[CI] Automatic dependency updates

.github/dependabot.yaml

@@ -1,17 +1,40 @@
-# To get started with Dependabot version updates, you'll need to specify which
-# package ecosystems to update and where the package manifests are located.
-# Please see the documentation for all configuration options:
-# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+# Dependabot configuration for automated dependency updates
+# See: https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
 
 version: 2
 updates:
-  - package-ecosystem: "pip" # See documentation for possible values
-    directory: "/" # Location of package manifests
+  - package-ecosystem: "pip"
+    directory: "/"
     schedule:
       interval: "weekly"
+      day: "monday"
+      time: "09:00"
+      timezone: "Asia/Jerusalem"
+    groups:
+      python-dependencies:
+        patterns:
+          - "*"
+    commit-message:
+      prefix: "deps"
+    labels:
+      - "dependencies"
+      - "python"
+    open-pull-requests-limit: 5
+
   - package-ecosystem: "github-actions"
-    # Workflow files stored in the default location of `.github/workflows`. (You don't need to specify `/.github/workflows` for `directory`. You can use `directory: "/"`.)
     directory: "/"
     schedule:
-      # Check for updates to GitHub Actions every weekday
       interval: "weekly"
+      day: "monday"
+      time: "09:00"
+      timezone: "Asia/Jerusalem"
+    groups:
+      github-actions:
+        patterns:
+          - "*"
+    commit-message:
+      prefix: "ci"
+    labels:
+      - "dependencies"
+      - "github-actions"
+    open-pull-requests-limit: 5

.github/workflows/ci.yml

@@ -0,0 +1,105 @@
+name: CI
+
+on:
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+    name: Test (Python ${{ matrix.python-version }})
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        python-version: ["3.9", "3.10", "3.11", "3.12", "3.13", "3.14"]
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+          cache: "pip"
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+          pip install pytest pytest-cov future requests
+
+      - name: Install package in development mode
+        run: pip install -e .
+
+      - name: Run unit tests with coverage
+        run: |
+          pytest --cov-report=term-missing --cov=logzio tests/ -v --ignore=tests/e2e/
+
+      - name: Upload coverage report
+        if: matrix.python-version == '3.11'
+        uses: actions/upload-artifact@v4
+        with:
+          name: coverage-report
+          path: .coverage
+          retention-days: 5
+
+  e2e-integration:
+    name: E2E Integration Test
+    runs-on: ubuntu-latest
+    needs: [test]
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+          cache: "pip"
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+          pip install pytest requests
+
+      - name: Install package in development mode
+        run: pip install -e .
+
+      - name: Generate unique ENV_ID
+        id: env-id
+        run: echo "value=e2e-${{ github.run_id }}-${{ github.run_attempt }}" >> $GITHUB_OUTPUT
+
+      - name: Run E2E integration test
+        env:
+          LOGZIO_TOKEN: ${{ secrets.LOGZIO_TOKEN }}
+          LOGZIO_API_KEY: ${{ secrets.LOGZIO_API_KEY }}
+          ENV_ID: ${{ steps.env-id.outputs.value }}
+        run: |
+          pytest tests/e2e/test_logzio_e2e.py -v --tb=long
+
+  ci-success:
+    name: CI Success
+    runs-on: ubuntu-latest
+    needs: [test, e2e-integration]
+    if: always()
+    steps:
+      - name: Check all jobs passed
+        run: |
+          if [[ "${{ needs.test.result }}" != "success" ]]; then
+            echo "Test job failed"
+            exit 1
+          fi
+          if [[ "${{ needs.e2e-integration.result }}" != "success" ]]; then
+            echo "E2E integration job failed"
+            exit 1
+          fi
+          echo "All CI checks passed! ✅"

.github/workflows/dependabot-automerge.yml

@@ -0,0 +1,52 @@
+name: Dependabot Auto-Merge
+
+# This workflow runs AFTER CI completes for Dependabot PRs.
+# It waits for CI to pass, then enables auto-merge.
+
+on:
+  workflow_run:
+    workflows: ["CI"]
+    types:
+      - completed
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  auto-merge:
+    name: Auto-Merge Dependabot PR
+    runs-on: ubuntu-latest
+    # Run if:
+    # 1. CI passed
+    # 2. It was triggered by Dependabot
+    # 3. It was a pull request
+    if: |
+      github.event.workflow_run.conclusion == 'success' &&
+      github.event.workflow_run.actor.login == 'dependabot[bot]' &&
+      github.event.workflow_run.event == 'pull_request'
+
+    steps:
+      - name: Checkout for metadata
+        uses: actions/checkout@v4
+
+      - name: Fetch Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v2
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+
+      - name: Auto-merge patch/minor updates
+        if: |
+          steps.metadata.outputs.update-type == 'version-update:semver-patch' ||
+          steps.metadata.outputs.update-type == 'version-update:semver-minor'
+        run: |
+          echo "Enabling auto-merge for ${{ steps.metadata.outputs.dependency-names }} (${{ steps.metadata.outputs.update-type }})"
+          gh pr merge --auto --merge "${{ github.event.workflow_run.head_branch }}"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Skip major updates
+        if: steps.metadata.outputs.update-type == 'version-update:semver-major'
+        run: |
+          echo "Major version update for ${{ steps.metadata.outputs.dependency-names }} - review required"

.github/workflows/dependabot-notifications.yml

@@ -0,0 +1,142 @@
+name: Dependabot Notifications
+
+# This workflow sends Slack notifications when CI completes for Dependabot PRs.
+# It uses workflow_run to trigger AFTER the CI workflow finishes.
+
+
+on:
+  workflow_run:
+    workflows: ["CI"]
+    types:
+      - completed
+
+permissions:
+  contents: read
+  pull-requests: read
+  actions: read
+
+jobs:
+  notify-success:
+    name: Notify Success
+    runs-on: ubuntu-latest
+    if: |
+      github.event.workflow_run.conclusion == 'success' &&
+      github.event.workflow_run.actor.login == 'dependabot[bot]'
+
+    steps:
+      - name: Get PR information
+        id: pr-info
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const { data: pullRequests } = await github.rest.pulls.list({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              state: 'open',
+              head: `${context.repo.owner}:${context.payload.workflow_run.head_branch}`
+            });
+
+            if (pullRequests.length > 0) {
+              const pr = pullRequests[0];
+              core.setOutput('pr_number', pr.number);
+              core.setOutput('pr_title', pr.title);
+              core.setOutput('pr_url', pr.html_url);
+              core.setOutput('found', 'true');
+            } else {
+              core.setOutput('found', 'false');
+            }
+
+      - name: Send Slack notification (Success)
+        if: steps.pr-info.outputs.found == 'true'
+        uses: rtCamp/action-slack-notify@v2
+        env:
+          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
+          SLACK_COLOR: "#36a64f"
+          SLACK_USERNAME: "Dependabot"
+          SLACK_ICON: "https://avatars.githubusercontent.com/in/29110?s=64&v=4"
+          SLACK_TITLE: "✅ Dependabot Update - CI Passed"
+          SLACK_MESSAGE: |
+            *Repository:* ${{ github.repository }}
+            *PR:* <${{ steps.pr-info.outputs.pr_url }}|#${{ steps.pr-info.outputs.pr_number }}> ${{ steps.pr-info.outputs.pr_title }}
+            *Status:* All CI checks passed! Auto-merge has been enabled.
+
+            The PR will be automatically merged once all branch protection requirements are satisfied.
+          SLACK_FOOTER: "logzio-python-handler CI"
+
+
+  notify-failure:
+    name: Notify Failure
+    runs-on: ubuntu-latest
+    if: |
+      github.event.workflow_run.conclusion == 'failure' &&
+      github.event.workflow_run.actor.login == 'dependabot[bot]'
+
+    steps:
+      - name: Get PR information
+        id: pr-info
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const { data: pullRequests } = await github.rest.pulls.list({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              state: 'open',
+              head: `${context.repo.owner}:${context.payload.workflow_run.head_branch}`
+            });
+
+            if (pullRequests.length > 0) {
+              const pr = pullRequests[0];
+              core.setOutput('pr_number', pr.number);
+              core.setOutput('pr_title', pr.title);
+              core.setOutput('pr_url', pr.html_url);
+              core.setOutput('found', 'true');
+            } else {
+              core.setOutput('found', 'false');
+            }
+
+      - name: Get workflow run URL
+        id: run-url
+        run: |
+          echo "url=${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.event.workflow_run.id }}" >> $GITHUB_OUTPUT
+
+      - name: Send Slack notification (Failure)
+        if: steps.pr-info.outputs.found == 'true'
+        uses: rtCamp/action-slack-notify@v2
+        env:
+          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
+          SLACK_COLOR: "#ff0000"
+          SLACK_USERNAME: "Dependabot"
+          SLACK_ICON: "https://avatars.githubusercontent.com/in/29110?s=64&v=4"
+          SLACK_TITLE: "🚨 Dependabot Update - CI Failed"
+          SLACK_MESSAGE: |
+            *Repository:* ${{ github.repository }}
+            *PR:* <${{ steps.pr-info.outputs.pr_url }}|#${{ steps.pr-info.outputs.pr_number }}> ${{ steps.pr-info.outputs.pr_title }}
+            *Status:* CI checks failed - manual intervention required!
+
+            <${{ steps.run-url.outputs.url }}|View CI Run> to investigate the failure.
+          SLACK_FOOTER: "logzio-python-handler CI"
+
+  notify-merged:
+    name: Notify Merged
+    runs-on: ubuntu-latest
+    if: |
+      github.event.workflow_run.conclusion == 'success' &&
+      github.event.workflow_run.event == 'push' &&
+      contains(github.event.workflow_run.head_commit.message, 'dependabot')
+
+    steps:
+      - name: Send Slack notification (Merged)
+        uses: rtCamp/action-slack-notify@v2
+        env:
+          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
+          SLACK_COLOR: "#2eb886"
+          SLACK_USERNAME: "Dependabot"
+          SLACK_ICON: "https://avatars.githubusercontent.com/in/29110?s=64&v=4"
+          SLACK_TITLE: "🎉 Dependencies Updated Successfully"
+          SLACK_MESSAGE: |
+            *Repository:* ${{ github.repository }}
+            *Commit:* <${{ github.server_url }}/${{ github.repository }}/commit/${{ github.event.workflow_run.head_sha }}|${{ github.event.workflow_run.head_sha }}>
+
+            Dependabot updates have been merged and CI passed on main branch.
+          SLACK_FOOTER: "logzio-python-handler CI"
+

README.md

@@ -40,7 +40,7 @@ pip install logzio-python-handler[opentelemetry-logging]
 
 ## Tested Python Versions
 
-Travis CI will build this handler and test against:
+CI will build this handler and test against:
 
 - "3.5"
 - "3.6"
@@ -49,6 +49,9 @@ Travis CI will build this handler and test against:
 - "3.9"
 - "3.10"
 - "3.11"
+- "3.12"
+- "3.13"
+- "3.14"
 
 We can't ensure compatibility to any other version, as we can't test it automatically.