Implement uv dependency management and versioning with bump-my-version #321
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…version Replace poetry-based dependency and version management: - Add uv documentation - Remove poetry references - Add new version-and-build.yml workflow - Remove old build-pipeline.yml and release-created.yml workflows - Add bump_develop_after_release.sh script for collision prevention - Create versioning documentation for Git Flow process - Update pyproject.toml for uv and bump-my-version configuration - Update README with uv guidance and versioning information
danielfromearth
changed the title
danielfromearth
added
documentation
Added entry for uv dependency management and versioning.
Simplified branch patterns for pull requests.
- Restructure GitHub Actions workflows for better organization and efficiency - Add dedicated PR validation workflow (pr-checks.yml) with security scanning, linting, type checks, and CHANGELOG validation - Create reusable workflows for unit tests, integration tests, and Docker builds - Add publish workflow for release automation to PyPI - Implement auto-bump workflow for version management after release branch creation - Modify pull request workflows for both internal and external contributors - Enhance version bumping strategy - Only bump versions on PR merges, not direct pushes - Add scripts for automated version management (version_bump.sh, verify_tag.sh) - Separate version bumping from build/publish steps - Improve testing workflows - Rename and consolidate test workflows (unit-tests.yml, integration-tests.yml) - Add timeout configurations and dependency caching - Use frozen dependencies for reproducible builds - Add comprehensive documentation - Create CI-CD-README.md with detailed workflow explanations - Add CI_CD_ARCHITECTURE_DIAGRAM.md with Mermaid diagrams - Update HOW_TO_RELEASE.md with additional info about release process - Publishing improvements - Separate publishing to Test PyPI (release branches) and production PyPI (releases) - Add Docker image building for different environments (sit, uat, ops) - Implement venue-based deployments - Configuration updates - Update dependabot configuration with better grouping and labeling - Enhance PR template with additional checklist items - Remove poetry.lock (migrated to uv)
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## develop #321 +/- ##
========================================
Coverage 90.63% 90.63%
========================================
Files 9 9
Lines 470 470
========================================
Hits 426 426
Misses 44 44
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Fix diagram error
Merge VERSIONING.md into CI-CD-README.md and streamline docs/README.md to eliminate confusion from having three overlapping documentation files.
…com/nasa/stitchee into feat/issue-295-uv-instead-of-poetry
ank1m
requested changes
Jan 13, 2026
| - name: Upload coverage reports to Codecov | ||
| uses: codecov/codecov-action@v5 | ||
| with: | ||
| token: ${{ secrets.CODECOV_TOKEN }} |
Collaborator
There was a problem hiding this comment.
no sure if it's case sensitive or not? CODECOV_TOKEN is lowercase in line 10
Collaborator
Author
There was a problem hiding this comment.
I'm pretty sure this is fine, i.e., they are not case sensitive
danielfromearth
commented
Jan 14, 2026
| - name: Upload coverage reports to Codecov | ||
| uses: codecov/codecov-action@v5 | ||
| with: | ||
| token: ${{ secrets.CODECOV_TOKEN }} |
Collaborator
Author
There was a problem hiding this comment.
I'm pretty sure this is fine, i.e., they are not case sensitive
Collaborator
Author
|
pre-commit.ci autofix |
Collaborator
Author
|
@ank1m, look good to you for merging? |
Collaborator
|
@danielfromearth Do you know why snyk fails? Otherwise looks good to merge! |
Collaborator
Author
|
Okay, merging! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overview
Replace
poetry-based dependency and version management withuvandbump-my-version, and restructure GitHub Actions CI/CD workflows for improved automation and deployment processes.GitHub Issue: #295, #302, #317
Description
Dependency & Version Management Migration
uvfor faster dependency managementbump-my-versionfor automated semantic versioningpyproject.tomlconfiguration and removepoetry.lockCI/CD Workflow Restructuring
New Workflows:
pr-checks.yml- PR validation with security scanning, linting, type checking, unit tests, and CHANGELOG validationpublish.yml- Automated PyPI publishing and Docker builds on GitHub releasesauto-bump-develop.yml- Auto-bumps develop to next minor version when release branch is createdpull-request-received.yml- Handles external fork PRs (unit tests only, no secrets)docker-build.yml,unit-tests.yml,integration-tests.yml- Reusable workflow componentsEnhanced
version-and-build.yml:Removed:
build-pipeline.yml,release-created.yml,pull_request.ymlVersion Bumping & Publishing Strategy
Version Bumping:
Publishing:
uattag)ops,latest, version tags)sittag)Documentation & Scripts
New Documentation:
CI-CD-README.md- Comprehensive developer guide with workflows, branching strategy, and troubleshootingCI_CD_ARCHITECTURE_DIAGRAM.md- Mermaid diagrams showing complete CI/CD architectureHOW_TO_RELEASE.md- Updated release process with auto-bump detailsScripts:
version_bump.sh,verify_tag.sh,create-netrcConfiguration: Updated Dependabot grouping and PR template checklist
Local test steps
Test suite passes with uv, version bumping scripts validated, linting and type checks pass
PR Acceptance Checklist
CHANGELOG.mdupdated📚 Documentation preview 📚: https://stitchee--321.org.readthedocs.build/en/321/