Update python poetry packages from a private artifacts repository with github actions
As Dependabot does not support upgrading dependencies from private packages registries yet (It does now, but it opens one PR for each dependency), I needed to came up with a solution to do it on my own. Lets start right with the code:
1: on: 2: schedule: 3: - cron: '0 7 * * *' 4: 5: name: Update poetry 6: jobs: 7: update-poetry-dependencies: 8: strategy: 9: matrix: 10: project: 11: - "project1" 12: - "project2" 13: runs-on: ubuntu-latest 14: steps: 15: - uses: actions/checkout@v2 16: with: 17: token: ${{secrets.PAT}} 18: submodules: recursive 19: fetch-depth: 0 20: 21: - name: Setup python 22: uses: actions/setup-python@v2 23: 24: - name: Install Poetry 25: uses: snok/[email protected] 26: 27: - name: Set up Poetry 28: run: | 29: poetry config repositories.package-upload "repourl" 30: poetry config http-basic.package-upload "${user}" "${password}" 31: poetry config http-basic.package-download "${user}" "${passw}" 32: env: 33: user: ${{ secrets.USER }} 34: passw: ${{ secrets.PASS }} 35: 36: - name: Updating ${{matrix.project}} 37: run: | 38: pushd ${{matrix.project}} 39: poetry install --no-interaction 40: poetry update --no-interaction > /tmp/poetry.update 41: cat /tmp/poetry.update | sed 's/\"/\\"/g' | perl -pe 's/\n/<br>/g' > /tmp/poetry.formated 42: echo "\{\"body\": \"$(< /tmp/poetry.formated)\", \"head\":\"update/${{matrix.project}}/action\",\ 43: \"base\":\"master\", \"title\":\"[${{matrix.project}}] Bump dependencies\"}" > /tmp/json 44: git config --global user.name 'Github Action' 45: git config --global user.email '[email protected]' 46: git checkout -b update/${{matrix.project}}/action 47: git add -u 48: git commit -m "[${{matrix.project}}] Update poetry" && git push || echo "No new versions found" 49: git push --set-upstream origin update/${{matrix.project}}/action 50: curl -X POST -H "Accept: application/vnd.github.v3+json" \ 51: https://api.github.com/repos/org/repo/pulls \ 52: -u user:${{ secrets.PAT }} \ 53: --data-binary @/tmp/json
- This github action would trigger each week, and it assumes that it will run on a monorepo, on lines 10-12 the repositories to upgrade are listed.
- On lines 28-31 poetry is configured to use the private repository.
- The magic happens on lines 37 till the end. Basically, for each project:
cdinto the project, install the dependencies and upgrade the packages- Now, the output of
poetry updateis saved into a file to add it as a description on the pull request. - I needed to do a little bit of
regexto correctly format the output ofpoetry updateto be a valid json when permforming the API call. - Finally, a new branch is created, a commit with the changes and a call to the Github API to open a PR.
That's it!, hope it helps.