Tools to standardize repository settings in a specific GitHub organization.
For the Reich Lab repos, we've decided to apply the following settings to the default
branches (e.g., main
) of our repos:
- Branch cannot be deleted
- Disallow direct pushes (must open a pull request instead)
- Require at least one reviewer approval before merging a pull request
- Require re-approval when changes are made to a pull request
- Write access to all repos in the reichlab GitHub organization
- A
GITHUB_TOKEN
environment variable that contains a GitHub personal access token
-
Install this Python package via pip:
pip install git+https://github.com/reichlab/standardize-repo-settings.git
-
To apply the Reichlab's default branch rulesets to all repos in the Reichlab GitHub organization:
add_default_rulesets
The steps below are for setting up a local development environment. This process entails more than just installing the package, because we need to ensure that all developers have a consistent, reproducible environment.
Developers will be using a Python virtual environment that:
- is based on the Python version specified in .python-version.
- contains the dependency versions specified in the "lockfile" (in this case requirements/requirements-dev.txt).
- contains the package installed in "editable" mode.
-
Clone this repository
-
Change to the repo's root directory:
cd reichlab-repo-utils
-
Make sure the correct version of Python is currently active, and create a Python virtual environment:
python -m venv .venv
-
Activate the virtual environment:
# MacOs/Linux source .venv/bin/activate # Windows .venv\Scripts\activate
-
Install the package dependencies and install the package in editable mode:
python -m pip install -r requirements/requirements-dev.txt && python -m pip install -e .
-
Optional: if you use
pre-commit
in your workflow to automate code formatting and other tasks, install it. Otherwise, delete.pre-commit-config.yaml
. -
Run the test suite to confirm that everything is working:
python -m pytest
Because the package is installed in "editable" mode, you can run the code as though it were a normal Python package, while also being able to make changes and see them immediately.
Prerequisites:
Note: using pipx
(instead of pip) to install uv
is a handy way to ensure that uv is available for all of the Python environments on your machine.
The "lockfile" for this project is simply an annotated requirements.txt that is generated by uv (uv is a replacement for pip-compile, which could also be used). There's also a requirements-dev.txt file that contains dependencies needed for development (e.g., pytest).
While it's possible to use pip freeze
to generate a detailed lockfile without a third-party tool like uv
, the output of pip freeze
doesn't distinguish between direct and indirect dependencies. This distinction probably doesn't matter for a small project, but on a large project, understanding the dependency graph is critical for resolving conflicts.
Additionally, uv
(and pip-compile
) are able to use the list of high-level dependencies in pyproject.toml
to generate a detailed requirements.txt file, which is a good workflow for keeping everything in sync.
To add a dependency to the project:
-
Add the dependency to the
[dependencies]
section ofpyproject.toml
(or to thedev
section of[project.optional-dependencies]
, if it's a development dependency). Don't pin a specific version, since that will make it harder for people to install the package. -
Generate updated requirements files:
uv pip compile pyproject.toml -o requirements/requirements.txt && uv pip compile pyproject.toml --extra dev -o requirements/requirements-dev.txt
-
Update project dependencies:
Note: This package was originally developed on MacOS. If you have trouble installing the dependencies.
uv pip sync
has a--python-platform
flag that can be used to specify the platform.# note: requirements-dev.txt contains the base requirements AND the dev requirements # # using pip python -m pip install -r requirements/requirements-dev.txt # # alternately, you can use uv to install the dependencies: it is faster and has a # a handy sync option that will cleanup unused dependencies uv pip sync requirements/requirements-dev.txt