refactor: Change the update dependencies workflow to no longer only r…

…un for dependabot
tektronix · Sep 3, 2024 · 3f8050f · 3f8050f
1 parent 9c290ac
commit 3f8050f
Show file tree

Hide file tree

Showing 9 changed files with 21 additions and 11 deletions.
diff --git a/.github/renovate.json b/.github/renovate.json
@@ -0,0 +1,7 @@
+{
+    "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+    "dependencyDashboard": true,
+    "extends": [
+        "config:best-practices"
+    ]
+}
diff --git a/.github/workflows/_reusable-enforce-community-standards.yml b/.github/workflows/_reusable-enforce-community-standards.yml
@@ -18,7 +18,7 @@ jobs:
           - .github/ISSUE_TEMPLATE/bug_report.@(yml|yaml)
           - .github/ISSUE_TEMPLATE/feature_request.@(yml|yaml)
           - .github/PULL_REQUEST_TEMPLATE.md
-          - .github/dependabot.@(yml|yaml)
+          - .github/@(dependabot.@(yml|yaml)|renovate.json)
           - .github/workflows/codeql-analysis.@(yml|yaml)
     steps:
       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332  # v4.1.7

diff --git a/.github/workflows/_reusable-update-python-and-pre-commit-dependencies.yml b/.github/workflows/_reusable-update-python-and-pre-commit-dependencies.yml
@@ -62,7 +62,6 @@ jobs:
   update-python-and-pre-commit-deps:
     name: Update python linters and pre-commit dependencies
     runs-on: ubuntu-latest
-    if: ${{ github.actor == 'dependabot[bot]' && contains(github.head_ref, '/pip/') }}
     permissions:
       contents: write
     steps:
@@ -102,7 +101,7 @@ jobs:
           export-dependency-groups: ${{ inputs.export-dependency-groups }}
       - uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842  # v5.0.1
         with:
-          commit_message: 'chore: Update python linters and pre-commit dependencies.'
+          commit_message: 'chore: Update dependencies.'
           commit_user_name: ${{ inputs.commit-user-name }}
           commit_user_email: ${{ inputs.commit-user-email }}
           commit_author: ${{ inputs.commit-user-name }} <${{ inputs.commit-user-email }}>
diff --git a/.github/workflows/update-python-and-pre-commit-dependencies.yml b/.github/workflows/update-python-and-pre-commit-dependencies.yml
@@ -5,6 +5,7 @@ on:
     branches: [main]
 jobs:
   update-python-and-pre-commit-deps:
+    if: ${{ github.actor == 'dependabot[bot]' && contains(github.head_ref, '/pip/') }}
     uses: ./.github/workflows/_reusable-update-python-and-pre-commit-dependencies.yml
     with:
       commit-user-name: ${{ vars.TEK_OPENSOURCE_NAME }}

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -32,6 +32,10 @@ repos:
     hooks:
       - id: remove-tabs
       - id: forbid-tabs
+  - repo: https://github.com/renovatebot/pre-commit-hooks
+    rev: 3a63908078e35a432e7a31b5ae0e1efec7713f8d  # frozen: 38.64.1
+    hooks:
+      - id: renovate-config-validator
   - repo: https://github.com/python-jsonschema/check-jsonschema
     rev: 5c70e3d884fdbe99af42f2714a444e39f321498d  # frozen: 0.29.2
     hooks:
@@ -118,7 +122,7 @@ repos:
         always_run: true
         args: [audit, --json, --ignore-code=CVE-2019-8341]
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: 24d039e647a08707e6cb31e75e01844eeff925e7  # frozen: v0.6.2
+    rev: f1ebc5730d98440041cc43e4d69829ad598ae1e7  # frozen: v0.6.3
     hooks:
       - id: ruff
         args: [--fix, --exit-non-zero-on-fix]

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -18,6 +18,10 @@ Valid subsections within a version are:
 
 Things to be included in the next release go here.
 
+### Changed
+
+- Changed the `_reusable-update-python-and-pre-commit-dependencies.yml` workflow to no longer only work on PRs from Dependabot, users will now need to apply any conditional login in the calling workflow.
+
 ---
 
 ## v1.2.0 (2024-08-30)

diff --git a/renovate.json b/renovate.json
diff --git a/workflows/enforce-community-standards.md b/workflows/enforce-community-standards.md
@@ -17,7 +17,7 @@ The full list of files that this workflow checks for is as follows:
 - `.github/ISSUE_TEMPLATE/bug_report.@(yml|yaml)`
 - `.github/ISSUE_TEMPLATE/feature_request.@(yml|yaml)`
 - `.github/PULL_REQUEST_TEMPLATE.md`
-- `.github/dependabot.@(yml|yaml)`
+- `.github/@(dependabot.@(yml|yaml)|renovate.json)`
 - `.github/workflows/codeql-analysis.@(yml|yaml)`
 
 > [!NOTE]

diff --git a/workflows/update-python-and-pre-commit-dependencies.md b/workflows/update-python-and-pre-commit-dependencies.md
@@ -56,6 +56,7 @@ on:
     branches: [main]
 jobs:
   update-python-and-pre-commit-dependencies:
+    if: ${{ github.actor == 'dependabot[bot]' && contains(github.head_ref, '/pip/') }}  # Only run the job for Dependabot PRs
     uses: tektronix/python-package-ci-cd/.github/workflows/[email protected]
     with:
       commit-user-name: 'User Name'