MAINT: update lock files #10
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update | |
| env: | |
| COMMIT_TITLE: "MAINT: update lock files" | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| - epic/* | |
| paths: | |
| - .constraints/ | |
| - .pre-commit-config.yaml | |
| - Manifest.toml | |
| - pixi.lock | |
| - uv.lock | |
| workflow_call: | |
| secrets: | |
| token: | |
| description: >- | |
| Personal Access Token for GitHub. This needs to be set as a secret by | |
| the host repository in order to rerun checks after pushing to a PR. | |
| The default GITHUB_TOKEN does not suffice for that, see here: | |
| https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows | |
| This page tells more about creating a PAT: | |
| https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token | |
| required: true | |
| workflow_dispatch: | |
| jobs: | |
| find-lock-files: | |
| name: Find lock files | |
| runs-on: ubuntu-24.04 | |
| outputs: | |
| lock-files: ${{ steps.check.outputs.lock-files }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - id: check | |
| name: Determine available lock files | |
| run: | | |
| lock_file_patterns=( | |
| .constraints/ | |
| .pre-commit-config.yaml | |
| Manifest.toml | |
| pixi.lock | |
| uv.lock | |
| ) | |
| files=() | |
| for file in "${lock_file_patterns[@]}"; do | |
| [[ -e $file ]] && files+=("$file") | |
| done | |
| echo "lock-files=${files[*]}" | tee -a $GITHUB_OUTPUT | |
| create-matrix: | |
| name: Determine Python versions | |
| if: >- | |
| contains( needs.find-lock-files.outputs.lock-files, '.constraints/' ) && ( | |
| github.event_name == 'schedule' || | |
| github.event_name == 'workflow_dispatch' || | |
| github.event.pull_request.head.repo.full_name == github.repository | |
| ) | |
| needs: | |
| - find-lock-files | |
| outputs: | |
| matrix: ${{ steps.versions.outputs.matrix }} | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - id: versions | |
| uses: ComPWA/actions/create-python-version-matrix@v2 | |
| pip-constraints: | |
| name: pip constraint files | |
| if: contains( needs.find-lock-files.outputs.lock-files, '.constraints/' ) | |
| needs: | |
| - create-matrix | |
| - find-lock-files | |
| runs-on: ubuntu-20.04 | |
| strategy: | |
| fail-fast: false | |
| matrix: ${{ fromJSON(needs.create-matrix.outputs.matrix) }} | |
| steps: | |
| - if: matrix.python-version != 'skipped' | |
| uses: ComPWA/update-pip-constraints@v1 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| pixi-lock: | |
| name: pixi.lock | |
| if: contains( needs.find-lock-files.outputs.lock-files, 'pixi.lock' ) | |
| needs: | |
| - find-lock-files | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: prefix-dev/setup-pixi@v0.8.1 | |
| with: | |
| run-install: false | |
| - name: Update lock files | |
| run: pixi update | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: pixi-lock | |
| path: pixi.lock | |
| julia: | |
| name: Manifest.toml | |
| if: contains( needs.find-lock-files.outputs.lock-files, 'Manifest.toml' ) | |
| needs: | |
| - find-lock-files | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - if: hashFiles('pixi.lock') == '' | |
| uses: julia-actions/setup-julia@v2 | |
| - if: hashFiles('pixi.lock') | |
| uses: prefix-dev/setup-pixi@v0.8.1 | |
| with: | |
| activate-environment: true | |
| - name: Update Julia Manifest.toml | |
| run: julia -e 'using Pkg; Pkg.update()' | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: Manifest-toml | |
| path: Manifest.toml | |
| pre-commit: | |
| name: .pre-commit-config.yaml | |
| if: >- | |
| contains( needs.find-lock-files.outputs.lock-files, '.pre-commit-config.yaml' ) || | |
| github.event_name == 'schedule' || | |
| github.event_name == 'workflow_dispatch' || | |
| github.event.pull_request.head.repo.full_name == github.repository | |
| needs: | |
| - find-lock-files | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ComPWA/update-pre-commit@v1 | |
| uv-lock: | |
| name: uv.lock | |
| if: contains( needs.find-lock-files.outputs.lock-files, 'uv.lock' ) | |
| needs: | |
| - find-lock-files | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: astral-sh/setup-uv@v5 | |
| - run: uv lock --upgrade | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: uv-lock | |
| path: uv.lock | |
| push: | |
| name: Push changes | |
| if: always() && github.event_name == 'pull_request' | |
| runs-on: ubuntu-24.04 | |
| needs: | |
| - julia | |
| - pip-constraints | |
| - pixi-lock | |
| - pre-commit | |
| - uv-lock | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.token || github.token}} | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| merge-multiple: true | |
| path: . | |
| - name: Show changed files | |
| run: | | |
| git config --global color.ui always | |
| git status --short | |
| - name: Show changes | |
| run: git diff --color --unified=0 | |
| - name: Commit and push changes | |
| run: | | |
| git remote set-url origin https://x-access-token:${{ secrets.token }}@github.com/${{ github.repository }} | |
| git config --global user.name "GitHub" | |
| git config --global user.email "noreply@github.com" | |
| git checkout -b ${{ github.head_ref }} | |
| if [[ $(git status -s) ]]; then | |
| git add -A | |
| git commit -m '${{ env.COMMIT_TITLE }}' | |
| git config pull.rebase true | |
| git pull origin ${{ github.head_ref }} | |
| git push origin HEAD:${{ github.head_ref }} | |
| fi | |
| pr-exists: | |
| name: Check if PR already exists | |
| if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' | |
| outputs: | |
| exists: ${{ steps.pr-exists.outputs.exists }} | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: List open pull requests | |
| id: list-prs | |
| run: | | |
| delimiter="$(openssl rand -hex 8)" | |
| echo "prs<<${delimiter}" >> $GITHUB_OUTPUT | |
| for pr in $( | |
| gh pr list \ | |
| --json title,url \ | |
| --jq '.[] | select(.title == "${{ env.COMMIT_TITLE }}") | .url' \ | |
| --state open | |
| ); do | |
| echo "$pr" | tee -a $GITHUB_OUTPUT | |
| done | |
| echo "${delimiter}" >> $GITHUB_OUTPUT | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| - name: Check if constraints PR exists | |
| id: pr-exists | |
| run: | | |
| prs="${{ steps.list-prs.outputs.prs }}" | |
| if [[ -z "$prs" ]]; then | |
| echo "exists=false" | tee -a "$GITHUB_OUTPUT" | |
| echo "✅ No PR with title '${{ env.COMMIT_TITLE }}' found." | |
| else | |
| echo "exists=true" | tee -a "$GITHUB_OUTPUT" | |
| echo "❌ PR with title '${{ env.COMMIT_TITLE }}' already exists." | |
| fi | |
| create-pr: | |
| name: Create PR | |
| runs-on: ubuntu-24.04 | |
| if: >- | |
| always() && | |
| (github.event_name == 'schedule' || github.event_name == 'workflow_dispatch') && | |
| needs.pr-exists.outputs.exists != 'true' | |
| needs: | |
| - pip-constraints | |
| - pixi-lock | |
| - pre-commit | |
| - uv-lock | |
| - pr-exists | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.token }} | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| merge-multiple: true | |
| path: . | |
| - name: Show changed files | |
| run: | | |
| git config --global color.ui always | |
| git status --short | |
| - name: Show changes | |
| run: git diff --color --unified=0 | |
| - name: Create Pull Request | |
| uses: peter-evans/create-pull-request@v7 | |
| with: | |
| commit-message: ${{ env.COMMIT_TITLE }} | |
| committer: GitHub <noreply@github.com> | |
| author: GitHub <noreply@github.com> | |
| title: ${{ env.COMMIT_TITLE }} | |
| body: >- | |
| This PR updates all lock files. It was created automatically by a scheduled workflow. | |
| labels: | | |
| 🔨 Maintenance | |
| branch-suffix: timestamp | |
| delete-branch: true | |
| token: ${{ secrets.token }} |