feat: Add dependabot workflow for periodic lock file updates #1305
Conversation
- Add dependabot.yml workflow that runs weekly on Mondays - Add _update_dependencies.yml reusable workflow - Automatically creates PRs to bump uv.lock - Matches pattern used in other NeMo repos (Export-Deploy, Megatron-Bridge) - Ensures lock file updates are incremental and manageable Signed-off-by: Pablo Garay <[email protected]>
- Add workflow_dispatch support to _update_dependencies.yml for manual triggering - Add test-lockfile-update.yml workflow to test lock file update process - Support both workflow_call and workflow_dispatch input access patterns Signed-off-by: Pablo Garay <[email protected]>
- Add disk cleanup before container build in _update_dependencies.yml - Add disk cleanup before container build in test-lockfile-update.yml - Matches pattern used in DFM and other NeMo repos - Should resolve 'No space left on device' errors during Docker builds Signed-off-by: Pablo Garay <[email protected]>
- Change from ubuntu-latest to linux-amd64-cpu16 - Matches the runner used in _update_dependencies.yml - Provides more disk space to avoid 'No space left on device' errors - Aligns with patterns used in other NeMo repos Signed-off-by: Pablo Garay <[email protected]>
- Remove disk space cleanup step (not needed with linux-amd64-cpu16 runner) - Simplify Docker build step (remove aggressive pruning and disk checks) - Runner has sufficient resources, cleanup is unnecessary Signed-off-by: Pablo Garay <[email protected]>
- Add git config before branch creation to prevent authentication errors - Add explicit token authentication for git push operations - Add token to checkout actions for proper authentication - Restore rebase step to match Export-Deploy pattern - Fixes critical git configuration bug that would prevent branch creation Signed-off-by: Pablo Garay <[email protected]>
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
| ref: ${{ env.TARGET_BRANCH }} | ||
| submodules: recursive | ||
|
|
||
| - name: Build container |
There was a problem hiding this comment.
I don't think we need to build the container to update the uv lock file
There was a problem hiding this comment.
After our meeting/conversation: Understood context .
Thank you for your feedback and suggestion I took a look at this
Yes . Please refer to new PR based on all the changes here, building on top. This PR to close in favor of the new one. Refer to: #1307
| -w /workspace \ | ||
| -e GH_TOKEN=${{ secrets.PAT }} \ | ||
| ray-curator \ | ||
| bash -c 'cd /workspace && uv lock --upgrade' |
There was a problem hiding this comment.
Please test out running this on cpu in a venv
There was a problem hiding this comment.
Yes . Please refer to new PR based on all the changes here, building on top. This PR to close in favor of the new one. Refer to: #1307
| steps: | ||
| - name: Notify | ||
| env: | ||
| SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} |
There was a problem hiding this comment.
where does this slack message go?
There was a problem hiding this comment.
it will go to
swdl-nemo-curator-github-ci-alerts
same as other ones unless we decide to do something else
There was a problem hiding this comment.
Please refer to new PR based on all the changes here, building on top. This PR to close in favor of the new one. Refer to: #1307
pablo-garay
changed the title
Summary
This PR adds automated periodic lock file updates to prevent large dependency updates.
TESTED
Runs passed:
Triggering-only test: Worked:
Changes
dependabot.ymlworkflow that runs weekly on Mondays at 8 AM UTC_update_dependencies.ymlreusable workflow for updating lock filesuv.lockBenefits
Related
Related to POR P2: "Periodically update lock files so updates aren't too big"