92 lines
3.2 KiB
YAML
92 lines
3.2 KiB
YAML
name: Update Python requirements
|
|
|
|
on:
|
|
pull_request:
|
|
types: [opened, synchronize, reopened]
|
|
paths:
|
|
- "cvat/requirements/*.in"
|
|
- "utils/dataset_manifest/requirements.in"
|
|
|
|
permissions:
|
|
contents: read
|
|
pull-requests: read
|
|
|
|
jobs:
|
|
update:
|
|
# Only run on Dependabot branches from this repository. Regenerating
|
|
# requirements can execute package build code, so fork PRs must not run this
|
|
# workflow with access to the CVAT bot token.
|
|
if: >
|
|
github.event.pull_request.user.login == 'dependabot[bot]' &&
|
|
github.event.pull_request.head.repo.full_name == github.repository &&
|
|
startsWith(github.event.pull_request.head.ref, 'dependabot/pip/')
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v7
|
|
with:
|
|
ref: ${{ github.event.pull_request.head.ref }}
|
|
repository: ${{ github.event.pull_request.head.repo.full_name }}
|
|
persist-credentials: false
|
|
|
|
- uses: actions/setup-python@v6
|
|
with:
|
|
python-version: "3.12"
|
|
|
|
- name: Install system dependencies
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install --no-install-recommends -y \
|
|
cargo \
|
|
g++ \
|
|
gcc \
|
|
libhdf5-dev \
|
|
libldap2-dev \
|
|
libmp3lame-dev \
|
|
libsasl2-dev \
|
|
libxml2-dev \
|
|
libxmlsec1-dev \
|
|
libxmlsec1-openssl \
|
|
make \
|
|
nasm \
|
|
pkg-config \
|
|
python3-dev
|
|
|
|
- name: Install pip-compile-multi
|
|
run: python -m pip install pip-compile-multi
|
|
|
|
- name: Regenerate Python requirements
|
|
run: cvat/requirements/regenerate.sh --no-upgrade
|
|
|
|
- name: Check generated requirements changes
|
|
id: changes
|
|
run: |
|
|
if git diff --quiet -- cvat/requirements/*.txt utils/dataset_manifest/requirements.txt; then
|
|
echo "No generated requirements changes"
|
|
echo "changed=false" >> "$GITHUB_OUTPUT"
|
|
else
|
|
echo "changed=true" >> "$GITHUB_OUTPUT"
|
|
fi
|
|
|
|
# The default github.token does not trigger follow-up CI on push. Use the
|
|
# same app token as the release workflow so the updated Dependabot PR runs
|
|
# the normal validation pipeline.
|
|
- name: Generate authentication token
|
|
if: steps.changes.outputs.changed == 'true'
|
|
id: gen-token
|
|
uses: actions/create-github-app-token@v3
|
|
with:
|
|
client-id: "${{ secrets.CVAT_BOT_CLIENT_ID }}"
|
|
private-key: "${{ secrets.CVAT_BOT_PRIVATE_KEY }}"
|
|
|
|
- name: Commit regenerated requirements
|
|
if: steps.changes.outputs.changed == 'true'
|
|
env:
|
|
GH_TOKEN: "${{ steps.gen-token.outputs.token }}"
|
|
run: |
|
|
git config user.name "cvat-bot[bot]"
|
|
git config user.email "147643061+cvat-bot[bot]@users.noreply.github.com"
|
|
git add cvat/requirements/*.txt utils/dataset_manifest/requirements.txt
|
|
git commit -m "Regenerate Python requirements"
|
|
git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${{ github.repository }}.git"
|
|
git push origin HEAD:${{ github.event.pull_request.head.ref }}
|