Copier update: address PR comment skill #396
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches-ignore: | |
| - 'gh-readonly-queue/**' # don't run (again) when on these special branches created during merge groups; the `on: merge_group` already triggers it. | |
| merge_group: | |
| pull_request: | |
| env: | |
| PYTHONUNBUFFERED: True | |
| PRE_COMMIT_HOME: ${{ github.workspace }}/.precommit_cache | |
| permissions: | |
| id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) | |
| contents: read # need to explicitly provide this whenever defining permissions because the default value is 'none' for anything not explicitly set when permissions are defined | |
| jobs: | |
| get-values: | |
| uses: ./.github/workflows/get-values.yaml | |
| permissions: | |
| contents: write # needed for updating dependabot branches | |
| check-skip-duplicate: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 2 | |
| permissions: | |
| contents: read | |
| pull-requests: read # needed to check if PR exists for current branch | |
| outputs: | |
| should-run: ${{ steps.check.outputs.should-run }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - id: check | |
| uses: ./.github/actions/check-skip-duplicates | |
| pre-commit: | |
| needs: | |
| - get-values | |
| - check-skip-duplicate | |
| if: needs.check-skip-duplicate.outputs.should-run == 'true' | |
| uses: ./.github/workflows/pre-commit.yaml | |
| permissions: | |
| contents: write # needed for mutex | |
| id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) | |
| with: | |
| python-version: 3.12.7 | |
| unit-test: | |
| needs: | |
| - pre-commit | |
| - check-skip-duplicate | |
| if: needs.check-skip-duplicate.outputs.should-run == 'true' | |
| strategy: | |
| matrix: | |
| os: | |
| - "ubuntu-24.04" | |
| python-version: | |
| - 3.12.7 | |
| - 3.13.9 | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 8 | |
| env: | |
| UV_PYTHON: ${{ matrix.python-version }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - name: Install tooling | |
| uses: ./.github/actions/install_deps | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| node-version: 24.11.1 | |
| - name: Run Unit Tests | |
| # TODO: figure out what to do about tests of copier task scripts that don't actually get detected by code coverage | |
| run: uv run pytest tests/unit --durations=5 --no-cov | |
| lint-matrix: | |
| needs: | |
| - pre-commit | |
| - check-skip-duplicate | |
| if: needs.check-skip-duplicate.outputs.should-run == 'true' | |
| strategy: | |
| matrix: | |
| os: | |
| - "ubuntu-24.04" | |
| python-version: | |
| - 3.12.7 | |
| - 3.13.9 | |
| copier: [ | |
| '--data-file tests/copier_data/data1.yaml', | |
| '--data-file tests/copier_data/data2.yaml', | |
| '--data-file tests/copier_data/data3.yaml', | |
| ] | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 8 | |
| env: | |
| UV_PYTHON: ${{ matrix.python-version }} | |
| permissions: | |
| contents: write # needed for mutex | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - name: Move python script that replaces private package registry information to temp folder so it doesn't get deleted | |
| run: | | |
| mv .github/workflows/replace_private_package_registries.py $RUNNER_TEMP | |
| - name: Install tooling | |
| uses: ./.github/actions/install_deps | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| install-deps: false | |
| - name: Instantiate copier template | |
| run: | | |
| copier copy --trust --vcs-ref ${{ github.sha }} ${{ matrix.copier }} --data python_version=${{ matrix.python-version }} . ./new-template | |
| - name: Confirm instantiated template has copier answers file | |
| run: | | |
| if [ ! -f "./new-template/./.copier-answers.yml" ]; then | |
| echo "Copier answers file not found in instantiated template location" | |
| exit 1 | |
| fi | |
| - name: Delete files from initial repo | |
| run: | | |
| # Delete everything except the folder containing the instantiated template | |
| # https://stackoverflow.com/questions/34057047/delete-all-directories-except-one | |
| shopt -s extglob | |
| rm -rf !(new-template) | |
| rm -rf .github # apparently this folder doesn't get removed with the previous command for some reason | |
| rm -rf .devcontainer # apparently this folder doesn't get removed with the previous command for some reason | |
| rm -rf .claude # apparently this folder doesn't get removed with the previous command for some reason | |
| ls -la | |
| - name: Move the instantiated template into the repo root | |
| run: | | |
| # Move all the files from the instantiated template out of the subfolder | |
| shopt -s dotglob # https://unix.stackexchange.com/questions/6393/how-do-you-move-all-files-including-hidden-from-one-directory-to-another | |
| mv new-template/* . | |
| ls -la | |
| # delete the subfolder | |
| rm -frd new-template | |
| ls -la | |
| - name: install new dependencies | |
| env: | |
| SKIP_PLAYWRIGHT_INSTALL: "1" | |
| # Provide a fake token so it doesn't attempt to access AWS to generate a new one when the script is run if CodeArtifact is set as the registry | |
| CODEARTIFACT_AUTH_TOKEN: 'faketoken' | |
| run: | | |
| # Remove any specification of a Python repository having a default other than PyPI...because in this CI pipeline we can only install from PyPI | |
| python $RUNNER_TEMP/replace_private_package_registries.py | |
| python .devcontainer/manual-setup-deps.py --skip-check-lock --skip-updating-devcontainer-hash | |
| # Add everything to git so that pre-commit recognizes the files and runs on them | |
| git add . | |
| git status | |
| - name: Set up mutex # Github concurrency management is horrible, things get arbitrarily cancelled if queued up. So using mutex until github fixes itself. When multiple jobs are modifying cache at once, weird things can happen. possible issue is https://github.com/actions/toolkit/issues/658 | |
| if: ${{ runner.os != 'Windows' }} # we're just gonna have to YOLO on Windows, because this action doesn't support it yet https://github.com/ben-z/gh-action-mutex/issues/14 | |
| uses: ben-z/gh-action-mutex@1ebad517141198e08d47cf72f3c0975316620a65 # v1.0.0-alpha.10 | |
| with: | |
| branch: mutex-venv-${{ matrix.os }}-${{ matrix.python-version }} | |
| timeout-minutes: 8 # this is the amount of time this action will wait to attempt to acquire the mutex lock before failing, e.g. if other jobs are queued up in front of it | |
| - name: Cache Pre-commit hooks | |
| uses: actions/cache@v5.0.5 | |
| env: | |
| cache-name: cache-pre-commit-hooks | |
| with: | |
| path: ${{ env.PRE_COMMIT_HOME }} | |
| key: ${{ matrix.os }}-${{ matrix.python-version }}-build-${{ env.cache-name }}-${{ hashFiles('.pre-commit-config.yaml') }} | |
| restore-keys: | | |
| ${{ matrix.os }}-${{ matrix.python-version }}-build-${{ env.cache-name }}- | |
| - name: Run pre-commit | |
| run: | | |
| # skip devcontainer context hash because the template instantiation may make it different every time | |
| SKIP=git-dirty,compute-devcontainer-context-hash pre-commit run -a || PRE_COMMIT_EXIT_CODE=$? | |
| if [ -n "$PRE_COMMIT_EXIT_CODE" ]; then | |
| echo "Pre-commit failed with exit code $PRE_COMMIT_EXIT_CODE" | |
| echo "Showing git diff:" | |
| git --no-pager diff | |
| exit $PRE_COMMIT_EXIT_CODE | |
| fi | |
| - name: Upload pre-commit log if failure | |
| if: ${{ failure() }} | |
| uses: actions/upload-artifact@v4.4.3 | |
| with: | |
| name: pre-commit-log--${{ github.jobs.lint-matrix.name }} | |
| path: "${{ github.workspace }}/.precommit_cache/pre-commit.log" | |
| confirm-on-tagged-copier-template: | |
| if: ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }} | |
| uses: ./.github/workflows/confirm-on-tagged-copier-template.yaml | |
| workflow-summary: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 2 | |
| needs: | |
| - get-values | |
| - check-skip-duplicate | |
| - confirm-on-tagged-copier-template | |
| - pre-commit | |
| - unit-test | |
| - lint-matrix | |
| permissions: | |
| statuses: write # needed for updating status on Dependabot PRs | |
| if: always() | |
| steps: | |
| - name: fail if prior job failure | |
| run: | | |
| success_pattern="^(skipped|success)$" # these are the possibilities: https://docs.github.com/en/actions/reference/workflows-and-actions/contexts#needs-context | |
| if [[ ! "${{ needs.get-values.result }}" =~ $success_pattern ]] || | |
| [[ ! "${{ needs.confirm-on-tagged-copier-template.result }}" =~ $success_pattern ]] || | |
| [[ ! "${{ needs.check-skip-duplicate.result }}" =~ $success_pattern ]] || | |
| [[ ! "${{ needs.pre-commit.result }}" =~ $success_pattern ]] || | |
| [[ ! "${{ needs.unit-test.result }}" =~ $success_pattern ]] || | |
| [[ ! "${{ needs.lint-matrix.result }}" =~ $success_pattern ]]; then | |
| echo "❌ One or more jobs did not finish with skipped or success" | |
| exit 1 | |
| fi | |
| echo "✅ All jobs finished with skipped or success" | |
| - name: Mark the required-check as succeeded so the PR can be merged | |
| if: ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }} | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| gh api \ | |
| -X POST -H "Accept: application/vnd.github.v3+json" \ | |
| "${{ github.event.pull_request.statuses_url }}" \ | |
| -f state=success -f context="required-check" -f description="✅ All required checks passed in the job triggered by pull_request" \ | |
| -f target_url="${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
| - name: Mark updated dependabot hash commit as succeeded | |
| if: needs.get-values.outputs.dependabot-commit-created == 'true' | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| gh api \ | |
| -X POST -H "Accept: application/vnd.github.v3+json" \ | |
| "/repos/${{ github.repository }}/statuses/${{ needs.get-values.outputs.new-dependabot-sha }}" \ | |
| -f state=success -f context="required-check" -f description="Initial CI run passed" \ | |
| -f target_url="${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" |