From ab448ff6a06e208b96beab0be29bfe686ddc57dc Mon Sep 17 00:00:00 2001 From: Xuan Hu Date: Mon, 11 Mar 2024 14:36:17 +0800 Subject: [PATCH 01/12] Revert "chore(deps): update renovate docker tag to v37.235.1 (#383)" This reverts commit 865d9046922a8581b06e7df2d3e7d29d177b94f8. --- .github/workflows/renovate.yml | 2 +- .gitlab/workflows/renovate.yml | 2 +- .../workflows/renovate.yml.jinja | 2 +- .../workflows/renovate.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 97c2e9b0..2ba05d25 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -14,7 +14,7 @@ jobs: RENOVATE_REPOSITORIES: '["${{ github.repository }}"]' RENOVATE_REPOSITORY_CACHE: enabled RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }} - image: ghcr.io/renovatebot/renovate:37.235.1-full@sha256:57b2cc76218dcd49a05be82d30c2efdb115381f08e6564c1e55cba6ca76939dc + image: ghcr.io/renovatebot/renovate:37.230.0-full@sha256:d9ec72ac8884d1b5933b4256f27dad97e02c725e92b163ff7b557ce781a46af2 options: '--user root' runs-on: ubuntu-22.04 steps: diff --git a/.gitlab/workflows/renovate.yml b/.gitlab/workflows/renovate.yml index 2a096923..97c732b2 100644 --- a/.gitlab/workflows/renovate.yml +++ b/.gitlab/workflows/renovate.yml @@ -3,7 +3,7 @@ renovate: key: ${CI_COMMIT_REF_SLUG}-renovate paths: - renovate/cache/renovate/repository/ - image: renovate/renovate:37.235.1-full@sha256:57b2cc76218dcd49a05be82d30c2efdb115381f08e6564c1e55cba6ca76939dc + image: renovate/renovate:37.230.0-full@sha256:d9ec72ac8884d1b5933b4256f27dad97e02c725e92b163ff7b557ce781a46af2 rules: - if: $CI_PIPELINE_SOURCE == "schedule" && $RENOVATE_TOKEN != null script: renovate $RENOVATE_EXTRA_FLAG diff --git a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/renovate.yml.jinja b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/renovate.yml.jinja index 1d58d752..66c6d3a1 100644 --- a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/renovate.yml.jinja +++ b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/renovate.yml.jinja @@ -18,7 +18,7 @@ jobs: RENOVATE_REPOSITORIES: '["{{ '${{ github.repository }}' }}"]' RENOVATE_REPOSITORY_CACHE: enabled RENOVATE_TOKEN: {{ '${{ secrets.RENOVATE_TOKEN }}' }} - image: ghcr.io/renovatebot/renovate:37.235.1-full@sha256:57b2cc76218dcd49a05be82d30c2efdb115381f08e6564c1e55cba6ca76939dc + image: ghcr.io/renovatebot/renovate:37.230.0-full@sha256:d9ec72ac8884d1b5933b4256f27dad97e02c725e92b163ff7b557ce781a46af2 options: '--user root' runs-on: ubuntu-22.04 steps: diff --git a/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/renovate.yml b/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/renovate.yml index 2a096923..97c732b2 100644 --- a/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/renovate.yml +++ b/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/renovate.yml @@ -3,7 +3,7 @@ renovate: key: ${CI_COMMIT_REF_SLUG}-renovate paths: - renovate/cache/renovate/repository/ - image: renovate/renovate:37.235.1-full@sha256:57b2cc76218dcd49a05be82d30c2efdb115381f08e6564c1e55cba6ca76939dc + image: renovate/renovate:37.230.0-full@sha256:d9ec72ac8884d1b5933b4256f27dad97e02c725e92b163ff7b557ce781a46af2 rules: - if: $CI_PIPELINE_SOURCE == "schedule" && $RENOVATE_TOKEN != null script: renovate $RENOVATE_EXTRA_FLAG From b57600d8d6e7c8b15e73cf5da25c5cef2328fe2d Mon Sep 17 00:00:00 2001 From: Xuan Hu Date: Mon, 11 Mar 2024 14:36:32 +0800 Subject: [PATCH 02/12] Revert "chore(deps): update docker/build-push-action action to v5.2.0 (#382)" This reverts commit 6ba4bde1b273369ffdfc607ec4fc2b4c520f02bf. --- .github/workflows/devcontainer.yml | 2 +- .github/workflows/release.yml | 4 ++-- .../workflows/devcontainer.yml.jinja | 2 +- .../workflows/release.yml.jinja | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/devcontainer.yml b/.github/workflows/devcontainer.yml index 8105bea6..deb910e8 100644 --- a/.github/workflows/devcontainer.yml +++ b/.github/workflows/devcontainer.yml @@ -17,7 +17,7 @@ jobs: - name: Build and push dev container env: SOURCE_DATE_EPOCH: 0 - uses: docker/build-push-action@af5a7ed5ba88268d5278f7203fb52cd833f66d6e # v5.2.0 + uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 with: build-args: | PYTHON_VERSION=${{ matrix.python-version }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2a19275d..f03135d6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -65,7 +65,7 @@ jobs: - name: Build and push dev container env: SOURCE_DATE_EPOCH: 0 - uses: docker/build-push-action@af5a7ed5ba88268d5278f7203fb52cd833f66d6e # v5.2.0 + uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 with: build-args: | PYTHON_VERSION=${{ matrix.python-version }} @@ -81,7 +81,7 @@ jobs: - name: Build and push prod container env: SOURCE_DATE_EPOCH: 0 - uses: docker/build-push-action@af5a7ed5ba88268d5278f7203fb52cd833f66d6e # v5.2.0 + uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 with: build-args: | PYTHON_VERSION=${{ matrix.python-version }} diff --git a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/devcontainer.yml.jinja b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/devcontainer.yml.jinja index c9f35803..3b576d57 100644 --- a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/devcontainer.yml.jinja +++ b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/devcontainer.yml.jinja @@ -18,7 +18,7 @@ jobs: - name: Build and push dev container env: SOURCE_DATE_EPOCH: 0 - uses: docker/build-push-action@af5a7ed5ba88268d5278f7203fb52cd833f66d6e # v5.2.0 + uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 with: build-args: | PYTHON_VERSION={{ '${{ matrix.python-version }}' }} diff --git a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/release.yml.jinja b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/release.yml.jinja index 884badd4..64e787b4 100644 --- a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/release.yml.jinja +++ b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/release.yml.jinja @@ -66,7 +66,7 @@ jobs: - name: Build and push dev container env: SOURCE_DATE_EPOCH: 0 - uses: docker/build-push-action@af5a7ed5ba88268d5278f7203fb52cd833f66d6e # v5.2.0 + uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 with: build-args: | PYTHON_VERSION={{ '${{ matrix.python-version }}' }} @@ -82,7 +82,7 @@ jobs: - name: Build and push prod container env: SOURCE_DATE_EPOCH: 0 - uses: docker/build-push-action@af5a7ed5ba88268d5278f7203fb52cd833f66d6e # v5.2.0 + uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 with: build-args: | PYTHON_VERSION={{ '${{ matrix.python-version }}' }} From 6494d5456216e0f2be8702d21fb30448c47d9aa0 Mon Sep 17 00:00:00 2001 From: Xuan Hu Date: Mon, 11 Mar 2024 14:36:42 +0800 Subject: [PATCH 03/12] Revert "chore(deps): update docker docker tag to v25.0.4 (#381)" This reverts commit b25da4c10c28ce64f0061768c4ad9b768eb3a35e. --- .gitlab/workflows/devcontainer.yml | 4 ++-- .gitlab/workflows/release.yml | 4 ++-- .../workflows/devcontainer.yml.jinja | 4 ++-- .../workflows/release.yml.jinja | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.gitlab/workflows/devcontainer.yml b/.gitlab/workflows/devcontainer.yml index 4c171bbd..68fd040d 100644 --- a/.gitlab/workflows/devcontainer.yml +++ b/.gitlab/workflows/devcontainer.yml @@ -1,5 +1,5 @@ dev-container-publish: - image: docker:25.0.4@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 + image: docker:25.0.3@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 parallel: matrix: - PYTHON_VERSION: @@ -31,7 +31,7 @@ dev-container-publish: --tag ${CI_REGISTRY_IMAGE}/dev:py${PYTHON_VERSION} \ --target dev services: - - docker:25.0.4-dind@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 + - docker:25.0.3-dind@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 stage: build variables: DOCKER_TLS_CERTDIR: /certs diff --git a/.gitlab/workflows/release.yml b/.gitlab/workflows/release.yml index 6d9d502b..8ab95009 100644 --- a/.gitlab/workflows/release.yml +++ b/.gitlab/workflows/release.yml @@ -26,7 +26,7 @@ release-publish: variables: GIT_STRATEGY: none container-publish: - image: docker:25.0.4@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 + image: docker:25.0.3@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 needs: - release-publish parallel: @@ -67,7 +67,7 @@ container-publish: --tag ${CI_REGISTRY_IMAGE}:py${PYTHON_VERSION}-${CI_COMMIT_TAG} \ --target prod services: - - docker:25.0.4-dind@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 + - docker:25.0.3-dind@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 stage: release variables: DOCKER_TLS_CERTDIR: /certs diff --git a/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/devcontainer.yml.jinja b/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/devcontainer.yml.jinja index 47dbb7da..28380386 100644 --- a/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/devcontainer.yml.jinja +++ b/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/devcontainer.yml.jinja @@ -1,6 +1,6 @@ [% from pathjoin("includes", "version_compare.jinja") import version_between -%] dev-container-publish: - image: docker:25.0.4@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 + image: docker:25.0.3@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 parallel: matrix: - PYTHON_VERSION: @@ -42,7 +42,7 @@ dev-container-publish: --tag ${CI_REGISTRY_IMAGE}/dev:py${PYTHON_VERSION} \ --target dev services: - - docker:25.0.4-dind@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 + - docker:25.0.3-dind@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 stage: build variables: DOCKER_TLS_CERTDIR: /certs diff --git a/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/release.yml.jinja b/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/release.yml.jinja index 42f7a7ab..84a9bdc4 100644 --- a/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/release.yml.jinja +++ b/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/release.yml.jinja @@ -27,7 +27,7 @@ release-publish: variables: GIT_STRATEGY: none container-publish: - image: docker:25.0.4@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 + image: docker:25.0.3@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 needs: - release-publish parallel: @@ -78,7 +78,7 @@ container-publish: --tag ${CI_REGISTRY_IMAGE}:py${PYTHON_VERSION}-${CI_COMMIT_TAG} \ --target prod services: - - docker:25.0.4-dind@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 + - docker:25.0.3-dind@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 stage: release variables: DOCKER_TLS_CERTDIR: /certs From 02d72f55b14d7c2420917e7b040f60d1eaaafd22 Mon Sep 17 00:00:00 2001 From: Xuan Hu Date: Mon, 11 Mar 2024 14:37:42 +0800 Subject: [PATCH 04/12] revert ubuntu version --- .github/workflows/readthedocs-preview.yml | 2 +- .../workflows/readthedocs-preview.yml.jinja | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/readthedocs-preview.yml b/.github/workflows/readthedocs-preview.yml index 110b4887..04d541a4 100644 --- a/.github/workflows/readthedocs-preview.yml +++ b/.github/workflows/readthedocs-preview.yml @@ -4,7 +4,7 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} jobs: documentation-links: - runs-on: ubuntu-22.04 + runs-on: ubuntu-20.04 steps: - uses: readthedocs/actions/preview@cc0920454cf03ca8a3fbd3cbaa2ce2e509e70636 # v1.2 with: diff --git a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/readthedocs-preview.yml.jinja b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/readthedocs-preview.yml.jinja index 3a4545f2..c36e1277 100644 --- a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/readthedocs-preview.yml.jinja +++ b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/readthedocs-preview.yml.jinja @@ -4,7 +4,7 @@ concurrency: group: {{ '${{ github.workflow }}-${{ github.ref }}' }} jobs: documentation-links: - runs-on: ubuntu-22.04 + runs-on: ubuntu-20.04 steps: - uses: readthedocs/actions/preview@cc0920454cf03ca8a3fbd3cbaa2ce2e509e70636 # v1.2 with: From 317dd51eac32ed8b268aed1ad343fdb22f524452 Mon Sep 17 00:00:00 2001 From: Xuan Hu Date: Mon, 11 Mar 2024 15:31:24 +0800 Subject: [PATCH 05/12] chore: postUpgradeTasks for template --- .renovaterc.json | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/.renovaterc.json b/.renovaterc.json index b4197662..9adb4e88 100644 --- a/.renovaterc.json +++ b/.renovaterc.json @@ -46,6 +46,39 @@ "renovate/renovate" ] }, + { + "matchDepTypes": [ + "action" + ], + "postUpgradeTasks": { + "commands": [ + "find template -type f -exec sed -i 's|{{{depName}}}@{{{currentDigest}}} # {{{currentValue}}}|{{{depName}}}@{{{newDigest}}} # {{{newValue}}}|g' {} +" + ] + } + }, + { + "matchDepTypes": [ + "github-runner" + ], + "postUpgradeTasks": { + "commands": [ + "find template -type f -exec sed -i 's|{{{depName}}}-{{{currentValue}}}|{{{depName}}}-{{{newValue}}}|g' {} +" + ] + } + }, + { + "matchDepTypes": [ + "container", + "docker", + "image", + "service-image" + ], + "postUpgradeTasks": { + "commands": [ + "find template -type f -exec sed -i 's|{{{depName}}}:{{{currentValue}}}@{{{currentDigest}}}|{{{depName}}}:{{{newValue}}}@{{{newDigest}}}|g' {} +" + ] + } + }, { "commitMessageTopic": "serious-scaffold-python", "matchDepTypes": [ From 8e225c861cd48597730ccc5f69859d59336d0959 Mon Sep 17 00:00:00 2001 From: Xuan Hu Date: Mon, 11 Mar 2024 15:38:13 +0800 Subject: [PATCH 06/12] add allowed post upgrade commands --- .github/workflows/renovate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 2ba05d25..91d2df39 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -4,7 +4,7 @@ jobs: container: env: LOG_LEVEL: debug - RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '["^git", "^pip", "^copier"]' + RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '["^git", "^pip", "^copier", "^find"]' RENOVATE_BRANCH_PREFIX: renovate-github/ RENOVATE_ENABLED: ${{ vars.RENOVATE_ENABLED || true }} RENOVATE_ENABLED_MANAGERS: '["pep621", "github-actions", "gitlabci", "regex"]' From 2f22586974efb19db56a8b86241221e70f4cb6d5 Mon Sep 17 00:00:00 2001 From: Xuan Hu Date: Mon, 11 Mar 2024 15:51:48 +0800 Subject: [PATCH 07/12] update template --- template/.renovaterc.json.jinja | 33 +++++++++++++++++++ .../workflows/renovate.yml.jinja | 2 +- 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/template/.renovaterc.json.jinja b/template/.renovaterc.json.jinja index af3b0ac7..8222d227 100644 --- a/template/.renovaterc.json.jinja +++ b/template/.renovaterc.json.jinja @@ -52,6 +52,39 @@ "renovate/renovate" ] }, + { + "matchDepTypes": [ + "action" + ], + "postUpgradeTasks": { + "commands": [ + "find template -type f -exec sed -i {{ '\'s|{{{depName}}}@{{{currentDigest}}} # {{{currentValue}}}|{{{depName}}}@{{{newDigest}}} # {{{newValue}}}|g\' {} +' }}" + ] + } + }, + { + "matchDepTypes": [ + "github-runner" + ], + "postUpgradeTasks": { + "commands": [ + "find template -type f -exec sed -i {{ '\'s|{{{depName}}}-{{{currentValue}}}|{{{depName}}}-{{{newValue}}}|g\' {} +' }}" + ] + } + }, + { + "matchDepTypes": [ + "container", + "docker", + "image", + "service-image" + ], + "postUpgradeTasks": { + "commands": [ + "find template -type f -exec sed -i {{ '\'s|{{{depName}}}:{{{currentValue}}}@{{{currentDigest}}}|{{{depName}}}:{{{newValue}}}@{{{newDigest}}}|g\' {} +' }}" + ] + } + }, [%- endif %] { "commitMessageTopic": "serious-scaffold-python", diff --git a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/renovate.yml.jinja b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/renovate.yml.jinja index 66c6d3a1..8d1213b5 100644 --- a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/renovate.yml.jinja +++ b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/renovate.yml.jinja @@ -4,7 +4,7 @@ jobs: container: env: LOG_LEVEL: debug - RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '["^git", "^pip", "^copier"]' + RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '["^git", "^pip", "^copier", "^find"]' RENOVATE_BRANCH_PREFIX: renovate-github/ RENOVATE_ENABLED: {{ '${{ vars.RENOVATE_ENABLED || true }}' }} [%- if project_name == "Serious Scaffold Python" %] From 94e9f7dbab75e68443cfe6e9c3b1a8ff32f957cc Mon Sep 17 00:00:00 2001 From: "Xuan (Sean) Hu" Date: Mon, 11 Mar 2024 15:59:38 +0800 Subject: [PATCH 08/12] chore(deps): update docker docker tag to v25.0.4 (#45) Co-authored-by: Renovate GitHub Bot --- .gitlab/workflows/devcontainer.yml | 4 ++-- .gitlab/workflows/release.yml | 4 ++-- .../workflows/devcontainer.yml.jinja | 4 ++-- .../workflows/release.yml.jinja | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.gitlab/workflows/devcontainer.yml b/.gitlab/workflows/devcontainer.yml index 68fd040d..4c171bbd 100644 --- a/.gitlab/workflows/devcontainer.yml +++ b/.gitlab/workflows/devcontainer.yml @@ -1,5 +1,5 @@ dev-container-publish: - image: docker:25.0.3@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 + image: docker:25.0.4@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 parallel: matrix: - PYTHON_VERSION: @@ -31,7 +31,7 @@ dev-container-publish: --tag ${CI_REGISTRY_IMAGE}/dev:py${PYTHON_VERSION} \ --target dev services: - - docker:25.0.3-dind@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 + - docker:25.0.4-dind@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 stage: build variables: DOCKER_TLS_CERTDIR: /certs diff --git a/.gitlab/workflows/release.yml b/.gitlab/workflows/release.yml index 8ab95009..6d9d502b 100644 --- a/.gitlab/workflows/release.yml +++ b/.gitlab/workflows/release.yml @@ -26,7 +26,7 @@ release-publish: variables: GIT_STRATEGY: none container-publish: - image: docker:25.0.3@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 + image: docker:25.0.4@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 needs: - release-publish parallel: @@ -67,7 +67,7 @@ container-publish: --tag ${CI_REGISTRY_IMAGE}:py${PYTHON_VERSION}-${CI_COMMIT_TAG} \ --target prod services: - - docker:25.0.3-dind@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 + - docker:25.0.4-dind@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 stage: release variables: DOCKER_TLS_CERTDIR: /certs diff --git a/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/devcontainer.yml.jinja b/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/devcontainer.yml.jinja index 28380386..47dbb7da 100644 --- a/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/devcontainer.yml.jinja +++ b/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/devcontainer.yml.jinja @@ -1,6 +1,6 @@ [% from pathjoin("includes", "version_compare.jinja") import version_between -%] dev-container-publish: - image: docker:25.0.3@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 + image: docker:25.0.4@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 parallel: matrix: - PYTHON_VERSION: @@ -42,7 +42,7 @@ dev-container-publish: --tag ${CI_REGISTRY_IMAGE}/dev:py${PYTHON_VERSION} \ --target dev services: - - docker:25.0.3-dind@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 + - docker:25.0.4-dind@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 stage: build variables: DOCKER_TLS_CERTDIR: /certs diff --git a/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/release.yml.jinja b/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/release.yml.jinja index 84a9bdc4..42f7a7ab 100644 --- a/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/release.yml.jinja +++ b/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/release.yml.jinja @@ -27,7 +27,7 @@ release-publish: variables: GIT_STRATEGY: none container-publish: - image: docker:25.0.3@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 + image: docker:25.0.4@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 needs: - release-publish parallel: @@ -78,7 +78,7 @@ container-publish: --tag ${CI_REGISTRY_IMAGE}:py${PYTHON_VERSION}-${CI_COMMIT_TAG} \ --target prod services: - - docker:25.0.3-dind@sha256:0d70c541ee98e66b8f7ece8c0e9f7910732466e337a9087c2ac2868ef0775092 + - docker:25.0.4-dind@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 stage: release variables: DOCKER_TLS_CERTDIR: /certs From 72bffd312e6e4adc4c503b8b1f82c12ff6ada67b Mon Sep 17 00:00:00 2001 From: "Xuan (Sean) Hu" Date: Mon, 11 Mar 2024 16:00:00 +0800 Subject: [PATCH 09/12] chore(deps): update dependency ubuntu to v22 (#48) Co-authored-by: Renovate GitHub Bot --- .github/workflows/readthedocs-preview.yml | 2 +- .../workflows/readthedocs-preview.yml.jinja | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/readthedocs-preview.yml b/.github/workflows/readthedocs-preview.yml index 04d541a4..110b4887 100644 --- a/.github/workflows/readthedocs-preview.yml +++ b/.github/workflows/readthedocs-preview.yml @@ -4,7 +4,7 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} jobs: documentation-links: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - uses: readthedocs/actions/preview@cc0920454cf03ca8a3fbd3cbaa2ce2e509e70636 # v1.2 with: diff --git a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/readthedocs-preview.yml.jinja b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/readthedocs-preview.yml.jinja index c36e1277..3a4545f2 100644 --- a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/readthedocs-preview.yml.jinja +++ b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/readthedocs-preview.yml.jinja @@ -4,7 +4,7 @@ concurrency: group: {{ '${{ github.workflow }}-${{ github.ref }}' }} jobs: documentation-links: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - uses: readthedocs/actions/preview@cc0920454cf03ca8a3fbd3cbaa2ce2e509e70636 # v1.2 with: From 4c33c9f7598aecfcbb32e2415ab47d27b0626d38 Mon Sep 17 00:00:00 2001 From: "Xuan (Sean) Hu" Date: Mon, 11 Mar 2024 16:00:09 +0800 Subject: [PATCH 10/12] chore(deps): update renovate docker tag to v37.235.1 (#47) Co-authored-by: Renovate GitHub Bot --- .github/workflows/renovate.yml | 2 +- .gitlab/workflows/renovate.yml | 2 +- .../workflows/renovate.yml.jinja | 2 +- .../workflows/renovate.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 91d2df39..ba203ec8 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -14,7 +14,7 @@ jobs: RENOVATE_REPOSITORIES: '["${{ github.repository }}"]' RENOVATE_REPOSITORY_CACHE: enabled RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }} - image: ghcr.io/renovatebot/renovate:37.230.0-full@sha256:d9ec72ac8884d1b5933b4256f27dad97e02c725e92b163ff7b557ce781a46af2 + image: ghcr.io/renovatebot/renovate:37.235.1-full@sha256:57b2cc76218dcd49a05be82d30c2efdb115381f08e6564c1e55cba6ca76939dc options: '--user root' runs-on: ubuntu-22.04 steps: diff --git a/.gitlab/workflows/renovate.yml b/.gitlab/workflows/renovate.yml index 97c732b2..2a096923 100644 --- a/.gitlab/workflows/renovate.yml +++ b/.gitlab/workflows/renovate.yml @@ -3,7 +3,7 @@ renovate: key: ${CI_COMMIT_REF_SLUG}-renovate paths: - renovate/cache/renovate/repository/ - image: renovate/renovate:37.230.0-full@sha256:d9ec72ac8884d1b5933b4256f27dad97e02c725e92b163ff7b557ce781a46af2 + image: renovate/renovate:37.235.1-full@sha256:57b2cc76218dcd49a05be82d30c2efdb115381f08e6564c1e55cba6ca76939dc rules: - if: $CI_PIPELINE_SOURCE == "schedule" && $RENOVATE_TOKEN != null script: renovate $RENOVATE_EXTRA_FLAG diff --git a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/renovate.yml.jinja b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/renovate.yml.jinja index 8d1213b5..0bbadcaa 100644 --- a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/renovate.yml.jinja +++ b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/renovate.yml.jinja @@ -18,7 +18,7 @@ jobs: RENOVATE_REPOSITORIES: '["{{ '${{ github.repository }}' }}"]' RENOVATE_REPOSITORY_CACHE: enabled RENOVATE_TOKEN: {{ '${{ secrets.RENOVATE_TOKEN }}' }} - image: ghcr.io/renovatebot/renovate:37.230.0-full@sha256:d9ec72ac8884d1b5933b4256f27dad97e02c725e92b163ff7b557ce781a46af2 + image: ghcr.io/renovatebot/renovate:37.235.1-full@sha256:57b2cc76218dcd49a05be82d30c2efdb115381f08e6564c1e55cba6ca76939dc options: '--user root' runs-on: ubuntu-22.04 steps: diff --git a/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/renovate.yml b/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/renovate.yml index 97c732b2..2a096923 100644 --- a/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/renovate.yml +++ b/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/renovate.yml @@ -3,7 +3,7 @@ renovate: key: ${CI_COMMIT_REF_SLUG}-renovate paths: - renovate/cache/renovate/repository/ - image: renovate/renovate:37.230.0-full@sha256:d9ec72ac8884d1b5933b4256f27dad97e02c725e92b163ff7b557ce781a46af2 + image: renovate/renovate:37.235.1-full@sha256:57b2cc76218dcd49a05be82d30c2efdb115381f08e6564c1e55cba6ca76939dc rules: - if: $CI_PIPELINE_SOURCE == "schedule" && $RENOVATE_TOKEN != null script: renovate $RENOVATE_EXTRA_FLAG From e7b75b4a165c0d60cd56fa3bf904042b0524fa1d Mon Sep 17 00:00:00 2001 From: "Xuan (Sean) Hu" Date: Mon, 11 Mar 2024 16:00:19 +0800 Subject: [PATCH 11/12] chore(deps): update docker/build-push-action action to v5.2.0 (#46) Co-authored-by: Renovate GitHub Bot --- .github/workflows/devcontainer.yml | 2 +- .github/workflows/release.yml | 4 ++-- .../workflows/devcontainer.yml.jinja | 2 +- .../workflows/release.yml.jinja | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/devcontainer.yml b/.github/workflows/devcontainer.yml index deb910e8..8105bea6 100644 --- a/.github/workflows/devcontainer.yml +++ b/.github/workflows/devcontainer.yml @@ -17,7 +17,7 @@ jobs: - name: Build and push dev container env: SOURCE_DATE_EPOCH: 0 - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@af5a7ed5ba88268d5278f7203fb52cd833f66d6e # v5.2.0 with: build-args: | PYTHON_VERSION=${{ matrix.python-version }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f03135d6..2a19275d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -65,7 +65,7 @@ jobs: - name: Build and push dev container env: SOURCE_DATE_EPOCH: 0 - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@af5a7ed5ba88268d5278f7203fb52cd833f66d6e # v5.2.0 with: build-args: | PYTHON_VERSION=${{ matrix.python-version }} @@ -81,7 +81,7 @@ jobs: - name: Build and push prod container env: SOURCE_DATE_EPOCH: 0 - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@af5a7ed5ba88268d5278f7203fb52cd833f66d6e # v5.2.0 with: build-args: | PYTHON_VERSION=${{ matrix.python-version }} diff --git a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/devcontainer.yml.jinja b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/devcontainer.yml.jinja index 3b576d57..c9f35803 100644 --- a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/devcontainer.yml.jinja +++ b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/devcontainer.yml.jinja @@ -18,7 +18,7 @@ jobs: - name: Build and push dev container env: SOURCE_DATE_EPOCH: 0 - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@af5a7ed5ba88268d5278f7203fb52cd833f66d6e # v5.2.0 with: build-args: | PYTHON_VERSION={{ '${{ matrix.python-version }}' }} diff --git a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/release.yml.jinja b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/release.yml.jinja index 64e787b4..884badd4 100644 --- a/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/release.yml.jinja +++ b/template/[% if repo_host_type == 'github.com' %].github[% endif %]/workflows/release.yml.jinja @@ -66,7 +66,7 @@ jobs: - name: Build and push dev container env: SOURCE_DATE_EPOCH: 0 - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@af5a7ed5ba88268d5278f7203fb52cd833f66d6e # v5.2.0 with: build-args: | PYTHON_VERSION={{ '${{ matrix.python-version }}' }} @@ -82,7 +82,7 @@ jobs: - name: Build and push prod container env: SOURCE_DATE_EPOCH: 0 - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@af5a7ed5ba88268d5278f7203fb52cd833f66d6e # v5.2.0 with: build-args: | PYTHON_VERSION={{ '${{ matrix.python-version }}' }} From b50ccb7c2614a9f4c9130daa4004b5e1f186c0b0 Mon Sep 17 00:00:00 2001 From: Xuan Hu Date: Mon, 11 Mar 2024 16:02:32 +0800 Subject: [PATCH 12/12] update gitlab renovate config --- .gitlab/workflows/renovate.yml | 2 +- .../workflows/renovate.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitlab/workflows/renovate.yml b/.gitlab/workflows/renovate.yml index 2a096923..f93d9678 100644 --- a/.gitlab/workflows/renovate.yml +++ b/.gitlab/workflows/renovate.yml @@ -11,7 +11,7 @@ renovate: variables: GIT_STRATEGY: none LOG_LEVEL: debug - RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '["^git", "^pip", "^copier"]' + RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '["^git", "^pip", "^copier", "^find"]' RENOVATE_BASE_DIR: $CI_PROJECT_DIR/renovate RENOVATE_BRANCH_PREFIX: renovate-gitlab/ RENOVATE_ENABLED_MANAGERS: '["pep621", "gitlabci", "regex"]' diff --git a/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/renovate.yml b/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/renovate.yml index 2a096923..f93d9678 100644 --- a/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/renovate.yml +++ b/template/[% if repo_host_type == 'gitlab.com' or repo_host_type == 'gitlab-self-managed' %].gitlab[% endif %]/workflows/renovate.yml @@ -11,7 +11,7 @@ renovate: variables: GIT_STRATEGY: none LOG_LEVEL: debug - RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '["^git", "^pip", "^copier"]' + RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '["^git", "^pip", "^copier", "^find"]' RENOVATE_BASE_DIR: $CI_PROJECT_DIR/renovate RENOVATE_BRANCH_PREFIX: renovate-gitlab/ RENOVATE_ENABLED_MANAGERS: '["pep621", "gitlabci", "regex"]'