refactor: requirements.txt sync & validation #21
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Netlify requires requirements.txt (humans do not) | |
| name: Sync requirements.txt with pyproject.toml | |
| on: | |
| pull_request: | |
| paths: ['poetry.lock'] | |
| types: [opened, synchronize, reopened] | |
| permissions: | |
| contents: write | |
| jobs: | |
| detect-requirements-delta: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| has_change: ${{ steps.detect.outputs.has_change }} | |
| # Skip if the last commit was from the bot (prevent infinite loops) | |
| if: github.event.head_commit.author.name != 'github-actions[bot]' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref || github.ref_name }} | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version-file: 'pyproject.toml' | |
| - name: Install Poetry | |
| run: pip install poetry | |
| - name: Install Dependencies via Poetry | |
| run: poetry install --only main --no-root | |
| - name: Detect whether requirements.txt has change | |
| id: detect | |
| run: | | |
| output=$(make requirements.txt 2>&1) | |
| echo "$output" | |
| # Check whether Make output suggests file is up to date | |
| if echo "$output" | grep -qi "up to date\|up-to-date\|already up to date"; then | |
| echo "has_change=false" >> $GITHUB_OUTPUT | |
| echo "::notice::requirements.txt seems up to date" | |
| else | |
| echo "has_change=true" >> $GITHUB_OUTPUT | |
| fi | |
| prevent-bot-commit-if-human-edit: | |
| runs-on: ubuntu-latest | |
| needs: detect-requirements-delta | |
| if: needs.detect-requirements-delta.outputs.has_change == 'true' | |
| outputs: | |
| is_human_edit: ${{ steps.check.outputs.is_human_edit }} | |
| offender_author: ${{ steps.check.outputs.offender_author }} | |
| offender_subject: ${{ steps.check.outputs.offender_subject }} | |
| env: | |
| ALLOWED_BOTS: 'github-actions[bot],dependabot[bot]' | |
| COMMIT_MSG_FILE: .github/commit-messages/requirements_update.txt | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref || github.ref_name }} | |
| fetch-depth: 0 | |
| - name: Check for human edits | |
| id: check | |
| env: | |
| MODE: detect | |
| run: bash ./.github/actions/validate-requirements/check.sh | |
| - name: Comment on PR about human edit | |
| if: steps.check.outputs.is_human_edit == 'true' | |
| uses: actions/github-script@v6 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| const author = `${{ steps.check.outputs.offender_author }}` | |
| const subject = `${{ steps.check.outputs.offender_subject }}` | |
| const body = `Undo edits to \`requirements.txt\` in this PR. That file is maintained by a bot; human edits should be reverted so the bot can manage it. Offending commit by ${author}: "${subject}". If you intended to pin a dependency, use \`poetry add <package>\`.` | |
| await github.rest.issues.createComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.issue.number, | |
| body | |
| }) | |
| commit-requirements-delta: | |
| runs-on: ubuntu-latest | |
| needs: [detect-requirements-delta, prevent-bot-commit-if-human-edit] | |
| if: needs.detect-requirements-delta.outputs.has_change == 'true' && needs.prevent-bot-commit-if-human-edit.outputs.is_human_edit == 'false' | |
| env: | |
| COMMIT_MSG_FILE: .github/commit-messages/requirements_update.txt | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref || github.ref_name }} | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version-file: 'pyproject.toml' | |
| - name: Install Poetry | |
| run: pip install poetry | |
| - name: Generate requirements.txt | |
| run: make requirements.txt | |
| - name: Configure Git | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| - name: Commit requirements.txt if changed | |
| run: | | |
| git add -f requirements.txt | |
| if git diff --staged --quiet; then | |
| echo "No changes to requirements.txt" | |
| else | |
| commit_msg=$(sed -n '1p' "$COMMIT_MSG_FILE" 2>/dev/null | tr -d '\r') | |
| if [ -z "$commit_msg" ]; then | |
| echo "::error::Missing or empty canonical commit message file: $COMMIT_MSG_FILE" | |
| exit 1 | |
| fi | |
| git commit -m "$commit_msg" | |
| git push | |
| fi |