Skip to content

tedious ramblings

The blog of Robert Hafner

Menu
  • Projects
  • Resume
  • Sponsor
  • Archives
  • About
Menu
A Github Pull Request opened by Github Actions

Automatically Updating Python Requirements Files with Github Actions

Posted on February 1, 2023February 1, 2023 by Robert Hafner

When developing Python applications it is considered a best practice to include lockfiles, typically in the form of requirements.txt files. The problem is keeping these up to date. It tends to be a thankless task so people push it off, which can lead to an issue where developers have to update a ton of dependencies all at once. This is obviously no fun, so like most things in life that are no fun I decided to automate it using Github Actions.

The action-python-lockfile-update project is a Github Action, freely available for anyone to use, that uses pip-tools to rebuild your requirements.txt files on a schedule. When changes are detected it makes a brand new pull request. It even works with package "extra" requirements so that production and development lockfiles can live side by side and stay up to date.

One of the really nice things about this action is that it can trigger tests on the Pull Requests. Github Actions by default does not run any workflows that are triggered by a GIthub Action, which includes running tests on Pull Requests from a Github Action.

A Pull Request where tests aren't run.

This action gets around this by optionally using a Github Deploy Key to push the updates. Since the commit comes from the Deploy Key, not the Github Action Secret, all tests are run.

A Pull Request where tests are run.

Using a deploy key isn't required unless you want tests to run. There are example workflows for both options.

Share this:

  • Click to share on Mastodon (Opens in new window) Mastodon
  • Click to share on Reddit (Opens in new window) Reddit
  • Click to share on LinkedIn (Opens in new window) LinkedIn
  • Click to share on X (Opens in new window) X
  • Click to share on Pocket (Opens in new window) Pocket
  • Click to print (Opens in new window) Print
  • More
  • Click to share on Pinterest (Opens in new window) Pinterest
  • Click to share on Tumblr (Opens in new window) Tumblr
  • Click to email a link to a friend (Opens in new window) Email

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About

Robert Hafner is a Principal Engineer based in Chicago focusing on distributed applications, infrastructure, and security. This blog is a running journal of projects, tutorials, and random ideas that pop into his head.

  • GitHub
  • Mastodon
  • LinkedIn

Popular Posts

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

©2025 tedious ramblings | Built using WordPress and Responsive Blogily theme by Superb