alan-turing-institute · JimMadge · Apr 22, 2024 · Apr 19, 2024 · Apr 19, 2024 · Apr 19, 2024
@@ -4,30 +4,6 @@ version: 2
 updates:
   # GitHub Action update PRs
   - package-ecosystem: "github-actions"
-    directory: "/"  # Checks /.github/workflows/
+    directory: "/"  # The exact logic is unclear, but it recursively searches at least .github/workflows/
     schedule:
       interval: "weekly"
-  # data_safe_haven pip dependency(pyproject.toml) update PRs
-  - package-ecosystem: "pip"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-    groups:
-      # Group all version updates into a single PR
-      all-dependencies:
-        applies-to: version-updates
-        patterns: ["*"]
-  # documentations pip dependency (pip-compile requirements.in, requirements.txt) update PRs
-  - package-ecosystem: "pip"
-    directory: "/docs/"
-    schedule:
-      interval: "monthly"
-    ignore:
-      # Don't open PRs for patch version updates for all packages
-      - update-types: ["version-update:semver-patch"]
-        dependency-name: "*"
-    groups:
-      # Group all version updates into a single PR
-      all-dependencies:
-        applies-to: version-updates
-        patterns: ["*"]
@@ -0,0 +1,23 @@
+#! /bin/sh
+set -e
+
+# Check for required arguments
+if [ "$#" -ne 2 ]; then
+    echo "Usage: update_python_dependencies [environment_name] [target]"
+    exit 1
+fi
+ENV_NAME=$1
+TARGET=$2
+
+# Check for pip-compile
+if ! command -v pip-compile > /dev/null; then
+    echo "pip-compile could not be found"
+    exit 1
+fi
+
+# Run pip-compile
+if [ "$ENV_NAME" = "default" ]; then
+    pip-compile -U pyproject.toml -o "$TARGET"
+else
+    hatch env show --json | jq -r ".${ENV_NAME}.dependencies | .[]" | pip-compile -U - -o "$TARGET"
+fi
@@ -1,5 +1,5 @@
 ---
-name: Documentation
+name: Build documentation
 
 # Run workflow on pushes to matching branches
 on:  # yamllint disable-line rule:truthy
@@ -18,16 +18,17 @@ jobs:
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
+
       - name: Setup Python
         uses: actions/setup-python@v5
         with:
           python-version: 3.12
-      - name: Install dependencies
-        run: |
-          pip install -r requirements.txt
-      - name: Sphinx build
-        run: |
-          make html SPHINXOPTS="-W"
+
+      - name: Install hatch
+        run: pip install hatch
+
+      - name: Build documentation
+        run: hatch run docs:build
 
   check_links:
     name: Check links
@@ -39,17 +40,18 @@ jobs:
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
+
       - name: Setup Python
         uses: actions/setup-python@v5
         with:
           python-version: 3.12
-      - name: Install dependencies
-        run: |
-          pip install -r requirements.txt
-      - name: Sphinx build
-        # Set warnings to be treated as errors
-        run: |
-          make html SPHINXOPTS="-W"
+
+      - name: Install hatch
+        run: pip install hatch
+
+      - name: Build documentation
+        run: hatch run docs:build
+
       - name: Link Checker
         uses: lycheeverse/[email protected]
         with:

@@ -1,5 +1,5 @@
 ---
-name: Update Pulumi Docker image versions
+name: Update Docker image versions
 
 on:  # yamllint disable-line rule:truthy
   schedule:
@@ -35,7 +35,7 @@ jobs:
 
       - name: Get current date
         id: date
-        run: echo "::set-output name=date::$(date +'%Y-%m-%d')"
+        run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
 
       - name: Create pull request
         if: ${{ ! env.ACT }}

@@ -3,10 +3,8 @@ name: Update package versions
 
 # Run workflow on pushes to matching branches
 on:  # yamllint disable-line rule:truthy
-  push:
-    branches: [develop]
   schedule:
-    - cron: "0 0 */7 * *"  # run once per week
+    - cron: "0 3 * * 1"  # run at 3:00 every Monday
   workflow_dispatch:  # allow this workflow to be manually triggered
 
 # checkout needs 'contents:read'
@@ -50,7 +48,7 @@ jobs:
 
       - name: Get current date
         id: date
-        run: echo "::set-output name=date::$(date +'%Y-%m-%d')"
+        run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
 
       - name: Create pull request
         if: ${{ ! env.ACT }}

@@ -0,0 +1,65 @@
+---
+name: Update Python dependencies
+
+# Run workflow on pushes to matching branches
+on:  # yamllint disable-line rule:truthy
+  schedule:
+    - cron: "0 3 * * 1"  # run at 3:00 every Monday
+  workflow_dispatch:  # allow this workflow to be manually triggered
+
+
+jobs:
+  update_python_dependencies:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: 3.12
+
+      - name: Install dependencies
+        run: pip install hatch pip-tools
+
+      - name: Update 'default' dependencies
+        run: .github/scripts/update_python_dependencies.sh default requirements.txt
+
+      - name: Update 'docs' dependencies
+        run: .github/scripts/update_python_dependencies.sh docs docs/requirements.txt
+
+      - name: Check for changes
+        shell: bash
+        run: git --no-pager diff -- .
+
+      - name: Get current date
+        id: date
+        run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
+
+      - name: Create pull request
+        if: ${{ ! env.ACT }}
+        id: pull-request
+        uses: peter-evans/[email protected]
+        with:
+          commit-message: Update Python dependencies
+          committer: GitHub Actions <[email protected]>
+          author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com>
+          base: develop
+          branch: python-dependencies
+          delete-branch: true
+          title: Update Python dependencies
+          body: |
+            ### :arrow_heading_up: Summary
+            - Apply Python dependency diff from ${{ github.sha }} on ${{ steps.date.outputs.date }}
+
+            ### :closed_umbrella: Related issues
+            None
+
+            ### :microscope: Tests
+            Package versions only
+          labels: |
+            affected: developers
+            severity: minor
+            type: enhancement
+          draft: false
@@ -58,6 +58,22 @@ path = "data_safe_haven/version.py"
 [tool.hatch.envs.default]
 pre-install-commands = ["pip install -r requirements.txt"]
 
+[tool.hatch.envs.docs]
+detached = true
+dependencies = [
+  "emoji>=2.10.0",
+  "myst-parser>=2.0.0",
+  "pydata-sphinx-theme>=0.15.0",
+  "Sphinx>=7.3.0",
+]
+pre-install-commands = ["pip install -r docs/requirements.txt"]
+
+[tool.hatch.envs.docs.scripts]
+build = [
+  # Treat warnings as errors
+  "make -C docs html SPHINXOPTS='-W'"
+]
+
 [tool.hatch.envs.lint]
 detached = true
 dependencies = [