From ebe78164825f578f33f0d81e516c0c0945189ae7 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Fri, 9 May 2025 14:09:46 +0000 Subject: [PATCH 1/4] update --- .copier-answers.yml | 2 +- .github/workflows/ci.yaml | 8 ++- .github/workflows/dependabot-post-update.yaml | 59 ------------------- .../workflows/update-devcontainer-hash.yaml | 41 +++++++++++++ .../workflows/dependabot-post-update.yaml | 59 ------------------- .../workflows/update-devcontainer-hash.yaml | 41 +++++++++++++ 6 files changed, 90 insertions(+), 120 deletions(-) delete mode 100644 .github/workflows/dependabot-post-update.yaml create mode 100644 .github/workflows/update-devcontainer-hash.yaml delete mode 100644 template/.github/workflows/dependabot-post-update.yaml create mode 100644 template/.github/workflows/update-devcontainer-hash.yaml diff --git a/.copier-answers.yml b/.copier-answers.yml index cf527074..9963afe5 100644 --- a/.copier-answers.yml +++ b/.copier-answers.yml @@ -1,5 +1,5 @@ # Changes here will be overwritten by Copier -_commit: v0.0.41-2-g01ccd8c +_commit: v0.0.41-5-g077fbc8 _src_path: gh:LabAutomationAndScreening/copier-base-template.git description: Copier template for creating Python libraries and executables python_ci_versions: diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index d3d595c8..27134a46 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -5,7 +5,6 @@ on: branches-ignore: - 'gh-readonly-queue/**' # don't run (again) when on these special branches created during merge groups; the `on: merge_group` already triggers it. merge_group: - workflow_dispatch: env: PYTHONUNBUFFERED: True @@ -16,7 +15,14 @@ permissions: contents: write # needed for mutex jobs: + update-devcontainer-hash: + if: ${{ github.actor == 'dependabot[bot]' }} + uses: ./.github/workflows/update-devcontainer-hash.yaml + with: + branch: ${{ github.event.pull_request.head.ref }} + pre-commit: + needs: [ update-devcontainer-hash ] strategy: fail-fast: false matrix: diff --git a/.github/workflows/dependabot-post-update.yaml b/.github/workflows/dependabot-post-update.yaml deleted file mode 100644 index 54d6bca2..00000000 --- a/.github/workflows/dependabot-post-update.yaml +++ /dev/null @@ -1,59 +0,0 @@ -name: Dependabot Post-Update -permissions: - contents: write # so the commit can be pushed - actions: write # so createWorkflowDispatch can be invoked -on: - pull_request: - types: [opened, synchronize] - branches: - - main - -jobs: - post-update: - if: ${{ github.actor == 'dependabot[bot]' }} - runs-on: ubuntu-24.04 - - steps: - - name: Checkout code - uses: actions/checkout@v4.2.2 - with: - persist-credentials: true # (default) makes GITHUB_TOKEN available for git push - fetch-depth: 1 # Fetch tip commit so we can push back - ref: ${{ github.event.pull_request.head.ref }} # Check out the head ref of the PR instead of detached HEAD - - - name: Configure Git author - run: | - git config user.name "github-actions[bot]" - git config user.email "github-actions[bot]@users.noreply.github.com" - - - name: Update devcontainer hash - run: python3 .github/workflows/hash_git_files.py . --for-devcontainer-config-update --exit-zero - - - name: Commit & push changes - id: commit - run: | - if ! git diff --quiet; then - git add . - git commit -m "chore: apply post-Dependabot script changes [dependabot skip]" - git push origin HEAD:${{ github.event.pull_request.head.ref }} - echo "pushed=true" >> $GITHUB_OUTPUT - else - echo "pushed=false" >> $GITHUB_OUTPUT - fi - - - name: Dispatch CI on PR branch # pushes done by GITHUB_TOKEN don't trigger workflows, so we have to restart the CI job manually, see https://docs.github.com/en/actions/using-workflows/triggering-a-workflow#triggering-a-workflow-from-a-workflow - if: steps.commit.outputs.pushed == 'true' - uses: actions/github-script@v7.0.1 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - const pr = context.payload.pull_request; - if (!pr) { - throw new Error("No pull_request found in payload; aborting dispatch."); - } - await github.rest.actions.createWorkflowDispatch({ - owner: context.repo.owner, - repo: context.repo.repo, - workflow_id: "ci.yaml", - ref: pr.head.ref, - }); diff --git a/.github/workflows/update-devcontainer-hash.yaml b/.github/workflows/update-devcontainer-hash.yaml new file mode 100644 index 00000000..9b94e090 --- /dev/null +++ b/.github/workflows/update-devcontainer-hash.yaml @@ -0,0 +1,41 @@ +name: Update Devcontainer hash +on: + workflow_call: + inputs: + branch: + description: 'Branch to checkout and update' + required: true + type: string + +permissions: + contents: write + +jobs: + update-hash: + runs-on: ubuntu-24.04 + steps: + - name: Checkout code + uses: actions/checkout@v4.2.2 + with: + persist-credentials: true + fetch-depth: 1 + ref: ${{ inputs.branch }} + + - name: Configure Git author + run: | + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + + - name: Update devcontainer hash + run: | + python3 .github/workflows/hash_git_files.py . --for-devcontainer-config-update --exit-zero + + - name: Commit & push changes + run: | + if ! git diff --quiet; then + git add . + git commit -m "chore: update devcontainer hash [dependabot skip]" + git push origin HEAD:${{ inputs.branch }} + else + echo "No changes to commit" + fi diff --git a/template/.github/workflows/dependabot-post-update.yaml b/template/.github/workflows/dependabot-post-update.yaml deleted file mode 100644 index 54d6bca2..00000000 --- a/template/.github/workflows/dependabot-post-update.yaml +++ /dev/null @@ -1,59 +0,0 @@ -name: Dependabot Post-Update -permissions: - contents: write # so the commit can be pushed - actions: write # so createWorkflowDispatch can be invoked -on: - pull_request: - types: [opened, synchronize] - branches: - - main - -jobs: - post-update: - if: ${{ github.actor == 'dependabot[bot]' }} - runs-on: ubuntu-24.04 - - steps: - - name: Checkout code - uses: actions/checkout@v4.2.2 - with: - persist-credentials: true # (default) makes GITHUB_TOKEN available for git push - fetch-depth: 1 # Fetch tip commit so we can push back - ref: ${{ github.event.pull_request.head.ref }} # Check out the head ref of the PR instead of detached HEAD - - - name: Configure Git author - run: | - git config user.name "github-actions[bot]" - git config user.email "github-actions[bot]@users.noreply.github.com" - - - name: Update devcontainer hash - run: python3 .github/workflows/hash_git_files.py . --for-devcontainer-config-update --exit-zero - - - name: Commit & push changes - id: commit - run: | - if ! git diff --quiet; then - git add . - git commit -m "chore: apply post-Dependabot script changes [dependabot skip]" - git push origin HEAD:${{ github.event.pull_request.head.ref }} - echo "pushed=true" >> $GITHUB_OUTPUT - else - echo "pushed=false" >> $GITHUB_OUTPUT - fi - - - name: Dispatch CI on PR branch # pushes done by GITHUB_TOKEN don't trigger workflows, so we have to restart the CI job manually, see https://docs.github.com/en/actions/using-workflows/triggering-a-workflow#triggering-a-workflow-from-a-workflow - if: steps.commit.outputs.pushed == 'true' - uses: actions/github-script@v7.0.1 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - const pr = context.payload.pull_request; - if (!pr) { - throw new Error("No pull_request found in payload; aborting dispatch."); - } - await github.rest.actions.createWorkflowDispatch({ - owner: context.repo.owner, - repo: context.repo.repo, - workflow_id: "ci.yaml", - ref: pr.head.ref, - }); diff --git a/template/.github/workflows/update-devcontainer-hash.yaml b/template/.github/workflows/update-devcontainer-hash.yaml new file mode 100644 index 00000000..9b94e090 --- /dev/null +++ b/template/.github/workflows/update-devcontainer-hash.yaml @@ -0,0 +1,41 @@ +name: Update Devcontainer hash +on: + workflow_call: + inputs: + branch: + description: 'Branch to checkout and update' + required: true + type: string + +permissions: + contents: write + +jobs: + update-hash: + runs-on: ubuntu-24.04 + steps: + - name: Checkout code + uses: actions/checkout@v4.2.2 + with: + persist-credentials: true + fetch-depth: 1 + ref: ${{ inputs.branch }} + + - name: Configure Git author + run: | + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + + - name: Update devcontainer hash + run: | + python3 .github/workflows/hash_git_files.py . --for-devcontainer-config-update --exit-zero + + - name: Commit & push changes + run: | + if ! git diff --quiet; then + git add . + git commit -m "chore: update devcontainer hash [dependabot skip]" + git push origin HEAD:${{ inputs.branch }} + else + echo "No changes to commit" + fi From 3f6c01c20c379dec9da2700261570ade5ae8b2c2 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Fri, 9 May 2025 14:16:14 +0000 Subject: [PATCH 2/4] needs --- .copier-answers.yml | 2 +- .github/workflows/ci.yaml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.copier-answers.yml b/.copier-answers.yml index 9963afe5..fc1c2df1 100644 --- a/.copier-answers.yml +++ b/.copier-answers.yml @@ -1,5 +1,5 @@ # Changes here will be overwritten by Copier -_commit: v0.0.41-5-g077fbc8 +_commit: v0.0.41-6-gddcf3ff _src_path: gh:LabAutomationAndScreening/copier-base-template.git description: Copier template for creating Python libraries and executables python_ci_versions: diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 27134a46..18274c1b 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -23,6 +23,7 @@ jobs: pre-commit: needs: [ update-devcontainer-hash ] + if: needs.update-devcontainer-hash.result != 'failure' # proceed when update job succeeded or was skipped strategy: fail-fast: false matrix: From 5ebe9bed04f5874a2fc38b23df9a6714b34078b4 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Fri, 9 May 2025 14:29:52 +0000 Subject: [PATCH 3/4] cation --- .copier-answers.yml | 2 +- .../update-devcontainer-hash/action.yml | 45 +++++++++++++++++++ .github/workflows/ci.yaml | 18 +++++--- 3 files changed, 57 insertions(+), 8 deletions(-) create mode 100644 .github/actions/update-devcontainer-hash/action.yml diff --git a/.copier-answers.yml b/.copier-answers.yml index fc1c2df1..be65d3e8 100644 --- a/.copier-answers.yml +++ b/.copier-answers.yml @@ -1,5 +1,5 @@ # Changes here will be overwritten by Copier -_commit: v0.0.41-6-gddcf3ff +_commit: v0.0.41-9-g15a0859 _src_path: gh:LabAutomationAndScreening/copier-base-template.git description: Copier template for creating Python libraries and executables python_ci_versions: diff --git a/.github/actions/update-devcontainer-hash/action.yml b/.github/actions/update-devcontainer-hash/action.yml new file mode 100644 index 00000000..50d77f15 --- /dev/null +++ b/.github/actions/update-devcontainer-hash/action.yml @@ -0,0 +1,45 @@ +name: Update Devcontainer Hash + +inputs: + branch: + description: 'Branch to checkout and update' + required: true + +permissions: + contents: write + + +runs: + using: composite + steps: + - name: Verify Dependabot actor + if: ${{ github.actor != 'dependabot[bot]' }} + run: | + echo "Action can only be run by dependabot[bot], but was invoked by ${GITHUB_ACTOR}." >&2 + exit 1 + + - name: Checkout code + uses: actions/checkout@v4.2.2 + with: + persist-credentials: true + fetch-depth: 1 + ref: ${{ inputs.branch }} + + - name: Configure Git author + run: | + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + + - name: Update devcontainer hash + run: | + python3 .github/workflows/hash_git_files.py . --for-devcontainer-config-update --exit-zero + + - name: Commit & push changes + run: | + if ! git diff --quiet; then + git add . + git commit -m "chore: update devcontainer hash [dependabot skip]" + git push origin HEAD:${{ inputs.branch }} + else + echo "No changes to commit" + fi diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 18274c1b..8b1b9848 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -15,15 +15,17 @@ permissions: contents: write # needed for mutex jobs: - update-devcontainer-hash: - if: ${{ github.actor == 'dependabot[bot]' }} - uses: ./.github/workflows/update-devcontainer-hash.yaml - with: - branch: ${{ github.event.pull_request.head.ref }} + get-values: + runs-on: ubuntu-24.04 + steps: + - name: Update Devcontainer Hash + if: ${{ github.actor == 'dependabot[bot]' }} + uses: ./.github/actions/update-devcontainer-hash + with: + branch: ${{ github.ref_name }} pre-commit: - needs: [ update-devcontainer-hash ] - if: needs.update-devcontainer-hash.result != 'failure' # proceed when update job succeeded or was skipped + needs: [ get-values ] strategy: fail-fast: false matrix: @@ -36,6 +38,8 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v4.2.2 + with: + ref: ${{ github.ref_name }} # explicitly get the head of From a3750f0145c5d8392a7b717421ff1f1a982736e8 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Fri, 9 May 2025 14:32:52 +0000 Subject: [PATCH 4/4] up --- .copier-answers.yml | 2 +- .../workflows/update-devcontainer-hash.yaml | 41 ----------------- .../update-devcontainer-hash/action.yml | 45 +++++++++++++++++++ .../workflows/update-devcontainer-hash.yaml | 41 ----------------- 4 files changed, 46 insertions(+), 83 deletions(-) delete mode 100644 .github/workflows/update-devcontainer-hash.yaml create mode 100644 template/.github/actions/update-devcontainer-hash/action.yml delete mode 100644 template/.github/workflows/update-devcontainer-hash.yaml diff --git a/.copier-answers.yml b/.copier-answers.yml index be65d3e8..13330300 100644 --- a/.copier-answers.yml +++ b/.copier-answers.yml @@ -1,5 +1,5 @@ # Changes here will be overwritten by Copier -_commit: v0.0.41-9-g15a0859 +_commit: v0.0.41-10-g38b62f8 _src_path: gh:LabAutomationAndScreening/copier-base-template.git description: Copier template for creating Python libraries and executables python_ci_versions: diff --git a/.github/workflows/update-devcontainer-hash.yaml b/.github/workflows/update-devcontainer-hash.yaml deleted file mode 100644 index 9b94e090..00000000 --- a/.github/workflows/update-devcontainer-hash.yaml +++ /dev/null @@ -1,41 +0,0 @@ -name: Update Devcontainer hash -on: - workflow_call: - inputs: - branch: - description: 'Branch to checkout and update' - required: true - type: string - -permissions: - contents: write - -jobs: - update-hash: - runs-on: ubuntu-24.04 - steps: - - name: Checkout code - uses: actions/checkout@v4.2.2 - with: - persist-credentials: true - fetch-depth: 1 - ref: ${{ inputs.branch }} - - - name: Configure Git author - run: | - git config user.name "github-actions[bot]" - git config user.email "github-actions[bot]@users.noreply.github.com" - - - name: Update devcontainer hash - run: | - python3 .github/workflows/hash_git_files.py . --for-devcontainer-config-update --exit-zero - - - name: Commit & push changes - run: | - if ! git diff --quiet; then - git add . - git commit -m "chore: update devcontainer hash [dependabot skip]" - git push origin HEAD:${{ inputs.branch }} - else - echo "No changes to commit" - fi diff --git a/template/.github/actions/update-devcontainer-hash/action.yml b/template/.github/actions/update-devcontainer-hash/action.yml new file mode 100644 index 00000000..50d77f15 --- /dev/null +++ b/template/.github/actions/update-devcontainer-hash/action.yml @@ -0,0 +1,45 @@ +name: Update Devcontainer Hash + +inputs: + branch: + description: 'Branch to checkout and update' + required: true + +permissions: + contents: write + + +runs: + using: composite + steps: + - name: Verify Dependabot actor + if: ${{ github.actor != 'dependabot[bot]' }} + run: | + echo "Action can only be run by dependabot[bot], but was invoked by ${GITHUB_ACTOR}." >&2 + exit 1 + + - name: Checkout code + uses: actions/checkout@v4.2.2 + with: + persist-credentials: true + fetch-depth: 1 + ref: ${{ inputs.branch }} + + - name: Configure Git author + run: | + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + + - name: Update devcontainer hash + run: | + python3 .github/workflows/hash_git_files.py . --for-devcontainer-config-update --exit-zero + + - name: Commit & push changes + run: | + if ! git diff --quiet; then + git add . + git commit -m "chore: update devcontainer hash [dependabot skip]" + git push origin HEAD:${{ inputs.branch }} + else + echo "No changes to commit" + fi diff --git a/template/.github/workflows/update-devcontainer-hash.yaml b/template/.github/workflows/update-devcontainer-hash.yaml deleted file mode 100644 index 9b94e090..00000000 --- a/template/.github/workflows/update-devcontainer-hash.yaml +++ /dev/null @@ -1,41 +0,0 @@ -name: Update Devcontainer hash -on: - workflow_call: - inputs: - branch: - description: 'Branch to checkout and update' - required: true - type: string - -permissions: - contents: write - -jobs: - update-hash: - runs-on: ubuntu-24.04 - steps: - - name: Checkout code - uses: actions/checkout@v4.2.2 - with: - persist-credentials: true - fetch-depth: 1 - ref: ${{ inputs.branch }} - - - name: Configure Git author - run: | - git config user.name "github-actions[bot]" - git config user.email "github-actions[bot]@users.noreply.github.com" - - - name: Update devcontainer hash - run: | - python3 .github/workflows/hash_git_files.py . --for-devcontainer-config-update --exit-zero - - - name: Commit & push changes - run: | - if ! git diff --quiet; then - git add . - git commit -m "chore: update devcontainer hash [dependabot skip]" - git push origin HEAD:${{ inputs.branch }} - else - echo "No changes to commit" - fi