73902323d5
Revert "Use publicly available Apple Silicon runners ( #9726 )" ( #9834 )
...
## Summary
Sadly, the Apple Silicon runners use macOS 14 and produce binaries that
segfault when run on macOS 11 (at least), and possibly on macOS 12
and/or macOS 13.
macOS 11 is EOL, but it doesn't seem like a good tradeoff to speed up
our release builds at the expense of user support and compatibility.
This reverts commit f0066e1b89https://github.com/astral-sh/ruff/issues/9823 .
2024-02-05 11:24:51 -05:00
f0066e1b89
Use publicly available Apple Silicon runners ( #9726 )
...
## Summary
This PR switches over to the `macos-14` runners for our macOS wheel
builds, which are GitHub's newly announced public M1 macOS runners
(https://github.blog/changelog/2024-01-30-github-actions-introducing-the-new-m1-macos-runner-available-to-open-source/ ).
Before:
- x64_64: 10m 38s
(https://github.com/astral-sh/ruff/actions/runs/7703465381/job/20993903864 )
- Universal: 19m 35s
(https://github.com/astral-sh/ruff/actions/runs/7703465381/job/20993902533 )
After:
- x64_64: 3m 30s
(https://github.com/astral-sh/ruff/actions/runs/7719827902/job/21043743558?pr=9726 )
- Universal: 5m 59s
(https://github.com/astral-sh/ruff/actions/runs/7719827902/job/21043743243?pr=9726 )
So it's like > 3x speedup for what is currently the bottleneck in our
release pipeline.
2024-01-31 10:36:41 -05:00
bb86d359d4
Run cargo with `--locked` in CI ( #9247 )
...
This should ensure that CI fails if the lockfile is not up-to-date (see:
https://github.com/astral-sh/ruff/pull/9235 ).
2023-12-22 15:53:42 +00:00
108260298f
Bump actions/setup-python from 4 to 5 ( #9084 )
2023-12-11 15:49:32 -05:00
cd2bf26845
Fix alpine CI ( #9085 )
...
The builds are failing with
> error: externally-managed-environment
I've added a venv
2023-12-11 09:47:38 +01:00
3def18fc21
Include version number in release archive names ( #9002 )
...
## Summary
Add a release's version number to the names of archives containing
binaries that are attached to that GitHub release.
This makes it possible for users to easily tell archives from different
downloaded releases apart.
See also: #8961
## Test Plan
The workflow was tested in my fork. The example release can be found at:
[https://github.com/tobbez/ruff/releases/tag/v0.1.7 ](https://github.com/tobbez/ruff/releases/tag/v0.1.7 ).
To allow the workflow run to succeed in the fork while testing, I had to
use a small commit to prevent interaction with external services (ghcr,
PyPI, and the ruff-pre-commit repository):
```diff
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 86eac6ebc..56b9fa908 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -463,10 +463,12 @@ jobs:
id-token: write
steps:
- uses: actions/download-artifact@v3
+ if: false
with:
name: wheels
path: wheels
- name: Publish to PyPi
+ if: false
uses: pypa/gh-action-pypi-publish@release/v1
with:
skip-existing: true
@@ -517,6 +519,7 @@ jobs:
tag_name: v${{ inputs.tag }}
docker-publish:
+ if: false
# This action doesn't need to wait on any other task, it's easy to re-tag if something failed and we're validating
# the tag here also
name: Push Docker image ghcr.io/astral-sh/ruff
@@ -575,6 +578,7 @@ jobs:
# After the release has been published, we update downstream repositories
# This is separate because if this fails the release is still fine, we just need to do some manual workflow triggers
update-dependents:
+ if: false
name: Update dependents
runs-on: ubuntu-latest
needs: publish-release
```
Those workflow jobs are however not modified by this PR, so they should
not be affected.
2023-12-05 14:42:04 -05:00
779a5a9c32
Bump actions/github-script from 6 to 7 ( #8780 )
...
Bumps [actions/github-script](https://github.com/actions/github-script )
from 6 to 7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/github-script/releases ">actions/github-script's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add base-url option by <a
href="https://github.com/robandpdx "><code>@robandpdx</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/429 ">actions/github-script#429</a></li>
<li>Expose async-function argument type by <a
href="https://github.com/viktorlott "><code>@viktorlott</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/402 ">actions/github-script#402</a>,
see for details <a
href="https://github.com/actions/github-script#use-scripts-with-jsdoc-support ">https://github.com/actions/github-script#use-scripts-with-jsdoc-support </a></li>
<li>Update dependencies and use Node 20 by <a
href="https://github.com/joshmgross "><code>@joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/425 ">actions/github-script#425</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/navarroaxel "><code>@navarroaxel</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/285 ">actions/github-script#285</a></li>
<li><a href="https://github.com/robandpdx "><code>@robandpdx</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/429 ">actions/github-script#429</a></li>
<li><a
href="https://github.com/viktorlott "><code>@viktorlott</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/402 ">actions/github-script#402</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/github-script/compare/v6.4.1...v7.0.0 ">https://github.com/actions/github-script/compare/v6.4.1...v7.0.0 </a></p>
<h2>v6.4.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Add <code>@octokit/plugin-request-log</code>, to produce debug
output for requests by <a
href="https://github.com/mjpieters "><code>@mjpieters</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/358 ">actions/github-script#358</a></li>
<li>fix input handling by <a
href="https://github.com/mjpieters "><code>@mjpieters</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/357 ">actions/github-script#357</a></li>
<li>Remove unused dependencies by <a
href="https://github.com/mjpieters "><code>@mjpieters</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/356 ">actions/github-script#356</a></li>
<li>Default debug to current runner debug state by <a
href="https://github.com/mjpieters "><code>@mjpieters</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/363 ">actions/github-script#363</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/mjpieters "><code>@mjpieters</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/358 ">actions/github-script#358</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/github-script/compare/v6.4.0...v6.4.1 ">https://github.com/actions/github-script/compare/v6.4.0...v6.4.1 </a></p>
<h2>v6.4.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump json5 from 2.1.3 to 2.2.3 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/319 ">actions/github-script#319</a></li>
<li>Bump minimatch from 3.0.4 to 3.1.2 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/320 ">actions/github-script#320</a></li>
<li>Add node-fetch by <a
href="https://github.com/danmichaelo "><code>@danmichaelo</code></a> in
<a
href="https://redirect.github.com/actions/github-script/pull/321 ">actions/github-script#321</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/jongwooo "><code>@jongwooo</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/313 ">actions/github-script#313</a></li>
<li><a
href="https://github.com/austinvazquez "><code>@austinvazquez</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/306 ">actions/github-script#306</a></li>
<li><a
href="https://github.com/danmichaelo "><code>@danmichaelo</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/321 ">actions/github-script#321</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/github-script/compare/v6.3.3...v6.4.0 ">https://github.com/actions/github-script/compare/v6.3.3...v6.4.0 </a></p>
<h2>v6.3.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update <code>@actions/glob</code> to 0.3.0 by <a
href="https://github.com/nineinchnick "><code>@nineinchnick</code></a>
in <a
href="https://redirect.github.com/actions/github-script/pull/279 ">actions/github-script#279</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/nineinchnick "><code>@nineinchnick</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/279 ">actions/github-script#279</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/github-script/compare/v6.3.2...v6.3.3 ">https://github.com/actions/github-script/compare/v6.3.2...v6.3.3 </a></p>
<h2>v6.3.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Update <code>@actions/core</code> to 1.10.0 by <a
href="https://github.com/rentziass "><code>@rentziass</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/295 ">actions/github-script#295</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="60a0d83039https://redirect.github.com/actions/github-script/issues/440 ">#440</a>
from actions/joshmgross/v7.0.1</li>
<li><a
href="b7fb2001b412e22ed06bhttps://redirect.github.com/actions/github-script/issues/439 ">#439</a>
from actions/joshmgross/avoid-setting-base-url</li>
<li><a
href="d319f8f5b5e69ef5462fhttps://redirect.github.com/actions/github-script/issues/425 ">#425</a>
from actions/joshmgross/node-20</li>
<li><a
href="ee0914b839d6fc56f33b384d6cf58184724927e384903f5182https://github.com/actions/github-script/compare/v6...v7 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-20 09:32:56 +01:00
bba43029d4
Bump docker/metadata-action from 4 to 5 ( #8778 )
...
Bumps
[docker/metadata-action](https://github.com/docker/metadata-action ) from
4 to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/metadata-action/releases ">docker/metadata-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0 ">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/328 ">docker/metadata-action#328</a></li>
<li>Bump <code>@actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/metadata-action/pull/333 ">docker/metadata-action#333</a></li>
<li>Bump csv-parse from 5.4.0 to 5.5.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/320 ">docker/metadata-action#320</a></li>
<li>Bump semver from 7.5.1 to 7.5.2 in <a
href="https://redirect.github.com/docker/metadata-action/pull/304 ">docker/metadata-action#304</a></li>
<li>Bump handlebars from 4.7.7 to 4.7.8 in <a
href="https://redirect.github.com/docker/metadata-action/pull/315 ">docker/metadata-action#315</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v4.6.0...v5.0.0 ">https://github.com/docker/metadata-action/compare/v4.6.0...v5.0.0 </a></p>
<h2>v4.6.0</h2>
<ul>
<li>Dedup and sort labels by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/301 ">docker/metadata-action#301</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.3.0 to 0.5.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/302 ">docker/metadata-action#302</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v4.5.0...v4.6.0 ">https://github.com/docker/metadata-action/compare/v4.5.0...v4.6.0 </a></p>
<h2>v4.5.0</h2>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.1.0 to 0.3.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/296 ">docker/metadata-action#296</a></li>
<li>Bump csv-parse from 5.3.8 to 5.4.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/294 ">docker/metadata-action#294</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v4.4.0...v4.5.0 ">https://github.com/docker/metadata-action/compare/v4.4.0...v4.5.0 </a></p>
<h2>v4.4.0</h2>
<ul>
<li>Add <code>context</code> input to define the metadata provider by <a
href="https://github.com/neilime "><code>@neilime</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/248 ">docker/metadata-action#248</a></li>
<li>Switch to actions-toolkit implementation by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/266 ">docker/metadata-action#266</a>
<a
href="https://redirect.github.com/docker/metadata-action/pull/273 ">docker/metadata-action#273</a>
<a
href="https://redirect.github.com/docker/metadata-action/pull/284 ">docker/metadata-action#284</a></li>
<li>Bump csv-parse from 5.3.3 to 5.3.8 in <a
href="https://redirect.github.com/docker/metadata-action/pull/271 ">docker/metadata-action#271</a>
<a
href="https://redirect.github.com/docker/metadata-action/pull/286 ">docker/metadata-action#286</a></li>
<li>Bump moment-timezone from 0.5.40 to 0.5.43 in <a
href="https://redirect.github.com/docker/metadata-action/pull/268 ">docker/metadata-action#268</a>
<a
href="https://redirect.github.com/docker/metadata-action/pull/278 ">docker/metadata-action#278</a>
<a
href="https://redirect.github.com/docker/metadata-action/pull/281 ">docker/metadata-action#281</a></li>
<li>Bump semver from 7.4.0 to 7.5.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/285 ">docker/metadata-action#285</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v4.3.0...v4.4.0 ">https://github.com/docker/metadata-action/compare/v4.3.0...v4.4.0 </a></p>
<h2>v4.3.0</h2>
<ul>
<li>Provide outputs as env vars by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://redirect.github.com/docker/metadata-action/issues/257 ">#257</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v4.2.0...v4.3.0 ">https://github.com/docker/metadata-action/compare/v4.2.0...v4.3.0 </a></p>
<h2>v4.2.0</h2>
<ul>
<li>Add <code>tz</code> attribute to handlebar date function by <a
href="https://github.com/chroju "><code>@chroju</code></a> (<a
href="https://redirect.github.com/docker/metadata-action/issues/251 ">#251</a>)</li>
<li>Bump minimatch from 3.0.4 to 3.1.2 (<a
href="https://redirect.github.com/docker/metadata-action/issues/242 ">#242</a>)</li>
<li>Bump csv-parse from 5.3.1 to 5.3.3 (<a
href="https://redirect.github.com/docker/metadata-action/issues/245 ">#245</a>)</li>
<li>Bump json5 from 2.2.0 to 2.2.3 (<a
href="https://redirect.github.com/docker/metadata-action/issues/252 ">#252</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v4.1.1...v4.2.0 ">https://github.com/docker/metadata-action/compare/v4.1.1...v4.2.0 </a></p>
<h2>v4.1.1</h2>
<ul>
<li>Revert changes to set associated head sha on pull request event by
<a href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://redirect.github.com/docker/metadata-action/issues/239 ">#239</a>)
<ul>
<li>User can still set associated head sha on PR by setting the env var
<code>DOCKER_METADATA_PR_HEAD_SHA=true</code></li>
</ul>
</li>
<li>Bump csv-parse from 5.3.0 to 5.3.1 (<a
href="https://redirect.github.com/docker/metadata-action/issues/237 ">#237</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v4.1.0...v4.1.1 ">https://github.com/docker/metadata-action/compare/v4.1.0...v4.1.1 </a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Upgrade guide</summary>
<p><em>Sourced from <a
href="https://github.com/docker/metadata-action/blob/master/UPGRADE.md ">docker/metadata-action's
upgrade guide</a>.</em></p>
<blockquote>
<h1>Upgrade notes</h1>
<h2>v2 to v3</h2>
<ul>
<li>Repository has been moved to docker org. Replace
<code>crazy-max/ghaction-docker-meta@v2</code>
with <code>docker/metadata-action@v5</code></li>
<li>The default bake target has been changed:
<code>ghaction-docker-meta</code> >
<code>docker-metadata-action</code></li>
</ul>
<h2>v1 to v2</h2>
<ul>
<li><a
href="https://github.com/docker/metadata-action/blob/master/#inputs ">inputs</a>
<ul>
<li><a
href="https://github.com/docker/metadata-action/blob/master/#tag-sha "><code>tag-sha</code></a></li>
<li><a
href="https://github.com/docker/metadata-action/blob/master/#tag-edge--tag-edge-branch "><code>tag-edge</code>
/ <code>tag-edge-branch</code></a></li>
<li><a
href="https://github.com/docker/metadata-action/blob/master/#tag-semver "><code>tag-semver</code></a></li>
<li><a
href="https://github.com/docker/metadata-action/blob/master/#tag-match--tag-match-group "><code>tag-match</code>
/ <code>tag-match-group</code></a></li>
<li><a
href="https://github.com/docker/metadata-action/blob/master/#tag-latest "><code>tag-latest</code></a></li>
<li><a
href="https://github.com/docker/metadata-action/blob/master/#tag-schedule "><code>tag-schedule</code></a></li>
<li><a
href="https://github.com/docker/metadata-action/blob/master/#tag-custom--tag-custom-only "><code>tag-custom</code>
/ <code>tag-custom-only</code></a></li>
<li><a
href="https://github.com/docker/metadata-action/blob/master/#label-custom "><code>label-custom</code></a></li>
</ul>
</li>
<li><a
href="https://github.com/docker/metadata-action/blob/master/#basic-workflow ">Basic
workflow</a></li>
<li><a
href="https://github.com/docker/metadata-action/blob/master/#semver-workflow ">Semver
workflow</a></li>
</ul>
<h3>inputs</h3>
<table>
<thead>
<tr>
<th>New</th>
<th>Unchanged</th>
<th>Removed</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>tags</code></td>
<td><code>images</code></td>
<td><code>tag-sha</code></td>
</tr>
<tr>
<td><code>flavor</code></td>
<td><code>sep-tags</code></td>
<td><code>tag-edge</code></td>
</tr>
<tr>
<td><code>labels</code></td>
<td><code>sep-labels</code></td>
<td><code>tag-edge-branch</code></td>
</tr>
<tr>
<td></td>
<td></td>
<td><code>tag-semver</code></td>
</tr>
<tr>
<td></td>
<td></td>
<td><code>tag-match</code></td>
</tr>
<tr>
<td></td>
<td></td>
<td><code>tag-match-group</code></td>
</tr>
<tr>
<td></td>
<td></td>
<td><code>tag-latest</code></td>
</tr>
<tr>
<td></td>
<td></td>
<td><code>tag-schedule</code></td>
</tr>
<tr>
<td></td>
<td></td>
<td><code>tag-custom</code></td>
</tr>
<tr>
<td></td>
<td></td>
<td><code>tag-custom-only</code></td>
</tr>
<tr>
<td></td>
<td></td>
<td><code>label-custom</code></td>
</tr>
</tbody>
</table>
<h4><code>tag-sha</code></h4>
<pre lang="yaml"><code>tags: |
type=sha
</code></pre>
<h4><code>tag-edge</code> / <code>tag-edge-branch</code></h4>
<pre lang="yaml"><code>tags: |
# default branch
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="96383f4557https://redirect.github.com/docker/metadata-action/issues/320 ">#320</a>
from docker/dependabot/npm_and_yarn/csv-parse-5.5.0</li>
<li><a
href="f138b9677b9cf7015b155a8a5ff8dfhttps://redirect.github.com/docker/metadata-action/issues/315 ">#315</a>
from docker/dependabot/npm_and_yarn/handlebars-4.7.8</li>
<li><a
href="2279d9af58c65993321348d23ccc05https://redirect.github.com/docker/metadata-action/issues/333 ">#333</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.1</li>
<li><a
href="b83ffb48d63207f2405f63f4a263e5https://redirect.github.com/docker/metadata-action/issues/328 ">#328</a>
from crazy-max/update-node20</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/metadata-action/compare/v4...v5 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-20 09:32:31 +01:00
1de5425f7d
Bump docker/build-push-action from 3 to 5 ( #8779 )
...
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action )
from 3 to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases ">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0 ">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/954 ">docker/build-push-action#954</a></li>
<li>Bump <code>@actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/build-push-action/pull/959 ">docker/build-push-action#959</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0 ">https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0 </a></p>
<h2>v4.2.1</h2>
<blockquote>
<p><strong>Note</strong></p>
<p>Buildx v0.10 enables support for a minimal <a
href="https://slsa.dev/provenance/ ">SLSA Provenance</a> attestation,
which requires support for <a
href="https://github.com/opencontainers/image-spec ">OCI-compliant</a>
multi-platform images. This may introduce issues with registry and
runtime support (e.g. <a
href="https://redirect.github.com/docker/buildx/issues/1533 ">Google
Cloud Run and AWS Lambda</a>). You can optionally disable the default
provenance attestation functionality using <code>provenance:
false</code>.</p>
</blockquote>
<ul>
<li>warn if docker config can't be parsed by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/957 ">docker/build-push-action#957</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v4.2.0...v4.2.1 ">https://github.com/docker/build-push-action/compare/v4.2.0...v4.2.1 </a></p>
<h2>v4.2.0</h2>
<blockquote>
<p><strong>Note</strong></p>
<p>Buildx v0.10 enables support for a minimal <a
href="https://slsa.dev/provenance/ ">SLSA Provenance</a> attestation,
which requires support for <a
href="https://github.com/opencontainers/image-spec ">OCI-compliant</a>
multi-platform images. This may introduce issues with registry and
runtime support (e.g. <a
href="https://redirect.github.com/docker/buildx/issues/1533 ">Google
Cloud Run and AWS Lambda</a>). You can optionally disable the default
provenance attestation functionality using <code>provenance:
false</code>.</p>
</blockquote>
<ul>
<li>display proxy configuration by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/872 ">docker/build-push-action#872</a></li>
<li>chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.6.0
to 0.8.0 in <a
href="https://redirect.github.com/docker/build-push-action/pull/930 ">docker/build-push-action#930</a></li>
<li>chore(deps): Bump word-wrap from 1.2.3 to 1.2.5 in <a
href="https://redirect.github.com/docker/build-push-action/pull/925 ">docker/build-push-action#925</a></li>
<li>chore(deps): Bump semver from 6.3.0 to 6.3.1 in <a
href="https://redirect.github.com/docker/build-push-action/pull/902 ">docker/build-push-action#902</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v4.1.1...v4.2.0 ">https://github.com/docker/build-push-action/compare/v4.1.1...v4.2.0 </a></p>
<h2>v4.1.1</h2>
<blockquote>
<p><strong>Note</strong></p>
<p>Buildx v0.10 enables support for a minimal <a
href="https://slsa.dev/provenance/ ">SLSA Provenance</a> attestation,
which requires support for <a
href="https://github.com/opencontainers/image-spec ">OCI-compliant</a>
multi-platform images. This may introduce issues with registry and
runtime support (e.g. <a
href="https://redirect.github.com/docker/buildx/issues/1533 ">Google
Cloud Run and AWS Lambda</a>). You can optionally disable the default
provenance attestation functionality using <code>provenance:
false</code>.</p>
</blockquote>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.3.0 to 0.5.0 by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/880 ">docker/build-push-action#880</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v4.1.0...v4.1.1 ">https://github.com/docker/build-push-action/compare/v4.1.0...v4.1.1 </a></p>
<h2>v4.1.0</h2>
<blockquote>
<p><strong>Note</strong></p>
<p>Buildx v0.10 enables support for a minimal <a
href="https://slsa.dev/provenance/ ">SLSA Provenance</a> attestation,
which requires support for <a
href="https://github.com/opencontainers/image-spec ">OCI-compliant</a>
multi-platform images. This may introduce issues with registry and
runtime support (e.g. <a
href="https://redirect.github.com/docker/buildx/issues/1533 ">Google
Cloud Run and AWS Lambda</a>). You can optionally disable the default
provenance attestation functionality using <code>provenance:
false</code>.</p>
</blockquote>
<ul>
<li>Switch to actions-toolkit implementation by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/811 ">docker/build-push-action#811</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/838 ">docker/build-push-action#838</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/855 ">docker/build-push-action#855</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/860 ">docker/build-push-action#860</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/875 ">docker/build-push-action#875</a></li>
<li>e2e: quay.io by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/799 ">docker/build-push-action#799</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/805 ">docker/build-push-action#805</a></li>
<li>e2e: local harbor and nexus by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/800 ">docker/build-push-action#800</a></li>
<li>e2e: add artifactory container registry to test against by <a
href="https://github.com/jedevc "><code>@jedevc</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/804 ">docker/build-push-action#804</a></li>
<li>e2e: add distribution tests by <a
href="https://github.com/jedevc "><code>@jedevc</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/814 ">docker/build-push-action#814</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/815 ">docker/build-push-action#815</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v4.0.0...v4.1.0 ">https://github.com/docker/build-push-action/compare/v4.0.0...v4.1.0 </a></p>
<h2>v4.0.0</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4a13e500e5https://redirect.github.com/docker/build-push-action/issues/1006 ">#1006</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="7416668686b4f76a5dc6b7feb766fahttps://redirect.github.com/docker/build-push-action/issues/1005 ">#1005</a>
from crazy-max/ci-inspect</li>
<li><a
href="fae8018297b625868b13https://redirect.github.com/docker/build-push-action/issues/1004 ">#1004</a>
from crazy-max/ci-update-buildx</li>
<li><a
href="5193ef1da6d3afd779e4https://redirect.github.com/docker/build-push-action/issues/991 ">#991</a>
from docker/dependabot/npm_and_yarn/babel/traverse-7....</li>
<li><a
href="7a786bb2b9https://redirect.github.com/docker/build-push-action/issues/992 ">#992</a>
from crazy-max/annotations</li>
<li><a
href="c66ae3adcfhttps://github.com/docker/build-push-action/compare/v3...v5 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-20 09:32:22 +01:00
a7fc785cc5
Add a ruff docker image at ghcr.io/astral-sh/ruff ( #8554 )
...
This dockerfile creates a minimal docker container that runs ruff
```console
$ docker run -v .:/io --rm ruff check --select G004 .
scripts/check_ecosystem.py:51:26: G004 Logging statement uses f-string
scripts/check_ecosystem.py:55:22: G004 Logging statement uses f-string
scripts/check_ecosystem.py:84:13: G004 Logging statement uses f-string
scripts/check_ecosystem.py:177:18: G004 Logging statement uses f-string
scripts/check_ecosystem.py:200:18: G004 Logging statement uses f-string
scripts/check_ecosystem.py:354:18: G004 Logging statement uses f-string
scripts/check_ecosystem.py:477:18: G004 Logging statement uses f-string
Found 7 errors.
```
```console
$ docker image ls ruff
REPOSITORY TAG IMAGE ID CREATED SIZE
ruff latest 505876b0f817 2 minutes ago 16.2MB
```
Test repo: https://github.com/konstin/release-testing2
Successful build:
https://github.com/konstin/release-testing2/actions/runs/6862107104/job/18659155108
The package:
https://github.com/konstin/release-testing2/pkgs/container/release-testing2
After merging this, i have to manually push the first image and connect
it the repo in the github UI or the action will fail due to lack of
permissions
Open questions:
* Test arm version: Anyone working on an aarch64 linux machine? I don't
see this failing or a high-priority deployment (the vast majority of
linux users is on x86), but it would be nice to have it tested one.
---------
Co-authored-by: Zanie Blue <contact@zanie.dev>
2023-11-17 19:44:28 +01:00
d5abe55b03
Include rust-toolchain in source distribution ( #8414 )
...
**Summary** Simplify CI by ensuring that the source distribution is
always built with the rust version that has been explicitly tested. See
discussion in #8389
Closes #8389
---------
Co-authored-by: Zanie <contact@zanie.dev>
Co-authored-by: Stijn de Gooijer <stijndegooijer@gmail.com>
2023-11-01 13:51:14 -05:00
f4d50a2aec
Fix release validation step ( #7417 )
...
Proof of concept at #7416
Fixes `main` branch check added in #7279 (see
[failure](https://github.com/astral-sh/ruff/actions/runs/6201772425/job/16839150669 ))
Removes the meaningless "SHA consistency" check (since we literally
check out the SHA now)
2023-09-15 20:18:25 +00:00
1373e1c395
Update release workflow to checkout the given sha ( #7279 )
2023-09-13 14:59:41 -05:00
71c8a02ebd
Bump actions/checkout from 3 to 4 ( #7266 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-11 11:11:25 +02:00
c029c8b37a
Run release testing on PR, not push ( #5718 )
...
## Summary
This job runs whenever I put up a PR to bump the version, which is
really useful. But then it also runs again when I merge, and then _that_
job tends to get cancelled immediately, because I run the _actual_
release job, which triggers the cancel-concurrent-runs flow. (See, e.g.,
https://github.com/astral-sh/ruff/actions/runs/5534191373 .)
I think it makes sense to run these on PR (when editing `pyproject.toml`
and friends), but not again on merge.
2023-07-12 14:22:29 -04:00
5665968b42
Bump static Python versions in CI from 3.7 to 3.11 ( #5700 )
...
Python 3.7 is EOL and we should use the latest stable version for
builds.
Related to https://github.com/astral-sh/ruff-lsp/pull/189
---------
Co-authored-by: konsti <konstin@mailbox.org>
2023-07-12 13:56:22 +00:00
c0f93fcf3e
Publish GitHub release as draft ( #5304 )
...
I accidentally changed `draft: false` to `draft: true` in #5240 . I
actually think Copilot did this without me realizing.
2023-06-22 16:11:43 +00:00
2c63f8cdea
Update reference to release step ( #5280 )
2023-06-22 02:04:43 +00:00
4634560c80
Ensure release tagging has access to repo clone ( #5240 )
...
## Summary
The [release
failed](https://github.com/astral-sh/ruff/actions/runs/5329733171/jobs/9656004063 ),
but late enough that I was able to do the remaining steps manually. The
issue here is that the tagging step requires that we clone the repo. I
split the upload (to PyPI), tagging (in Git), and publishing (to GitHub
Releases) phases into their own steps, since they need different
resources + permissions anyway.
2023-06-21 10:24:33 -04:00
a332f078db
Checkout repo to support release tag validation ( #5238 )
...
## Summary
The
[release](https://github.com/astral-sh/ruff/actions/runs/5329340068/jobs/9655224008 )
failed due to an inability to find `pyproject.toml`. This PR moves that
validation into its own step (so we can fail fast) and ensures we clone
the repo.
2023-06-21 03:16:35 +00:00
b4bd5a5acb
Make the release workflow more resilient ( #4728 )
...
## Summary
Currently, it is possible to create a tag and then have the release
fail, which is a problem since we can't edit the tag
(https://github.com/charliermarsh/ruff/issues/4468 ). This change the
release process so that the tag is created inside the release workflow.
This leaves as a failure mode that we have published to pypi but then
creating the tag or GitHub release doesn't work, but in this case we can
restart and the pypi upload is just skipped because we use the skip
existing option.
The release workflow is started by a workflow dispatch with the tag
instead of creating the tag yourself. You can start the release workflow
without a tag to do a dry run which does not publish an artifacts. You
can optionally add a git sha to the workflow run and it will verify that
the release runs on the mentioned commit.
This also adds docs on how to release and a small style improvement for
the maturin integration.
## Test Plan
Testing is hard since we can't do real releases, i've tested a minimized
workflow in a separate dummy repository.
2023-06-20 18:33:09 +00:00
07cc4bcb0f
Update links to point to Astral org ( #4949 )
2023-06-08 11:43:40 -04:00
222ca98a41
Add `contents: write` permission to release step ( #4911 )
2023-06-07 08:42:27 -04:00
e1df2b1400
Set default Rust version when testing sdist ( #4908 )
2023-06-06 16:59:04 -04:00
12e45498e8
Improve token handling ( #4653 )
...
* Use release environment
* Use pypi trusted publishing
* typo
2023-05-26 09:52:24 +02:00
252506f8ed
Remove deprecated --universal2 flag ( #4640 )
2023-05-24 17:00:52 +00:00
3cbaaa4795
Refactor and fix task trigger for dependent jobs in other repos ( #4598 )
...
* Refactor and fix task trigger for dependent jobs in other repos
I have confirmed (https://github.com/konstin/ruff-pre-commit/actions/runs/5056928280/jobs/9075029868 ) that this does dispatch the workflow when running with act, `owner: 'konstin'`, `needs` commented out and personal access token. I can't properly test the actual release workflow, and i'm unsure how to best handle the next release after this was merged (should we do a beta release or will this break everything that assumes we only do stable releases?)
The command for act is
```
act -j update-dependents -s RUFF_PRE_COMMIT_PAT=<...>
```
* delete old file
2023-05-23 20:55:35 +02:00
f22c269ccf
Point LSP, VS Code, and pre-commut URLs to Astral org ( #4562 )
2023-05-21 15:27:35 -04:00
a3aa841fc9
Overhaul sdist handling ( #4439 )
...
* Reduce sdist size
`maturin sdist && du -sh target/wheels/ruff-0.0.267.tar.gz`:
Before: 1,1M
After: 668K
* Test sdist before release
* Update maturin to fix the sdist
2023-05-18 19:02:22 +02:00
8f3f8d3e0b
Revert change to re-run release on tag update ( #4441 )
2023-05-15 15:48:45 +00:00
7617519b4f
Skip python -m ruff --help on linux-cross
2023-05-12 15:46:42 -04:00
bc7ddd8f3a
Temporarily create release on-tag
2023-05-12 15:31:48 -04:00
ebda9b31d9
Update CI to test `python -m ruff` on release ( #4397 )
2023-05-12 18:47:30 +00:00
edaf891042
Fix jemalloc page size on aarch64 ( #4247 )
...
Co-authored-by: konstin <konstin@mailbox.org>
2023-05-08 08:10:03 +02:00
19d8913e32
Use musl in ecosystem docker ( #3998 )
...
This prevents errors when the host glibc is newer than the one in the docker container
2023-04-26 05:54:53 +02:00
0cd8b75f06
Rename release.yaml files
2022-10-31 16:23:52 -04:00
5f07e1d6b5
Fix release.yaml task names
2022-10-31 16:22:25 -04:00
1ce4585c88
Add a separate release job for flake8-to-ruff ( #529 )
2022-10-31 16:21:38 -04:00
b1c40d5fa7
Run MacOS builds in parallel ( #171 )
2022-09-12 16:24:13 -04:00
2749660b1f
Disable update-informer on linux-cross ( #113 )
2022-09-06 14:19:38 -04:00
b442402b13
Prettify md/yaml files ( #74 )
2022-09-01 12:36:47 -04:00
875e812188
Disable build-on-push for now
2022-08-31 10:45:41 -04:00
e16fd39bb5
Build on every push but only publish on tags ( #46 )
2022-08-30 13:19:36 -04:00
53554a2bf1
Remove lint step from release.yaml
2022-08-30 09:16:35 -04:00
bd0ed1b96c
Build ABI3 wheels and expand supported platforms ( #45 )
2022-08-30 09:16:07 -04:00
5dd53dcf88
Fix 3.10 reference in release.yaml
2022-08-29 22:01:26 -04:00
07ed1e3b01
Cut abi3-compatible wheels
2022-08-29 21:57:47 -04:00
b1b507ed29
Minor updates to the workflow file
2022-08-29 17:40:56 -04:00
37401bdfb0
Build wheels for Linux ( #42 )
2022-08-29 17:13:08 -04:00
Charlie Marsh
dependabot[bot]
konsti
Torbjörn Lönnemark
Zanie Blue
Dhruv Manilawala
Zanie Adkins
Micha Reiser
Adrian Garcia Badaracco
Kian-Meng Ang