gha-utils 4.0.1__tar.gz → 4.0.2__tar.gz

gha_utils-4.0.2/PKG-INFO

@@ -0,0 +1,286 @@
+Metadata-Version: 2.1
+Name: gha-utils
+Version: 4.0.2
+Summary: ⚙️ CLI helpers for GitHub Actions + reuseable workflows
+Author-email: Kevin Deldycke <kevin@deldycke.com>
+Project-URL: Homepage, https://github.com/kdeldycke/workflows
+Project-URL: Repository, https://github.com/kdeldycke/workflows
+Project-URL: Funding, https://github.com/sponsors/kdeldycke
+Project-URL: Issues, https://github.com/kdeldycke/workflows/issues
+Project-URL: Changelog, https://github.com/kdeldycke/workflows/blob/main/changelog.md
+Keywords: build-automation,changelog-formatter,ci-cd,cli,formatting,github-actions,labels,linting,markdown,mypy,nuitka,packaging,pypi,python,release-automation,sphinx,sponsorship,terminal,typo,workflow-reusable,yaml
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: Environment :: Console
+Classifier: Framework :: Sphinx
+Classifier: Framework :: Pelican
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: GNU General Public License v2 or later (GPLv2+)
+Classifier: Operating System :: MacOS :: MacOS X
+Classifier: Operating System :: Microsoft :: Windows
+Classifier: Operating System :: POSIX :: Linux
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: Implementation :: CPython
+Classifier: Programming Language :: Unix Shell
+Classifier: Topic :: Documentation :: Sphinx
+Classifier: Topic :: File Formats :: JSON
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Build Tools
+Classifier: Topic :: Software Development :: Compilers
+Classifier: Topic :: Software Development :: Documentation
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Classifier: Topic :: Software Development :: Quality Assurance
+Classifier: Topic :: Software Development :: Version Control :: Git
+Classifier: Topic :: System :: Archiving :: Packaging
+Classifier: Topic :: System :: Installation/Setup
+Classifier: Topic :: System :: Shells
+Classifier: Topic :: System :: Software Distribution
+Classifier: Topic :: Terminals
+Classifier: Topic :: Text Processing :: Markup :: HTML
+Classifier: Topic :: Text Processing :: Markup :: Markdown
+Classifier: Topic :: Utilities
+Classifier: Typing :: Typed
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+Requires-Dist: black~=24.4.2
+Requires-Dist: bump-my-version~=0.24.0
+Requires-Dist: click-extra~=4.8.3
+Requires-Dist: mypy~=1.10.0
+Requires-Dist: packaging~=24.1
+Requires-Dist: PyDriller~=2.6
+Requires-Dist: pyproject-metadata~=0.8.0
+Requires-Dist: tomli~=2.0.1; python_version < "3.11"
+Requires-Dist: wcmatch~=8.5.2
+
+# `gha-utils` CLI + reusable workflows
+
+[![Last release](https://img.shields.io/pypi/v/gha-utils.svg)](https://pypi.python.org/pypi/gha-utils)
+[![Python versions](https://img.shields.io/pypi/pyversions/gha-utils.svg)](https://pypi.python.org/pypi/gha-utils)
+[![Type checked with mypy](http://www.mypy-lang.org/static/mypy_badge.svg)](http://mypy-lang.org/)
+[![Unittests status](https://github.com/kdeldycke/workflows/actions/workflows/tests.yaml/badge.svg?branch=main)](https://github.com/kdeldycke/workflows/actions/workflows/tests.yaml?query=branch%3Amain)
+
+`gha-utils` stands for **G**it**H**ub **A**ction workflows **Util**itie**s**.
+
+Maintaining project takes time. This repository contains the code of the `gha-utils` CLI and a collection of reusable workflows to:
+
+- maintain a Python project, its CLI, doc, QA, etc.
+- maintain an Awesome List project.
+
+## `gha-utils` CLI
+
+### Executables
+
+Standalone executables of `gha-utils`'s latest version are available as direct downloads for several platforms and architectures:
+
+| Platform          | `x86_64`                                                                                                                         | `arm64`                                                                                                                          |
+| ----------------- | -------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- |
+| **Linux** | [Download `gha-utils-linux-x64.bin`](https://github.com/kdeldycke/workflows/releases/latest/download/gha-utils-linux-x64.bin)     |                                                                                                                                  |
+| **macOS**         | [Download `gha-utils-macos-x64.bin`](https://github.com/kdeldycke/workflows/releases/latest/download/gha-utils-macos-x64.bin)     | [Download `gha-utils-macos-arm64.bin`](https://github.com/kdeldycke/workflows/releases/latest/download/gha-utils-macos-arm64.bin) |
+| **Windows**       | [Download `gha-utils-windows-x64.exe`](https://github.com/kdeldycke/workflows/releases/latest/download/gha-utils-windows-x64.exe) |                                                                                                                                  |
+
+### Run dev version
+
+```shell-session
+$ git clone https://github.com/kdeldycke/workflows
+$ cd workflows
+$ python -m pip install uv
+$ uv venv
+$ source .venv/bin/activate
+$ uv pip install .
+$ uv run gha-utils
+```
+
+## Reusable workflows collection
+
+This repository contains workflows to automate most of the boring tasks.
+
+These workflows are mostly used for Python projects and their documentation, but not only. They're all [reusable GitHub actions workflows](https://docs.github.com/en/actions/learn-github-actions/reusing-workflows).
+
+Reasons for a centralized workflow repository:
+
+- reusability of course: no need to update dozens of repository where 95% of workflows are the same
+- centralize all dependencies pertaining to automation: think of the point-release of an action that triggers dependabot upgrade to all your repositories depending on it
+
+### Guidelines
+
+I don't want to copy-n-past, keep in sync and maintain another `N`th CI/CD file at the root of my repositories.
+
+So my policy is: move every repository-specific config in a `pyproject.toml` file, or hide the gory details in a reused workflow.
+
+### `.github/workflows/docs.yaml` jobs
+
+- Autofix typos
+
+- Optimize images
+
+- Keep `.mailmap` up to date
+
+- Update dependency graph of Python projects
+
+  - **Requires**:
+    - Python package with a `pyproject.toml` file
+
+- Build Sphinx-based documentation and publish it to GitHub Pages
+
+  - **Requires**:
+    - Python package with a `pyproject.toml` file
+    - All Sphinx dependencies in a `docs` [extra dependency group](https://packaging.python.org/en/latest/guides/writing-pyproject-toml/#dependencies-and-requirements):
+      ```toml
+      [project.optional-dependencies]
+      docs = [
+          "furo == 2024.1.29",
+          "myst-parser ~= 3.0.0",
+          "sphinx >= 6",
+          ...
+      ]
+      ```
+    - Sphinx configuration file at `docs/conf.py`
+
+- Sync awesome projects from `awesome-template` repository
+
+### Why all these `requirements/*.txt` files?
+
+Let's look for example at the `lint-yaml` job from [`.github/workflows/lint.yaml`](https://github.com/kdeldycke/workflows/blob/main/.github/workflows/lint.yaml#L126). Here we only need the `yamllint` CLI. This CLI is [distributed on PyPi](https://pypi.org/project/yamllint/). So before executing it, we could have simply run the following step:
+
+```yaml
+  - name: Install yamllint
+    run: |
+      pip install yamllint
+```
+
+Instead, we install it via the [`requirements/yamllint.txt` file](https://github.com/kdeldycke/workflows/blob/main/requirements/yamllint.txt).
+
+Why? Because I want the version of `yamllint` to be pinned. By pinning it, I make the workflow stable, predictable and reproducible.
+
+So why use a dedicated requirements file? Why don't we simply add the version? Like this:
+
+```yaml
+  - name: Install yamllint
+    run: |
+      pip install yamllint==1.35.1
+```
+
+That would indeed pin the version. But it requires the maintainer (me) to keep track of new release and update manually the version string. That's a lot of work. And I'm lazy. So this should be automated.
+
+To automate that, the only practical way I found was to rely on dependabot. But dependabot cannot update arbitrary versions in `run:` YAML blocks. It [only supports `requirements.txt` and `pyproject.toml`](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#pip-and-pip-compile) files for Python projects.
+
+So to keep track of new versions of dependencies while keeping them stable, we've hard-coded all Python libraries and CLIs in the `requirements/*.txt` files. All with pinned versions.
+
+And for the case we need to install all dependencies in one go, we have a [`requirements.txt` file at the root](https://github.com/kdeldycke/workflows/blob/main/requirements.txt) that is referencing all files from the `requirements/` subfolder.
+
+### Permissions and token
+
+This repository updates itself via GitHub actions. It particularly updates its own YAML files in `.github/workflows`. That's forbidden by default. So we need extra permissions.
+
+Usually, to grant special permissions to some jobs, you use the [`permissions` parameter in workflow](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions) files. It looks like this:
+
+```yaml
+on: (...)
+
+jobs:
+
+  my-job:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+
+    steps: (...)
+```
+
+But the `contents: write` permission doesn't allow write access to the workflow files in the `.github` subfolder. There is `actions: write`, but it only covers workflow runs, not their YAML source file. Even a `permissions: write-all` doesn't work. So you cannot use the `permissions` parameter to allow a repository's workflow update its own workflow files.
+
+You will always end up with this kind or errors:
+
+```text
+   ! [remote rejected] branch_xxx -> branch_xxx (refusing to allow a GitHub App to create or update workflow `.github/workflows/my_workflow.yaml` without `workflows` permission)
+
+  error: failed to push some refs to 'https://github.com/kdeldycke/my-repo'
+```
+
+> \[!NOTE\]
+> That's also why the Settings > Actions > General > Workflow permissions parameter on your repository has no effect on this issue, even with the `Read and write permissions` set:
+> ![](docs/assets/repo-workflow-permissions.png)
+
+To bypass the limitation, we rely on a custom access token. By convention, we call it `WORKFLOW_UPDATE_GITHUB_PAT`. It will be used, [in place of the default `secrets.GITHUB_TOKEN`](https://github.com/search?q=repo%3Akdeldycke%2Fworkflows%20WORKFLOW_UPDATE_GITHUB_PAT&type=code), in steps in which we need to change the workflow YAML files.
+
+To create this custom `WORKFLOW_UPDATE_GITHUB_PAT`:
+
+- From your GitHub user, go to `Settings` > `Developer Settings` > `Personal Access Tokens` > `Fine-grained tokens`
+- Click on the `Generate new token` button
+- Choose a good token name like `workflow-self-update` to make your intention clear
+- Choose `Only select repositories` and the list the repositories in needs of updating their workflow YAML files
+- In the `Repository permissions` drop-down, sets:
+  - `Contents`: `Access: **Read and Write**`
+  - `Metadata` (mandatory): `Access: **Read-only**`
+  - `Pull Requests`: `Access: **Read and Write**`
+  - `Workflows`: `Access: **Read and Write**`
+    > \[!NOTE\]
+    > This is the only place where I can have control over the `Workflows` permission, which is not supported by the `permissions:` parameter in YAML files.
+- Now save these parameters and copy the `github_pat_XXXX` secret token
+- Got to your repo > `Settings` > `Security` > `Secrets and variables` > `Actions` > `Secrets` > `Repository secrets` and click `New repository secrets`
+- Name your secret `WORKFLOW_UPDATE_GITHUB_PAT` and copy the `github_pat_XXXX` token in the `Secret` field
+
+Now re-run your actions and they should be able to update the workflow files in `.github` folder without the `refusing to allow a GitHub App to create or update workflow` error.
+
+### Release management
+
+It turns out [Release Engineering is a full-time job, and full of edge-cases](https://blog.axo.dev/2023/02/cargo-dist).
+
+Rust has [`cargo-dist`](https://github.com/axodotdev/cargo-dist). Go has... ? But there is no equivalent for Python.
+
+So I made up a [`release.yaml` workflow](https://github.com/kdeldycke/workflows/blob/main/.github/workflows/release.yaml), which:
+
+1. Extracts project metadata from `pyproject.toml`
+1. Generates a build matrix of all commits / os / arch / CLI entry points
+1. Build Python wheel with Twine
+1. Compile binaries of all CLI with Nuitka
+1. Tag the release commit in Git
+1. Publish new version to PyPi
+1. Publish a GitHub release
+1. Attach and rename build artifacts to it
+
+## Changelog
+
+A [detailed changelog](changelog.md) is available.
+
+## Used in
+
+Check these projects to get real-life examples of usage and inspiration:
+
+- ![GitHub stars](https://img.shields.io/github/stars/kdeldycke/awesome-falsehood?label=%E2%AD%90&style=flat-square) [Awesome Falsehood](https://github.com/kdeldycke/awesome-falsehood#readme) - Falsehoods Programmers Believe in.
+- ![GitHub stars](https://img.shields.io/github/stars/kdeldycke/awesome-engineering-team-management?label=%E2%AD%90&style=flat-square) [Awesome Engineering Team Management](https://github.com/kdeldycke/awesome-engineering-team-management#readme) - How to transition from software development to engineering management.
+- ![GitHub stars](https://img.shields.io/github/stars/kdeldycke/awesome-iam?label=%E2%AD%90&style=flat-square) [Awesome IAM](https://github.com/kdeldycke/awesome-iam#readme) - Identity and Access Management knowledge for cloud platforms.
+- ![GitHub stars](https://img.shields.io/github/stars/kdeldycke/awesome-billing?label=%E2%AD%90&style=flat-square) [Awesome Billing](https://github.com/kdeldycke/awesome-billing#readme) - Billing & Payments knowledge for cloud platforms.
+- ![GitHub stars](https://img.shields.io/github/stars/kdeldycke/meta-package-manager?label=%E2%AD%90&style=flat-square) [Meta Package Manager](https://github.com/kdeldycke/meta-package-manager#readme) - A unifying CLI for multiple package managers.
+- ![GitHub stars](https://img.shields.io/github/stars/kdeldycke/mail-deduplicate?label=%E2%AD%90&style=flat-square) [Mail Deduplicate](https://github.com/kdeldycke/mail-deduplicate#readme) - A CLI to deduplicate similar emails.
+- ![GitHub stars](https://img.shields.io/github/stars/kdeldycke/dotfiles?label=%E2%AD%90&style=flat-square) [dotfiles](https://github.com/kdeldycke/dotfiles#readme) - macOS dotfiles for Python developers.
+- ![GitHub stars](https://img.shields.io/github/stars/kdeldycke/click-extra?label=%E2%AD%90&style=flat-square) [Click Extra](https://github.com/kdeldycke/click-extra#readme) - Extra colorization and configuration loading for Click.
+- ![GitHub stars](https://img.shields.io/github/stars/themagicalmammal/wikibot?label=%E2%AD%90&style=flat-square) [Wiki bot](https://github.com/themagicalmammal/wikibot#readme) - A bot which provides features from Wikipedia like summary, title searches, location API etc.
+- ![GitHub stars](https://img.shields.io/github/stars/kdeldycke/workflows?label=%E2%AD%90&style=flat-square) [workflows](https://github.com/kdeldycke/workflows#readme) - Itself. Eat your own dog-food.
+- ![GitHub stars](https://img.shields.io/github/stars/themagicalmammal/stock-analyser?label=%E2%AD%90&style=flat-square) [Stock Analysis](https://github.com/themagicalmammal/stock-analyser#readme) - Simple to use interfaces for basic technical analysis of stocks.
+- ![GitHub stars](https://img.shields.io/github/stars/themagicalmammal/genetictabler?label=%E2%AD%90&style=flat-square) [GeneticTabler](https://github.com/themagicalmammal/genetictabler#readme) - Time Table Scheduler using Genetic Algorithms.
+- ![GitHub stars](https://img.shields.io/github/stars/themagicalmammal/excel-write?label=%E2%AD%90&style=flat-square) [Excel Write](https://github.com/themagicalmammal/excel-write#readme) - Optimised way to write in excel files.
+
+Feel free to send a PR to add your project in this list if you are relying on these scripts.
+
+## Release process
+
+All steps of the release process and version management are automated in the
+[`changelog.yaml`](https://github.com/kdeldycke/workflows/blob/main/.github/workflows/changelog.yaml)
+and
+[`release.yaml`](https://github.com/kdeldycke/workflows/blob/main/.github/workflows/release.yaml)
+workflows.
+
+All there's left to do is to:
+
+- [check the open draft `prepare-release` PR](https://github.com/kdeldycke/workflows/pulls?q=is%3Apr+is%3Aopen+head%3Aprepare-release)
+  and its changes,
+- click the `Ready for review` button,
+- click the `Rebase and merge` button,
+- let the workflows tag the release and set back the `main` branch into a
+  development state.

{gha_utils-4.0.1 → gha_utils-4.0.2}/gha_utils/__init__.py

@@ -17,4 +17,4 @@
 
 from __future__ import annotations
 
-__version__ = "4.0.1"
+__version__ = "4.0.2"

{gha_utils-4.0.1 → gha_utils-4.0.2}/gha_utils/changelog.py

@@ -38,9 +38,11 @@ class Changelog:
             self.content = initial_changelog
         logging.debug(f"Initial content set to:\n{self.content}")
 
-    def update(self) -> str:
+    def update(self) -> str | None:
         r"""Adds a new empty entry at the top of the changelog.
 
+        Returns ``None`` if initial changelog content has already been updated.
+
         This is designed to be used just after a new release has been tagged. And before a
         post-release version increment is applied with a call to:
 
@@ -145,7 +147,9 @@ class Changelog:
 
         logging.info("New generated section:\n" + indent(new_entry, " " * 2))
 
-        assert new_entry not in history
+        # No need to update.
+        if new_entry in history:
+            return None
 
         # Recompose full changelog with new top entry.
         return f"{changelog_header}{new_entry}{history}"

{gha_utils-4.0.1 → gha_utils-4.0.2}/gha_utils/cli.py

@@ -25,6 +25,7 @@ from pathlib import Path
 
 from click_extra import (
     Choice,
+    Context,
     argument,
     extra_group,
     file_path,
@@ -55,6 +56,15 @@ def file_writer(filepath):
         writer.close()
 
 
+def get_header(ctx: Context):
+    """Generates metadata to be leaved as comments to the top of a file generated by this CLI."""
+    return (
+        f"# Generated by {ctx.command_path} v{__version__}"
+        " - https://github.com/kdeldycke/workflows\n"
+        f"# Timestamp: {datetime.now().isoformat()}.\n\n"
+    )
+
+
 @extra_group
 def gha_utils():
     pass
@@ -114,20 +124,16 @@ def metadata(ctx, format, overwrite, output_path):
         env_file = os.getenv("GITHUB_OUTPUT")
         if env_file and Path(env_file) != output_path:
             logging.warning(
-                "Output path is not the same as $GITHUB_OUTPUT environment variable, which is generally what we're looking to do in GitHub CI runners for other jobs to consume the produced metadata."
+                "Output path is not the same as $GITHUB_OUTPUT environment variable,"
+                " which is generally what we're looking to do in GitHub CI runners for"
+                " other jobs to consume the produced metadata."
             )
 
     dialect = Dialects(format)
     content = metadata.dump(dialect=dialect)
 
     with file_writer(output_path) as f:
-        f.write(
-            # Leave some metadata as comment.
-            f"# Generated by {ctx.command_path} v{__version__}"
-            " - https://github.com/kdeldycke/workflows.\n"
-            f"# Timestamp: {datetime.now().isoformat()}.\n"
-            f"{content}"
-        )
+        f.write(content)
 
 
 @gha_utils.command(short_help="Maintain a Markdown-formatted changelog")
@@ -147,10 +153,13 @@ def changelog(ctx, source, changelog_path):
     initial_content = None
     if source:
         logging.info(f"Read initial changelog from {source}")
-        initial_content = source.read_text()
+        initial_content = source.read_text(encoding="utf-8")
 
     changelog = Changelog(initial_content)
     content = changelog.update()
+    if not content:
+        logging.warning("Changelog already up to date. Do nothing.")
+        ctx.exit()
 
     if is_stdout(changelog_path):
         logging.info(f"Print updated results to {sys.stdout.name}")
@@ -189,7 +198,7 @@ def mailmap(ctx, source, updated_mailmap):
     initial_content = None
     if source:
         logging.info(f"Read initial mapping from {source}")
-        initial_content = source.read_text()
+        initial_content = source.read_text(encoding="utf-8")
 
     mailmap = Mailmap(initial_content)
     content = mailmap.updated_map()
@@ -200,10 +209,4 @@ def mailmap(ctx, source, updated_mailmap):
         logging.info(f"Save updated results to {updated_mailmap}")
 
     with file_writer(updated_mailmap) as f:
-        f.write(
-            # Leave some metadata as comment.
-            f"# Generated by {ctx.command_path} v{__version__}"
-            " - https://github.com/kdeldycke/workflows.\n"
-            f"# Timestamp: {datetime.now().isoformat()}.\n\n"
-            f"{content}"
-        )
+        f.write(f"{get_header(ctx)}{content}")

{gha_utils-4.0.1 → gha_utils-4.0.2}/gha_utils/mailmap.py

@@ -68,7 +68,7 @@ class Mailmap:
 
         logging.debug(
             "Authors and committers found in Git history:\n"
-            f"{'\n'.join(sorted(contributors, key=str.casefold))}"
+            + "\n".join(sorted(contributors, key=str.casefold))
         )
         return contributors
 
@@ -94,6 +94,7 @@ class Mailmap:
 
         # Render content in .mailmap format.
         return (
-            f"{'\n'.join(header_comments)}\n\n"
-            f"{'\n'.join(sorted(mappings, key=str.casefold))}\n"
+            "\n".join(header_comments)
+            + "\n\n"
+            + "\n".join(sorted(mappings, key=str.casefold))
         )

{gha_utils-4.0.1 → gha_utils-4.0.2}/gha_utils/metadata.py

@@ -466,7 +466,7 @@ class Metadata:
         ``pyproject.toml`` exists and respects the standards. ``False`` otherwise.
         """
         if self.pyproject_path.exists() and self.pyproject_path.is_file():
-            toml = tomllib.loads(self.pyproject_path.read_text())
+            toml = tomllib.loads(self.pyproject_path.read_text(encoding="utf-8"))
             try:
                 metadata = StandardMetadata.from_pyproject(toml)
                 self._is_python_project = True
@@ -940,9 +940,13 @@ class Metadata:
         # Generate a link to the version of the package published on PyPi.
         pypi_link = ""
         if self.package_name:
-            pypi_link = f"[🐍 Available on PyPi](https://pypi.org/project/{
-                self.package_name
-            }/{version})."
+            pypi_link = (
+                "[🐍 Available on PyPi](https://pypi.org/project/"
+                + self.package_name
+                + "/"
+                + version
+                + ")."
+            )
 
         # Assemble the release notes.
         return f"{changes}\n\n{pypi_link}".strip()
@@ -1009,7 +1013,7 @@ class Metadata:
         }
 
         logging.debug(f"Raw metadata: {metadata!r}")
-        logging.debug(f"Format metadata into {dialect} dialect.")
+        logging.debug(f"Format metadata into {dialect} format.")
 
         content = ""
         if dialect == Dialects.GITHUB:
@@ -1027,6 +1031,6 @@ class Metadata:
             assert dialect == Dialects.PLAIN
             content = repr(metadata)
 
-        logging.debug(f"Formatted metadata: {content}")
+        logging.debug(f"Formatted metadata:\n{content}")
 
         return content