SS-90: Add OTel telemetry instrumentation to SmartFix #14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #- | |
| # #%L | |
| # Contrast AI SmartFix | |
| # %% | |
| # Copyright (C) 2026 Contrast Security, Inc. | |
| # %% | |
| # Contact: [email protected] | |
| # License: Commercial | |
| # NOTICE: This Software and the patented inventions embodied within may only be | |
| # used as part of Contrast Security's commercial offerings. Even though it is | |
| # made available through public repositories, use of this Software is subject to | |
| # the applicable End User Licensing Agreement found at | |
| # https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed | |
| # between Contrast Security and the End User. The Software may not be reverse | |
| # engineered, modified, repackaged, sold, redistributed or otherwise used in a | |
| # way not consistent with the End User License Agreement. | |
| # #L% | |
| # | |
| name: Dependabot Lock File Sync | |
| on: | |
| pull_request: | |
| paths: | |
| - 'src/requirements.txt' | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| sync-lock-file: | |
| name: Regenerate requirements.lock | |
| runs-on: ubuntu-latest | |
| if: github.event.pull_request.user.login == 'dependabot[bot]' | |
| steps: | |
| - name: Checkout PR branch | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Python | |
| uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 | |
| with: | |
| python-version: '3.13' | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3 | |
| with: | |
| version: "0.10.2" | |
| - name: Regenerate requirements.lock | |
| run: uv pip compile src/requirements.txt --no-cache -o src/requirements.lock | |
| - name: Commit updated lock file | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| git add src/requirements.lock | |
| if git diff --cached --quiet; then | |
| echo "requirements.lock unchanged, nothing to commit" | |
| else | |
| git commit -m "AIML-574: Regenerate requirements.lock for dependabot bump" | |
| git push | |
| fi |