Update dependency https://github.com/lkubb/salt-extension-copier to v…

…0.6.0 (#94) Co-authored-by: salt-extensions-renovatebot[bot] <182623858+salt-extensions-renovatebot[bot]@users.noreply.github.com>
salt-extensions · Nov 4, 2024 · d4734ff · d4734ff
1 parent a3fd387
commit d4734ff
Show file tree

Hide file tree

Showing 15 changed files with 367 additions and 49 deletions.
diff --git a/.copier-answers.yml b/.copier-answers.yml
@@ -1,6 +1,6 @@
 # Autogenerated. Do not edit this by hand, use `copier update`.
 ---
-_commit: 0.5.2
+_commit: 0.6.0
 _src_path: https://github.com/lkubb/salt-extension-copier
 author: Salt Core Team
 author_email: [email protected]

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -47,13 +47,53 @@ jobs:
       - pre-commit
     uses: ./.github/workflows/docs-action.yml
 
+  check-prepare-release:
+    name: Check if we can prepare release PR
+    if: >-
+      github.event_name == 'push' &&
+      github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
+    needs:
+      - docs
+      - test
+    runs-on: ubuntu-24.04
+    outputs:
+      news-fragments-available: ${{ steps.check-available.outputs.available }}
+
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
+
+      - name: Check if news fragments are available
+        id: check-available
+        run: |
+          if [ -n "$(find changelog -type f -not -name '.*' -print -quit)" ]; then
+            echo "available=1" >> "$GITHUB_OUTPUT"
+          else
+            echo "available=0" >> "$GITHUB_OUTPUT"
+          fi
+
+  prepare-release:
+    name: Prepare Release PR
+    if: ${{ needs.check-prepare-release.outputs.news-fragments-available == '1' }}
+    needs:
+      - check-prepare-release
+      - docs
+      - test
+    permissions:
+      contents: write
+      pull-requests: write
+    uses: ./.github/workflows/prepare-release-action.yml
+
   deploy-docs:
     name: Deploy Docs
     uses: ./.github/workflows/deploy-docs-action.yml
-    # Only build doc deployments from the default branch of the repo and never for PRs.
+    # Only build doc deployments from the default branch of the repo and never for PRs,
+    # unless the triggering event was the release PR being merged.
     if: >-
-      github.event_name != 'pull_request' &&
       inputs.deploy-docs &&
+      (
+        github.event_name != 'pull_request' ||
+        inputs.release
+      ) &&
       github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
     needs:
       - docs

diff --git a/.github/workflows/deploy-package-action.yml b/.github/workflows/deploy-package-action.yml
@@ -30,7 +30,7 @@ jobs:
           path: dist
 
       - name: Publish distribution to Test PyPI
-        uses: pypa/gh-action-pypi-publish@c44d2f0e52f028349e3ecafbf7f32561da677277  # v1.10.3
+        uses: pypa/gh-action-pypi-publish@1bb664cc2ddedbbfdde43d4ac135d5836b7bf40f  # v1.11.0
         if: ${{ inputs.test }}
         with:
           password: ${{ secrets.TEST_PYPI_API_TOKEN }}
@@ -41,14 +41,14 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          gh release create "$GITHUB_REF_NAME" \
+          gh release create "v${{ inputs.version }}" \
               --repo="$GITHUB_REPOSITORY" \
               --title="${GITHUB_REPOSITORY#*/} ${{ inputs.version }}" \
               --generate-notes \
               dist/*
 
       - name: Publish distribution to PyPI
-        uses: pypa/gh-action-pypi-publish@c44d2f0e52f028349e3ecafbf7f32561da677277  # v1.10.3
+        uses: pypa/gh-action-pypi-publish@1bb664cc2ddedbbfdde43d4ac135d5836b7bf40f  # v1.11.0
         if: ${{ !inputs.test }}
         with:
           password: ${{ secrets.PYPI_API_TOKEN }}
diff --git a/.github/workflows/docs-action.yml b/.github/workflows/docs-action.yml
@@ -10,12 +10,12 @@ jobs:
     timeout-minutes: 10
 
     steps:
-      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871  # v4.2.1
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
         with:
           fetch-depth: 0
 
       - name: Set up Python 3.10 For Nox
-        uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3  # v5.2.0
+        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b  # v5.3.0
         with:
           python-version: "3.10"
 

diff --git a/.github/workflows/get-changed-files.yml b/.github/workflows/get-changed-files.yml
@@ -17,7 +17,7 @@ jobs:
       changed-files: ${{ toJSON(steps.changed-files.outputs) }}
 
     steps:
-      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871  # v4.2.1
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
 
       - name: Get Changed Files
         id: changed-files

diff --git a/.github/workflows/package-action.yml b/.github/workflows/package-action.yml
@@ -14,12 +14,12 @@ jobs:
     runs-on: ubuntu-24.04
 
     steps:
-      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871  # v4.2.1
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
         with:
           fetch-depth: 0
 
       - name: Set up Python 3.10
-        uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3  # v5.2.0
+        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b  # v5.3.0
         with:
           python-version: "3.10"
 

diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
@@ -10,13 +10,47 @@ on:
   pull_request:
 
 jobs:
+  # After merging the release PR, we don't want to trigger
+  # this workflow in addition to the Tagged Releases one.
+  # This pauses CI on pushes to the main branch completely.
+  check_release_in_progress:
+    name: Skip CI While Releasing
+    runs-on: ubuntu-24.04
+    if: github.event_name == 'push'
+    outputs:
+      count: ${{ steps.workflow_count.outputs.count }}
+
+    steps:
+      - name: Count Running Release Workflows Triggered by Automated PR
+        id: workflow_count
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          count="$(gh run list \
+            --repo "$GITHUB_REPOSITORY" \
+            --event pull_request \
+            --branch release/auto \
+            --workflow 'Tagged Releases' \
+            --json status \
+            --jq 'map(select(.status == ("queued","in_progress"))) | length')"
+          echo "count=$count" >> "$GITHUB_OUTPUT"
+
   call_central_workflow:
     name: CI
+    needs:
+      - check_release_in_progress
+    if: >
+      always() &&
+      github.event_name != 'push' ||
+      (
+        needs.check_release_in_progress.result == 'success' &&
+        needs.check_release_in_progress.outputs.count == '0'
+      )
     uses: ./.github/workflows/ci.yml
     with:
       deploy-docs: true
     permissions:
       contents: write
       id-token: write
       pages: write
-      pull-requests: read
+      pull-requests: write
diff --git a/.github/workflows/pre-commit-action.yml b/.github/workflows/pre-commit-action.yml
@@ -14,7 +14,7 @@ jobs:
     name: Pre-Commit
     runs-on: ubuntu-24.04
     container:
-      image: docker.io/library/python:3.10.15-slim-bookworm@sha256:1eb5d76bf3e9e612176ebf5eadf8f27ec300b7b4b9a99f5856f8232fd33aa16e
+      image: docker.io/library/python:3.10.15-slim-bookworm@sha256:eb9ca77b1a0ffbde84c1dc333beb3490a2638813cc25a339f8575668855b9ff1
 
     steps:
       - name: Install System Deps
@@ -23,7 +23,7 @@ jobs:
           apt-get install -y enchant-2 git gcc make zlib1g-dev libc-dev libffi-dev g++ libxml2 libxml2-dev libxslt-dev libcurl4-openssl-dev libssl-dev libgnutls28-dev
           git config --global --add safe.directory "$(pwd)"
 
-      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871  # v4.2.1
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
 
       - name: Install Pre-Commit
         run: |

diff --git a/.github/workflows/prepare-release-action.yml b/.github/workflows/prepare-release-action.yml
@@ -0,0 +1,65 @@
+---
+name: Prepare Release PR
+
+on:
+  workflow_call:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: Override the autogenerated version.
+        required: false
+        default: ''
+        type: string
+
+jobs:
+  update-release:
+    name: Render changelog and create/update PR
+    runs-on: ubuntu-24.04
+    if: github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
+    permissions:
+      contents: write
+      pull-requests: write
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
+
+      - name: Set up Python 3.10
+        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b  # v5.3.0
+        with:
+          python-version: '3.10'
+
+      - name: Install project
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install '.[changelog]' pre-commit
+
+      - name: Get next version
+        if: github.event_name == 'push' || inputs.version == ''
+        id: next-version
+        run: echo "version=$(python tools/version.py next)" >> "$GITHUB_OUTPUT"
+
+      - name: Update CHANGELOG.md
+        env:
+          NEXT_VERSION: ${{ (github.event_name == 'workflow_dispatch' && inputs.version != '') && inputs.version || steps.next-version.outputs.version }}
+        run: towncrier build --yes --version "${NEXT_VERSION}"
+
+      - name: Run pre-commit once to remove trailing whitespace
+        run: |
+          python -m pre_commit run --files=CHANGELOG.md || true
+
+      - name: Create/update release PR
+        uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f  # v7.0.5
+        with:
+          commit-message: Release v${{ (github.event_name == 'workflow_dispatch' && inputs.version != '') && inputs.version || steps.next-version.outputs.version }}
+          branch: release/auto
+          sign-commits: true
+          title: Release v${{ (github.event_name == 'workflow_dispatch' && inputs.version != '') && inputs.version || steps.next-version.outputs.version }}
+          body: |
+            This automated PR builds the latest changelog. When merged, a new release is published automatically.
+
+            Before merging, please ensure it's based on the most recent default branch HEAD.
+
+            If you want to rebuild this PR with a custom version or the current date, you can also trigger the corresponding workflow manually in `Actions` > `Prepare Release PR` > `Run workflow`.
+
+            You can still follow the manual release procedure outlined in: https://salt-extensions.github.io/salt-extension-copier/topics/publishing.html
diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml
@@ -5,30 +5,124 @@ on:
   push:
     tags:
       - "v*"  # Only tags starting with "v" for "v1.0.0", etc.
+  pull_request:
+    types:
+      - closed
+    paths:
+      - CHANGELOG.md
 
 jobs:
-  get_tag_version:
+  get_version_tag:
+    name: Extract version from tag
     runs-on: ubuntu-24.04
+    if: github.event_name == 'push'
     outputs:
-      version: ${{ steps.get_version.outputs.version }}
+      version: ${{ steps.get_version_tag.outputs.version }}
+
     steps:
       - name: Checkout code
-        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871  # v4.2.1
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
 
       - name: Extract tag name
-        id: get_version
+        id: get_version_tag
         run: echo "version=${GITHUB_REF#refs/tags/v}" >> "$GITHUB_OUTPUT"
 
+      - name: Ensure changelog was rendered
+        run: |
+          test "${{ steps.get_version_tag.outputs.version }}" = "$(python tools/version.py)" && \
+          test -z "$(find changelog -type f -not -name '.*' -print -quit)"
+
+  close_autopr_on_tag:
+    name: Close release PR on manual tag
+    runs-on: ubuntu-24.04
+    if: github.event_name == 'push'
+    needs:
+      - get_version_tag
+
+    steps:
+      - name: Find Pull Request
+        uses: juliangruber/find-pull-request-action@2f36c5fe1abfda4745dfab4f38217ebad8ded4eb  # v1.9.0
+        id: find-pull-request
+        with:
+          branch: release/auto
+          base: ${{ github.event.repository.default_branch }}
+          state: open
+
+      - name: Close release PR
+        if: steps.find-pull-request.outputs.number != ''
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          gh pr close \
+            --comment "This release was triggered manually as v${{ needs.get_version_tag.outputs.version }}" \
+            --delete-branch \
+            --repo "$GITHUB_REPOSITORY" \
+            "${{ steps.find-pull-request.outputs.number }}"
+
+  get_version_pr:
+    name: Extract version from merged release PR
+    runs-on: ubuntu-24.04
+    permissions:
+      contents: write  # To push the new tag. This does not cause a tag event.
+
+    # Only trigger this on closed pull requests if:
+    #   - The originating branch is from the same repository as the one running this workflow.
+    #   - The originating branch is called `release/auto`
+    #   - The PR was merged, not just closed.
+    #   - The PR targeted the default branch of the repository this workflow is running from.
+    if: >-
+      github.event_name == 'pull_request' &&
+      github.repository == github.event.pull_request.head.repo.full_name &&
+      github.head_ref == 'release/auto' &&
+      github.event.pull_request.merged == true &&
+      github.base_ref == github.event.repository.default_branch
+
+    outputs:
+      version: ${{ steps.get_version_pr.outputs.version }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
+
+      - name: Extract version of merged release PR
+        id: get_version_pr
+        run: echo "version=$(python tools/version.py)" >> "$GITHUB_OUTPUT"
+
+      - name: Ensure no news fragments are left
+        run: test -z "$(find changelog -type f -not -path '*/.*' -print -quit)"
+
+      - name: Check extracted version matches PR title
+        env:
+          TITLE: ${{ github.event.pull_request.title }}
+        run: >-
+          [[ "$TITLE" == "Release v${{ steps.get_version_pr.outputs.version }}" ]] || exit 1
+
+      - name: Create tag for release
+        uses: mathieudutour/github-tag-action@d28fa2ccfbd16e871a4bdf35e11b3ad1bd56c0c1  # v6.2
+        with:
+          github_token: ${{ github.token }}
+          custom_tag: ${{ steps.get_version_pr.outputs.version }}
+          create_annotated_tag: true
+
   call_central_workflow:
-    needs: get_tag_version
+    # Only call the central workflow if either of the above jobs report success.
+    if: >-
+      always() &&
+      (
+        needs.get_version_tag.result == 'success' ||
+        needs.get_version_pr.result == 'success'
+      )
+    needs:
+      - get_version_tag
+      - get_version_pr
     uses: ./.github/workflows/ci.yml
     with:
       deploy-docs: true
       release: true
-      version: ${{ needs.get_tag_version.outputs.version }}
+      version: ${{ github.event_name == 'push' && needs.get_version_tag.outputs.version || needs.get_version_pr.outputs.version }}
     permissions:
       contents: write
       id-token: write
       pages: write
-      pull-requests: read
+      pull-requests: write
     secrets: inherit