chore(template): accept new copier update

.copier-answers.yml

@@ -1,5 +1,5 @@
 # Changes here will be overwritten by Copier; NEVER EDIT MANUALLY
-_commit: v0.7.0-130-gde18aa4
+_commit: v0.8.0-6-g056c2e6
 _src_path: https://github.com/usnistgov/cookiecutter-nist-python.git
 command_line_interface: typer
 conda_channel: conda-forge

.github/actions/setup-cached-uv-and-python/action.yml

@@ -3,7 +3,6 @@ description:
   Composite action to do 'actions/setup-python' and 'hynek/setup-cached-uv'
 inputs:
   # actions/setup-python
-
   python-version:
     description: "Version to pass to actions/setup-python"
   python-version-file:
@@ -25,7 +24,7 @@ outputs:
     value: ${{ steps.setup-python.outputs.cache-hit }}
   python-path:
     description: "The absolute path to the Python or PyPy executable."
-    value: ${{ steps.setup-python.outputs.pytyhon-path }}
+    value: ${{ steps.setup-python.outputs.python-path }}
 
 runs:
   using: composite

.github/workflows/ci.yml

@@ -3,6 +3,11 @@ on:
   push:
     branches: [main]
   pull_request:
+    types:
+      - opened
+      - synchronize
+      - reopened
+      - ready_for_review
   workflow_dispatch:
 
 concurrency:
@@ -13,6 +18,7 @@ env:
   FORCE_COLOR: "3"
   UVX_CONSTRAINT: requirements/lock/uvx-tools.txt
   UVX_COMMAND: uvx -crequirements/lock/uvx-tools.txt
+  NOX_COMMAND: uvx -crequirements/lock/uvx-tools.txt nox
   EXTRA_PYTHON_VERSIONS: "pypy-3.11"
 
 permissions: {}
@@ -24,6 +30,12 @@ jobs:
     outputs:
       should_skip: ${{ steps.skip_check.outputs.should_skip }}
     steps:
+      - name: Don't run CI on draft PR
+        if:
+          github.event_name == 'pull_request' && github.event.pull_request.draft
+          == true
+        run: exit 1
+
       - id: skip_check
         uses: fkirc/skip-duplicate-actions@f75f66ce1886f00957d99748a42c724f4330bdcf # v5.3.1
         with:
@@ -69,7 +81,6 @@ jobs:
           print("{minmax_default_python_versions=}")
           print("{all_python_version=}")
 
-
           with open(os.getenv("GITHUB_OUTPUT"), "a") as f:
             f.write(f"{default_python_version=:s}\n")
             f.write(f"{min_python_version=:s}\n")
@@ -153,6 +164,9 @@ jobs:
       matrix:
         os:
           - ubuntu-latest
+          # - windows-latest
+        session:
+          - typecheck
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
@@ -162,14 +176,16 @@ jobs:
           python-version-file: ".python-version"
           cache-dependency-path: uv.lock
       - name: Get python version
+        id: python_version
         run: |
           python_version=$(cat .python-version)
-          echo "python_version=${python_version}" >> "$GITHUB_ENV"
+          echo "python_version=${python_version}" >> "$GITHUB_OUTPUT"
         shell: bash
       - name: typecheck
         env:
-          python_version: ${{ env.python_version }}
-        run: $UVX_COMMAND nox -s typecheck-"$python_version"
+          python_version: ${{ steps.python_version.outputs.python_version }}
+          session: ${{ matrix.session }}
+        run: $NOX_COMMAND -s "${session}-${python_version}"
         shell: bash
 
   test:
@@ -188,10 +204,13 @@ jobs:
           ${{
           fromJson(needs.build-package.outputs.minmax-default-python-versions)
           }}
+        session:
+          - test
         include:
           - os: windows-latest
             python-version:
               ${{ needs.build-package.outputs.default-python-version }}
+            session: test
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
@@ -208,14 +227,19 @@ jobs:
       - name: Test with nox
         env:
           python_version: ${{ matrix.python-version }}
-        run: >-
-          $UVX_COMMAND nox -s test-"$python_version" -- ++installpkg dist/*.whl
-        shell: bash
+          options: "++installpkg dist/*.whl"
+          session: ${{ matrix.session }}
+        run: |
+          # shellcheck disable=SC2086
+          $NOX_COMMAND -s "${session}-${python_version}" -- $options
+        shell: bash -euxo pipefail {0}
 
       - name: Upload coverage data
         uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
-          name: coverage-data-${{ matrix.os }}-${{ matrix.python-version }}
+          name:
+            coverage-data-${{ matrix.os }}-${{ matrix.python-version }}-${{
+            matrix.session }}
           path: .nox/test-*/tmp/.coverage*
           include-hidden-files: true
           if-no-files-found: ignore
@@ -247,12 +271,12 @@ jobs:
           cache-dependency-path: requirements/lock/uvx-tools.txt
       - name: Run coverage
         run: |
-          $UVX_COMMAND nox -s coverage -- ++coverage combine html markdown
+          $NOX_COMMAND -s coverage -- ++coverage combine html markdown
           cat coverage.md
           cat coverage.md >> "$GITHUB_STEP_SUMMARY"
 
           # fail if under 100%
-          $UVX_COMMAND nox -s coverage -- ++coverage report ++coverage-options --fail-under=100
+          $NOX_COMMAND -s coverage -- ++coverage report ++coverage-options --fail-under=100
         shell: bash
       - name: Upload HTML report if check failed.
         uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0

.github/workflows/release-auto.yml

@@ -0,0 +1,87 @@
+name: Create github release
+on:
+  pull_request:
+    types:
+      - closed
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  # for debugging
+  # info:
+  #   if: github.event.pull_request.merged == true
+  #   runs-on: ubuntu-latest
+  #   permissions: {}
+  #   steps:
+  #     - name: PR info
+  #       env:
+  #         RELEASE_COMMIT: ${{ github.event.pull_request.merge_commit_sha }}
+  #         RELEASE_BRANCH: ${{ github.head_ref }}
+  #         OWNER: ${{ github.repository_owner }}
+  #         RELEASE: ${{ format('{0}', startsWith(github.head_ref, 'release/')) }}
+  #       run: |
+  #         echo "RELEASE_COMMIT - $RELEASE_COMMIT"
+  #         echo "RELEASE_BRANCH - $RELEASE_BRANCH"
+  #         echo "OWNER       - $OWNER"
+  #         echo "RELEASE     - $RELEASE"
+
+  create-release:
+    name: Create release
+    if:
+      # prettier-ignore
+      github.event.pull_request.merged == true && github.repository_owner == 'usnistgov' && startsWith(github.head_ref, 'release/')
+    runs-on: ubuntu-latest
+    environment:
+      name: pull-request
+    permissions:
+      contents: write
+    steps:
+      - name: PR info
+        env:
+          RELEASE_COMMIT: ${{ github.event.pull_request.merge_commit_sha }}
+          RELEASE_BRANCH: ${{ github.head_ref }}
+          OWNER: ${{ github.repository_owner }}
+          RELEASE: ${{ format('{0}', startsWith(github.head_ref, 'release/')) }}
+        run: |
+          echo "RELEASE_COMMIT - $RELEASE_COMMIT"
+          echo "RELEASE_BRANCH - $RELEASE_BRANCH"
+          echo "OWNER       - $OWNER"
+          echo "RELEASE     - $RELEASE"
+
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
+          sparse-checkout: |
+            pyproject.toml
+          sparse-checkout-cone-mode: false
+
+      - name: Setup python
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        with:
+          python-version: ">=3.11"
+
+      - name: Get version
+        id: version
+        shell: python
+        run: |
+          import os
+          import tomllib
+          from pathlib import Path
+
+          version = tomllib.loads(Path("pyproject.toml").read_text())["project"]["version"]
+          tag = f"v{version}"
+
+          print("{tag=:s}")
+
+          with open(os.getenv("GITHUB_OUTPUT"), "a") as f:
+            f.write(f"{tag=:s}\n")
+
+      - name: Create pull request
+        env:
+          GH_TOKEN: ${{ secrets.PAT }}
+          RELEASE_COMMIT: ${{ github.event.pull_request.merge_commit_sha }}
+          TAG: ${{ steps.version.outputs.tag }}
+        run: |
+          gh release create "$TAG" --generate-notes --target "$RELEASE_COMMIT"

.github/workflows/copier-update.yml → .github/workflows/update-copier.yml

@@ -1,9 +1,13 @@
-name: Copier update repository
+name: Update repo with copier
 on:
   schedule:
     - cron: "0 2 * * 1" # Every Monday at 2am
   workflow_dispatch:
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 permissions:
   contents: write
   pull-requests: write
@@ -47,33 +51,53 @@ jobs:
       - name: Copier update
         continue-on-error: false
         id: check
+        env:
+          commit_message_in: ${{ matrix.commit-message }}
         run: |
-          CHANGES=0
+          changed='false'
+          conflict_message=''
+          commit_message="$commit_message_in"
+
           if [ -f .copier-answers.yml ]; then
             copier update ${{ env.COPIER_OPTIONS }}
             if ! git diff --quiet -- .copier-answers.yml; then
-              CHANGES=1
+              changed='true'
             fi
           else
             echo "No .copier-answers.yml file"
+            exit 1
           fi
-          echo "has_changes=$CHANGES" >> "$GITHUB_OUTPUT"
 
-      - name: Git config
-        if: steps.check.outputs.has_changes == '1'
-        run: |
-          git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
-          git config --global user.name "github-actions[bot]"
-          git restore --staged .
+          # determine if have any merge conflicts
+          if [ "$changed" = "true" ] && ! git merge --no-commit --no-ff; then
+            conflict_message="Resolve conflicts."
+            commit_message="$commit_message [skip ci]"
+          fi
+
+          echo "changed=$changed" >> "$GITHUB_OUTPUT"
+          echo "conflict_message=$conflict_message" >> "$GITHUB_OUTPUT"
+          echo "commit_message=$commit_message" >> "$GITHUB_OUTPUT"
+
+          echo "files_changed<<EOF" >> "$GITHUB_OUTPUT"
+          git status --short | sort >> "$GITHUB_OUTPUT"
+          echo "EOF" >> "$GITHUB_OUTPUT"
+
+          # git config
+          if [ "$changed" = "true" ]; then
+            git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
+            git config --global user.name "github-actions[bot]"
+            git restore --staged .
+          fi
+        shell: bash -euxo pipefail {0}
 
       - name: Create pull request
-        if: steps.check.outputs.has_changes == '1'
+        if: steps.check.outputs.changed == 'true'
         id: cpr
         uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
         with:
           token: ${{ secrets.PAT }}
           add-paths: ${{ matrix.add-paths }}
-          commit-message: ${{ matrix.commit-message }}
+          commit-message: ${{ steps.check.outputs.commit_message }}
           title: ${{ matrix.title }}
           labels: |
             internal
@@ -82,7 +106,10 @@ jobs:
           delete-branch: true
           # branch-suffix: timestamp  # If want commit per run (instead of per workflow)
           body: |
-            This is an autogenerated PR. ${{ matrix.body }}
+            This is an autogenerated PR. ${{ matrix.body }} ${{ steps.check.outputs.conflict_message }}
+
+            Files changed (`git status --short`):
+            ${{ steps.check.outputs.files_changed }}
 
             [copier](https://github.com/copier-org/copier) has detected updates from the Cookiecutter repository.