From 8d0fc8b65cecc46cbd46104c6261f3a52a5d52d5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Apr 2024 00:25:58 +0000 Subject: [PATCH 1/3] chore(deps): bump black from 24.4.1 to 24.4.2 Bumps [black](https://github.com/psf/black) from 24.4.1 to 24.4.2. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](https://github.com/psf/black/compare/24.4.1...24.4.2) --- updated-dependencies: - dependency-name: black dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- requirements-test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-test.txt b/requirements-test.txt index d0e4e85..1cc7986 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -1,4 +1,4 @@ -black==24.4.1 +black==24.4.2 flake8==7.0.0 mypy==1.10.0 mypy-extensions==1.0.0 From f7b7e1a0cddbc9fb9b7ee1aa9241e334e29c99b5 Mon Sep 17 00:00:00 2001 From: jmeridth Date: Tue, 30 Apr 2024 00:58:33 -0500 Subject: [PATCH 2/3] feat: release on specific labels Related to https://github.com/github/github-ospo/issues/105 Only generate a release and new action container images if our semver related labels (`breaking`, `enhancement`, `fix`) or the `release` label are used on a merged pull request. Changed from push (merge) on main branch to release generation happening when a pull_request is merged to main branch. This gives us access to the pull requests labels without having to make API cals. Currently we'd still need to label a pull request with `release` if it is a dependabot or manual pull request related to a CVE or security fix. - [x] update CONTRIBUTING.md with new release information - [x] manually add `vuln` and `release` labels to repository Signed-off-by: jmeridth --- .github/release-drafter.yml | 2 +- .github/workflows/release.yml | 14 +++++++++++++- CONTRIBUTING.md | 4 +++- 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml index 69471a0..ca2240e 100644 --- a/.github/release-drafter.yml +++ b/.github/release-drafter.yml @@ -35,9 +35,9 @@ version-resolver: minor: labels: - 'enhancement' + - 'fix' patch: labels: - - 'fix' - 'documentation' - 'maintenance' default: patch diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 13e91cf..15b644e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,7 +3,9 @@ on: workflow_dispatch: - push: + pull_request: + types: + - closed branches: - main @@ -12,6 +14,16 @@ jobs: create_release: + # release if + # manual deployment OR + # merged to main and labelled with release labels + if: | + (github.event_name == 'workflow_dispatch') || + (github.event.pull_request.merged == true && + (contains(github.event.pull_request.labels.*.name, 'breaking') || + contains(github.event.pull_request.labels.*.name, 'enhancement') || + contains(github.event.pull_request.labels.*.name, 'vuln') || + contains(github.event.pull_request.labels.*.name, 'release'))) outputs: full-tag: ${{ steps.release-drafter.outputs.tag_name }} short-tag: ${{ steps.get_tag_name.outputs.SHORT_TAG }} diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index dbb42bd..22fd416 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -78,4 +78,6 @@ We are using [Conventional Commits](https://www.conventionalcommits.org/en/v1.0. ## Releases -Releases are automated but if you need to manually initiate a release you can do so through the GitHub Actions UI. If you have permissions to do so, you can navigate to the [Actions tab](https://github.com/github/contributors/actions/workflows/release.yml) and select the `Run workflow` button. This will allow you to select the branch to release from and the version to release. +Releases are automated if a pull request is labelled with our [SemVer related labels](.github/release-drafter.yml) or with the `vuln` or `release` labels. + +You can also manually initiate a release you can do so through the GitHub Actions UI. If you have permissions to do so, you can navigate to the [Actions tab](https://github.com/github/contributors/actions/workflows/release.yml) and select the `Run workflow` button. This will allow you to select the branch to release from and the version to release. From bac833873385f2807180221c01a603824c23c321 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 30 Apr 2024 16:38:27 +0000 Subject: [PATCH 3/3] chore(deps): bump pytest from 8.1.1 to 8.2.0 Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.1.1 to 8.2.0. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest/compare/8.1.1...8.2.0) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements-test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-test.txt b/requirements-test.txt index 1cc7986..7032eac 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -3,6 +3,6 @@ flake8==7.0.0 mypy==1.10.0 mypy-extensions==1.0.0 pylint==3.1.0 -pytest==8.1.1 +pytest==8.2.0 pytest-cov==5.0.0 types-requests==2.31.0.20240406