From e50f065273f02604a94adffd8fa3293a2e8a36ac Mon Sep 17 00:00:00 2001 From: Tiara Lena Hock Date: Wed, 3 Dec 2025 13:07:44 +0100 Subject: [PATCH 1/6] Fix: Pin python version to 3.13 to fix broken dataclasses in 3.14 --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index dfdd6ae0..a4d381b4 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -8,7 +8,7 @@ readme = "README.md" packages = [{ include = "gardenlinux", from = "src" }] [tool.poetry.dependencies] -python = ">=3.13" +python = ">=3.13, <3.14" apt-repo = "^0.5" boto3 = "^1.40.57" click = "^8.2.1" From 68169b376b227e012e2a63275dd57c763b385f68 Mon Sep 17 00:00:00 2001 From: Tiara Lena Hock Date: Wed, 3 Dec 2025 13:11:52 +0100 Subject: [PATCH 2/6] CI: Pin python version to 3.13 --- .github/actions/setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml index 746146da..ad18cce8 100644 --- a/.github/actions/setup/action.yml +++ b/.github/actions/setup/action.yml @@ -7,7 +7,7 @@ inputs: default: "0.10.6" python_version: description: Python version to setup - default: "3.14" + default: "3.13" outputs: version: From bd6f7694cd98934da6e776937db6d9275011fe51 Mon Sep 17 00:00:00 2001 From: Tiara Lena Hock Date: Wed, 3 Dec 2025 13:21:58 +0100 Subject: [PATCH 3/6] CI: Force python version into setup call --- .github/workflows/build.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index bd1e44d7..c971e7e2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -17,6 +17,12 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 + + - name: Force Python Version (workaround) + uses: actions/setup-python@v5 + with: + python-version: "3.13" + - uses: gardenlinux/python-gardenlinux-lib/.github/actions/setup@main - name: Simple poetry build no package run: make build From c2026bc8ee6a391f421fe0a1254b12c6ed13bdd8 Mon Sep 17 00:00:00 2001 From: Eike Waldt Date: Thu, 4 Dec 2025 09:14:53 +0100 Subject: [PATCH 4/6] Use local setup workflow where it makes sense Signed-off-by: Eike Waldt On-behalf-of: SAP --- .github/workflows/bandit.yml | 8 ++++---- .github/workflows/black.yml | 2 +- .github/workflows/build.yml | 8 +------- .github/workflows/docs.yml | 4 ++-- 4 files changed, 8 insertions(+), 14 deletions(-) diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml index aac958d2..267bcac1 100644 --- a/.github/workflows/bandit.yml +++ b/.github/workflows/bandit.yml @@ -17,15 +17,15 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - - uses: gardenlinux/python-gardenlinux-lib/.github/actions/setup@main + - uses: ./.github/actions/setup - name: Simple bandit security checks run: make security - name: Show Report in Action Output if: always() run: cat bandit-report.json - name: Upload Bandit Scan Artifact - - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # pin@v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # pin@v5.0.0 if: always() with: - name: bandit-findings - path: bandit-report.json + name: bandit-findings + path: bandit-report.json diff --git a/.github/workflows/black.yml b/.github/workflows/black.yml index c99b47cf..280af83b 100644 --- a/.github/workflows/black.yml +++ b/.github/workflows/black.yml @@ -7,5 +7,5 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - - uses: gardenlinux/python-gardenlinux-lib/.github/actions/setup@main + - uses: ./.github/actions/setup - run: make lint diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c971e7e2..19563b94 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -17,12 +17,6 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - - - name: Force Python Version (workaround) - uses: actions/setup-python@v5 - with: - python-version: "3.13" - - - uses: gardenlinux/python-gardenlinux-lib/.github/actions/setup@main + - uses: ./.github/actions/setup - name: Simple poetry build no package run: make build diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index abc4c5bd..0bf5c601 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -3,14 +3,14 @@ name: Update Sphinx documentation on: [push, pull_request, workflow_dispatch] permissions: - contents: write + contents: write jobs: docs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - - uses: gardenlinux/python-gardenlinux-lib/.github/actions/setup@main + - uses: ./.github/actions/setup - run: make docs - name: Deploy to GitHub Pages uses: peaceiris/actions-gh-pages@v4 From 58b8eee56791383c7fa3005b99793d0dc47bb6e8 Mon Sep 17 00:00:00 2001 From: Eike Waldt Date: Thu, 4 Dec 2025 09:16:39 +0100 Subject: [PATCH 5/6] Bump poetry lock to include python 3.13 pin Signed-off-by: Eike Waldt On-behalf-of: SAP --- poetry.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/poetry.lock b/poetry.lock index 77183318..969eb793 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1902,5 +1902,5 @@ test = ["pytest", "pytest-cov"] [metadata] lock-version = "2.1" -python-versions = ">=3.13" -content-hash = "ea1c3fd1bb706d5202222d76cea0a99b8f1091ea3d3b25532c53f0e48276d8ed" +python-versions = ">=3.13, <3.14" +content-hash = "f53639a8fc0211b98821f0725036912f186c728086e250993ae3c30fb85f7588" From 97413ba50e62abecae77f5c790c46d5897d2b69d Mon Sep 17 00:00:00 2001 From: Tiara Lena Hock Date: Thu, 4 Dec 2025 12:05:23 +0100 Subject: [PATCH 6/6] CI: Remove Python 3.14 from pytest workflow --- .github/workflows/pytests.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/pytests.yml b/.github/workflows/pytests.yml index 00325854..0fcb56a3 100644 --- a/.github/workflows/pytests.yml +++ b/.github/workflows/pytests.yml @@ -6,14 +6,13 @@ on: - main pull_request: - jobs: test: name: Run tests and collect coverage runs-on: ubuntu-latest strategy: matrix: - python_version: [ "3.13", "3.14" ] + python_version: ["3.13"] steps: - name: Checkout uses: actions/checkout@v6