From cf99c79758677140f79eb271ca6e295883cb469b Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 14 Aug 2025 13:28:43 -0500 Subject: [PATCH 01/11] PYTHON-5349 Use drivers-evergreen-tools to start servers in GitHub Actions --- .github/workflows/test-python.yml | 39 ++++++++++++++++++------------- 1 file changed, 23 insertions(+), 16 deletions(-) diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index b7b8fb5062..ce3c27b547 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -50,13 +50,17 @@ jobs: cppcheck pymongo build: - # supercharge/mongodb-github-action requires containers so we don't test other platforms runs-on: ${{ matrix.os }} strategy: fail-fast: false matrix: os: [ubuntu-latest] - python-version: ["3.9", "pypy-3.10", "3.13", "3.13t"] + python-version: ["3.9", "pypy-3.10", "3.13t"] + include: + - os: windows-latest + python-version: "3.13" + - os: macos-latest + python-version: "3.10" name: CPython ${{ matrix.python-version }}-${{ matrix.os }} steps: - uses: actions/checkout@v4 @@ -71,10 +75,11 @@ jobs: python-version: ${{ matrix.python-version }} - name: Install dependencies run: just install - - name: Start MongoDB - uses: supercharge/mongodb-github-action@90004df786821b6308fb02299e5835d0dae05d0d # 1.12.0 + - id: setup-mongodb + uses: mongodb-labs/drivers-evergreen-tools@master with: - mongodb-version: 6.0 + version: 6.0 + topology: replica_set - name: Run tests run: just test @@ -92,10 +97,10 @@ jobs: with: enable-cache: true python-version: "3.9" - - name: Start MongoDB - uses: supercharge/mongodb-github-action@90004df786821b6308fb02299e5835d0dae05d0d # 1.12.0 + - id: setup-mongodb + uses: mongodb-labs/drivers-evergreen-tools@master with: - mongodb-version: '8.0.0-rc4' + version: 8.0 - name: Install dependencies run: just install - name: Run tests @@ -210,8 +215,8 @@ jobs: cache-dependency-path: 'sdist/test/pyproject.toml' # Test sdist on lowest supported Python python-version: '3.9' - - name: Start MongoDB - uses: supercharge/mongodb-github-action@90004df786821b6308fb02299e5835d0dae05d0d # 1.12.0 + - id: setup-mongodb + uses: mongodb-labs/drivers-evergreen-tools@master - name: Run connect test from sdist shell: bash run: | @@ -234,10 +239,11 @@ jobs: uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v5 with: python-version: '3.9' - - name: Start MongoDB - uses: supercharge/mongodb-github-action@90004df786821b6308fb02299e5835d0dae05d0d # 1.12.0 + - id: setup-mongodb + uses: mongodb-labs/drivers-evergreen-tools@master with: - mongodb-version: 6.0 + version: 6.0 + topology: replica_set # Async and our test_dns do not support dnspython 1.X, so we don't run async or dns tests here - name: Run tests shell: bash @@ -260,10 +266,11 @@ jobs: uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v5 with: python-version: '3.9' - - name: Start MongoDB - uses: supercharge/mongodb-github-action@90004df786821b6308fb02299e5835d0dae05d0d # 1.12.0 + - id: setup-mongodb + uses: mongodb-labs/drivers-evergreen-tools@master with: - mongodb-version: 6.0 + version: 6.0 + topology: replica_set # The lifetime kwarg we use in srv resolution was added to the async resolver API in dnspython 2.1.0 - name: Run tests shell: bash From 3dcbea90c36f5529b00ecd69051d2a05c83de73f Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 14 Aug 2025 13:30:18 -0500 Subject: [PATCH 02/11] fix version spec --- .github/workflows/test-python.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index ce3c27b547..15a06f61a4 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -78,7 +78,7 @@ jobs: - id: setup-mongodb uses: mongodb-labs/drivers-evergreen-tools@master with: - version: 6.0 + version: "6.0" topology: replica_set - name: Run tests run: just test @@ -100,7 +100,7 @@ jobs: - id: setup-mongodb uses: mongodb-labs/drivers-evergreen-tools@master with: - version: 8.0 + version: "8.0" - name: Install dependencies run: just install - name: Run tests @@ -242,7 +242,7 @@ jobs: - id: setup-mongodb uses: mongodb-labs/drivers-evergreen-tools@master with: - version: 6.0 + version: "6.0" topology: replica_set # Async and our test_dns do not support dnspython 1.X, so we don't run async or dns tests here - name: Run tests @@ -269,7 +269,7 @@ jobs: - id: setup-mongodb uses: mongodb-labs/drivers-evergreen-tools@master with: - version: 6.0 + version: "6.0" topology: replica_set # The lifetime kwarg we use in srv resolution was added to the async resolver API in dnspython 2.1.0 - name: Run tests From 728538dd19ea4eedc3bb674ca677791d3ccf8dc9 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 14 Aug 2025 13:33:29 -0500 Subject: [PATCH 03/11] update mongodb version --- .github/workflows/test-python.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index 15a06f61a4..f2f09613b7 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -56,11 +56,14 @@ jobs: matrix: os: [ubuntu-latest] python-version: ["3.9", "pypy-3.10", "3.13t"] + mongodb-version: ["8.0"] include: - os: windows-latest python-version: "3.13" + mongodb-version: "8.0" - os: macos-latest python-version: "3.10" + name: CPython ${{ matrix.python-version }}-${{ matrix.os }} steps: - uses: actions/checkout@v4 @@ -78,7 +81,7 @@ jobs: - id: setup-mongodb uses: mongodb-labs/drivers-evergreen-tools@master with: - version: "6.0" + version: "${{ matrix.mongodb-version }}" topology: replica_set - name: Run tests run: just test From 073e198fa345f3913a47171313b271148c1987b8 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 14 Aug 2025 13:37:59 -0500 Subject: [PATCH 04/11] cleanup --- .github/workflows/test-python.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index f2f09613b7..cb2e67e50e 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -24,6 +24,11 @@ jobs: persist-credentials: false - name: Install just uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v3 + - name: Install python + uses: actions/setup-python@v5 + with: + cache: 'pip' + python-version: 3.9 - name: Install uv uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v5 with: @@ -245,7 +250,7 @@ jobs: - id: setup-mongodb uses: mongodb-labs/drivers-evergreen-tools@master with: - version: "6.0" + version: "8.0" topology: replica_set # Async and our test_dns do not support dnspython 1.X, so we don't run async or dns tests here - name: Run tests @@ -272,7 +277,7 @@ jobs: - id: setup-mongodb uses: mongodb-labs/drivers-evergreen-tools@master with: - version: "6.0" + version: "8.0" topology: replica_set # The lifetime kwarg we use in srv resolution was added to the async resolver API in dnspython 2.1.0 - name: Run tests From 9d9d2aad0f4483ddd81e94cdfa01aee09fe3b36c Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 14 Aug 2025 13:40:26 -0500 Subject: [PATCH 05/11] cleanup --- .github/workflows/test-python.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index cb2e67e50e..f00712f422 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -24,11 +24,6 @@ jobs: persist-credentials: false - name: Install just uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v3 - - name: Install python - uses: actions/setup-python@v5 - with: - cache: 'pip' - python-version: 3.9 - name: Install uv uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v5 with: @@ -74,6 +69,11 @@ jobs: - uses: actions/checkout@v4 with: persist-credentials: false + - name: Install python + uses: actions/setup-python@v5 + with: + cache: 'pip' + python-version: 3.9 - name: Install just uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v3 - name: Install uv From 10e26286a2c94845c079510e534d234cae6f3521 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 14 Aug 2025 13:47:25 -0500 Subject: [PATCH 06/11] add zizmor config and debug --- .evergreen/scripts/setup-dev-env.sh | 2 +- .github/zizmor.yml | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 .github/zizmor.yml diff --git a/.evergreen/scripts/setup-dev-env.sh b/.evergreen/scripts/setup-dev-env.sh index 6e6b5965bd..54548c3923 100755 --- a/.evergreen/scripts/setup-dev-env.sh +++ b/.evergreen/scripts/setup-dev-env.sh @@ -1,6 +1,6 @@ #!/bin/bash # Set up a development environment on an evergreen host. -set -eu +set -eux HERE=$(dirname ${BASH_SOURCE:-$0}) HERE="$( cd -- "$HERE" > /dev/null 2>&1 && pwd )" diff --git a/.github/zizmor.yml b/.github/zizmor.yml new file mode 100644 index 0000000000..10fd4cdfcf --- /dev/null +++ b/.github/zizmor.yml @@ -0,0 +1,7 @@ +rules: + unpinned-uses: + config: + policies: + actions/*: ref-pin + mongodb-labs/drivers-github-tools/*: ref-pin + mongodb-labs/drivers-evergreen-tools: ref-pin From 3b3b1d500289f72a1296369d1609eeef4a480b78 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 14 Aug 2025 13:56:17 -0500 Subject: [PATCH 07/11] fix shell --- .evergreen/scripts/setup-dev-env.sh | 2 +- .github/workflows/test-python.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.evergreen/scripts/setup-dev-env.sh b/.evergreen/scripts/setup-dev-env.sh index 54548c3923..6e6b5965bd 100755 --- a/.evergreen/scripts/setup-dev-env.sh +++ b/.evergreen/scripts/setup-dev-env.sh @@ -1,6 +1,6 @@ #!/bin/bash # Set up a development environment on an evergreen host. -set -eux +set -eu HERE=$(dirname ${BASH_SOURCE:-$0}) HERE="$( cd -- "$HERE" > /dev/null 2>&1 && pwd )" diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index f00712f422..abc076bd3f 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -82,6 +82,7 @@ jobs: enable-cache: true python-version: ${{ matrix.python-version }} - name: Install dependencies + shell: bash run: just install - id: setup-mongodb uses: mongodb-labs/drivers-evergreen-tools@master From 17a4b63c56d2b5f7443b3d7cfc30d818bf9853ae Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 14 Aug 2025 14:03:25 -0500 Subject: [PATCH 08/11] cleanup --- .github/workflows/test-python.yml | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index abc076bd3f..91b36cd97e 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -69,28 +69,18 @@ jobs: - uses: actions/checkout@v4 with: persist-credentials: false - - name: Install python - uses: actions/setup-python@v5 - with: - cache: 'pip' - python-version: 3.9 - - name: Install just - uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v3 - name: Install uv uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v5 with: enable-cache: true python-version: ${{ matrix.python-version }} - - name: Install dependencies - shell: bash - run: just install - id: setup-mongodb uses: mongodb-labs/drivers-evergreen-tools@master with: version: "${{ matrix.mongodb-version }}" topology: replica_set - name: Run tests - run: just test + run: uv run --extra test pytest -v doctest: runs-on: ubuntu-latest From 9a192df01a14a4f9fee051a3854f96bec51151fc Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 14 Aug 2025 16:29:31 -0500 Subject: [PATCH 09/11] do not use rs --- .github/workflows/test-python.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index 91b36cd97e..c6d9e68853 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -78,7 +78,6 @@ jobs: uses: mongodb-labs/drivers-evergreen-tools@master with: version: "${{ matrix.mongodb-version }}" - topology: replica_set - name: Run tests run: uv run --extra test pytest -v @@ -242,7 +241,6 @@ jobs: uses: mongodb-labs/drivers-evergreen-tools@master with: version: "8.0" - topology: replica_set # Async and our test_dns do not support dnspython 1.X, so we don't run async or dns tests here - name: Run tests shell: bash @@ -269,7 +267,6 @@ jobs: uses: mongodb-labs/drivers-evergreen-tools@master with: version: "8.0" - topology: replica_set # The lifetime kwarg we use in srv resolution was added to the async resolver API in dnspython 2.1.0 - name: Run tests shell: bash From fef4395e28bd50cd505cbe0b5e52dfd360c89052 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 14 Aug 2025 19:34:55 -0500 Subject: [PATCH 10/11] remove macos test --- .github/workflows/test-python.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index c6d9e68853..d299713cff 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -61,8 +61,6 @@ jobs: - os: windows-latest python-version: "3.13" mongodb-version: "8.0" - - os: macos-latest - python-version: "3.10" name: CPython ${{ matrix.python-version }}-${{ matrix.os }} steps: From b8f134783ee8eb584c29e592afb00e631ea8d4ee Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 14 Aug 2025 19:52:05 -0500 Subject: [PATCH 11/11] only use ubuntu --- .github/workflows/test-python.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index d299713cff..96729e3a6e 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -54,13 +54,10 @@ jobs: strategy: fail-fast: false matrix: + # Tests currently only pass on ubuntu on GitHub Actions. os: [ubuntu-latest] python-version: ["3.9", "pypy-3.10", "3.13t"] mongodb-version: ["8.0"] - include: - - os: windows-latest - python-version: "3.13" - mongodb-version: "8.0" name: CPython ${{ matrix.python-version }}-${{ matrix.os }} steps: