From 5c117ae453d0c911d6e6e93f59b0afe52afba6e6 Mon Sep 17 00:00:00 2001 From: Matt Norton Date: Tue, 10 Mar 2026 12:50:13 +0000 Subject: [PATCH 1/3] Move to autofix.ci --- .github/workflows/autofix-pre-commit.yaml | 73 +++++++++++++++++++++++ .github/workflows/check-build-deploy.yaml | 63 ++----------------- 2 files changed, 79 insertions(+), 57 deletions(-) create mode 100644 .github/workflows/autofix-pre-commit.yaml diff --git a/.github/workflows/autofix-pre-commit.yaml b/.github/workflows/autofix-pre-commit.yaml new file mode 100644 index 00000000..71e3fb5b --- /dev/null +++ b/.github/workflows/autofix-pre-commit.yaml @@ -0,0 +1,73 @@ +name: autofix.ci + +"on": + pull_request: + branches: [main] + workflow_call: + inputs: + skip-autofix: + default: false + required: false + type: boolean + +permissions: + contents: read + +jobs: + autofix-pre-commit: + env: + UV_FROZEN: true + UV_NO_SYNC: true + UV_PYTHON_DOWNLOADS: never + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v6 + + - name: Add GB Locale + run: | + sudo apt-get update + sudo apt-get install -y locales + sudo locale-gen en_GB.UTF-8 + shell: bash + + - name: Set Up Python + uses: actions/setup-python@v6 + with: + python-version-file: .python-version + + - name: Install uv + uses: astral-sh/setup-uv@v7 + with: + enable-cache: true + + - name: Install prek From Locked Dependencies + run: uv sync --only-group pre-commit + + - id: store-hashed-python-version + name: Store Hashed Python Version + run: echo "hashed_python_version=$(uv run -- python -VV | sha256sum | cut -d' ' -f1)" + >> "$GITHUB_OUTPUT" + + - uses: actions/cache@v5 + with: + key: prek|${{steps.store-hashed-python-version.outputs.hashed_python_version}}|${{hashFiles('.pre-commit-config.yaml')}} + path: ~/.cache/prek + + - name: Setup pre-commit Environments + run: uv run -- prek install-hooks + + - name: Run prek + run: | + set -o pipefail + if [[ "${{github.event_name}}" == "push" && "${{github.ref_name}}" == "${{github.event.repository.default_branch}}" ]]; then + uv run -- prek run --all-files --hook-stage manual --color never --skip ruff-check --skip uv-lock --skip gitlint-ci | tee /tmp/prek.log + else + uv run -- prek run --all-files --hook-stage manual --color never --skip ruff-check --skip uv-lock | tee /tmp/prek.log + fi + + - name: Ensure No Warnings + run: "if grep -q '^warning: ' /tmp/prek.log; then exit 1; fi" + + - if: "!cancelled() && inputs.skip-autofix != true" + uses: autofix-ci/action@v1.3.3 diff --git a/.github/workflows/check-build-deploy.yaml b/.github/workflows/check-build-deploy.yaml index 580293d7..14059772 100644 --- a/.github/workflows/check-build-deploy.yaml +++ b/.github/workflows/check-build-deploy.yaml @@ -7,6 +7,9 @@ name: Check, Build and Deploy branches: [main] tags: [v*] +permissions: + contents: read + jobs: uv-check: runs-on: ubuntu-latest @@ -110,62 +113,9 @@ jobs: uv run -- mypy "${ARGS[@]}" pre-commit: # yamllint disable-line rule:key-ordering - env: - UV_FROZEN: true - UV_NO_SYNC: true - UV_PYTHON_DOWNLOADS: never - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v6 - - - name: Add GB Locale - run: | - sudo apt-get update - sudo apt-get install -y locales - sudo locale-gen en_GB.UTF-8 - shell: bash - - - name: Set Up Python - uses: actions/setup-python@v6 - with: - python-version-file: .python-version - - - name: Install uv - uses: astral-sh/setup-uv@v7 - with: - enable-cache: true - - - name: Install prek From Locked Dependencies - run: uv sync --only-group pre-commit - - - id: store-hashed-python-version - name: Store Hashed Python Version - run: echo "hashed_python_version=$(uv run -- python -VV | sha256sum | cut -d' ' -f1)" - >> "$GITHUB_OUTPUT" - - - uses: actions/cache@v5 - with: - key: prek|${{steps.store-hashed-python-version.outputs.hashed_python_version}}|${{hashFiles('.pre-commit-config.yaml')}} - path: ~/.cache/prek - - - name: Setup pre-commit Environments - run: uv run -- prek install-hooks - - - name: Run prek - run: | - set -o pipefail - if [[ "${{github.event_name}}" == "push" && "${{github.ref_name}}" == "${{github.event.repository.default_branch}}" ]]; then - uv run -- prek run --all-files --hook-stage manual --color never --skip ruff-check --skip uv-lock --skip gitlint-ci | tee /tmp/prek.log - else - uv run -- prek run --all-files --hook-stage manual --color never --skip ruff-check --skip uv-lock | tee /tmp/prek.log - fi - - - name: Ensure No Warnings - run: "if grep -q '^warning: ' /tmp/prek.log; then exit 1; fi" - - - if: ${{!cancelled()}} - uses: pre-commit-ci/lite-action@v1.1.0 + uses: ./.github/workflows/autofix-pre-commit.yaml + with: + skip-autofix: true pymarkdown: # yamllint disable-line rule:key-ordering env: @@ -290,7 +240,6 @@ jobs: needs: [mypy, pre-commit, pymarkdown, pytest, ruff-lint, uv-check] permissions: attestations: write - contents: read id-token: write packages: write runs-on: ubuntu-latest From 266ec031e72942c6a71976c0e1aff8c6c1fefd34 Mon Sep 17 00:00:00 2001 From: Matt Norton Date: Tue, 10 Mar 2026 12:50:45 +0000 Subject: [PATCH 2/3] Add `gitIgnoredAuthors` --- .github/renovate.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/renovate.json b/.github/renovate.json index 13f7d9b1..050962b3 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -20,6 +20,9 @@ "replacements:all", "workarounds:all" ], + "gitIgnoredAuthors": [ + "autofix-ci[bot]@users.noreply.github.com" + ], "labels": [ "dependencies" ], From 38013c9a9745e635c76c7cc0e7c6452c526d36ec Mon Sep 17 00:00:00 2001 From: Matt Norton Date: Fri, 13 Mar 2026 15:29:04 +0000 Subject: [PATCH 3/3] Add more `gitIgnoredAuthors` to renovate config Signed-off-by: Matt Norton --- .github/renovate.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/renovate.json b/.github/renovate.json index 050962b3..f5a6486f 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -21,7 +21,9 @@ "workarounds:all" ], "gitIgnoredAuthors": [ - "autofix-ci[bot]@users.noreply.github.com" + "autofix-ci@users.noreply.github.com", + "autofix-ci[bot]@users.noreply.github.com", + "114827586+autofix-ci[bot]@users.noreply.github.com" ], "labels": [ "dependencies"