Merge branch 'main' into feat/reminder-add-notify

Author: ChrisLovering

.github/CODEOWNERS

@@ -3,13 +3,10 @@
 **/bot/exts/moderation/*silence.py      @MarkKoz
 bot/exts/info/codeblock/**              @MarkKoz
 bot/exts/utils/extensions.py            @MarkKoz
-bot/exts/utils/snekbox.py               @MarkKoz @jb3
-bot/exts/moderation/**                  @mbaruh @Den4200 @ks129 @jb3
-bot/exts/info/**                        @Den4200 @jb3
-bot/exts/info/information.py            @mbaruh @jb3
+bot/exts/utils/snekbox.py               @MarkKoz
+bot/exts/moderation/**                  @mbaruh
+bot/exts/info/information.py            @mbaruh
 bot/exts/filtering/**                   @mbaruh
-bot/exts/fun/**                         @ks129
-bot/exts/utils/**                       @ks129 @jb3
 bot/exts/recruitment/**                 @wookie184
 
 # Utils
@@ -21,10 +18,6 @@ tests/_autospec.py                      @MarkKoz
 tests/bot/exts/test_cogs.py             @MarkKoz
 
 # CI & Docker
-.github/workflows/**                    @MarkKoz @SebastiaanZ @Den4200 @jb3
-Dockerfile                              @MarkKoz @Den4200 @jb3
-docker-compose.yml                      @MarkKoz @Den4200 @jb3
-
-# Statistics
-bot/async_stats.py                      @jb3
-bot/exts/info/stats.py                  @jb3
+.github/workflows/**                    @MarkKoz
+Dockerfile                              @MarkKoz
+docker-compose.yml                      @MarkKoz

.github/dependabot.yml

@@ -4,6 +4,10 @@ updates:
     directory: "/"
     schedule:
       interval: "daily"
+    ignore:
+      update-types:
+        - sem-ver:patch
+        - sem-ver:minor
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:

.github/workflows/build-deploy.yml

@@ -40,7 +40,7 @@ jobs:
       # and with the short SHA of the commit.
 
       - name: Build and push
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: ./Dockerfile
@@ -77,6 +77,7 @@ jobs:
       - name: Deploy to Kubernetes
         uses: azure/k8s-deploy@v5
         with:
+          namespace: bots
           manifests: |
-            infra/kubernetes/namespaces/default/bot/deployment.yaml
+            infra/kubernetes/namespaces/bots/bot/deployment.yaml
           images: 'ghcr.io/python-discord/bot:${{ inputs.sha-tag }}'

.github/workflows/lint-test.yml

@@ -32,17 +32,25 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Install Python Dependencies
-        uses: HassanAbouelela/actions/setup-python@setup-python_v1.4.2
+        uses: HassanAbouelela/actions/setup-python@setup-python_v1.6.0
         with:
-          python_version: '3.11'
+          python_version: '3.12'
 
       # Check all of our non-dev dependencies are compatible with the MIT license.
       # If you added a new dependencies that is being rejected,
       # please make sure it is compatible with the license for this project,
       # and add it to the ALLOWED_LICENSE variable
+
+      # NOTE: at time of writing pip-licenses is not PEP-639 compliant
+      #   so is not detecting the license for packages now following that style.
+      #   As a temp fix, add packages to the ignore list after manually checking
+      #   that the license in use is compatible with ours.
+      #   Ref: https://github.com/raimon49/pip-licenses/issues/225
       - name: Check Dependencies License
         run: |
+          poetry self add poetry-plugin-export
           pip-licenses --allow-only="$ALLOWED_LICENSE" \
+            --ignore-packages attrs \
             --package $(poetry export -f requirements.txt --without-hashes | sed "s/==.*//g" | tr "\n" " ")
 
       - name: Run pre-commit hooks
@@ -53,7 +61,10 @@ jobs:
         run: "ruff check --output-format=github ."
 
       - name: Run tests and generate coverage report
-        run: pytest -n auto --cov --disable-warnings -q
+        run: pytest -n auto --cov -q
+        env:
+          # Use "sys.monitoring" based coverage backend for better speed (see #3075)
+          COVERAGE_CORE: sysmon
 
       # Prepare the Pull Request Payload artifact. If this fails, we
       # we fail silently using the `continue-on-error` option. It's

.github/workflows/sentry_release.yml

@@ -12,12 +12,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Create a Sentry.io release
-        uses: tclindner/sentry-releases-action@v1.2.0
+        uses: getsentry/action-release@v1
         env:
           SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
           SENTRY_ORG: python-discord
           SENTRY_PROJECT: bot
         with:
-          tagName: ${{ github.sha }}
           environment: production
-          releaseNamePrefix: bot@
+          version_prefix: bot@

.github/workflows/status_embed.yaml

@@ -13,22 +13,6 @@ concurrency:
 
 jobs:
   status_embed:
-    # We need to send a status embed whenever the workflow
-    # sequence we're running terminates. There are a number
-    # of situations in which that happens:
-    #
-    # 1. We reach the end of the Deploy workflow, without
-    #    it being skipped.
-    #
-    # 2. A `pull_request` triggered a Lint & Test workflow,
-    #    as the sequence always terminates with one run.
-    #
-    # 3. If any workflow ends in failure or was cancelled.
-    if: >-
-      (github.event.workflow_run.name == 'Deploy' && github.event.workflow_run.conclusion != 'skipped') ||
-      github.event.workflow_run.event == 'pull_request' ||
-      github.event.workflow_run.conclusion == 'failure' ||
-      github.event.workflow_run.conclusion == 'cancelled'
     name:  Send Status Embed to Discord
     runs-on: ubuntu-latest
 
@@ -46,10 +30,10 @@ jobs:
           curl -sSL -H "Authorization: token $GITHUB_TOKEN" -o pull_request_payload.zip $DOWNLOAD_URL || exit 2
           unzip -p pull_request_payload.zip > pull_request_payload.json
           [ -s pull_request_payload.json ] || exit 3
-          echo "::set-output name=pr_author_login::$(jq -r '.user.login // empty' pull_request_payload.json)"
-          echo "::set-output name=pr_number::$(jq -r '.number // empty' pull_request_payload.json)"
-          echo "::set-output name=pr_title::$(jq -r '.title // empty' pull_request_payload.json)"
-          echo "::set-output name=pr_source::$(jq -r '.head.label // empty' pull_request_payload.json)"
+          echo "pr_author_login=$(jq -r '.user.login // empty' pull_request_payload.json)" >> $GITHUB_OUTPUT
+          echo "pr_number=$(jq -r '.number // empty' pull_request_payload.json)" >> $GITHUB_OUTPUT
+          echo "pr_title=$(jq -r '.title // empty' pull_request_payload.json)" >> $GITHUB_OUTPUT
+          echo "pr_source=$(jq -r '.head.label // empty' pull_request_payload.json)" >> $GITHUB_OUTPUT
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
@@ -64,14 +48,12 @@ jobs:
           webhook_id: '784184528997842985'
           webhook_token: ${{ secrets.GHA_WEBHOOK_TOKEN }}
 
-          # Workflow information
+          # We need to provide the information of the workflow that
+          # triggered this workflow instead of this workflow.
           workflow_name: ${{ github.event.workflow_run.name }}
           run_id: ${{ github.event.workflow_run.id }}
           run_number: ${{ github.event.workflow_run.run_number }}
           status: ${{ github.event.workflow_run.conclusion }}
-          actor: ${{ github.actor }}
-          repository:  ${{ github.repository }}
-          ref: ${{ github.ref }}
           sha: ${{ github.event.workflow_run.head_sha }}
 
           pr_author_login: ${{ steps.pr_info.outputs.pr_author_login }}

Dockerfile

@@ -1,4 +1,4 @@
-FROM --platform=linux/amd64 ghcr.io/owl-corp/python-poetry-base:3.11-slim
+FROM --platform=linux/amd64 ghcr.io/owl-corp/python-poetry-base:3.12-slim
 
 # Define Git SHA build argument for sentry
 ARG git_sha="development"

bot/__main__.py

@@ -13,7 +13,6 @@
 from bot.bot import Bot
 from bot.log import get_logger, setup_sentry
 
-setup_sentry()
 LOCALHOST = "127.0.0.1"
 
 
@@ -23,7 +22,6 @@ async def _create_redis_session() -> RedisSession:
         host=constants.Redis.host,
         port=constants.Redis.port,
         password=constants.Redis.password,
-        max_connections=20,
         use_fakeredis=constants.Redis.use_fakeredis,
         global_namespace="bot",
         decode_responses=True,
@@ -36,6 +34,8 @@ async def _create_redis_session() -> RedisSession:
 
 async def main() -> None:
     """Entry async method for starting the bot."""
+    setup_sentry()
+
     statsd_url = constants.Stats.statsd_host
     if constants.DEBUG_MODE:
         # Since statsd is UDP, there are no errors for sending to a down port.

bot/bot.py

@@ -6,7 +6,7 @@
 from discord.errors import Forbidden
 from pydis_core import BotBase
 from pydis_core.utils.error_handling import handle_forbidden_from_block
-from sentry_sdk import push_scope
+from sentry_sdk import new_scope, start_transaction
 
 from bot import constants, exts
 from bot.log import get_logger
@@ -29,6 +29,11 @@ def __init__(self, *args, **kwargs):
 
         super().__init__(*args, **kwargs)
 
+    async def load_extension(self, name: str, *args, **kwargs) -> None:
+        """Extend D.py's load_extension function to also record sentry performance stats."""
+        with start_transaction(op="cog-load", name=name):
+            await super().load_extension(name, *args, **kwargs)
+
     async def ping_services(self) -> None:
         """A helper to make sure all the services the bot relies on are available on startup."""
         # Connect Site/API
@@ -66,7 +71,7 @@ async def on_error(self, event: str, *args, **kwargs) -> None:
 
         self.stats.incr(f"errors.event.{event}")
 
-        with push_scope() as scope:
+        with new_scope() as scope:
             scope.set_tag("event", event)
             scope.set_extra("args", args)
             scope.set_extra("kwargs", kwargs)

bot/constants.py

@@ -8,7 +8,7 @@
 import os
 from enum import Enum
 
-from pydantic import BaseModel
+from pydantic import BaseModel, computed_field
 from pydantic_settings import BaseSettings
 
 
@@ -138,7 +138,7 @@ class _Roles(EnvConfig, env_prefix="roles_"):
     lovefest: int = 542431903886606399
     pyweek_announcements: int = 897568414044938310
     revival_of_code: int = 988801794668908655
-    legacy_help_channels_access: int = 1074780483776417964
+    archived_channels_access: int = 1074780483776417964
 
     contributors: int = 295488872404484098
     partners: int = 323426753857191936
@@ -322,7 +322,7 @@ class _DuckPond(EnvConfig, env_prefix="duck_pond_"):
 
     threshold: int = 7
 
-    channel_blacklist: tuple[int, ...] = (
+    default_channel_blacklist: tuple[int, ...] = (
         Channels.announcements,
         Channels.python_news,
         Channels.python_events,
@@ -336,6 +336,12 @@ class _DuckPond(EnvConfig, env_prefix="duck_pond_"):
         Channels.staff_info,
     )
 
+    extra_channel_blacklist: tuple[int, ...] = tuple()
+
+    @computed_field
+    @property
+    def channel_blacklist(self) -> tuple[int, ...]:
+        return self.default_channel_blacklist + self.extra_channel_blacklist
 
 DuckPond = _DuckPond()
 
@@ -379,7 +385,7 @@ class _VideoPermission(EnvConfig, env_prefix="video_permission_"):
 
 class _Redis(EnvConfig, env_prefix="redis_"):
 
-    host: str = "redis.default.svc.cluster.local"
+    host: str = "redis.databases.svc.cluster.local"
     password: str = ""
     port: int = 6379
     use_fakeredis: bool = False  # If this is True, Bot will use fakeredis.aioredis
@@ -417,8 +423,8 @@ class _Metabase(EnvConfig, env_prefix="metabase_"):
 
     username: str = ""
     password: str = ""
-    base_url: str = "http://metabase.default.svc.cluster.local"
-    public_url: str = "https://metabase.pythondiscord.com"
+    base_url: str = "http://metabase.tooling.svc.cluster.local"
+    public_url: str = "https://metabase.pydis.wtf"
     max_session_age: int = 20_160
 
 
@@ -428,7 +434,7 @@ class _Metabase(EnvConfig, env_prefix="metabase_"):
 class _BaseURLs(EnvConfig, env_prefix="urls_"):
 
     # Snekbox endpoints
-    snekbox_eval_api: str = "http://snekbox.default.svc.cluster.local/eval"
+    snekbox_eval_api: str = "http://snekbox.snekbox.svc.cluster.local/eval"
 
     # Discord API
     discord_api: str = "https://discordapp.com/api/v7/"
@@ -438,7 +444,7 @@ class _BaseURLs(EnvConfig, env_prefix="urls_"):
     github_bot_repo: str = "https://github.com/python-discord/bot"
 
     # Site
-    site_api: str = "http://site.default.svc.cluster.local/api"
+    site_api: str = "http://site.web.svc.cluster.local/api"
     paste_url: str = "https://paste.pythondiscord.com"
 
 
@@ -621,7 +627,7 @@ class _Keys(EnvConfig, env_prefix="api_keys_"):
     "Not likely.",
     "No way, José.",
     "Not in a million years.",
-    "Fat chance.",
+    "I would love to, but unfortunately... no.",
     "Certainly not.",
     "NEGATORY.",
     "Nuh-uh.",
@@ -655,8 +661,9 @@ class _Keys(EnvConfig, env_prefix="api_keys_"):
     "In the future, don't do that.",
     "That was a mistake.",
     "You blew it.",
-    "You're bad at computers.",
-    "Are you trying to kill me?",
+    "Application bot.exe will be closed.",
+    "Kernel Panic! *Kernel runs around in panic*",
+    "Error 418. I am a teapot.",
     "Noooooo!!",
     "I can't believe you've done this",
 )