix != '' && inputs.use-cache-if == 'true' 93 | 94 | - name: Load uv cache 95 | uses: actions/cache@v4 96 | if: inputs.use-cache-if == 'true' 97 | with: 98 | path: ${{ env.UV_CACHE_DIR }} 99 | key: uv-${{ runner.os }}-${{ github.workflow }}-${{ github.job }}${{ inputs.cache-suffix }}${{ env.HASH_CACHE_SUFFIX }}${{ env.DATE_CACHE_SUFFIX }} 100 | 101 | - name: Schedule cache pruning 102 | uses: gacts/run-and-post-run@d803f6920adc9a47eeac4cb6c93dbc2e2890c684 103 | if: inputs.use-cache-if == 'true' 104 | with: 105 | post: uv cache prune --ci 106 | --------------------------------------------------------------------------------