pitt-crc · djperrefort · Oct 5, 2023 · Oct 2, 2023 · Oct 2, 2023 · Oct 5, 2023
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -5,9 +5,17 @@ updates:
     schedule:
       interval: "monthly"
     open-pull-requests-limit: 100
+    groups:
+      python-dependencies:
+        patterns:
+          - "*"
 
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
       interval: "monthly"
     open-pull-requests-limit: 100
+    groups:
+      actions-dependencies:
+        patterns:
+          - "*"
diff --git a/.github/workflows/CodeQL.yml b/.github/workflows/CodeQL.yml
@@ -6,7 +6,7 @@ on:
   pull_request:
     branches: [ main ]
   schedule:
-    - cron: 0 0 1 * *
+    - cron: 0 7 1 * *
 
 jobs:
   analyze:
@@ -23,20 +23,18 @@ jobs:
         language: [ python ]
 
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v3
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      with:
-        languages: ${{ matrix.language }}
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
-      with:
-        category: /language:${{matrix.language}}
-
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+        with:
+          category: /language:${{matrix.language}}
 
   # Use this job for branch protection rules
   report-codeql-status:

diff --git a/.github/workflows/PackagePublish.yml b/.github/workflows/PackagePublish.yml
@@ -31,6 +31,9 @@ jobs:
             environment: publish-pypi
 
     steps:
+      - name: Checkout source
+        uses: actions/checkout@v4
+
       - name: Set up Python
         uses: actions/setup-python@v4
         with:
@@ -41,23 +44,20 @@ jobs:
         with:
           virtualenvs-create: false
 
-      - name: Checkout source
-        uses: actions/checkout@v4
-
       # Get the new package version from the release tag
-      # Release tags are expected to start with "refs/tags/v", so the first 11 characters are stripped
+      # Git release tags are expected to start with "refs/tags/v"
       - name: Set package version
         run: |
           release_tag=${{github.ref}}
-          poetry version "${release_tag:11}"
+          poetry version "${release_tag#refs/tags/v}"
 
       - name: Build package
         run: poetry build -v
 
       - name: Publish package
         uses: pypa/gh-action-pypi-publish@release/v1
         with:
-          verbose: true
+          print-hash: true
           repository-url: ${{ matrix.host }}
           user: ${{ secrets.REPO_USER }}
           password: ${{ secrets.REPO_PASSWORD }}
diff --git a/.github/workflows/PackageTest.yml b/.github/workflows/PackageTest.yml
@@ -4,6 +4,8 @@ on:
   workflow_dispatch:
   workflow_call:
   push:
+  schedule:
+    - cron: 0 7 1,15 * *
 
 jobs:
   run-tests:
@@ -23,17 +25,17 @@ jobs:
         with:
           python-version: ${{ matrix.python-version }}
 
-      - name: Install poetry
-        run: |
-          pip install poetry
-          poetry env use python${{ matrix.python-version }}
+      - name: Install Poetry
+        uses: snok/install-poetry@v1
+        with:
+          virtualenvs-create: false
 
       - name: Install dependencies
         run: poetry install --with tests
 
       - name: Run tests with coverage
         run: |
-          poetry run coverage run -m unittest discover tests
+          poetry run coverage run -m unittest discover 
           poetry run coverage report --omit="tests/*"
           poetry run coverage xml --omit="tests/*" -o coverage.xml
 

diff --git a/shinigami/utils.py b/shinigami/utils.py
@@ -10,6 +10,8 @@
 import asyncssh
 import pandas as pd
 
+INIT_PROCESS_ID = 1
+
 
 def id_in_whitelist(id_value: int, whitelist: Collection[Union[int, Tuple[int, int]]]) -> bool:
     """Return whether an ID is in a list of ID values
@@ -81,7 +83,7 @@ async def terminate_errant_processes(
         process_df = pd.read_fwf(StringIO(ps_return.stdout), widths=[11, 11, 11, 11, 500])
 
         # Identify orphaned processes and filter them by the UID whitelist
-        orphaned = process_df[process_df.PPID == 1]
+        orphaned = process_df[process_df.PPID == INIT_PROCESS_ID]
         terminate = orphaned[orphaned['UID'].apply(id_in_whitelist, whitelist=uid_whitelist)]
 
         for _, row in terminate.iterrows():
@@ -91,6 +93,6 @@ async def terminate_errant_processes(
             logging.info(f'[{node}] no processes found')
 
         elif not debug:
-            proc_id_str = ','.join(terminate.PGID.astype(str))
-            logging.info(f'[{node}] Sending termination signal for process groups {proc_id_str}')
-            await conn.run(f"pkill --signal -9 --pgroup {proc_id_str}", check=True)
+            proc_id_str = ','.join(terminate.PGID.unique().astype(str))
+            logging.info(f"[{node}] Sending termination signal for process groups {proc_id_str}")
+            await conn.run(f"pkill --signal 9 --pgroup {proc_id_str}", check=True)