-
Notifications
You must be signed in to change notification settings - Fork 2
add dependency-update workflow template (fixes #683) #756
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
Rimsha2535
wants to merge
21
commits into
main
Choose a base branch
from
feature/dependency-update-workflow
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from 1 commit
Commits
Show all changes
21 commits
Select commit
Hold shift + click to select a range
fdf9333
added dependency-update workflow template
Rimsha2535 67e8357
Add dependency-update workflow template and update tests
Rimsha2535 e764019
Merge branch 'main' into feature/dependency-update-workflow
Rimsha2535 c9c53e6
Apply review feedback for dependency update workflow
Rimsha2535 c05e242
Merge branch 'main' into feature/dependency-update-workflow
ArBridgeman cea77fd
Improve dependency update workflow, tests, and docs
Rimsha2535 9844688
Merge branch 'main' into feature/dependency-update-workflow
ArBridgeman 454f20e
Merge branch 'main' into feature/dependency-update-workflow
ArBridgeman 49145b9
Fix release:prepare test
ArBridgeman bf38243
Update PTB workflows to 7.0.0
ArBridgeman b59c5b5
Add Slack reporting hook
ArBridgeman 85c89d2
Add entry to unreleased.md changelog
ArBridgeman a882d41
Update .github/workflows/dependency-update.yml
Rimsha2535 eec5503
Update .github/workflows/dependency-update.yml
Rimsha2535 4bb47a9
Update .github/workflows/dependency-update.yml
Rimsha2535 a4c95e3
Update .github/workflows/dependency-update.yml
Rimsha2535 8ec9d68
Update .github/workflows/dependency-update.yml
Rimsha2535 7ee7359
Merge branch 'main' into feature/dependency-update-workflow
Rimsha2535 9e18007
Add slack_hook
Rimsha2535 ee5f3ab
Resolve merge conflicts
Rimsha2535 6f64290
Copy dependency-update workflow changes to template
Rimsha2535 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Some comments aren't visible on the classic Files Changed page.
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| name: Dependency Update | ||
|
Rimsha2535 marked this conversation as resolved.
ArBridgeman marked this conversation as resolved.
|
||
|
|
||
| on: | ||
| schedule: | ||
| # Every Monday at 03:00 UTC | ||
| - cron: "0 3 * * 1" | ||
| workflow_dispatch: | ||
|
|
||
| jobs: | ||
| dependency-update: | ||
| name: Dependency Update | ||
| runs-on: "ubuntu-24.04" | ||
| permissions: | ||
| contents: write | ||
| pull-requests: write | ||
|
|
||
| steps: | ||
| - name: Check out Repository | ||
| id: check-out-repository | ||
| uses: actions/checkout@v6 | ||
|
|
||
| - name: Set up Python & Poetry Environment | ||
| id: set-up-python-and-poetry-environment | ||
| uses: exasol/python-toolbox/.github/actions/python-environment@v6 | ||
| with: | ||
| python-version: "3.10" | ||
| poetry-version: "2.3.0" | ||
|
|
||
| - name: Audit Dependencies | ||
|
ckunki marked this conversation as resolved.
|
||
| id: audit-dependencies | ||
| run: poetry run -- nox -s dependency:audit | ||
|
|
||
| - name: Update Dependencies | ||
| id: update-dependencies | ||
| run: poetry update | ||
|
|
||
| - name: Check for poetry.lock Changes | ||
| id: check-for-poetry-lock-changes | ||
| run: | | ||
| if git diff --quiet -- poetry.lock; then | ||
| echo "changed=false" >> "$GITHUB_OUTPUT" | ||
| else | ||
| echo "changed=true" >> "$GITHUB_OUTPUT" | ||
| fi | ||
|
|
||
| - name: Create Pull Request | ||
| id: create-pull-request | ||
| if: steps.check-for-poetry-lock-changes.outputs.changed == 'true' | ||
| uses: peter-evans/create-pull-request@v7 | ||
| with: | ||
| commit-message: "Update poetry.lock" | ||
| branch: dependency-update/poetry-lock | ||
| delete-branch: true | ||
| title: "Update poetry.lock" | ||
| body: |- | ||
| Automated dependency update for `poetry.lock`. | ||
|
|
||
| This PR was created by the dependency update workflow after running: | ||
| - `poetry run -- nox -s dependency:audit` | ||
| - `poetry update` | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| dependency-update | ||
| ================= | ||
|
|
||
| This workflow updates the project dependencies using Poetry. | ||
|
Rimsha2535 marked this conversation as resolved.
Outdated
|
||
|
|
||
| It first runs a dependency audit via ``nox -s dependency:audit`` and then updates the dependencies using ``poetry update``. | ||
| If the ``poetry.lock`` file changes, a pull request is created automatically. | ||
|
|
||
| Example Usage | ||
|
Rimsha2535 marked this conversation as resolved.
Outdated
|
||
| ------------- | ||
|
|
||
| .. code-block:: bash | ||
|
|
||
| tbx workflow install dependency-update | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -8,3 +8,4 @@ | |
|
|
||
| python_environment | ||
| security_issues | ||
| dependency_update | ||
60 changes: 60 additions & 0 deletions
60
exasol/toolbox/templates/github/workflows/dependency-update.yml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| name: Dependency Update | ||
|
|
||
| on: | ||
| schedule: | ||
| # Every Monday at 03:00 UTC | ||
| - cron: "0 3 * * 1" | ||
| workflow_dispatch: | ||
|
ArBridgeman marked this conversation as resolved.
|
||
|
|
||
| jobs: | ||
| dependency-update: | ||
| name: Dependency Update | ||
| runs-on: "(( os_version ))" | ||
| permissions: | ||
| contents: write | ||
| pull-requests: write | ||
|
|
||
| steps: | ||
| - name: Check out Repository | ||
| id: check-out-repository | ||
| uses: actions/checkout@v6 | ||
|
|
||
| - name: Set up Python & Poetry Environment | ||
| id: set-up-python-and-poetry-environment | ||
| uses: exasol/python-toolbox/.github/actions/python-environment@v6 | ||
| with: | ||
| python-version: "(( minimum_python_version ))" | ||
| poetry-version: "(( dependency_manager_version ))" | ||
|
|
||
| - name: Audit Dependencies | ||
| id: audit-dependencies | ||
| run: poetry run -- nox -s dependency:audit | ||
|
ArBridgeman marked this conversation as resolved.
Outdated
|
||
|
|
||
| - name: Update Dependencies | ||
| id: update-dependencies | ||
| run: poetry update | ||
|
|
||
| - name: Check for poetry.lock Changes | ||
| id: check-for-poetry-lock-changes | ||
| run: | | ||
| if git diff --quiet -- poetry.lock; then | ||
| echo "changed=false" >> "$GITHUB_OUTPUT" | ||
| else | ||
| echo "changed=true" >> "$GITHUB_OUTPUT" | ||
| fi | ||
|
|
||
| - name: Create Pull Request | ||
| id: create-pull-request | ||
| if: steps.check-for-poetry-lock-changes.outputs.changed == 'true' | ||
| uses: peter-evans/create-pull-request@v7 | ||
|
ArBridgeman marked this conversation as resolved.
Outdated
|
||
| with: | ||
| commit-message: "Update poetry.lock" | ||
| branch: dependency-update/poetry-lock | ||
| delete-branch: true | ||
| title: "Update poetry.lock" | ||
| body: | | ||
| Automated dependency update for `poetry.lock`. | ||
|
|
||
| This PR was created by the dependency update workflow after running: | ||
| - `poetry run -- nox -s dependency:audit` | ||
| - `poetry update` | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.