From 650f91e8fc7f69d9ca898c4106c2a48954ecc022 Mon Sep 17 00:00:00 2001 From: Meni Yakove <441263+myakove@users.noreply.github.com> Date: Tue, 26 Mar 2024 13:29:48 +0200 Subject: [PATCH 001/262] Tag per branch (#404) * Support container tag per branch * Support container tag per branch --- README.md | 6 +++-- webhook_server_container/libs/github_api.py | 27 +++++++++++++++------ webhook_server_container/utils/constants.py | 2 ++ 3 files changed, 26 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 93f778e1..97f6226f 100644 --- a/README.md +++ b/README.md @@ -130,9 +130,11 @@ In order to not add this job set `verified_job` to `false` verified_job: false ``` -if `container` is configures for the repository we create `build-container` run that will build the container on each +if `container` is configured for the repository we create `build-container` run that will build the container on each PR push/commit Once the PR is merged, the container will be build and push to the repository +if `release` is set to `true` a new container will be pushed with the release version as the tag +if the merged PR is in any other branch than `main` or `master` the tag will be set to `branch name`, otherwise `tag` will be used * `username`: User with push permissions to the repository * `password`: The password for the username @@ -140,13 +142,13 @@ Once the PR is merged, the container will be build and push to the repository * `tag`: The container tag to use when pushing the container * `release`: if `true` a new container will be pushed with the release version as the tag - ```yaml container: username: username password: password repository: repository path tag: latest + release: true ``` If `docker` is configured for the repository we log in to docker.io to increase pull rate limit diff --git a/webhook_server_container/libs/github_api.py b/webhook_server_container/libs/github_api.py index 914cd3fa..99be722d 100644 --- a/webhook_server_container/libs/github_api.py +++ b/webhook_server_container/libs/github_api.py @@ -46,6 +46,7 @@ VERIFIED_LABEL_STR, WIP_STR, PRE_COMMIT_STR, + OTHER_MAIN_BRANCH, ) from webhook_server_container.utils.dockerhub_rate_limit import DockerHub from webhook_server_container.utils.helpers import ( @@ -745,13 +746,16 @@ def process_pull_request_webhook_data(self): is_merged = pull_request_data.get("merged") if is_merged: self.app.logger.info(f"{self.log_prefix} PR is merged") - self._run_build_container(push=True, set_check=False, is_merged=is_merged) for _label in self.pull_request.labels: _label_name = _label.name if _label_name.startswith(CHERRY_PICK_LABEL_PREFIX): self.cherry_pick(target_branch=_label_name.replace(CHERRY_PICK_LABEL_PREFIX, "")) + self._run_build_container( + push=True, set_check=False, is_merged=is_merged, pull_request_branch=pull_request_branch + ) + # label_by_pull_requests_merge_state_after_merged will override self.pull_request original_pull_request = self.pull_request self.label_by_pull_requests_merge_state_after_merged() @@ -1258,12 +1262,19 @@ def _comment_with_details(title, body): """ - def _container_repository_and_tag(self, tag=None): - tag = tag or (self.container_tag if self.pull_request.is_merged() else f"pr-{self.pull_request.number}") - self.app.logger.info(f"{self.log_prefix} Tag is: {tag}") - return f"{self.container_repository}:{tag}" + def _container_repository_and_tag(self, is_merged=None, tag=None, pull_request_branch=None): + if tag: + _tag = f"{self.container_repository}:{tag}" + elif is_merged: + _tag = pull_request_branch if pull_request_branch not in (OTHER_MAIN_BRANCH, "main") else self.container_tag + else: + _tag = f"pr-{self.pull_request.number}" - def _run_build_container(self, set_check=True, push=False, is_merged=None, tag=None): + self.app.logger.info(f"{self.log_prefix} Tag is: {_tag}") + return f"{self.container_repository}:{_tag}" + + @ignore_exceptions(logger=FLASK_APP.logger) + def _run_build_container(self, set_check=True, push=False, is_merged=None, tag=None, pull_request_branch=None): if not self.build_and_push_container: return False @@ -1274,7 +1285,9 @@ def _run_build_container(self, set_check=True, push=False, is_merged=None, tag=N self.set_container_build_in_progress() - _container_repository_and_tag = self._container_repository_and_tag(tag=tag) + _container_repository_and_tag = self._container_repository_and_tag( + tag=tag, is_merged=is_merged, pull_request_branch=pull_request_branch + ) no_cache = " --no-cache" if (tag or self.container_tag == _container_repository_and_tag.split(":")[-1]) else "" build_cmd = f"--network=host {no_cache} -f {self.container_repo_dir}/{self.dockerfile} -t {_container_repository_and_tag}" diff --git a/webhook_server_container/utils/constants.py b/webhook_server_container/utils/constants.py index fbe39f42..3d27eac6 100644 --- a/webhook_server_container/utils/constants.py +++ b/webhook_server_container/utils/constants.py @@ -6,6 +6,8 @@ FLASK_APP.logger.removeHandler(default_handler) FLASK_APP.logger.addHandler(get_logger(FLASK_APP.logger.name).handlers[0]) +OTHER_MAIN_BRANCH = "master" + APP_ROOT_PATH = "/webhook_server" TOX_STR = "tox" PRE_COMMIT_STR = "pre-commit" From 780e69d7c13fe64455c05db1e1726ef0cedc76cf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 26 Mar 2024 13:32:01 +0200 Subject: [PATCH 002/262] chore(deps): update poetry-deps (#403) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- poetry.lock | 6 +++--- pyproject.toml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/poetry.lock b/poetry.lock index 954f543e..2851721e 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1599,12 +1599,12 @@ tests = ["cython", "littleutils", "pygments", "pytest", "typeguard"] [[package]] name = "timeout-sampler" -version = "0.0.19" +version = "0.0.20" description = "Timeout utility class to wait for any function output and interact with it in given time" optional = false python-versions = "<4.0,>=3.8" files = [ - {file = "timeout_sampler-0.0.19.tar.gz", hash = "sha256:48513d8af24bb9ac9865b06c474bfd9c6c843a047448f246185abe68fc7e6663"}, + {file = "timeout_sampler-0.0.20.tar.gz", hash = "sha256:76aa596fb812e17eff991bcd5b39a441dd0bc3d101fd57da2a407f38c2131e6d"}, ] [package.dependencies] @@ -1915,4 +1915,4 @@ testing = ["big-O", "jaraco.functools", "jaraco.itertools", "more-itertools", "p [metadata] lock-version = "2.0" python-versions = "^3.8" -content-hash = "b9736616df20f3539bbae48846ecd14648a9360aa842fd7f112717786a4a7353" +content-hash = "ace2fd38c8fbd70d4874232b30685bf6241c9f4daea621b6d4fc62b918d0d3fe" diff --git a/pyproject.toml b/pyproject.toml index 1a03215f..6cf33cfb 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -38,7 +38,7 @@ shortuuid = "^1.0.11" colorlog = "^6.7.0" colorama = "^0.4.6" ruff = "^0.3.0" -timeout-sampler = "^0.0.19" +timeout-sampler = "^0.0.20" [tool.poetry.group.dev.dependencies] ipdb = "^0.13.13" From 790bae0a4f44058c4d6dd9047aad02e54a2d45bd Mon Sep 17 00:00:00 2001 From: Meni Yakove Date: Tue, 26 Mar 2024 13:34:21 +0200 Subject: [PATCH 003/262] Release 1.0.24 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 154b9fce..79728fe8 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.0.23 +1.0.24 From f97cc566c7c75993a03deef343a14896a3d313f0 Mon Sep 17 00:00:00 2001 From: Meni Yakove Date: Tue, 26 Mar 2024 13:36:03 +0200 Subject: [PATCH 004/262] Fix container tag when make release --- webhook_server_container/libs/github_api.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/webhook_server_container/libs/github_api.py b/webhook_server_container/libs/github_api.py index 99be722d..b806b1fb 100644 --- a/webhook_server_container/libs/github_api.py +++ b/webhook_server_container/libs/github_api.py @@ -1264,13 +1264,13 @@ def _comment_with_details(title, body): def _container_repository_and_tag(self, is_merged=None, tag=None, pull_request_branch=None): if tag: - _tag = f"{self.container_repository}:{tag}" + _tag = tag elif is_merged: _tag = pull_request_branch if pull_request_branch not in (OTHER_MAIN_BRANCH, "main") else self.container_tag else: _tag = f"pr-{self.pull_request.number}" - self.app.logger.info(f"{self.log_prefix} Tag is: {_tag}") + self.app.logger.info(f"{self.log_prefix} container tag is: {_tag}") return f"{self.container_repository}:{_tag}" @ignore_exceptions(logger=FLASK_APP.logger) From baa2045abdf7162e8faa29a70ce74be5c4de34f7 Mon Sep 17 00:00:00 2001 From: Meni Yakove Date: Tue, 26 Mar 2024 13:38:33 +0200 Subject: [PATCH 005/262] Release 1.0.25 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 79728fe8..4a4127c3 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.0.24 +1.0.25 From 2cb1d9d185fa3762a8cfa83444010d82f9285702 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 28 Mar 2024 09:25:06 +0200 Subject: [PATCH 006/262] chore(deps): update poetry-deps (#406) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- poetry.lock | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/poetry.lock b/poetry.lock index 2851721e..141f95e3 100644 --- a/poetry.lock +++ b/poetry.lock @@ -53,26 +53,27 @@ files = [ [[package]] name = "build" -version = "1.1.1" +version = "1.2.0" description = "A simple, correct Python build frontend" optional = false -python-versions = ">= 3.7" +python-versions = ">=3.8" files = [ - {file = "build-1.1.1-py3-none-any.whl", hash = "sha256:8ed0851ee76e6e38adce47e4bee3b51c771d86c64cf578d0c2245567ee200e73"}, - {file = "build-1.1.1.tar.gz", hash = "sha256:8eea65bb45b1aac2e734ba2cc8dad3a6d97d97901a395bd0ed3e7b46953d2a31"}, + {file = "build-1.2.0-py3-none-any.whl", hash = "sha256:6105465d9b233433ce8ffa151c760f674446ba766af0290fc14bfa32aef92a04"}, + {file = "build-1.2.0.tar.gz", hash = "sha256:49df7f8e1e74d345fe71e54f5d56423b2111eda89e3da53a2c18392954dade1d"}, ] [package.dependencies] colorama = {version = "*", markers = "os_name == \"nt\""} importlib-metadata = {version = ">=4.6", markers = "python_full_version < \"3.10.2\""} -packaging = ">=19.0" +packaging = ">=19.1" pyproject_hooks = "*" tomli = {version = ">=1.1.0", markers = "python_version < \"3.11\""} [package.extras] docs = ["furo (>=2023.08.17)", "sphinx (>=7.0,<8.0)", "sphinx-argparse-cli (>=1.5)", "sphinx-autodoc-typehints (>=1.10)", "sphinx-issues (>=3.0.0)"] -test = ["filelock (>=3)", "pytest (>=6.2.4)", "pytest-cov (>=2.12)", "pytest-mock (>=2)", "pytest-rerunfailures (>=9.1)", "pytest-xdist (>=1.34)", "setuptools (>=42.0.0)", "setuptools (>=56.0.0)", "setuptools (>=56.0.0)", "setuptools (>=67.8.0)", "wheel (>=0.36.0)"] -typing = ["importlib-metadata (>=5.1)", "mypy (>=1.5.0,<1.6.0)", "tomli", "typing-extensions (>=3.7.4.3)"] +test = ["build[uv,virtualenv]", "filelock (>=3)", "pytest (>=6.2.4)", "pytest-cov (>=2.12)", "pytest-mock (>=2)", "pytest-rerunfailures (>=9.1)", "pytest-xdist (>=1.34)", "setuptools (>=42.0.0)", "setuptools (>=56.0.0)", "setuptools (>=56.0.0)", "setuptools (>=67.8.0)", "wheel (>=0.36.0)"] +typing = ["build[uv]", "importlib-metadata (>=5.1)", "mypy (>=1.9.0,<1.10.0)", "tomli", "typing-extensions (>=3.7.4.3)"] +uv = ["uv (>=0.1.18)"] virtualenv = ["virtualenv (>=20.0.35)"] [[package]] From 2d042646d9d6eb2958ebc5f2444b4e32dc512bed Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 28 Mar 2024 20:19:24 +0200 Subject: [PATCH 007/262] chore(deps): update poetry-deps (#408) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- poetry.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/poetry.lock b/poetry.lock index 141f95e3..a89a9f19 100644 --- a/poetry.lock +++ b/poetry.lock @@ -53,13 +53,13 @@ files = [ [[package]] name = "build" -version = "1.2.0" +version = "1.2.1" description = "A simple, correct Python build frontend" optional = false python-versions = ">=3.8" files = [ - {file = "build-1.2.0-py3-none-any.whl", hash = "sha256:6105465d9b233433ce8ffa151c760f674446ba766af0290fc14bfa32aef92a04"}, - {file = "build-1.2.0.tar.gz", hash = "sha256:49df7f8e1e74d345fe71e54f5d56423b2111eda89e3da53a2c18392954dade1d"}, + {file = "build-1.2.1-py3-none-any.whl", hash = "sha256:75e10f767a433d9a86e50d83f418e83efc18ede923ee5ff7df93b6cb0306c5d4"}, + {file = "build-1.2.1.tar.gz", hash = "sha256:526263f4870c26f26c433545579475377b2b7588b6f1eac76a001e873ae3e19d"}, ] [package.dependencies] From 0c74e1fb5083dc8f5c4506841c194a9a4473db95 Mon Sep 17 00:00:00 2001 From: Meni Yakove Date: Sun, 31 Mar 2024 15:35:23 +0300 Subject: [PATCH 008/262] Assign approver when create issue if push to PyPI failed --- webhook_server_container/libs/github_api.py | 67 +++++++++++++++++---- 1 file changed, 55 insertions(+), 12 deletions(-) diff --git a/webhook_server_container/libs/github_api.py b/webhook_server_container/libs/github_api.py index b806b1fb..82da9a5e 100644 --- a/webhook_server_container/libs/github_api.py +++ b/webhook_server_container/libs/github_api.py @@ -291,7 +291,8 @@ def _repo_data_from_config(self): self.container_release = self.build_and_push_container.get("release") self.auto_verified_and_merged_users = config_data.get( - "auto-verified-and-merged-users", repo_data.get("auto-verified-and-merged-users", []) + "auto-verified-and-merged-users", + repo_data.get("auto-verified-and-merged-users", []), ) def _get_pull_request(self, number=None): @@ -369,7 +370,12 @@ def _add_label(self, label): def wait_for_label(self, label, exists): try: - for sample in TimeoutSampler(wait_timeout=30, sleep=5, func=self.label_exists_in_pull_request, label=label): + for sample in TimeoutSampler( + wait_timeout=30, + sleep=5, + func=self.label_exists_in_pull_request, + label=label, + ): if sample == exists: return True except TimeoutExpiredError: @@ -411,6 +417,7 @@ def upload_to_pypi(self, tag_name): self.app.logger.error(f"{self.log_prefix} {err}") self.repository.create_issue( title=err, + assignee=self.approvers[0] if self.approvers else None, body=f""" stdout: `{out}` stderr: `{err}` @@ -536,7 +543,9 @@ def label_by_user_comment(self, user_request, remove, reviewed_user, issue_comme if user_request == LGTM_STR: self.manage_reviewed_by_label( - review_state=LGTM_STR, action=DELETE_STR if remove else ADD_STR, reviewed_user=reviewed_user + review_state=LGTM_STR, + action=DELETE_STR if remove else ADD_STR, + reviewed_user=reviewed_user, ) else: @@ -671,7 +680,9 @@ def create_issue_for_new_pull_request(self): self.app.logger.info(f"{self.log_prefix} Creating issue for new PR: {self.pull_request.title}") self.repository.create_issue( - title=self._generate_issue_title(), body=self._generate_issue_body(), assignee=self.pull_request.user.login + title=self._generate_issue_title(), + body=self._generate_issue_body(), + assignee=self.pull_request.user.login, ) @ignore_exceptions(logger=FLASK_APP.logger) @@ -704,11 +715,18 @@ def process_comment_webhook_data(self): return striped_body = body.strip() - _user_commands = list(filter(lambda x: x, striped_body.split("/") if striped_body.startswith("/") else [])) + _user_commands = list( + filter( + lambda x: x, + striped_body.split("/") if striped_body.startswith("/") else [], + ) + ) user_login = self.hook_data["sender"]["login"] for user_command in _user_commands: self.user_commands( - command=user_command, reviewed_user=user_login, issue_comment_id=self.hook_data["comment"]["id"] + command=user_command, + reviewed_user=user_login, + issue_comment_id=self.hook_data["comment"]["id"], ) def process_pull_request_webhook_data(self): @@ -753,7 +771,10 @@ def process_pull_request_webhook_data(self): self.cherry_pick(target_branch=_label_name.replace(CHERRY_PICK_LABEL_PREFIX, "")) self._run_build_container( - push=True, set_check=False, is_merged=is_merged, pull_request_branch=pull_request_branch + push=True, + set_check=False, + is_merged=is_merged, + pull_request_branch=pull_request_branch, ) # label_by_pull_requests_merge_state_after_merged will override self.pull_request @@ -906,7 +927,12 @@ def _run_pre_commit(self): def user_commands(self, command, reviewed_user, issue_comment_id): remove = False - available_commands = ["retest", "cherry-pick", "assign-reviewers", "check-can-merge"] + available_commands = [ + "retest", + "cherry-pick", + "assign-reviewers", + "check-can-merge", + ] if "sonarsource.github.io" in command: self.app.logger.info(f"{self.log_prefix} command is in ignore list") return @@ -969,7 +995,10 @@ def user_commands(self, command, reviewed_user, issue_comment_id): self._add_label(label=_cp_label) else: for _exits_target_branch in _exits_target_branches: - self.cherry_pick(target_branch=_exits_target_branch, reviewed_user=reviewed_user) + self.cherry_pick( + target_branch=_exits_target_branch, + reviewed_user=reviewed_user, + ) elif _command == "retest": if self.skip_if_pull_request_already_merged(): @@ -1040,7 +1069,10 @@ def user_commands(self, command, reviewed_user, issue_comment_id): return self.pull_request.create_issue_comment(not_running_msg) self.label_by_user_comment( - user_request=_command, remove=remove, reviewed_user=reviewed_user, issue_comment_id=issue_comment_id + user_request=_command, + remove=remove, + reviewed_user=reviewed_user, + issue_comment_id=issue_comment_id, ) @ignore_exceptions(logger=FLASK_APP.logger) @@ -1274,7 +1306,14 @@ def _container_repository_and_tag(self, is_merged=None, tag=None, pull_request_b return f"{self.container_repository}:{_tag}" @ignore_exceptions(logger=FLASK_APP.logger) - def _run_build_container(self, set_check=True, push=False, is_merged=None, tag=None, pull_request_branch=None): + def _run_build_container( + self, + set_check=True, + push=False, + is_merged=None, + tag=None, + pull_request_branch=None, + ): if not self.build_and_push_container: return False @@ -1368,7 +1407,11 @@ def _run_install_python_module(self): def send_slack_message(self, message, webhook_url): slack_data = {"text": message} self.app.logger.info(f"{self.log_prefix} Sending message to slack: {message}") - response = requests.post(webhook_url, data=json.dumps(slack_data), headers={"Content-Type": "application/json"}) + response = requests.post( + webhook_url, + data=json.dumps(slack_data), + headers={"Content-Type": "application/json"}, + ) if response.status_code != 200: raise ValueError( f"Request to slack returned an error {response.status_code} with the following message: " From f6dc42e649e74fa498de658c47bbd094702e6199 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Tue, 2 Apr 2024 10:00:15 +0300 Subject: [PATCH 009/262] [pre-commit.ci] pre-commit autoupdate (#410) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit updates: - [github.com/astral-sh/ruff-pre-commit: v0.3.4 → v0.3.5](https://github.com/astral-sh/ruff-pre-commit/compare/v0.3.4...v0.3.5) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 806b3f22..f1205704 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -35,7 +35,7 @@ repos: - id: detect-secrets - repo: https://github.com/astral-sh/ruff-pre-commit - rev: v0.3.4 + rev: v0.3.5 hooks: - id: ruff - id: ruff-format From 49d9016ce539277d64c48ed876414fff44f62910 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 2 Apr 2024 10:00:21 +0300 Subject: [PATCH 010/262] chore(deps): update poetry-deps (#409) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- poetry.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/poetry.lock b/poetry.lock index a89a9f19..30131eb5 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1507,28 +1507,28 @@ requests = ">=2.0.1,<3.0.0" [[package]] name = "ruff" -version = "0.3.4" +version = "0.3.5" description = "An extremely fast Python linter and code formatter, written in Rust." optional = false python-versions = ">=3.7" files = [ - {file = "ruff-0.3.4-py3-none-macosx_10_12_x86_64.macosx_11_0_arm64.macosx_10_12_universal2.whl", hash = "sha256:60c870a7d46efcbc8385d27ec07fe534ac32f3b251e4fc44b3cbfd9e09609ef4"}, - {file = "ruff-0.3.4-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:6fc14fa742e1d8f24910e1fff0bd5e26d395b0e0e04cc1b15c7c5e5fe5b4af91"}, - {file = "ruff-0.3.4-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d3ee7880f653cc03749a3bfea720cf2a192e4f884925b0cf7eecce82f0ce5854"}, - {file = "ruff-0.3.4-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:cf133dd744f2470b347f602452a88e70dadfbe0fcfb5fd46e093d55da65f82f7"}, - {file = "ruff-0.3.4-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:3f3860057590e810c7ffea75669bdc6927bfd91e29b4baa9258fd48b540a4365"}, - {file = "ruff-0.3.4-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:986f2377f7cf12efac1f515fc1a5b753c000ed1e0a6de96747cdf2da20a1b369"}, - {file = "ruff-0.3.4-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c4fd98e85869603e65f554fdc5cddf0712e352fe6e61d29d5a6fe087ec82b76c"}, - {file = "ruff-0.3.4-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:64abeed785dad51801b423fa51840b1764b35d6c461ea8caef9cf9e5e5ab34d9"}, - {file = "ruff-0.3.4-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:df52972138318bc7546d92348a1ee58449bc3f9eaf0db278906eb511889c4b50"}, - {file = "ruff-0.3.4-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:98e98300056445ba2cc27d0b325fd044dc17fcc38e4e4d2c7711585bd0a958ed"}, - {file = "ruff-0.3.4-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:519cf6a0ebed244dce1dc8aecd3dc99add7a2ee15bb68cf19588bb5bf58e0488"}, - {file = "ruff-0.3.4-py3-none-musllinux_1_2_i686.whl", hash = "sha256:bb0acfb921030d00070539c038cd24bb1df73a2981e9f55942514af8b17be94e"}, - {file = "ruff-0.3.4-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:cf187a7e7098233d0d0c71175375c5162f880126c4c716fa28a8ac418dcf3378"}, - {file = "ruff-0.3.4-py3-none-win32.whl", hash = "sha256:af27ac187c0a331e8ef91d84bf1c3c6a5dea97e912a7560ac0cef25c526a4102"}, - {file = "ruff-0.3.4-py3-none-win_amd64.whl", hash = "sha256:de0d5069b165e5a32b3c6ffbb81c350b1e3d3483347196ffdf86dc0ef9e37dd6"}, - {file = "ruff-0.3.4-py3-none-win_arm64.whl", hash = "sha256:6810563cc08ad0096b57c717bd78aeac888a1bfd38654d9113cb3dc4d3f74232"}, - {file = "ruff-0.3.4.tar.gz", hash = "sha256:f0f4484c6541a99862b693e13a151435a279b271cff20e37101116a21e2a1ad1"}, + {file = "ruff-0.3.5-py3-none-macosx_10_12_x86_64.macosx_11_0_arm64.macosx_10_12_universal2.whl", hash = "sha256:aef5bd3b89e657007e1be6b16553c8813b221ff6d92c7526b7e0227450981eac"}, + {file = "ruff-0.3.5-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:89b1e92b3bd9fca249153a97d23f29bed3992cff414b222fcd361d763fc53f12"}, + {file = "ruff-0.3.5-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5e55771559c89272c3ebab23326dc23e7f813e492052391fe7950c1a5a139d89"}, + {file = "ruff-0.3.5-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:dabc62195bf54b8a7876add6e789caae0268f34582333cda340497c886111c39"}, + {file = "ruff-0.3.5-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:3a05f3793ba25f194f395578579c546ca5d83e0195f992edc32e5907d142bfa3"}, + {file = "ruff-0.3.5-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:dfd3504e881082959b4160ab02f7a205f0fadc0a9619cc481982b6837b2fd4c0"}, + {file = "ruff-0.3.5-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:87258e0d4b04046cf1d6cc1c56fadbf7a880cc3de1f7294938e923234cf9e498"}, + {file = "ruff-0.3.5-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:712e71283fc7d9f95047ed5f793bc019b0b0a29849b14664a60fd66c23b96da1"}, + {file = "ruff-0.3.5-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a532a90b4a18d3f722c124c513ffb5e5eaff0cc4f6d3aa4bda38e691b8600c9f"}, + {file = "ruff-0.3.5-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:122de171a147c76ada00f76df533b54676f6e321e61bd8656ae54be326c10296"}, + {file = "ruff-0.3.5-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:d80a6b18a6c3b6ed25b71b05eba183f37d9bc8b16ace9e3d700997f00b74660b"}, + {file = "ruff-0.3.5-py3-none-musllinux_1_2_i686.whl", hash = "sha256:a7b6e63194c68bca8e71f81de30cfa6f58ff70393cf45aab4c20f158227d5936"}, + {file = "ruff-0.3.5-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:a759d33a20c72f2dfa54dae6e85e1225b8e302e8ac655773aff22e542a300985"}, + {file = "ruff-0.3.5-py3-none-win32.whl", hash = "sha256:9d8605aa990045517c911726d21293ef4baa64f87265896e491a05461cae078d"}, + {file = "ruff-0.3.5-py3-none-win_amd64.whl", hash = "sha256:dc56bb16a63c1303bd47563c60482a1512721053d93231cf7e9e1c6954395a0e"}, + {file = "ruff-0.3.5-py3-none-win_arm64.whl", hash = "sha256:faeeae9905446b975dcf6d4499dc93439b131f1443ee264055c5716dd947af55"}, + {file = "ruff-0.3.5.tar.gz", hash = "sha256:a067daaeb1dc2baf9b82a32dae67d154d95212080c80435eb052d95da647763d"}, ] [[package]] From c2522d3dcfd011226979bcf26bb81edf03074a1b Mon Sep 17 00:00:00 2001 From: Meni Yakove Date: Wed, 3 Apr 2024 14:45:46 +0300 Subject: [PATCH 011/262] Dockerfile: add gcc, python3-devel and libffi-devel --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 24f8fbc6..1f9c5677 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ FROM quay.io/podman/stable:latest EXPOSE 5000 RUN dnf -y update \ - && dnf -y install python3.8 python3.9 python3.10 python3.11 python3.12 python3-pip git hub unzip libcurl-devel \ + && dnf -y install python3.8 python3.9 python3.10 python3.11 python3.12 python3-pip git hub unzip libcurl-devel gcc python3-devel libffi-devel \ && dnf clean all \ && rm -rf /var/cache /var/log/dnf* /var/log/yum.* From 43c41a3320209fe583d2688ea7549d8423d2d5f5 Mon Sep 17 00:00:00 2001 From: Meni Yakove Date: Wed, 3 Apr 2024 14:46:10 +0300 Subject: [PATCH 012/262] Release 1.0.26 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 4a4127c3..8955a017 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.0.25 +1.0.26 From 797b292f0bff5dd4d8f1363491c3b9a567bda654 Mon Sep 17 00:00:00 2001 From: Meni Yakove Date: Wed, 3 Apr 2024 15:31:13 +0300 Subject: [PATCH 013/262] fix set_run_pre_commit_check_success() --- webhook_server_container/libs/github_api.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/webhook_server_container/libs/github_api.py b/webhook_server_container/libs/github_api.py index 82da9a5e..97991917 100644 --- a/webhook_server_container/libs/github_api.py +++ b/webhook_server_container/libs/github_api.py @@ -600,8 +600,8 @@ def set_run_pre_commit_check_failure(self, output): return self.set_check_run_status(check_run=PRE_COMMIT_STR, conclusion=FAILURE_STR, output=output) @ignore_exceptions(logger=FLASK_APP.logger) - def set_run_pre_commit_check_success(self): - return self.set_check_run_status(check_run=PRE_COMMIT_STR, conclusion=SUCCESS_STR) + def set_run_pre_commit_check_success(self, output): + return self.set_check_run_status(check_run=PRE_COMMIT_STR, conclusion=SUCCESS_STR, output=output) @ignore_exceptions(logger=FLASK_APP.logger) def set_merge_check_queued(self, output=None): From 721525d432a4862e61f0288e20a297fcfabf56cd Mon Sep 17 00:00:00 2001 From: Meni Yakove Date: Wed, 3 Apr 2024 15:36:54 +0300 Subject: [PATCH 014/262] fix pre-commit run reset on startup --- .../utils/github_repository_settings.py | 30 ++++++++++++++----- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/webhook_server_container/utils/github_repository_settings.py b/webhook_server_container/utils/github_repository_settings.py index 57c5857b..b03a934b 100644 --- a/webhook_server_container/utils/github_repository_settings.py +++ b/webhook_server_container/utils/github_repository_settings.py @@ -10,12 +10,16 @@ CAN_BE_MERGED_STR, FLASK_APP, IN_PROGRESS_STR, + PRE_COMMIT_STR, PYTHON_MODULE_INSTALL_STR, QUEUED_STR, STATIC_LABELS_DICT, TOX_STR, ) -from webhook_server_container.utils.helpers import get_github_repo_api, ignore_exceptions +from webhook_server_container.utils.helpers import ( + get_github_repo_api, + ignore_exceptions, +) @ignore_exceptions(logger=FLASK_APP.logger) @@ -58,7 +62,9 @@ def set_repository_settings(repository): FLASK_APP.logger.info(f"Set repository {repository.name} security settings") repository._requester.requestJsonAndCheck( - "PATCH", f"{repository.url}/code-scanning/default-setup", input={"state": "not-configured"} + "PATCH", + f"{repository.url}/code-scanning/default-setup", + input={"state": "not-configured"}, ) repository._requester.requestJsonAndCheck( "PATCH", @@ -175,9 +181,10 @@ def set_repository(data, github_api, default_status_checks): continue _default_status_checks = deepcopy(default_status_checks) - (include_status_checks, exclude_status_checks) = get_user_configures_status_checks( - status_checks=status_checks - ) + ( + include_status_checks, + exclude_status_checks, + ) = get_user_configures_status_checks(status_checks=status_checks) required_status_checks = include_status_checks or get_required_status_checks( repo=repo, @@ -187,7 +194,10 @@ def set_repository(data, github_api, default_status_checks): ) set_branch_protection( - branch=branch, repository=repo, required_status_checks=required_status_checks, github_api=github_api + branch=branch, + repository=repo, + required_status_checks=required_status_checks, + github_api=github_api, ) except UnknownObjectException: FLASK_APP.logger.error(f"{repository}: Failed to get repository settings") @@ -196,7 +206,13 @@ def set_repository(data, github_api, default_status_checks): def set_all_in_progress_check_runs_to_queued(config, repositories_app_api, missing_app_repositories, github_api): - check_runs = (PYTHON_MODULE_INSTALL_STR, CAN_BE_MERGED_STR, TOX_STR, BUILD_CONTAINER_STR) + check_runs = ( + PYTHON_MODULE_INSTALL_STR, + CAN_BE_MERGED_STR, + TOX_STR, + BUILD_CONTAINER_STR, + PRE_COMMIT_STR, + ) futures = [] with ThreadPoolExecutor() as executor: for _, data in config.data["repositories"].items(): From 7115b50216effaf116567744ee290b51a61876fa Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 8 Apr 2024 09:30:01 +0300 Subject: [PATCH 015/262] chore(deps): update poetry-deps (#411) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- poetry.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/poetry.lock b/poetry.lock index 30131eb5..2b065ed0 100644 --- a/poetry.lock +++ b/poetry.lock @@ -579,13 +579,13 @@ typing = ["typing-extensions (>=4.8)"] [[package]] name = "flask" -version = "3.0.2" +version = "3.0.3" description = "A simple framework for building complex web applications." optional = false python-versions = ">=3.8" files = [ - {file = "flask-3.0.2-py3-none-any.whl", hash = "sha256:3232e0e9c850d781933cf0207523d1ece087eb8d87b23777ae38456e2fbe7c6e"}, - {file = "flask-3.0.2.tar.gz", hash = "sha256:822c03f4b799204250a7ee84b1eddc40665395333973dfb9deebfe425fefcb7d"}, + {file = "flask-3.0.3-py3-none-any.whl", hash = "sha256:34e815dfaa43340d1d15a5c3a02b8476004037eb4840b34910c6e21679d288f3"}, + {file = "flask-3.0.3.tar.gz", hash = "sha256:ceb27b0af3823ea2737928a4d99d125a06175b8512c445cbd9a9ce200ef76842"}, ] [package.dependencies] From 765ee51bc3b1606ff74b240870d2419859b430e6 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Tue, 9 Apr 2024 10:35:34 +0300 Subject: [PATCH 016/262] [pre-commit.ci] pre-commit autoupdate (#412) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit updates: - [github.com/pre-commit/pre-commit-hooks: v4.5.0 → v4.6.0](https://github.com/pre-commit/pre-commit-hooks/compare/v4.5.0...v4.6.0) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index f1205704..55f0786f 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -4,7 +4,7 @@ default_language_version: repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.5.0 + rev: v4.6.0 hooks: - id: check-added-large-files - id: check-docstring-first From 9c927ee0c15db5c0c0d7d4defe42d1cc82371e7b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 9 Apr 2024 15:13:14 +0300 Subject: [PATCH 017/262] chore(deps): update poetry-deps (#413) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- poetry.lock | 6 +++--- pyproject.toml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/poetry.lock b/poetry.lock index 2b065ed0..6944e3e7 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1600,12 +1600,12 @@ tests = ["cython", "littleutils", "pygments", "pytest", "typeguard"] [[package]] name = "timeout-sampler" -version = "0.0.20" +version = "0.0.21" description = "Timeout utility class to wait for any function output and interact with it in given time" optional = false python-versions = "<4.0,>=3.8" files = [ - {file = "timeout_sampler-0.0.20.tar.gz", hash = "sha256:76aa596fb812e17eff991bcd5b39a441dd0bc3d101fd57da2a407f38c2131e6d"}, + {file = "timeout_sampler-0.0.21.tar.gz", hash = "sha256:047994b8a3996b6fc2deca5263a6061167d7caa1b8f8c9ba0d190f4f302c8fa9"}, ] [package.dependencies] @@ -1916,4 +1916,4 @@ testing = ["big-O", "jaraco.functools", "jaraco.itertools", "more-itertools", "p [metadata] lock-version = "2.0" python-versions = "^3.8" -content-hash = "ace2fd38c8fbd70d4874232b30685bf6241c9f4daea621b6d4fc62b918d0d3fe" +content-hash = "6e028ed213990de2082b296b22ce11ebae808a7e6de03d8037e2e8fcb117ae9f" diff --git a/pyproject.toml b/pyproject.toml index 6cf33cfb..9174943a 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -38,7 +38,7 @@ shortuuid = "^1.0.11" colorlog = "^6.7.0" colorama = "^0.4.6" ruff = "^0.3.0" -timeout-sampler = "^0.0.20" +timeout-sampler = "^0.0.21" [tool.poetry.group.dev.dependencies] ipdb = "^0.13.13" From 2f6d50300c1a43bfeda5afb5cbdfbb640d85f23a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 12 Apr 2024 10:51:49 +0300 Subject: [PATCH 018/262] chore(deps): update poetry-deps (#414) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- poetry.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/poetry.lock b/poetry.lock index 6944e3e7..ab4258f0 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1507,28 +1507,28 @@ requests = ">=2.0.1,<3.0.0" [[package]] name = "ruff" -version = "0.3.5" +version = "0.3.7" description = "An extremely fast Python linter and code formatter, written in Rust." optional = false python-versions = ">=3.7" files = [ - {file = "ruff-0.3.5-py3-none-macosx_10_12_x86_64.macosx_11_0_arm64.macosx_10_12_universal2.whl", hash = "sha256:aef5bd3b89e657007e1be6b16553c8813b221ff6d92c7526b7e0227450981eac"}, - {file = "ruff-0.3.5-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:89b1e92b3bd9fca249153a97d23f29bed3992cff414b222fcd361d763fc53f12"}, - {file = "ruff-0.3.5-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5e55771559c89272c3ebab23326dc23e7f813e492052391fe7950c1a5a139d89"}, - {file = "ruff-0.3.5-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:dabc62195bf54b8a7876add6e789caae0268f34582333cda340497c886111c39"}, - {file = "ruff-0.3.5-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:3a05f3793ba25f194f395578579c546ca5d83e0195f992edc32e5907d142bfa3"}, - {file = "ruff-0.3.5-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:dfd3504e881082959b4160ab02f7a205f0fadc0a9619cc481982b6837b2fd4c0"}, - {file = "ruff-0.3.5-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:87258e0d4b04046cf1d6cc1c56fadbf7a880cc3de1f7294938e923234cf9e498"}, - {file = "ruff-0.3.5-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:712e71283fc7d9f95047ed5f793bc019b0b0a29849b14664a60fd66c23b96da1"}, - {file = "ruff-0.3.5-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a532a90b4a18d3f722c124c513ffb5e5eaff0cc4f6d3aa4bda38e691b8600c9f"}, - {file = "ruff-0.3.5-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:122de171a147c76ada00f76df533b54676f6e321e61bd8656ae54be326c10296"}, - {file = "ruff-0.3.5-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:d80a6b18a6c3b6ed25b71b05eba183f37d9bc8b16ace9e3d700997f00b74660b"}, - {file = "ruff-0.3.5-py3-none-musllinux_1_2_i686.whl", hash = "sha256:a7b6e63194c68bca8e71f81de30cfa6f58ff70393cf45aab4c20f158227d5936"}, - {file = "ruff-0.3.5-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:a759d33a20c72f2dfa54dae6e85e1225b8e302e8ac655773aff22e542a300985"}, - {file = "ruff-0.3.5-py3-none-win32.whl", hash = "sha256:9d8605aa990045517c911726d21293ef4baa64f87265896e491a05461cae078d"}, - {file = "ruff-0.3.5-py3-none-win_amd64.whl", hash = "sha256:dc56bb16a63c1303bd47563c60482a1512721053d93231cf7e9e1c6954395a0e"}, - {file = "ruff-0.3.5-py3-none-win_arm64.whl", hash = "sha256:faeeae9905446b975dcf6d4499dc93439b131f1443ee264055c5716dd947af55"}, - {file = "ruff-0.3.5.tar.gz", hash = "sha256:a067daaeb1dc2baf9b82a32dae67d154d95212080c80435eb052d95da647763d"}, + {file = "ruff-0.3.7-py3-none-macosx_10_12_x86_64.macosx_11_0_arm64.macosx_10_12_universal2.whl", hash = "sha256:0e8377cccb2f07abd25e84fc5b2cbe48eeb0fea9f1719cad7caedb061d70e5ce"}, + {file = "ruff-0.3.7-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:15a4d1cc1e64e556fa0d67bfd388fed416b7f3b26d5d1c3e7d192c897e39ba4b"}, + {file = "ruff-0.3.7-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d28bdf3d7dc71dd46929fafeec98ba89b7c3550c3f0978e36389b5631b793663"}, + {file = "ruff-0.3.7-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:379b67d4f49774ba679593b232dcd90d9e10f04d96e3c8ce4a28037ae473f7bb"}, + {file = "ruff-0.3.7-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c060aea8ad5ef21cdfbbe05475ab5104ce7827b639a78dd55383a6e9895b7c51"}, + {file = "ruff-0.3.7-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:ebf8f615dde968272d70502c083ebf963b6781aacd3079081e03b32adfe4d58a"}, + {file = "ruff-0.3.7-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:d48098bd8f5c38897b03604f5428901b65e3c97d40b3952e38637b5404b739a2"}, + {file = "ruff-0.3.7-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:da8a4fda219bf9024692b1bc68c9cff4b80507879ada8769dc7e985755d662ea"}, + {file = "ruff-0.3.7-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6c44e0149f1d8b48c4d5c33d88c677a4aa22fd09b1683d6a7ff55b816b5d074f"}, + {file = "ruff-0.3.7-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:3050ec0af72b709a62ecc2aca941b9cd479a7bf2b36cc4562f0033d688e44fa1"}, + {file = "ruff-0.3.7-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:a29cc38e4c1ab00da18a3f6777f8b50099d73326981bb7d182e54a9a21bb4ff7"}, + {file = "ruff-0.3.7-py3-none-musllinux_1_2_i686.whl", hash = "sha256:5b15cc59c19edca917f51b1956637db47e200b0fc5e6e1878233d3a938384b0b"}, + {file = "ruff-0.3.7-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:e491045781b1e38b72c91247cf4634f040f8d0cb3e6d3d64d38dcf43616650b4"}, + {file = "ruff-0.3.7-py3-none-win32.whl", hash = "sha256:bc931de87593d64fad3a22e201e55ad76271f1d5bfc44e1a1887edd0903c7d9f"}, + {file = "ruff-0.3.7-py3-none-win_amd64.whl", hash = "sha256:5ef0e501e1e39f35e03c2acb1d1238c595b8bb36cf7a170e7c1df1b73da00e74"}, + {file = "ruff-0.3.7-py3-none-win_arm64.whl", hash = "sha256:789e144f6dc7019d1f92a812891c645274ed08af6037d11fc65fcbc183b7d59f"}, + {file = "ruff-0.3.7.tar.gz", hash = "sha256:d5c1aebee5162c2226784800ae031f660c350e7a3402c4d1f8ea4e97e232e3ba"}, ] [[package]] From 917ab7ef5e6fa8a054d9b20218cb69540af1f26a Mon Sep 17 00:00:00 2001 From: Meni Yakove Date: Fri, 12 Apr 2024 11:21:42 +0300 Subject: [PATCH 019/262] Release 1.0.27 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 8955a017..adb7b04c 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.0.26 +1.0.27 From 7c8fb69f1aa245dcad48fad1e02a40f2fdb84f65 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 12 Apr 2024 12:53:35 +0300 Subject: [PATCH 020/262] chore(deps): update poetry-deps (#415) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- poetry.lock | 6 +++--- pyproject.toml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/poetry.lock b/poetry.lock index ab4258f0..66e2ec3f 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1600,12 +1600,12 @@ tests = ["cython", "littleutils", "pygments", "pytest", "typeguard"] [[package]] name = "timeout-sampler" -version = "0.0.21" +version = "0.0.22" description = "Timeout utility class to wait for any function output and interact with it in given time" optional = false python-versions = "<4.0,>=3.8" files = [ - {file = "timeout_sampler-0.0.21.tar.gz", hash = "sha256:047994b8a3996b6fc2deca5263a6061167d7caa1b8f8c9ba0d190f4f302c8fa9"}, + {file = "timeout_sampler-0.0.22.tar.gz", hash = "sha256:117ffcc93d2689f3ab47537772ac50616f125005160cd85c4b9d54ca48b5281c"}, ] [package.dependencies] @@ -1916,4 +1916,4 @@ testing = ["big-O", "jaraco.functools", "jaraco.itertools", "more-itertools", "p [metadata] lock-version = "2.0" python-versions = "^3.8" -content-hash = "6e028ed213990de2082b296b22ce11ebae808a7e6de03d8037e2e8fcb117ae9f" +content-hash = "7622de827123dbfb3ccbfa92326221c2eccf2207fd7e31779281ce6dc03fad5d" diff --git a/pyproject.toml b/pyproject.toml index 9174943a..c38f10e9 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -38,7 +38,7 @@ shortuuid = "^1.0.11" colorlog = "^6.7.0" colorama = "^0.4.6" ruff = "^0.3.0" -timeout-sampler = "^0.0.21" +timeout-sampler = "^0.0.22" [tool.poetry.group.dev.dependencies] ipdb = "^0.13.13" From 287d9ab086c23989ce96b05fa2a038e6217b15a7 Mon Sep 17 00:00:00 2001 From: Meni Yakove Date: Sun, 14 Apr 2024 17:37:27 +0300 Subject: [PATCH 021/262] enable to run tox with specific python version --- Dockerfile | 11 ++ README.md | 110 ++++++++++---------- webhook_server_container/libs/github_api.py | 3 +- 3 files changed, 67 insertions(+), 57 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1f9c5677..0b551b86 100644 --- a/Dockerfile +++ b/Dockerfile @@ -29,6 +29,17 @@ RUN ln -s /usr/bin/python3 /usr/bin/python RUN python -m pip install --no-cache-dir pip --upgrade \ && python -m pip install --no-cache-dir poetry tox twine pre-commit +RUN python3.8 -m ensurepip \ + && python3.9 -m ensurepip \ + && python3.10 -m ensurepip \ + && python3.11 -m ensurepip \ + && python3.12 -m ensurepip \ + && python3.8 -m pip install tox \ + && python3.9 -m pip install tox \ + && python3.10 -m pip install tox \ + && python3.11 -m pip install tox \ + && python3.12 -m pip install tox + COPY pyproject.toml poetry.lock README.md $APP_DIR/ COPY webhook_server_container $APP_DIR/webhook_server_container/ diff --git a/README.md b/README.md index 97f6226f..804f205e 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,7 @@ A Flask-based webhook server for managing GitHub repositories. It handles tasks such as repository setup, branch protection, and webhook configuration. Pre-build container images available in: + - quay.io/myakove/github-webhook-server ## Build container @@ -10,7 +11,7 @@ Pre-build container images available in: Webhook server to manage GitHub repositories. On start, it will configure the following for each repository: -* Set branch protection based on config.yaml +- Set branch protection based on config.yaml **Private repositories are not supported.** @@ -39,9 +40,9 @@ docker build -t github-webhook-server . Before running the application, ensure to set the following environment variables and configuration file: -* `WEBHOOK_SERVER_LOG_FILE`: Path to the log file where the server logs are to be stored. -* `WEBHOOK_SERVER_DATA_DIR`: Path to the data directory where the `config.yaml` file is located. -* `config.yaml`: Configuration file that contains settings for the server and repositories, which should be placed in the `WEBHOOK_SERVER_DATA_DIR` directory. +- `WEBHOOK_SERVER_LOG_FILE`: Path to the log file where the server logs are to be stored. +- `WEBHOOK_SERVER_DATA_DIR`: Path to the data directory where the `config.yaml` file is located. +- `config.yaml`: Configuration file that contains settings for the server and repositories, which should be placed in the `WEBHOOK_SERVER_DATA_DIR` directory. Follow the instructions to build the container using either podman or docker as described in the Build container section. Once that is done, proceed with the configurations outlined below. @@ -62,25 +63,22 @@ repositories: main: [] ``` -* `github-app-id`: The ID of the GitHub app. Need to add the APP to the repository. -* `name`: repository full name (org or user/repository name) -* `webhook_ip`: Ip or FQDN where this app will run, this will be added as webhook in the repository setting -* `github-toekns`: List of admin users token for the repositories - +- `github-app-id`: The ID of the GitHub app. Need to add the APP to the repository. +- `name`: repository full name (org or user/repository name) +- `webhook_ip`: Ip or FQDN where this app will run, this will be added as webhook in the repository setting +- `github-toekns`: List of admin users token for the repositories -* If `slack_webhook_url` configured for the repository a slack massages will be sent to the configured channel -about new releases to pypi, new containers that was pushed +- If `slack_webhook_url` configured for the repository a slack massages will be sent to the configured channel + about new releases to pypi, new containers that was pushed ```yaml slack_webhook_url: https://hooks.slack.com/services/ ``` - if `pypi` configured for the repository a new version will be pushed to pypi on new GitHub release -* `token`: pypi token with push permissions -* `tool`: The tool to use to build the package, can be `twine` or `poetry` - +- `token`: pypi token with push permissions +- `tool`: The tool to use to build the package, can be `twine` or `poetry` ```yaml pypi: @@ -89,10 +87,12 @@ pypi: ``` if `tox` configured for the repository a tox job will run on each push and new commits -* `tox`: The tox tests to run, can be set of tests separated by `,` or `all` to run all tests defined in tox.ini + +- `tox`: The tox tests to run, can be set of tests separated by `,` or `all` to run all tests defined in tox.ini ```yaml tox: all +tox_python_version: python3.11 # if passed run on specified python version else run on default ``` Top level array which define the defaults required check runs for all the repositories @@ -106,7 +106,6 @@ default-status-checks: - "can-be-merged" ``` - ```yaml protected-branches: main: [] @@ -117,11 +116,10 @@ This tool configure branch protection and set required to be run for each branch if the repository have the file `.pre-commit-config.yaml` then `pre-commit.ci - pr` will be added, can be excluded by set it in `exclude-runs` -* `protected-branches`: array of branches to set protection -* `branch name`: List of required to be run to set for the branch, when empty set `default-status-checks` as required -* `include-runs`: Only include those runs as required -* `exclude-runs`: Exclude those runs from the `default-status-checks` - +- `protected-branches`: array of branches to set protection +- `branch name`: List of required to be run to set for the branch, when empty set `default-status-checks` as required +- `include-runs`: Only include those runs as required +- `exclude-runs`: Exclude those runs from the `default-status-checks` By default, we create a `verified_job` run, for each PR the owner needs to comment `/verified` to mark the PR as verified In order to not add this job set `verified_job` to `false` @@ -136,11 +134,11 @@ Once the PR is merged, the container will be build and push to the repository if `release` is set to `true` a new container will be pushed with the release version as the tag if the merged PR is in any other branch than `main` or `master` the tag will be set to `branch name`, otherwise `tag` will be used -* `username`: User with push permissions to the repository -* `password`: The password for the username -* `repository`: the repository to push the container, for example `quay.io/myakove/github-webhook-server` -* `tag`: The container tag to use when pushing the container -* `release`: if `true` a new container will be pushed with the release version as the tag +- `username`: User with push permissions to the repository +- `password`: The password for the username +- `repository`: the repository to push the container, for example `quay.io/myakove/github-webhook-server` +- `tag`: The container tag to use when pushing the container +- `release`: if `true` a new container will be pushed with the release version as the tag ```yaml container: @@ -153,7 +151,6 @@ container: If `docker` is configured for the repository we log in to docker.io to increase pull rate limit - ```yaml docker: username: username @@ -164,64 +161,65 @@ docker: Following actions are done automatically: -* Add reviewers from [OWNERS](OWNERS) file, support add different reviewers based on files/folders. -* Set PR size label. -* New issue is created for the PR. -* Issues get closed when PR is merged/closed. +- Add reviewers from [OWNERS](OWNERS) file, support add different reviewers based on files/folders. +- Set PR size label. +- New issue is created for the PR. +- Issues get closed when PR is merged/closed. ## OWNERS file example + ```yaml approvers: - myakove - rnetser reviewers: any: # will be added to all PRs - - myakove - - rnetser + - myakove + - rnetser files: # will be added to PRs if files in the list are changed Dockerfile: - - myakove + - myakove folders: # will be added to PRs if folders in the list are changed webhook_server_container/libs: # path is relative to the repository root - - myakove + - myakove ``` ### Supported user actions via adding comment -* `/verified`: to verify a PR -* `/verified cancel`: to undo verify -* `/cherry-pick `: cherry-pick a merged PR against a target branch - * Multiple target branches are allowed, separated by spaces - * If the current PR is nor merged label will be added and once the PR is merged it will be cherry-picked -* `/retest tox`: run tox -* `/retest build-container`: run build-container -* `/retest python-module-install`: run python-module-install command -* `/build-and-push-container`: build and push container image (tag will be the PR number). -* `/assign-reviewers`: assign reviewers based on OWNERS file +- `/verified`: to verify a PR +- `/verified cancel`: to undo verify +- `/cherry-pick `: cherry-pick a merged PR against a target branch + - Multiple target branches are allowed, separated by spaces + - If the current PR is nor merged label will be added and once the PR is merged it will be cherry-picked +- `/retest tox`: run tox +- `/retest build-container`: run build-container +- `/retest python-module-install`: run python-module-install command +- `/build-and-push-container`: build and push container image (tag will be the PR number). +- `/assign-reviewers`: assign reviewers based on OWNERS file ### Supported user labels Usage: -* `/