chore: import upstream snapshot with attribution
This commit is contained in:
@@ -0,0 +1,91 @@
|
||||
name: Update Python requirements
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
types: [opened, synchronize, reopened]
|
||||
paths:
|
||||
- "cvat/requirements/*.in"
|
||||
- "utils/dataset_manifest/requirements.in"
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: read
|
||||
|
||||
jobs:
|
||||
update:
|
||||
# Only run on Dependabot branches from this repository. Regenerating
|
||||
# requirements can execute package build code, so fork PRs must not run this
|
||||
# workflow with access to the CVAT bot token.
|
||||
if: >
|
||||
github.event.pull_request.user.login == 'dependabot[bot]' &&
|
||||
github.event.pull_request.head.repo.full_name == github.repository &&
|
||||
startsWith(github.event.pull_request.head.ref, 'dependabot/pip/')
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v7
|
||||
with:
|
||||
ref: ${{ github.event.pull_request.head.ref }}
|
||||
repository: ${{ github.event.pull_request.head.repo.full_name }}
|
||||
persist-credentials: false
|
||||
|
||||
- uses: actions/setup-python@v6
|
||||
with:
|
||||
python-version: "3.12"
|
||||
|
||||
- name: Install system dependencies
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install --no-install-recommends -y \
|
||||
cargo \
|
||||
g++ \
|
||||
gcc \
|
||||
libhdf5-dev \
|
||||
libldap2-dev \
|
||||
libmp3lame-dev \
|
||||
libsasl2-dev \
|
||||
libxml2-dev \
|
||||
libxmlsec1-dev \
|
||||
libxmlsec1-openssl \
|
||||
make \
|
||||
nasm \
|
||||
pkg-config \
|
||||
python3-dev
|
||||
|
||||
- name: Install pip-compile-multi
|
||||
run: python -m pip install pip-compile-multi
|
||||
|
||||
- name: Regenerate Python requirements
|
||||
run: cvat/requirements/regenerate.sh --no-upgrade
|
||||
|
||||
- name: Check generated requirements changes
|
||||
id: changes
|
||||
run: |
|
||||
if git diff --quiet -- cvat/requirements/*.txt utils/dataset_manifest/requirements.txt; then
|
||||
echo "No generated requirements changes"
|
||||
echo "changed=false" >> "$GITHUB_OUTPUT"
|
||||
else
|
||||
echo "changed=true" >> "$GITHUB_OUTPUT"
|
||||
fi
|
||||
|
||||
# The default github.token does not trigger follow-up CI on push. Use the
|
||||
# same app token as the release workflow so the updated Dependabot PR runs
|
||||
# the normal validation pipeline.
|
||||
- name: Generate authentication token
|
||||
if: steps.changes.outputs.changed == 'true'
|
||||
id: gen-token
|
||||
uses: actions/create-github-app-token@v3
|
||||
with:
|
||||
client-id: "${{ secrets.CVAT_BOT_CLIENT_ID }}"
|
||||
private-key: "${{ secrets.CVAT_BOT_PRIVATE_KEY }}"
|
||||
|
||||
- name: Commit regenerated requirements
|
||||
if: steps.changes.outputs.changed == 'true'
|
||||
env:
|
||||
GH_TOKEN: "${{ steps.gen-token.outputs.token }}"
|
||||
run: |
|
||||
git config user.name "cvat-bot[bot]"
|
||||
git config user.email "147643061+cvat-bot[bot]@users.noreply.github.com"
|
||||
git add cvat/requirements/*.txt utils/dataset_manifest/requirements.txt
|
||||
git commit -m "Regenerate Python requirements"
|
||||
git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${{ github.repository }}.git"
|
||||
git push origin HEAD:${{ github.event.pull_request.head.ref }}
|
||||
Reference in New Issue
Block a user