Skip to content

chore(action): Update reproducible requirements in automated dependency update workflows #8611

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
roger-zhangg merged 3 commits into from
Jan 30, 2026
Merged

chore(action): Update reproducible requirements in automated dependency update workflows #8611

roger-zhangg merged 3 commits into from
Jan 30, 2026

Conversation

@roger-zhangg
Copy link
Member

@roger-zhangg roger-zhangg commented Jan 30, 2026
edited
Loading

Which issue(s) does this change fix?

N/A - Internal workflow improvement

Why is this change necessary?

When automated dependency update PRs (for app templates hash, aws-sam-translator, and aws_lambda_builders) are created, they only update the dependency in requirements/base.txt but don't update the reproducible requirements files (requirements/reproducible-*.txt). This causes the update-reproducibles.yml workflow to trigger separately, which can lead to race conditions and inconsistent build states.

In a worse scenario, this workflow runs on schedule (every 4 hours), compares its changes against what update-reproducibles.yml already committed, and detects a diff. It then force pushes its changes, overwriting what update-reproducibles.yml made. This triggers update-reproducibles.yml to kick in again, causing an infinite loop.

How does it address the issue?

This PR adds Python 3.11 and uv setup to each automated update job, then runs make update-reproducible-reqs-uv before checking for changes. This ensures:

  1. Reproducible requirements are updated in the same commit as the dependency change
  2. The PR includes all necessary changes in a single atomic commit
  3. Build will be triggered consistently without needing a separate workflow run

Changes to each job:

  • Added actions/setup-python@v6 with Python 3.11
  • Added astral-sh/setup-uv@v7 to install uv
  • Added make update-reproducible-reqs-uv before git diff

What side effects does this change have?

  • Automated PRs will now include reproducible requirements updates
  • Slightly longer workflow execution time due to Python/uv setup and requirements generation
  • No functional changes to the dependency update logic

Mandatory Checklist

PRs will only be reviewed after checklist is complete

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@roger-zhangg roger-zhangg requested a review from a team as a code owner January 30, 2026 19:17
@roger-zhangg roger-zhangg force-pushed the update_action_fix branch 2 times, most recently from 3ce3445 to c740774 Compare January 30, 2026 20:26
@roger-zhangg roger-zhangg changed the title chore(action): trigger build action after update repro chore(action): Update reproducible requirements in automated dependency update workflows Jan 30, 2026
@roger-zhangg roger-zhangg added this pull request to the merge queue Jan 30, 2026
Merged via the queue into aws:develop with commit 5f85547 Jan 30, 2026
42 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@valerena valerena valerena approved these changes

@seshubaws seshubaws seshubaws approved these changes

Assignees

No one assigned

Labels

pr/internal

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@roger-zhangg @valerena @seshubaws