update_pip #193
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-FileCopyrightText: 2022 Contributors to the rez project | |
| # | |
| # SPDX-License-Identifier: Apache-2.0 | |
| # This workflow will automatically update the bundled pip and | |
| # will create and update PRs in a similar way to dependabot. | |
| # | |
| # Notes: | |
| # * If someone force pushes the main branch at around the same time as the scheduled run, | |
| # it the run will probably fail with obscure errors. | |
| # * I suspects this is true for non-forced push commits too. | |
| name: update_pip | |
| on: | |
| schedule: | |
| - cron: '0 0 * * 0' # Run at midnight UTC only on sunday | |
| workflow_dispatch: | |
| permissions: {} | |
| jobs: | |
| update: | |
| name: update | |
| runs-on: ubuntu-latest | |
| # Don't run on forks | |
| if: github.repository == 'JeanChristopheMorinPerso/rez-pip' | |
| permissions: | |
| pull-requests: write | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@bd01e18f51369d5a26f1651c3cb451d3417e3bba # v6.3.1 | |
| with: | |
| python-version: 3.12 | |
| - name: Check if pip is up-to-date and download if not | |
| run: | | |
| set -e | |
| error_code=0 | |
| git fetch origin __update_pip__ > /dev/null 2>&1 || error_code=$? | |
| if [[ $error_code -eq 0 ]]; then | |
| echo 'Switching to __update_pip__ branch' | |
| set -x | |
| git switch __update_pip__ | |
| git pull origin __update_pip__ | |
| else | |
| echo 'Branch __update_pip__ does not exists' | |
| fi | |
| set -x | |
| uvx nox --default-venv-backend uv -s download_pip | |
| if [[ $error_code -eq 0 ]]; then | |
| git switch - | |
| fi | |
| id: download_pip | |
| - name: Confirm step outputs | |
| run: | | |
| set -e | |
| if [[ $DOWNLOADED_PIP_PATH == '' ]]; then | |
| echo 'steps.download_pip.outputs.downloaded-pip-path is empty!' | |
| exit 1 | |
| fi | |
| if [[ $PREVIOUS_PIP_VERSION == '' ]]; then | |
| echo 'steps.download_pip.outputs.previous-pip-version is empty!' | |
| exit 1 | |
| fi | |
| env: | |
| DOWNLOADED_PIP_PATH: ${{ steps.download_pip.outputs.downloaded-pip-path }} | |
| PREVIOUS_PIP_VERSION: ${{ steps.download_pip.outputs.previous-pip-version }} | |
| - name: Get __update_pip__ PR number | |
| if: steps.download_pip.outputs.downloaded-pip-path != 'none' | |
| id: get-pull-request-number | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| set -ex | |
| number=$(gh pr list --app rez-pip-update-bot --limit 1 --head __update_pip__ --json number --jq '.[].number') | |
| echo "number=${number}" >> $GITHUB_OUTPUT | |
| - name: Get token | |
| id: app-token | |
| if: steps.download_pip.outputs.downloaded-pip-path != 'none' | |
| uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 | |
| with: | |
| app-id: ${{ secrets.GH_BOT_APP_ID }} | |
| private-key: ${{ secrets.GH_BOT_PRIVATE_KEY }} | |
| - name: Create commit | |
| if: steps.download_pip.outputs.downloaded-pip-path != 'none' | |
| run: | | |
| set -ex | |
| if [ -z $PULL_REQUEST_NUMBER ]; then | |
| echo 'Creating branch named __update_pip__' | |
| git switch -c __update_pip__ | |
| else | |
| echo '__update_pip__ already exists. Re-using it' | |
| git fetch origin __update_pip__ | |
| git switch __update_pip__ | |
| fi | |
| cp -v $DOWNLOADED_PIP_PATH src/rez_pip/data/pip.pyz | |
| git add src/rez_pip/data/pip.pyz | |
| # https://stackoverflow.com/a/74071223 | |
| git config user.name 'rez-pip-update-bot[bot]' | |
| # 133434221 comes from https://api.github.com/users/rez-pip-update-bot[bot] | |
| git config user.email '133434221+rez-pip-update-bot[bot]@users.noreply.github.com' | |
| git commit --signoff -m "Update pip from $PREVIOUS_PIP_VERSION to $NEW_PIP_VERSION" | |
| git push origin __update_pip__ | |
| env: | |
| PULL_REQUEST_NUMBER: ${{ steps.get-pull-request-number.outputs.number }} | |
| DOWNLOADED_PIP_PATH: ${{ steps.download_pip.outputs.downloaded-pip-path }} | |
| PREVIOUS_PIP_VERSION: ${{ steps.download_pip.outputs.previous-pip-version }} | |
| NEW_PIP_VERSION: ${{ steps.download_pip.outputs.new-pip-version }} | |
| - name: PR | |
| if: steps.download_pip.outputs.downloaded-pip-path != 'none' | |
| env: | |
| GH_TOKEN: ${{ steps.app-token.outputs.token }} | |
| NEW_PIP_VERSION: ${{ steps.download_pip.outputs.new-pip-version }} | |
| PREVIOUS_PIP_VERSION: ${{ steps.download_pip.outputs.previous-pip-version }} | |
| PULL_REQUEST_NUMBER: ${{ steps.get-pull-request-number.outputs.number }} | |
| run: | | |
| set -e | |
| version=$(echo $NEW_PIP_VERSION | sed 's/\./-/g') | |
| title="Update pip to $NEW_PIP_VERSION" | |
| cat << EOF > $RUNNER_TEMP/pr_body | |
| Update pip from $PREVIOUS_PIP_VERSION to $NEW_PIP_VERSION. | |
| Changelog: https://pip.pypa.io/en/stable/news/#v${version}. | |
| --- | |
| _This PR was created by the [rez-pip-update-bot](https://github.com/apps/rez-pip-update-bot) bot and the workflow located at [.github/workflows/update_pip.yaml](../blob/main/.github/workflows/update_pip.yaml)_ | |
| EOF | |
| if [[ $PULL_REQUEST_NUMBER != '' ]]; then | |
| echo "Updating PR #${PULL_REQUEST_NUMBER}" | |
| set -x | |
| gh pr edit $PULL_REQUEST_NUMBER \ | |
| --title "${title}" \ | |
| --body-file $RUNNER_TEMP/pr_body | |
| else | |
| echo 'Creating new PR' | |
| set -x | |
| gh pr create \ | |
| --base main \ | |
| --head __update_pip__ \ | |
| --title "${title}" \ | |
| --body-file $RUNNER_TEMP/pr_body \ | |
| --label 'pip-update' | |
| fi |