build: improve docker cache by copying VERSION later

Author: sdn4z

.cz.toml

@@ -0,0 +1,99 @@
+
+[tool.commitizen]
+version = "0.18.5"
+version_files = [
+    "VERSION",
+]
+name = "cz_customize"
+tag_format = "v$version"
+
+[tool.commitizen.customize]
+message_template = "{{prefix}}{% if scope %}({{scope}}){% endif %}: {{subject}}{% if body %}\n\n{{body}}{% endif %}{% if is_breaking_change %}\n\nBREAKING CHANGE: {{footer}}{% else %}\n\n{{footer}}{% endif %}"
+
+bump_pattern = "^(BREAKING[\\-\\ ]CHANGE|feat|fix|refactor|perf|ci|docs|style|test|chore|revert|build)(\\(.+\\))?(!)?"
+change_type_order = [
+    "BREAKING CHANGE",
+    "Feat",
+    "Fix",
+    "Refactor",
+    "Perf",
+    "CI",
+    "Docs",
+    "Technical",
+    "Tests",
+]
+bump_message = "bump: version $current_version → $new_version"
+schema = "<type>(<scope>): <subject>\n<BLANK LINE>\n<body>\n<BLANK LINE>\n(BREAKING CHANGE: )<footer>"
+schema_pattern = "(?s)(build|ci|docs|feat|fix|perf|refactor|style|test|chore|revert|bump)(\\(\\S+\\))?!?:( [^\\n\\r]+)((\\n\\n.*)|(\\s*))?$"
+commit_parser = "^(?P<change_type>feat|fix|refactor|perf|BREAKING CHANGE|ci|docs|style|test|chore|revert|build)(?:\\((?P<scope>[^()\\r\\n]*)\\)|\\()?(?P<breaking>!)?:\\s(?P<message>.*)?"
+version_parser = "(?P<version>([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9A-Za-z-]+(?:\\.[0-9A-Za-z-]+)*))?(?:\\+[0-9A-Za-z-]+)?(\\w+)?)"
+changelog_pattern = "^(BREAKING[\\-\\ ]CHANGE|feat|fix|refactor|perf|ci|docs|style|test|chore|revert|build)(\\(.+\\))?(!)?" # same as bump_pattern
+[tool.commitizen.customize.bump_map]
+"^.+!$" = "MAJOR"
+"^BREAKING[\\-\\ ]CHANGE" = "MAJOR"
+"^feat" = "MINOR"
+"^fix" = "PATCH"
+"^refactor" = "PATCH"
+"^perf" = "PATCH"
+"^ci" = "PATCH"
+"^docs" = "PATCH"
+"^style" = "PATCH"
+"^test" = "PATCH"
+"^chore" = "PATCH"
+"^revert" = "PATCH"
+"^build" = "PATCH"
+
+[tool.commitizen.customize.change_type_map]
+"feat" = "Feat"
+"fix" = "Fix"
+"refactor" = "Refactor"
+"perf" = "Perf"
+"ci" = "CI"
+"docs" = "Docs"
+"style" = "Technical"
+"test" = "Tests"
+"chore" = "Technical"
+"revert" = "Fix"
+"build" = "Technical"
+
+[[tool.commitizen.customize.questions]]
+type = "list"
+name = "prefix"
+message = "Select the type of change you are committing"
+choices = [
+    { value = "fix", name = "fix: A bug fix. Correlates with PATCH in SemVer", key = "x" },
+    { value = "feat", name = "feat: A new feature. Correlates with MINOR in SemVer", key = "f" },
+    { value = "docs", name = "docs: Documentation only changes", key = "d" },
+    { value = "style", name = "style: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)", key = "s" },
+    { value = "refactor", name = "refactor: A code change that neither fixes a bug nor adds a feature", key = "r" },
+    { value = "perf", name = "perf: A code change that improves performance", key = "p" },
+    { value = "test", name = "test: Adding missing or correcting existing tests", key = "t" },
+    { value = "build", name = "build: Changes that affect the build system or external dependencies (example scopes: pip, docker, npm)", key = "b" },
+    { value = "ci", name = "ci: Changes to our CI configuration files and scripts (example scopes: GitLabCI)", key = "c" },
+]
+
+[[tool.commitizen.customize.questions]]
+type = "input"
+name = "scope"
+message = "What is the scope of this change? ((story number, class or file name): (press [enter] to skip)\n"
+
+[[tool.commitizen.customize.questions]]
+type = "input"
+name = "subject"
+message = "Write a short and imperative summary of the code changes: (lower case and no period)\n"
+
+[[tool.commitizen.customize.questions]]
+type = "input"
+name = "body"
+message = "Provide additional contextual information about the code changes: (press [enter] to skip)\n"
+
+[[tool.commitizen.customize.questions]]
+type = "confirm"
+message = "Is this a BREAKING CHANGE? Correlates with MAJOR in SemVer"
+name = "is_breaking_change"
+default = false
+
+[[tool.commitizen.customize.questions]]
+type = "input"
+name = "footer"
+message = "Footer. Information about Breaking Changes and reference issues that this commit closes: (press [enter] to skip)\n"

.github/workflows/bumpversion.yml

@@ -33,18 +33,8 @@ jobs:
         name: Create bump and changelog
         run: |
           cz bump --yes --changelog
-          echo "version=$(cz version)" >> $GITHUB_OUTPUT
+          git push origin HEAD:main
+          git push origin --tags
 
       - name: Print Version
-        run: echo "Bumped to version ${{ steps.cz.outputs.version }}"
-
-      - name: Install uv
-        uses: astral-sh/setup-uv@7edac99f961f18b581bbd960d59d049f04c0002f # v6.4.1
-
-      - name: Update uv.lock with the latest project version
-        run: |
-          uv lock --upgrade-package lightman_ai
-          git add uv.lock
-          git commit --amend --no-edit
-          git push origin HEAD
-          git push origin --tags
+        run: echo "Bumped to version $(cz version -p)"

.github/workflows/publish.yml

@@ -91,3 +91,13 @@ jobs:
             echo "Deleting old cache version ID: $id"
             gh api -X DELETE "orgs/elementsinteractive/packages/container/lightman-ai/versions/$id"
           done
+  release_notes:
+    runs-on: ubuntu-latest
+    needs: [push_to_pypi, push_to_docker_hub]
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - name: Release
+        uses: softprops/action-gh-release@72f2c25fcb47643c292f7107632f7a47c1df5cd8 #v2.3.2
+        with:
+          generate_release_notes: true
+          token: "${{ secrets.GITHUB_TOKEN }}"

Dockerfile

@@ -37,29 +37,32 @@ ENV PATH="/root/.local/bin/:$PATH"
 # Copy dependency files
 COPY uv.lock pyproject.toml ./
 
+# Create a fake VERSION file, so that we don't break the cache because of a mismatch in that file
+RUN echo "v0.0.0" > VERSION
+
 # Install dependencies using uv (only dependencies, not the project itself)
 RUN UV_PROJECT_ENVIRONMENT=${VENV_PATH} uv sync --frozen --no-install-project --compile-bytecode
 RUN ${BIN_PATH}/python -m ensurepip
 # --------------- `final` stage --------------- 
 FROM base AS final
 
-# Set non-root user and group
-USER ${USER}:${GROUP}
-
 # Copy the virtual environment from build stage 
 COPY --from=build --chown=${USER}:${GROUP} ${VENV_PATH} ${VENV_PATH}
 
 # Set PATH to use the virtual environment
 ENV PATH="${BIN_PATH}:$PATH"
 
-# Copy pyproject.toml for package metadata
+# Copy needed files to install the package
 COPY --from=build --chown=${USER}:${GROUP} ${WORKDIR}/pyproject.toml .
+COPY --chown=${USER}:${GROUP} README.md README.md
+COPY --chown=${USER}:${GROUP} src src
 
-COPY README.md README.md
-# Copy source code
-COPY src src
+# Copy the real VERSION file
+COPY --chown=${USER}:${GROUP} VERSION .
 
-# Install the CLI tool (dependencies already installed in venv)
+# Install the CLI tool (dependencies already installed in venv) 
 RUN ${BIN_PATH}/pip3 install --no-deps .
 
+USER ${USER}:${GROUP}
+
 ENTRYPOINT [ "lightman-ai" ]

VERSION

@@ -0,0 +1 @@
+v0.18.5

pyproject.toml

@@ -17,13 +17,14 @@ dependencies = [
     "sentry-sdk>=2.21.0,<3.0.0",
 ]
 name = "lightman_ai"
-version = "0.18.5"
 description = "Cybersecurity news aggregator."
 readme = "README.md"
+dynamic = ["version"]
 
 [project.scripts]
 lightman-ai = "lightman_ai.cli:entry_point"
 
+
 [project.optional-dependencies]
 test = [
     "pytest<9.0.0,>=8.0.0",
@@ -44,8 +45,11 @@ local = [
 
 
 [build-system]
-requires = ["pdm-backend"]
-build-backend = "pdm.backend"
+requires = ["setuptools>=61.0"]
+build-backend = "setuptools.build_meta"
+
+[tool.setuptools.dynamic]
+version = {file = "VERSION"}
 
 [tool.pytest.ini_options]
 addopts = """
@@ -142,110 +146,3 @@ exclude_lines = [
     "pragma: no cover",
     "raise NotImplementedError",
 ]
-
-
-[tool.commitizen]
-version_files = ["pyproject.toml:^version"]
-name = "cz_customize"
-version = "0.18.5"
-tag_format = "v$version"
-
-[tool.commitizen.customize]
-message_template = "{{prefix}}{% if scope %}({{scope}}){% endif %}: {{subject}}{% if body %}\n\n{{body}}{% endif %}{% if is_breaking_change %}\n\nBREAKING CHANGE: {{footer}}{% else %}\n\n{{footer}}{% endif %}"
-
-bump_pattern = "^(BREAKING[\\-\\ ]CHANGE|feat|fix|refactor|perf|ci|docs|style|test|chore|revert|build)(\\(.+\\))?(!)?"
-change_type_order = [
-    "BREAKING CHANGE",
-    "Feat",
-    "Fix",
-    "Refactor",
-    "Perf",
-    "CI",
-    "Docs",
-    "Technical",
-    "Tests",
-]
-bump_message = "bump: version $current_version → $new_version"
-schema = "<type>(<scope>): <subject>\n<BLANK LINE>\n<body>\n<BLANK LINE>\n(BREAKING CHANGE: )<footer>"
-schema_pattern = "(?s)(build|ci|docs|feat|fix|perf|refactor|style|test|chore|revert|bump)(\\(\\S+\\))?!?:( [^\\n\\r]+)((\\n\\n.*)|(\\s*))?$"
-commit_parser = "^(?P<change_type>feat|fix|refactor|perf|BREAKING CHANGE|ci|docs|style|test|chore|revert|build)(?:\\((?P<scope>[^()\\r\\n]*)\\)|\\()?(?P<breaking>!)?:\\s(?P<message>.*)?"
-version_parser = "(?P<version>([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9A-Za-z-]+(?:\\.[0-9A-Za-z-]+)*))?(?:\\+[0-9A-Za-z-]+)?(\\w+)?)"
-changelog_pattern = "^(BREAKING[\\-\\ ]CHANGE|feat|fix|refactor|perf|ci|docs|style|test|chore|revert|build)(\\(.+\\))?(!)?" # same as bump_pattern
-[tool.commitizen.customize.bump_map]
-"^.+!$" = "MAJOR"
-"^BREAKING[\\-\\ ]CHANGE" = "MAJOR"
-"^feat" = "MINOR"
-"^fix" = "PATCH"
-"^refactor" = "PATCH"
-"^perf" = "PATCH"
-"^ci" = "PATCH"
-"^docs" = "PATCH"
-"^style" = "PATCH"
-"^test" = "PATCH"
-"^chore" = "PATCH"
-"^revert" = "PATCH"
-"^build" = "PATCH"
-
-[tool.commitizen.customize.change_type_map]
-"feat" = "Feat"
-"fix" = "Fix"
-"refactor" = "Refactor"
-"perf" = "Perf"
-"ci" = "CI"
-"docs" = "Docs"
-"style" = "Technical"
-"test" = "Tests"
-"chore" = "Technical"
-"revert" = "Fix"
-"build" = "Technical"
-
-[[tool.commitizen.customize.questions]]
-type = "list"
-name = "prefix"
-message = "Select the type of change you are committing"
-choices = [
-    { value = "fix", name = "fix: A bug fix. Correlates with PATCH in SemVer", key = "x" },
-    { value = "feat", name = "feat: A new feature. Correlates with MINOR in SemVer", key = "f" },
-    { value = "docs", name = "docs: Documentation only changes", key = "d" },
-    { value = "style", name = "style: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)", key = "s" },
-    { value = "refactor", name = "refactor: A code change that neither fixes a bug nor adds a feature", key = "r" },
-    { value = "perf", name = "perf: A code change that improves performance", key = "p" },
-    { value = "test", name = "test: Adding missing or correcting existing tests", key = "t" },
-    { value = "build", name = "build: Changes that affect the build system or external dependencies (example scopes: pip, docker, npm)", key = "b" },
-    { value = "ci", name = "ci: Changes to our CI configuration files and scripts (example scopes: GitLabCI)", key = "c" },
-]
-
-[[tool.commitizen.customize.questions]]
-type = "input"
-name = "scope"
-message = "What is the scope of this change? ((story number, class or file name): (press [enter] to skip)\n"
-
-[[tool.commitizen.customize.questions]]
-type = "input"
-name = "subject"
-message = "Write a short and imperative summary of the code changes: (lower case and no period)\n"
-
-[[tool.commitizen.customize.questions]]
-type = "input"
-name = "body"
-message = "Provide additional contextual information about the code changes: (press [enter] to skip)\n"
-
-[[tool.commitizen.customize.questions]]
-type = "confirm"
-message = "Is this a BREAKING CHANGE? Correlates with MAJOR in SemVer"
-name = "is_breaking_change"
-default = false
-
-[[tool.commitizen.customize.questions]]
-type = "input"
-name = "footer"
-message = "Footer. Information about Breaking Changes and reference issues that this commit closes: (press [enter] to skip)\n"
-
-# TODO: Find a way to include pyproject.toml without the version changes
-[tool.cruft]
-skip = ["pyproject.toml"]
-
-
-[[IgnoredVulns]]
-# False positive for mkdocs, more info: https://github.com/mkdocs/mkdocs/issues/2601
-id = "PYSEC-2021-878"