From 266d3c461ab9d9e6d9deb8f3fa5ab2e54b408071 Mon Sep 17 00:00:00 2001 From: Nicholas Felt Date: Wed, 14 Feb 2024 15:08:24 -0800 Subject: [PATCH 1/7] ci: Created a workflow to update python linting dependencies and pre-commit hook versions inside of a PR. --- ...ate-python-and-pre-commit-dependencies.yml | 39 +++++++++++++++++++ .pre-commit-config.yaml | 2 +- scripts/update_development_dependencies.py | 31 ++++++++++++++- 3 files changed, 69 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/update-python-and-pre-commit-dependencies.yml diff --git a/.github/workflows/update-python-and-pre-commit-dependencies.yml b/.github/workflows/update-python-and-pre-commit-dependencies.yml new file mode 100644 index 00000000..8e08ce9c --- /dev/null +++ b/.github/workflows/update-python-and-pre-commit-dependencies.yml @@ -0,0 +1,39 @@ +--- +name: Update python linting dependencies in-sync with pre-commit +on: + pull_request: + branches: [main] +jobs: + update-python-and-pre-commit-deps: + name: Update python linters and pre-commit dependencies + runs-on: ubuntu-latest + if: github.event.pull_request.user.login == 'dependabot' + permissions: + contents: write + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + ref: ${{ github.head_ref }} + token: ${{ secrets.TEK_OPENSOURCE_TOKEN }} + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: x # any version + check-latest: true + - name: Install workflow dependencies + run: pip install poetry yamlfix toml-sort requests pre-commit-update + - uses: crazy-max/ghaction-import-gpg@v6 + with: + gpg_private_key: ${{ secrets.TEK_OPENSOURCE_GPG_SIGNING_KEY_PRIVATE }} + passphrase: ${{ secrets.TEK_OPENSOURCE_GPG_SIGNING_KEY_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + - name: Run updater script + run: python scripts/update_development_dependencies.py --no-install + - uses: stefanzweifel/git-auto-commit-action@v5 + with: + commit_message: 'ci: Update python linters and pre-commit dependencies.' + commit_user_name: ${{ vars.TEK_OPENSOURCE_NAME }} + commit_user_email: ${{ vars.TEK_OPENSOURCE_EMAIL }} + commit_author: ${{ vars.TEK_OPENSOURCE_NAME }} <${{ vars.TEK_OPENSOURCE_EMAIL }}> diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 7a5e7571..52903232 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -29,7 +29,7 @@ repos: - id: pretty-format-json args: [--autofix, --indent=4] - repo: https://github.com/Lucas-C/pre-commit-hooks - rev: v1.5.4 + rev: v1.5.5 hooks: - id: remove-tabs - id: forbid-tabs diff --git a/scripts/update_development_dependencies.py b/scripts/update_development_dependencies.py index 009916bf..8c92a763 100644 --- a/scripts/update_development_dependencies.py +++ b/scripts/update_development_dependencies.py @@ -3,6 +3,7 @@ This script will update the development dependencies that are pinned in the pyproject.toml and .pre- commit-config.yaml files. """ +import argparse import shlex import subprocess import sys @@ -25,6 +26,23 @@ ) +def parse_arguments() -> argparse.Namespace: + """Parse the command line arguments. + + Returns: + The parsed Namespace. + """ + parser = argparse.ArgumentParser() + parser.add_argument( + "--no-install", + action="store_true", + dest="no_install", + help="Indicate if packages should not be installed via poetry (Primarily used in CI).", + ) + + return parser.parse_args() + + def _run_cmd_in_subprocess(command: str) -> None: """Run the given command in a subprocess. @@ -44,6 +62,9 @@ def main() -> None: repository_root_directory = script_location.parent.parent latest_dependency_versions: List[str] = [] + args = parse_arguments() + lock_only = args.no_install + # Get the latest versions for each of the dependencies to update for dependency in DEPENDENCIES_TO_UPDATE: latest_dep_version = get_latest_version(dependency.split("[", maxsplit=1)[0], "pypi") @@ -51,10 +72,16 @@ def main() -> None: # Update dependencies in pyproject.toml using poetry dependencies = " ".join(f'"{x}"' for x in latest_dependency_versions) - _run_cmd_in_subprocess(f'"{python_executable}" -m poetry add --group=dev {dependencies}') + poetry_add_cmd = f'"{python_executable}" -m poetry add --group=dev {dependencies}' + if lock_only: + poetry_add_cmd += " --lock" + _run_cmd_in_subprocess(poetry_add_cmd) # Run poetry update - _run_cmd_in_subprocess(f'"{python_executable}" -m poetry update') + poetry_update_cmd = f'"{python_executable}" -m poetry update' + if lock_only: + poetry_update_cmd += " --lock" + _run_cmd_in_subprocess(poetry_update_cmd) # Update pre-commit config file _run_cmd_in_subprocess(f'"{python_script_location}/pre-commit-update"') From 485e3795d187e073abdeae99d913ee534b6d6830 Mon Sep 17 00:00:00 2001 From: Nicholas Felt Date: Wed, 14 Feb 2024 15:24:10 -0800 Subject: [PATCH 2/7] ci: Update workflow to only trigger for pip pull requests for python dependencies. --- .../workflows/update-python-and-pre-commit-dependencies.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-python-and-pre-commit-dependencies.yml b/.github/workflows/update-python-and-pre-commit-dependencies.yml index 8e08ce9c..b53df747 100644 --- a/.github/workflows/update-python-and-pre-commit-dependencies.yml +++ b/.github/workflows/update-python-and-pre-commit-dependencies.yml @@ -7,7 +7,8 @@ jobs: update-python-and-pre-commit-deps: name: Update python linters and pre-commit dependencies runs-on: ubuntu-latest - if: github.event.pull_request.user.login == 'dependabot' + if: github.event.pull_request.user.login == 'dependabot' && contains(github.head_ref, + "/pip/") permissions: contents: write steps: From e25aa0a3baff62ad25357b037cd6116f6527e2f6 Mon Sep 17 00:00:00 2001 From: Nicholas Felt Date: Wed, 14 Feb 2024 15:29:26 -0800 Subject: [PATCH 3/7] ci: Re-order expression to not cause an invalid workflow error. --- .../workflows/update-python-and-pre-commit-dependencies.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-python-and-pre-commit-dependencies.yml b/.github/workflows/update-python-and-pre-commit-dependencies.yml index b53df747..ae10b8f9 100644 --- a/.github/workflows/update-python-and-pre-commit-dependencies.yml +++ b/.github/workflows/update-python-and-pre-commit-dependencies.yml @@ -7,8 +7,8 @@ jobs: update-python-and-pre-commit-deps: name: Update python linters and pre-commit dependencies runs-on: ubuntu-latest - if: github.event.pull_request.user.login == 'dependabot' && contains(github.head_ref, - "/pip/") + if: contains(github.head_ref, "/pip/") && github.event.pull_request.user.login + == 'dependabot' permissions: contents: write steps: From f099a8ad84ef8c1930d1c492a180e967277e2604 Mon Sep 17 00:00:00 2001 From: Nicholas Felt Date: Wed, 14 Feb 2024 15:31:24 -0800 Subject: [PATCH 4/7] ci: Update expression syntax to be (hopefully) valid. --- .../workflows/update-python-and-pre-commit-dependencies.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/update-python-and-pre-commit-dependencies.yml b/.github/workflows/update-python-and-pre-commit-dependencies.yml index ae10b8f9..e1fd3688 100644 --- a/.github/workflows/update-python-and-pre-commit-dependencies.yml +++ b/.github/workflows/update-python-and-pre-commit-dependencies.yml @@ -7,8 +7,7 @@ jobs: update-python-and-pre-commit-deps: name: Update python linters and pre-commit dependencies runs-on: ubuntu-latest - if: contains(github.head_ref, "/pip/") && github.event.pull_request.user.login - == 'dependabot' + if: ${{ github.event.pull_request.user.login == 'dependabot' && contains(github.head_ref, "/pip/") }} permissions: contents: write steps: From ada25ba0168f0550a92bf42c3dd742f1186eaf6e Mon Sep 17 00:00:00 2001 From: Nicholas Felt Date: Wed, 14 Feb 2024 15:32:44 -0800 Subject: [PATCH 5/7] ci: Switch the quotes used for the github expression. --- .github/workflows/update-python-and-pre-commit-dependencies.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-python-and-pre-commit-dependencies.yml b/.github/workflows/update-python-and-pre-commit-dependencies.yml index e1fd3688..79a20c38 100644 --- a/.github/workflows/update-python-and-pre-commit-dependencies.yml +++ b/.github/workflows/update-python-and-pre-commit-dependencies.yml @@ -7,7 +7,7 @@ jobs: update-python-and-pre-commit-deps: name: Update python linters and pre-commit dependencies runs-on: ubuntu-latest - if: ${{ github.event.pull_request.user.login == 'dependabot' && contains(github.head_ref, "/pip/") }} + if: ${{ github.event.pull_request.user.login == 'dependabot' && contains(github.head_ref, '/pip/') }} permissions: contents: write steps: From 45e3b59228918f19f83c4aff8ca824d9111fa604 Mon Sep 17 00:00:00 2001 From: Nicholas Felt Date: Tue, 20 Feb 2024 07:51:08 -0800 Subject: [PATCH 6/7] ci: Update release workflow to include the impending changes in the job summary for easy review. --- .github/workflows/package-release.yml | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/workflows/package-release.yml b/.github/workflows/package-release.yml index 5af0c19d..b4bb8d94 100644 --- a/.github/workflows/package-release.yml +++ b/.github/workflows/package-release.yml @@ -18,10 +18,18 @@ jobs: print-inputs: runs-on: ubuntu-latest steps: - - name: Create summary of workflow inputs + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: x + - name: Check for unreleased entries in the Changelog + run: python scripts/check_unreleased_changelog_items.py + - name: Create summary of workflow inputs and incoming changes run: | - echo "### inputs" >> $GITHUB_STEP_SUMMARY + echo "## Workflow Inputs" >> $GITHUB_STEP_SUMMARY echo "- release_level: ${{ inputs.release_level }}" >> $GITHUB_STEP_SUMMARY + echo "## Incoming Changes" >> $GITHUB_STEP_SUMMARY + cat python_semantic_release_templates/.previous_release_notes_for_template.md >> $GITHUB_STEP_SUMMARY # This job requires a Personal Access Token (Classic) with # the public_repo permission. It also needs a private/public # ssh key pair that can be used for signing. The public key must From 649e9efed01d53c95c460c8c036e1dda7eb10eef Mon Sep 17 00:00:00 2001 From: Nicholas Felt Date: Tue, 20 Feb 2024 07:52:53 -0800 Subject: [PATCH 7/7] ci: Checkout the repo to use the script in the job that prints incoming changes. --- .github/workflows/package-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/package-release.yml b/.github/workflows/package-release.yml index b4bb8d94..4b44087b 100644 --- a/.github/workflows/package-release.yml +++ b/.github/workflows/package-release.yml @@ -18,6 +18,7 @@ jobs: print-inputs: runs-on: ubuntu-latest steps: + - uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v5 with: