Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: Fix upgrade depenecies workflow #1083

Merged
merged 3 commits into from
Feb 28, 2024
Merged

ci: Fix upgrade depenecies workflow #1083

merged 3 commits into from
Feb 28, 2024

Conversation

Czaki
Copy link
Collaborator

@Czaki Czaki commented Feb 28, 2024

The PR #1076 has broken upgrade dependence workflow. This PR is fixing it.

Summary by CodeRabbit

  • Chores
    • Updated the Python version to 3.11 and improved the dependency upgrade process.
    • Enhanced the package update checking script to support the latest Python packaging standards.

@Czaki Czaki added this to the 0.15.3 milestone Feb 28, 2024
Copy link
Contributor

coderabbitai bot commented Feb 28, 2024

Walkthrough

The project has undergone a significant overhaul in its dependency management and upgrade mechanisms. The changes include an update to Python 3.11, the adoption of a new dependency management tool named uv, and a shift in configuration file parsing from using ConfigParser to tomli, focusing on pyproject.toml. These modifications aim to streamline and enhance the efficiency of managing and upgrading project dependencies.

Changes

File(s) Summary
.github/workflows/upgrade-dependencies.yml, build_utils/check_updated_packages.py Python updated to 3.11, adjusted dependency commands, introduced uv.
build_utils/check_updated_packages.py Switched to tomli for parsing, reads pyproject.toml for dependencies, updated extraction logic.

🐇✨
In the land of code and byte,
A rabbit hopped with sheer delight.
"New tools and Python, oh so bright,
Our project leaps towards the light!"
With uv and tomli, we take flight,
Crafting code that's truly airtight.
🚀🌟

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>.
    • Generate unit-tests for this file.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit tests for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai generate interesting stats about this repository from git and render them as a table.
    • @coderabbitai show all the console.log statements in this repository.
    • @coderabbitai read src/utils.ts and generate unit tests.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • The JSON schema for the configuration file is available here.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

CodeRabbit Discord Community

Join our Discord Community to get help, request features, and share feedback.

Copy link
Contributor

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR Type: Enhancement

PR Summary: This pull request addresses issues introduced by a previous PR that broke the upgrade dependencies workflow. It updates the workflow to use a newer version of Python (3.11) exclusively, simplifies the dependency upgrade commands by utilizing a new tool, and transitions the package configuration parsing from 'setup.cfg' to 'pyproject.toml'.

Decision: Comment

📝 Type: 'Enhancement' - not supported yet.
  • Sourcery currently only approves 'Typo fix' PRs.
✅ Issue addressed: this change correctly addresses the issue or implements the desired feature.
No details provided.
✅ Small diff: the diff is small enough to approve with confidence.
No details provided.

General suggestions:

  • Ensure that the exclusive use of Python 3.11 aligns with the project's compatibility and support strategy. Dropping support for older Python versions should be a deliberate decision.
  • Consider the impact of changing the dependency upgrade tool on the workflow's maintainability and ease of use for other contributors.
  • Verify that the transition to 'pyproject.toml' for package configuration parsing does not affect other parts of the project that may rely on 'setup.cfg'.
  • Review the new dependency upgrade commands for any potential edge cases or errors that could arise from the changes.

Thanks for using Sourcery. We offer it for free for open source projects and would be very grateful if you could help us grow. If you like it, would you consider sharing Sourcery on your favourite social media? ✨

Share Sourcery

Help me be more useful! Please click 👍 or 👎 on each comment to tell me if it was helpful.

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review Status

Actionable comments generated: 2

Configuration used: CodeRabbit UI

Commits Files that changed from the base of the PR and between 370ab25 and 0ebc2a1.
Files selected for processing (2)
  • .github/workflows/upgrade-dependencies.yml (2 hunks)
  • build_utils/check_updated_packages.py (2 hunks)
Additional comments: 1
build_utils/check_updated_packages.py (1)
  • 7-7: The import of tomli correctly replaces ConfigParser, aligning with the PR's objective to modernize the parsing of project configuration files.

Comment on lines +35 to +42
config = loads((src_dir / "pyproject.toml").read_text())

metadata = config["project"]

packages = (
config["options"]["install_requires"].split("\n")
+ config["options.extras_require"]["pyinstaller"].split("\n")
+ config["options.extras_require"]["all"].split("\n")
metadata["dependencies"]
+ metadata["optional-dependencies"]["pyinstaller"]
+ metadata["optional-dependencies"]["all"]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The transition to reading and parsing pyproject.toml using tomli is correctly implemented. However, there are a few considerations for improvement:

  1. Error handling for file reading and TOML parsing should be added to catch and handle potential IO or parsing errors gracefully.
  2. The extraction of dependencies assumes the presence of certain keys (dependencies, optional-dependencies) in the TOML file. It's advisable to check for the existence of these keys before accessing them to avoid KeyError.
+ try:
config = loads((src_dir / "pyproject.toml").read_text())
+ except (FileNotFoundError, IOError) as e:
+     print(f"Error reading pyproject.toml: {e}", file=sys.stderr)
+     sys.exit(1)
+ except tomli.TOMLDecodeError as e:
+     print(f"Error parsing pyproject.toml: {e}", file=sys.stderr)
+     sys.exit(1)

+ if "project" not in config:
+     print("Missing 'project' section in pyproject.toml", file=sys.stderr)
+     sys.exit(1)
metadata = config["project"]

+ if "dependencies" not in metadata or "optional-dependencies" not in metadata:
+     print("Missing dependencies information in pyproject.toml", file=sys.stderr)
+     sys.exit(1)
packages = (
    metadata["dependencies"]
    + metadata.get("optional-dependencies", {}).get("pyinstaller", [])
    + metadata.get("optional-dependencies", {}).get("all", [])
)
+ ```

<!-- This is an auto-generated comment by CodeRabbit -->

---

<!-- suggestion_start -->
<details>
<summary>Committable suggestion</summary>

> :bangbang: **IMPORTANT**
> Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation.

```suggestion
try:
    config = loads((src_dir / "pyproject.toml").read_text())
except (FileNotFoundError, IOError) as e:
    print(f"Error reading pyproject.toml: {e}", file=sys.stderr)
    sys.exit(1)
except tomli.TOMLDecodeError as e:
    print(f"Error parsing pyproject.toml: {e}", file=sys.stderr)
    sys.exit(1)

if "project" not in config:
    print("Missing 'project' section in pyproject.toml", file=sys.stderr)
    sys.exit(1)
metadata = config["project"]

if "dependencies" not in metadata or "optional-dependencies" not in metadata:
    print("Missing dependencies information in pyproject.toml", file=sys.stderr)
    sys.exit(1)
packages = (
    metadata["dependencies"]
    + metadata.get("optional-dependencies", {}).get("pyinstaller", [])
    + metadata.get("optional-dependencies", {}).get("all", [])
)

Comment on lines 32 to 46
# ADD YOUR CUSTOM DEPENDENCY UPGRADE COMMANDS BELOW
run: |
set -x
flags="--extra pyqt5 --extra pyqt6 --extra pyside2 --extra pyside6"
flags+=" --extra test --extra pyinstaller --allow-unsafe --strip-extras --resolver=backtracking"
pip install -U uv
set -x
flags=(--extra pyqt5 --extra pyqt6 --extra pyside2 --extra pyside6 --extra test --extra pyinstaller)

for pyv in 3.8 3.9 3.10 3.11; do
python${pyv} -m pip install -U pip pip-tools
python${pyv} -m piptools compile --upgrade -o requirements/constraints_py${pyv}.txt pyproject.toml requirements/version_denylist.txt ${flags}
uv pip compile --python-version ${pyv} --upgrade --output-file requirements/constraints_py${pyv}.txt pyproject.toml requirements/version_denylist.txt "${flags[@]}"
done
python3.11 -m piptools compile --upgrade -o requirements/constraints_py3.11_docs.txt pyproject.toml requirements/version_denylist.txt --allow-unsafe --strip-extras --extra docs --extra pyqt6
set +x
uv pip compile --python-version 3.11 --upgrade --output-file requirements/constraints_py3.11_docs.txt pyproject.toml requirements/version_denylist.txt --extra docs --extra pyqt6
# END PYTHON DEPENDENCIES

- name: Check updated packages
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📝 NOTE
This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [25-43]

The update to Python 3.11 and the introduction of the uv tool for dependency management are significant improvements. However, there are a few areas that could be refined:

  1. The use of set -x before running commands is good for debugging, but consider if this level of verbosity is always desired in the workflow logs.
  2. The loop over Python versions (for pyv in 3.8 3.9 3.10 3.11; do) to upgrade dependencies for each version is a robust approach, ensuring compatibility across multiple Python versions. However, ensure that all specified Python versions are supported by the project's dependencies.
  3. The --extra flags used with uv pip compile should be verified to ensure they match the project's actual optional dependencies as defined in pyproject.toml.
-          set -x
+          # Consider removing or conditionally using `set -x` for cleaner logs
           pip install -U uv
-          set -x
+          # Ensure verbosity is controlled and necessary
           flags=(--extra pyqt5 --extra pyqt6 --extra pyside2 --extra pyside6 --extra test --extra pyinstaller)

           for pyv in 3.8 3.9 3.10 3.11; do
             uv pip compile --python-version ${pyv} --upgrade --output-file requirements/constraints_py${pyv}.txt pyproject.toml requirements/version_denylist.txt "${flags[@]}"
           done
           set +x
           uv pip compile --python-version 3.11 --upgrade --output-file requirements/constraints_py3.11_docs.txt pyproject.toml requirements/version_denylist.txt --extra docs --extra pyqt6

Additionally, consider adding comments or documentation within the workflow file to explain the purpose and usage of the uv tool and the chosen flags for future maintainers.

Copy link

sonarcloud bot commented Feb 28, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits Files that changed from the base of the PR and between 0ebc2a1 and a5d33e4.
Files selected for processing (2)
  • .github/workflows/upgrade-dependencies.yml (2 hunks)
  • build_utils/check_updated_packages.py (2 hunks)
Files skipped from review as they are similar to previous changes (1)
  • build_utils/check_updated_packages.py
Additional comments: 6
.github/workflows/upgrade-dependencies.yml (6)
  • 25-25: The transition to Python 3.11 is a significant update. Ensure that all Python dependencies and any Python code within the project are compatible with Python 3.11 to avoid runtime issues.
  • 35-35: The installation of the uv tool is a new addition. Verify that uv is compatible with the project's infrastructure and that it provides the expected benefits over previous tools used for managing dependencies.
  • 36-41: The use of uv for upgrading Python dependencies introduces a new approach. Ensure that the flags and Python versions specified are aligned with the project's requirements. Additionally, verify that the output files (constraints_py${pyv}.txt and constraints_py3.11_docs.txt) are correctly utilized in the project's dependency management process.
  • 32-44: > 📝 NOTE

This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [25-41]

The caching strategy now relies on pyproject.toml. Confirm that all relevant dependencies are correctly listed in pyproject.toml and that the cache will be effectively utilized to speed up future runs of this workflow.

  • 32-44: > 📝 NOTE

This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [25-41]

The workflow includes a step to check updated packages using a script from build_utils/check_updated_packages.py. Given the changes to dependency management, ensure that this script is fully compatible with the new setup, especially the transition to tomli and the focus on pyproject.toml.

  • 32-44: > 📝 NOTE

This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [25-41]

The creation of a pull request for updating vendored modules uses peter-evans/create-pull-request@v6. Confirm that this action version is compatible with the updated workflow and that it correctly handles the creation and deletion of branches, especially with the new dependency management approach.

@Czaki Czaki merged commit 3099945 into develop Feb 28, 2024
49 checks passed
@Czaki Czaki deleted the fix_upgrade_workflow branch February 28, 2024 22:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant