robert-koch-institut · cutoffthetop · Jun 14, 2024 · Jun 14, 2024 · Jun 14, 2024
diff --git a/.cruft.json b/.cruft.json
@@ -1,6 +1,6 @@
 {
   "template": "https://github.com/robert-koch-institut/mex-template",
-  "commit": "5bac2fd56e8da37a4ac070283eaa26c99934c521",
+  "commit": "71137ce60c22f449d66138dcd113772acd678a39",
   "checkout": null,
   "context": {
     "cookiecutter": {

diff --git a/.github/workflows/cookiecutter.yml b/.github/workflows/cookiecutter.yml
@@ -5,9 +5,13 @@ on:
     branches: ["main"]
     tags: ["**"]
   schedule:
-    - cron: '0 0 * * *'
+    - cron: "14 3 * * 1-5"
   workflow_dispatch:
 
+concurrency:
+  group: ${{ github.workflow }}
+  cancel-in-progress: true
+
 env:
   PIP_NO_OPTION: on
   PIP_NO_CLEAN: on

diff --git a/.github/workflows/cve-scan.yml b/.github/workflows/cve-scan.yml
@@ -2,20 +2,19 @@ name: CVE Scan
 
 on:
   push:
-    # Workflows triggered by Dependabot on the "push" event run with read-only access.
-    # Uploading Code Scanning results requires write access. We therefore only use the
-    # "pull_request" trigger for Dependabot branches.
-    branches-ignore:
-      - 'dependabot/**'
   pull_request:
     types:
       - opened
       - reopened
       - synchronize
   schedule:
-    - cron: '0 0 * * *'
+    - cron: "14 3 * * 1-5"
   workflow_dispatch:
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
   scan:
     runs-on: ubuntu-latest

diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml
@@ -1,8 +1,10 @@
 name: Documentation
 
 on:
-  push:
-    tags: ["**"]
+  workflow_run:
+    workflows: [Release]
+    types:
+      - completed
   workflow_dispatch:
 
 env:
@@ -16,7 +18,7 @@ permissions:
   id-token: write
 
 concurrency:
-  group: "pages"
+  group: ${{ github.workflow }}
   cancel-in-progress: false
 
 jobs:

diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml
@@ -14,6 +14,10 @@ env:
   PIP_NO_CLEAN: on
   PIP_PREFER_BINARY: on
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
   lint:
     runs-on: ubuntu-latest

diff --git a/.github/workflows/open-code.yml b/.github/workflows/open-code.yml
@@ -6,6 +6,10 @@ on:
     tags: ["**"]
   workflow_dispatch:
 
+concurrency:
+  group: ${{ github.workflow }}
+  cancel-in-progress: true
+
 jobs:
   sync:
     runs-on: ubuntu-latest

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -21,15 +21,18 @@ env:
 
 permissions:
   contents: write
+  packages: write
 
 concurrency:
-  group: "release"
+  group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: false
 
 jobs:
   release:
     runs-on: ubuntu-latest
     timeout-minutes: 10
+    outputs:
+      tag: ${{ steps.release.outputs.tag }}
     steps:
       - name: Checkout repo
         uses: actions/checkout@v4
@@ -72,7 +75,48 @@ jobs:
           git config --local commit.gpgsign true
 
       - name: Release new version
+        id: release
         env:
           GH_TOKEN: ${{ secrets.WORKFLOW_TOKEN }}
         run: |
           pdm release ${{ inputs.version }}
+          echo "tag=$(git describe --abbrev=0 --tags)" >> "$GITHUB_OUTPUT"
+
+  distribute:
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    needs: release
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+
+      - name: Cache requirements
+        uses: actions/cache@v4
+        env:
+          cache-name: cache-requirements
+        with:
+          path: ~/.cache/pip
+          key: ${{ env.cache-name }}-${{ hashFiles('requirements.txt') }}
+          restore-keys: |
+            ${{ env.cache-name }}-
+
+      - name: Setup python
+        uses: actions/setup-python@v5
+        with:
+          python-version: 3.11
+
+      - name: Install requirements
+        run: make setup
+
+      - name: Build wheel and sdist distros and create a github release
+        env:
+          GH_TOKEN: ${{ secrets.WORKFLOW_TOKEN }}
+          PDM_CHECK_UPDATE: False
+        run: |
+          gh release create ${{ needs.release.outputs.tag }} --generate-notes --latest --verify-tag
+          pdm build --dest dist
+          for filename in dist/*; do
+            gh release upload ${{ needs.release.outputs.tag }} ${filename};
+          done
diff --git a/.github/workflows/renovatebot.yml b/.github/workflows/renovatebot.yml
@@ -4,10 +4,13 @@ on:
   push:
     branches: ["main"]
   schedule:
-    # * is a special character in YAML so you have to quote this string
     - cron: "14 3 * * 1-5"
   workflow_dispatch:
 
+concurrency:
+  group: ${{ github.workflow }}
+  cancel-in-progress: true
+
 jobs:
   renovate:
     runs-on: ubuntu-latest

diff --git a/.github/workflows/reviewing.yml b/.github/workflows/reviewing.yml
@@ -6,6 +6,10 @@ on:
       - opened
       - reopened
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
   assignee:
     runs-on: ubuntu-latest

diff --git a/.gitignore b/.gitignore
@@ -124,4 +124,5 @@ dmypy.json
 data/
 identity.csv
 schema.json
+tmp*/
 work/
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -12,7 +12,7 @@ repos:
       - id: ruff
         args: [--fix, --exit-non-zero-on-fix]
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.5.0
+    rev: v4.6.0
     hooks:
       - id: pretty-format-json
         name: json
-Original file line number
+Diff line change
@@ Expand Up / @@ -124,4 +124,5 @@ dmypy.json @@
     data/
     identity.csv
     schema.json
+    tmp*/
     work/