Setup dependency updates/freezing
Closed this issue · 1 comments
SocksTheWolf commented
Currently, we just use whatever is the latest of these packages, but that can be an issue if any of our requirement modules has a major update. The goal is to update our requirements file so that it freezes properly.
Goals:
- Freeze the requirements file to the current latest versions
- Set up dependabot yml file to make sure that we are properly updating these modules.
- Have a github deploy action do a pip update whenever the requirements.txt updates
user4752 commented
Reading the documentation on github actions and the package from https://github.com/dorny/paths-filter this appears to be the semantically correct way to perform an update on a file change. Syntax is probably incorrect.
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: dorny/paths-filter@v2
id: filter
with:
filters: |
deps_updated:
- 'requirements.txt'
...
# Install SSH Key
# Update Python Project
...
- name: Update python depedencies
env:
AUTHKEYNAME: ${{ vars.AUTH_KEY_NAME }}
with:
host: ${{secrets.SSH_HOST}}
key: ${{secrets.SSH_KEY}}
username: ${{secrets.SSH_USERNAME}}
envs: AUTHKEYNAME
if: steps.filter.outputs.deps_updated == 'true'
script: |
echo "Moving to project directory"
cd ~/project/AntiScamBot
echo "Updating requirements"
pip install -r requirements.txt
echo "Update success"