From 473fbe25e78745417c36a1639708fdf62c143639 Mon Sep 17 00:00:00 2001 From: Matthew Feickert Date: Fri, 17 Jan 2025 15:48:03 -0700 Subject: [PATCH 1/2] ci: Update GitHub Actions to latest releases * Update GitHub Actions to latest versions: - actions/checkout v3 -> v4 - actions/setup-python v4 -> v5 - astral-sh/setup-uv v3 -> v5 - codecov/codecov-action v3 -> v5 * Remove '3.0_develop' branch as trigger for docs workflow, as it no longer exists. --- .github/workflows/ci.yaml | 12 ++++++------ .github/workflows/ci_production.yaml | 8 ++++---- .github/workflows/docs.yml | 3 +-- .github/workflows/pypi.yaml | 2 +- 4 files changed, 12 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 7e62c0f6..09ac6c54 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -13,10 +13,10 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.x" @@ -35,15 +35,15 @@ jobs: runs-on: ${{ matrix.platform }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - name: Install uv - uses: astral-sh/setup-uv@v3 + uses: astral-sh/setup-uv@v5 - name: Install dependencies run: | @@ -55,7 +55,7 @@ jobs: coverage run -m pytest tests --cov=./servicex/ --cov-report=xml - name: Upload coverage to Codecov - uses: codecov/codecov-action@v3.1.4 + uses: codecov/codecov-action@v5 with: token: ${{ secrets.CODECOV_TOKEN }} directory: ./coverage/reports/ diff --git a/.github/workflows/ci_production.yaml b/.github/workflows/ci_production.yaml index e798c5a1..0325de18 100644 --- a/.github/workflows/ci_production.yaml +++ b/.github/workflows/ci_production.yaml @@ -11,12 +11,12 @@ jobs: environment: production-service steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up Python 3.12 - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: - python-version: 3.12 + python-version: "3.12" - name: Save secret run: 'echo "$SERVICEX_YAML" > servicex.yaml' @@ -25,7 +25,7 @@ jobs: SERVICEX_YAML: ${{ secrets.SERVICEX_YAML }} - name: Install uv - uses: astral-sh/setup-uv@v3 + uses: astral-sh/setup-uv@v5 - name: Install package run: | diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 9e3b1f8d..70087d3c 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -4,7 +4,6 @@ on: push: branches: - main - - 3.0_develop pull_request: workflow_dispatch: @@ -31,7 +30,7 @@ jobs: python-version: '3.12' - name: Install uv - uses: astral-sh/setup-uv@v3 + uses: astral-sh/setup-uv@v5 - name: Install Python dependencies run: | diff --git a/.github/workflows/pypi.yaml b/.github/workflows/pypi.yaml index 846d848f..24c14431 100644 --- a/.github/workflows/pypi.yaml +++ b/.github/workflows/pypi.yaml @@ -23,7 +23,7 @@ jobs: python-version: '3.12' - name: Install uv - uses: astral-sh/setup-uv@v3 + uses: astral-sh/setup-uv@v5 - name: Install python-build and twine run: | From 539ea5dff23c039a4595f443a043cf9d073da029 Mon Sep 17 00:00:00 2001 From: Matthew Feickert Date: Fri, 17 Jan 2025 15:45:38 -0700 Subject: [PATCH 2/2] ci: Add Dependabot updates for GitHub Actions * Enable weekly checks for updates to GitHub Actions in use with Dependabot. Group the updates into a single PR to avoid PR noise. --- .github/dependabot.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..9ab35b2a --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,17 @@ +version: 2 +updates: + # Maintain dependencies for GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + groups: + actions: + patterns: + - "*" + labels: + - "github-actions" + - "dependencies" + reviewers: + - "BenGalewsky" + - "ponyisi"