Update CI/CD and dependabot (#150)

* Update dependabot with 'groups' Remove everything to do with the permanent dependencies branch. Add the usage of the invoke task 'check-dockerfile-python-version' as a pre-commit hook, instead of using it in the (now removed) ci_automerge_dependabot.yml workflow. * Optimize cd_release.yml workflow Minor updates to naming and more. Use the docker image for github-changelog-generator straight up. Create outputs instead of environment variables on-the-fly whenever possible. * Add pre-commit.ci configuration * Ensure invoke is installed for pre-commit CI run
Materials-Consortia · Jun 16, 2024 · ecb73eb · ecb73eb
1 parent 3b6ce19
commit ecb73eb
Show file tree

Hide file tree

Showing 9 changed files with 71 additions and 432 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -5,23 +5,43 @@ updates:
   schedule:
     interval: daily
     time: "04:43"
-  target-branch: ci/dependabot-updates
+  target-branch: master
   labels:
   - docker_dependencies
+  groups:
+    docker:
+      applies-to: version-updates
+      dependency-type: production
+    docker-security:
+      applies-to: security-updates
+      dependency-type: production
 - package-ecosystem: github-actions
   directory: "/"
   schedule:
     interval: daily
     time: "04:38"
-  target-branch: ci/dependabot-updates
+  target-branch: master
   labels:
   - CI
-- package-ecosystem: docker
-  directory: "/tests"
+  groups:
+    gh-actions:
+      applies-to: version-updates
+      dependency-type: production
+    gh-actions-security:
+      applies-to: security-updates
+      dependency-type: production
+- package-ecosystem: pip
+  directory: "/"
   schedule:
     interval: daily
-    time: "04:33"
-  target-branch: ci/dependabot-updates
+    time: "04:53"
+  target-branch: master
   labels:
-  - docker_dependencies
-  - tests
+  - CI
+  groups:
+    python:
+      applies-to: version-updates
+      dependency-type: production
+    python-security:
+      applies-to: security-updates
+      dependency-type: production
diff --git a/.github/utils/single_dependency_pr_body.txt b/.github/utils/single_dependency_pr_body.txt
diff --git a/.github/utils/wait_for_it.sh b/.github/utils/wait_for_it.sh
diff --git a/.github/workflows/cd_release.yml b/.github/workflows/cd_release.yml
@@ -24,7 +24,7 @@ jobs:
     - name: Set up Python 3.9
       uses: actions/setup-python@v5
       with:
-        python-version: 3.9
+        python-version: '3.9'
 
     - name: Install Python dependencies
       run: |
@@ -39,12 +39,19 @@ jobs:
 
         pip install ${invoke}
 
+    - name: Setup changelog configuration
+      id: changelog_config
+      run: |
+        echo "project=$(echo $GITHUB_REPOSITORY | cut -d/ -f2- )" >> $GITHUB_OUTPUT
+        echo "exclude_labels=duplicate,question,invalid,wontfix,docker_dependencies" >> $GITHUB_OUTPUT
+
+        # For the release-specific changelog
+        echo "output_file=release_changelog.md" >> $GITHUB_OUTPUT
+
     - name: Update changelog
-      uses: CharMixer/auto-changelog-action@v1
+      uses: docker://githubchangeloggenerator/github-changelog-generator:1.16.2
       with:
-        token: ${{ secrets.RELEASE_PAT_CASPER }}
-        release_branch: ${{ env.PUBLISH_UPDATE_BRANCH }}
-        exclude_tags: "duplicate,question,invalid,wontfix,docker_dependencies"
+        args: --user "${{ github.repository_owner }}" --project "${{ steps.changelog_config.outputs.project }}" --token "${{ secrets.RELEASE_PAT_CASPER }}" --release-branch "${{ env.PUBLISH_UPDATE_BRANCH }}" --exclude-labels "${{ steps.changelog_config.outputs.exclude_labels }}"
 
     - name: Update version and tags
       run: .github/utils/update_version.sh
@@ -58,22 +65,19 @@ jobs:
         force: true
         tags: true
 
-    - name: Get tagged versions
-      run: echo "PREVIOUS_VERSION=$(git tag -l --sort -version:refname | sed -n 2p)" >> $GITHUB_ENV
+    - name: Get previous version
+      id: get_previous_version
+      run: echo "previous_version=$(git tag -l --sort -version:refname | sed -n 2p)" >> $GITHUB_OUTPUT
 
     - name: Create release-specific changelog
-      uses: CharMixer/auto-changelog-action@v1
+      uses: docker://githubchangeloggenerator/github-changelog-generator:1.16.2
       with:
-        token: ${{ secrets.RELEASE_PAT_CASPER }}
-        release_branch: ${{ env.PUBLISH_UPDATE_BRANCH }}
-        since_tag: "${{ env.PREVIOUS_VERSION }}"
-        output: "release_changelog.md"
-        exclude_tags: "duplicate,question,invalid,wontfix,docker_dependencies"
+        args: --user "${{ github.repository_owner }}" --project "${{ steps.changelog_config.outputs.project }}" --token "${{ secrets.RELEASE_PAT_CASPER }}" --release-branch "${{ env.PUBLISH_UPDATE_BRANCH }}" --since-tag "${{ steps.get_previous_version.outputs.previous_version }}" --output "${{ steps.changelog_config.outputs.output_file }}" --exclude-labels "${{ steps.changelog_config.outputs.exclude_labels }}" --usernames-as-github-logins
 
     - name: Append changelog to release body
       run: |
         gh api /repos/${{ github.repository }}/releases/${{ github.event.release.id }} --jq '.body' > release_body.md
-        cat release_changelog.md >> release_body.md
+        cat ${{ steps.changelog_config.outputs.output_file }} >> release_body.md
         gh api /repos/${{ github.repository }}/releases/${{ github.event.release.id }} -X PATCH -F body='@release_body.md'
       env:
         GITHUB_TOKEN: ${{ secrets.RELEASE_PAT_CASPER }}
diff --git a/.github/workflows/ci_automerge_dependabot.yml b/.github/workflows/ci_automerge_dependabot.yml