Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introduce a new dependabot-related pip-compile GH actions workflow [pydantic saga] #765

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 2 additions & 12 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,20 +19,10 @@ updates:
directory: "/"
schedule:
interval: "monthly"
ignore:
- dependency-name: "pydantic-core"
groups:
minor-and-patch:
update-types:
- "minor"
- "patch"
exclude-patterns:
- "pydantic*"

# pydantic is a known violator of version updates where they don't release the core backend
# with the API library at the same time which holds up other legitimate updates, so group
# pydantic deps together
pydantic:
update-types:
- "minor"
- "patch"
patterns:
- "pydantic*"
76 changes: 76 additions & 0 deletions .github/workflows/dependabot-pipcompile.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
name: Pip-compile

on:
pull_request:
types:
- opened
- reopened
- synchronize
paths:
- requirements.txt
- requirements-extras.txt
workflow_dispatch:
inputs: {}

# Need these permissions for the GITHUB_TOKEN to be able to post a comment to a PR
permissions:
issues: write
pull-requests: write

jobs:
versions-check:
runs-on: ubuntu-24.04
container:
image: python:3.9-alpine

steps:
# Need to install git before running the checkout action in a container
- name: Install dependencies
run: apk update && apk add --no-cache git

- uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Install pip-tools
run: |
pip install --upgrade pip
pip install --no-cache-dir pip-tools

# This step uses multi-line string injection to GitHub environment [1]
# [1] https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions#multiline-strings
- name: Run pip-compile to update requirements.txt
run: |
git config --global --add safe.directory "*"
pip-compile --generate-hashes --output-file=requirements.txt pyproject.toml
pip-compile \
--all-extras \
--allow-unsafe \
--generate-hashes \
--output-file=requirements-extras.txt \
pyproject.toml
{
echo 'GIT_DIFF<<EOF'
git diff -p
echo EOF
} >> "$GITHUB_ENV"

# Only comment on PRs when changes to requirements files are needed, based on:
# - https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/using-conditions-to-control-job-execution
# - https://github.com/actions/github-script?tab=readme-ov-file#comment-on-an-issue
# - https://github.com/actions/github-script/issues/247#issuecomment-1079839739
# - https://github.com/actions/github-script/issues/220#issuecomment-1007633429
- name: Comment on pull request
uses: actions/github-script@v7
if: env.GIT_DIFF != ''
env:
DIFF: "Changes to requirements files are needed. If you're experiencing CI test failures, please apply the following patch and update the pull request:\n```diff\n${{ env.GIT_DIFF }}\n```"
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: process.env.DIFF
})
14 changes: 11 additions & 3 deletions cachi2/core/package_managers/generic/models.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,16 @@
from urllib.parse import urljoin, urlparse

from packageurl import PackageURL
from pydantic import AnyUrl, BaseModel, ConfigDict, field_validator, model_validator
from pydantic import (
AnyUrl,
BaseModel,
ConfigDict,
PlainSerializer,
field_validator,
model_validator,
)
from pydantic_core.core_schema import ValidationInfo
from typing_extensions import Annotated

from cachi2.core.checksum import ChecksumInfo
from cachi2.core.errors import PackageManagerError
Expand Down Expand Up @@ -88,7 +96,7 @@
:param download_url: The URL to download the artifact from.
"""

download_url: AnyUrl
download_url: Annotated[AnyUrl, PlainSerializer(lambda url: str(url), return_type=str)]

Check notice

Code scanning / CodeQL

Unnecessary lambda Note

This 'lambda' is just a simple wrapper around a callable object. Use that object directly.

def resolve_filename(self) -> str:
"""Resolve the filename of the artifact."""
Expand Down Expand Up @@ -120,7 +128,7 @@
class LockfileArtifactMavenAttributes(BaseModel):
"""Attributes for a Maven artifact in the lockfile."""

repository_url: AnyUrl
repository_url: Annotated[AnyUrl, PlainSerializer(lambda url: str(url), return_type=str)]

Check notice

Code scanning / CodeQL

Unnecessary lambda Note

This 'lambda' is just a simple wrapper around a callable object. Use that object directly.
group_id: str
artifact_id: str
version: str
Expand Down
7 changes: 2 additions & 5 deletions tests/unit/package_managers/test_generic.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@
from unittest import mock

import pytest
from pydantic_core import Url

from cachi2.core.errors import Cachi2Error, PackageRejected
from cachi2.core.models.input import GenericPackageInput
Expand Down Expand Up @@ -335,15 +334,13 @@ def test_load_generic_lockfile_valid(rooted_tmp_path: RootedPath) -> None:
"metadata": {"version": "1.0"},
"artifacts": [
{
"download_url": Url("https://example.com/artifact"),
"download_url": "https://example.com/artifact",
"filename": str(rooted_tmp_path.join_within_root("archive.zip")),
"checksum": "md5:3a18656e1cea70504b905836dee14db0",
},
{
"checksum": "md5:32112bed1914cfe3799600f962750b1d",
"download_url": Url(
"https://example.com/more/complex/path/file.tar.gz?foo=bar#fragment"
),
"download_url": "https://example.com/more/complex/path/file.tar.gz?foo=bar#fragment",
"filename": str(rooted_tmp_path.join_within_root("file.tar.gz")),
},
],
Expand Down
Loading