ci: Group GitHub Action dependabot updates (#2133)

.github/dependabot.yml

@@ -20,3 +20,7 @@ updates:
       interval: weekly
     reviewers: [meltano/engineering]
     labels: [deps]
+    groups:
+      actions:
+        patterns:
+          - "*"

.github/workflows/codeql-analysis.yml

@@ -36,12 +36,10 @@ jobs:
         # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
 
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4.1.1
+    - uses: actions/checkout@v4
 
     # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+    - uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -54,8 +52,7 @@ jobs:
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v3
+    - uses: github/codeql-action/autobuild@v3
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -67,5 +64,4 @@ jobs:
     #   echo "Run, Build Application using script"
     #   ./location_of_script_within_repo/buildscript.sh
 
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+    - uses: github/codeql-action/analyze@v3

.github/workflows/codspeed.yml

@@ -13,11 +13,8 @@ jobs:
   benchmarks:
     runs-on: ubuntu-latest
     steps:
-    - name: Check out the repository
-      uses: actions/checkout@v4.1.1
-
-    - name: Setup Python
-      uses: actions/setup-python@v5.0.0
+    - uses: actions/checkout@v4
+    - uses: actions/setup-python@v5
       with:
         python-version: 3.11
         architecture: x64
@@ -37,8 +34,7 @@ jobs:
         --with benchmark
         --all-extras
 
-    - name: Run benchmarks
-      uses: CodSpeedHQ/action@v2
+    - uses: CodSpeedHQ/action@v2
       with:
         token: ${{ secrets.CODSPEED_TOKEN }}
         run: pytest tests/ --codspeed

.github/workflows/cookiecutter-e2e.yml

@@ -33,9 +33,7 @@ jobs:
           - { python-version: "3.11",  os: "ubuntu-latest" }
 
     steps:
-    - name: Check out the repository
-      uses: actions/checkout@v4.1.1
-
+    - uses: actions/checkout@v4
     - name: Upgrade pip
       env:
         PIP_CONSTRAINT: .github/workflows/constraints.txt
@@ -52,8 +50,7 @@ jobs:
         poetry --version
         poetry self show plugins
 
-    - name: Setup Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v5.0.0
+    - uses: actions/setup-python@v5
       with:
         python-version: ${{ matrix.python-version }}
         architecture: x64
@@ -77,10 +74,10 @@ jobs:
       run: |
         nox --python=${{ matrix.python-version }} --session=test_cookiecutter
 
-    - name: Upload build artifacts
+    - uses: actions/upload-artifact@v4
       if: always()
-      uses: actions/upload-artifact@v3
       with:
+        name: cookiecutter-${{ matrix.os }}-py${{ matrix.python-version }}
         path: |
           /tmp/tap-*
           /tmp/target-*

.github/workflows/dependency-review.yml

@@ -12,11 +12,8 @@ jobs:
   dependency-review:
     runs-on: ubuntu-latest
     steps:
-      - name: Checkout the repository
-        uses: actions/checkout@v4.1.1
-
-      - name: GitHub dependency vulnerability check
+      - uses: actions/checkout@v4
+      - uses: actions/dependency-review-action@v3
         if: ${{ github.event_name == 'pull_request_target' }}
-        uses: actions/dependency-review-action@v3.1.4
         with:
           fail-on-severity: high

.github/workflows/release.yml

@@ -17,10 +17,10 @@ jobs:
 
     steps:
     - name: Checkout code
-      uses: actions/checkout@v4.1.1
+      uses: actions/checkout@v4
 
     - name: Set up Python
-      uses: actions/setup-python@v5.0.0
+      uses: actions/setup-python@v5
       with:
         python-version: "3.11"
 

.github/workflows/test.yml

@@ -48,15 +48,14 @@ jobs:
         session: [tests]
         os: ["ubuntu-latest", "macos-latest", "windows-latest"]
         python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12"]
-        sqlalchemy: ["2.*"]
+        sqlalchemy: ["2"]
         include:
-        - { session: tests,   python-version: "3.11", os: "ubuntu-latest", sqlalchemy: "1.*" }
-        - { session: doctest, python-version: "3.11", os: "ubuntu-latest", sqlalchemy: "2.*" }
-        - { session: mypy,    python-version: "3.11",  os: "ubuntu-latest", sqlalchemy: "2.*" }
+        - { session: tests,   python-version: "3.11", os: "ubuntu-latest", sqlalchemy: "1" }
+        - { session: doctest, python-version: "3.11", os: "ubuntu-latest", sqlalchemy: "2" }
+        - { session: mypy,    python-version: "3.11",  os: "ubuntu-latest", sqlalchemy: "2" }
 
     steps:
-    - name: Check out the repository
-      uses: actions/checkout@v4.1.1
+    - uses: actions/checkout@v4
 
     - name: Install Poetry
       env:
@@ -67,8 +66,7 @@ jobs:
         poetry --version
         poetry self show plugins
 
-    - name: Setup Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v5.0.0
+    - uses: actions/setup-python@v5
       with:
         python-version: ${{ matrix.python-version }}
         architecture: x64
@@ -96,11 +94,10 @@ jobs:
       run: |
         nox --verbose
 
-    - name: Upload coverage data
+    - uses: actions/upload-artifact@v4
       if: always() && (matrix.session == 'tests')
-      uses: actions/upload-artifact@v3.1.2
       with:
-        name: coverage-data
+        name: coverage-data-nox_${{ matrix.session }}-${{ matrix.os }}-py${{ matrix.python-version }}_sqlalchemy_${{ matrix.sqlalchemy }}
         path: ".coverage.*"
 
   tests-external:
@@ -119,8 +116,7 @@ jobs:
       SAMPLE_TAP_GOOGLE_ANALYTICS_VIEW_ID: ${{ secrets.SAMPLE_TAP_GOOGLE_ANALYTICS_VIEW_ID }}
 
     steps:
-    - name: Check out the repository
-      uses: actions/checkout@v4.1.1
+    - uses: actions/checkout@v4
 
     - name: Install Poetry
       env:
@@ -131,8 +127,7 @@ jobs:
         poetry --version
         poetry self show plugins
 
-    - name: Setup Python
-      uses: actions/setup-python@v5.0.0
+    - uses: actions/setup-python@v5
       with:
         python-version: ${{ env.NOXPYTHON }}
         architecture: x64
@@ -163,8 +158,7 @@ jobs:
     runs-on: ubuntu-latest
     needs: tests
     steps:
-    - name: Check out the repository
-      uses: actions/checkout@v4.1.1
+    - uses: actions/checkout@v4
 
     - name: Install Poetry
       env:
@@ -175,8 +169,7 @@ jobs:
         poetry --version
         poetry self show plugins
 
-    - name: Set up Python
-      uses: actions/setup-python@v5.0.0
+    - uses: actions/setup-python@v5
       with:
         python-version: '3.11'
         cache: 'pip'
@@ -187,10 +180,10 @@ jobs:
         pip install --constraint=.github/workflows/constraints.txt pip
         pip --version
 
-    - name: Download coverage data
-      uses: actions/download-artifact@v3.0.2
+    - uses: actions/download-artifact@v4
       with:
-        name: coverage-data
+        pattern: coverage-data-*
+        merge-multiple: true
 
     - name: Install Nox
       env:
@@ -208,8 +201,7 @@ jobs:
       run: |
         nox --session=coverage -- xml
 
-    - name: Upload coverage report
-      uses: codecov/codecov-action@v3.1.4
+    - uses: codecov/codecov-action@v3
       with:
         fail_ci_if_error: true
         token: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/version_bump.yml

@@ -36,12 +36,11 @@ jobs:
       discussions: write    # to create a discussion
 
     steps:
-    - uses: actions/checkout@v4.1.1
+    - uses: actions/checkout@v4
       with:
         fetch-depth: 0
 
-    - name: Set up Python
-      uses: actions/setup-python@v5.0.0
+    - uses: actions/setup-python@v5
       with:
         python-version: "3.11"
         architecture: x64

noxfile.py

@@ -93,7 +93,7 @@ def tests(session: Session) -> None:
         # Bypass nox-poetry use of --constraint so we can install a version of
         # SQLAlchemy that doesn't match what's in poetry.lock.
         session.poetry.session.install(  # type: ignore[attr-defined]
-            f"sqlalchemy=={sqlalchemy_version}",
+            f"sqlalchemy=={sqlalchemy_version}.*",
         )
 
     env = {"COVERAGE_CORE": "sysmon"} if session.python == "3.12" else {}