Use Dependabot to manage Poetry dependency #31
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Check Poetry | |
on: | |
create: | |
push: | |
paths: | |
- ".github/workflows/check-poetry-task.ya?ml" | |
- "**/poetry.lock" | |
- "**/pyproject.toml" | |
- "Taskfile.ya?ml" | |
pull_request: | |
paths: | |
- ".github/workflows/check-poetry-task.ya?ml" | |
- "**/poetry.lock" | |
- "**/pyproject.toml" | |
- "Taskfile.ya?ml" | |
schedule: | |
# Run periodically to catch breakage caused by external changes. | |
- cron: "0 11 * * THU" | |
workflow_dispatch: | |
repository_dispatch: | |
jobs: | |
run-determination: | |
runs-on: ubuntu-latest | |
permissions: {} | |
outputs: | |
result: ${{ steps.determination.outputs.result }} | |
steps: | |
- name: Determine if the rest of the workflow should run | |
id: determination | |
run: | | |
RELEASE_BRANCH_REGEX="refs/heads/[0-9]+.[0-9]+.x" | |
# The `create` event trigger doesn't support `branches` filters, so it's necessary to use Bash instead. | |
if [[ | |
"${{ github.event_name }}" != "create" || | |
"${{ github.ref }}" =~ $RELEASE_BRANCH_REGEX | |
]]; then | |
# Run the other jobs. | |
RESULT="true" | |
else | |
# There is no need to run the other jobs. | |
RESULT="false" | |
fi | |
echo "result=$RESULT" >> $GITHUB_OUTPUT | |
validate: | |
needs: run-determination | |
if: needs.run-determination.outputs.result == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Install Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version-file: pyproject.toml | |
- name: Install Poetry | |
run: | | |
pipx install \ | |
--python "$(which python)" \ | |
"poetry==$( \ | |
yq \ | |
--input-format toml \ | |
--output-format yaml \ | |
'.tool.poetry.group.pipx.dependencies.poetry' \ | |
< pyproject.toml | |
)" | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version-file: go.mod | |
- name: Install Task | |
run: | | |
go \ | |
install \ | |
github.com/go-task/task/v3/cmd/task | |
- name: Validate pyproject.toml | |
run: task poetry:validate | |
check-sync: | |
needs: run-determination | |
if: needs.run-determination.outputs.result == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Install Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version-file: pyproject.toml | |
- name: Install Poetry | |
run: | | |
pipx install \ | |
--python "$(which python)" \ | |
"poetry==$( \ | |
yq \ | |
--input-format toml \ | |
--output-format yaml \ | |
'.tool.poetry.group.pipx.dependencies.poetry' \ | |
< pyproject.toml | |
)" | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version-file: go.mod | |
- name: Install Task | |
run: | | |
go \ | |
install \ | |
github.com/go-task/task/v3/cmd/task | |
- name: Sync lockfile | |
run: task poetry:sync | |
- name: Check if lockfile was out of sync | |
run: | | |
git \ | |
diff \ | |
--color \ | |
--exit-code \ | |
poetry.lock |