From db879772c47f0fe3247e84803bb24dc1b0ecbcf0 Mon Sep 17 00:00:00 2001
From: Vincent Biret <vibiret@microsoft.com>
Date: Wed, 4 Dec 2024 11:54:11 -0500
Subject: [PATCH 1/3] ci: adds version matrix to ensure dependencies
 compatibility

---
 .../msgraph-sdk-python-branch-protection.yml  | 68 +++++++++----------
 .github/workflows/build.yml                   | 22 +++++-
 2 files changed, 53 insertions(+), 37 deletions(-)

diff --git a/.github/policies/msgraph-sdk-python-branch-protection.yml b/.github/policies/msgraph-sdk-python-branch-protection.yml
index 8206da94c2a..e7997678b0a 100644
--- a/.github/policies/msgraph-sdk-python-branch-protection.yml
+++ b/.github/policies/msgraph-sdk-python-branch-protection.yml
@@ -8,39 +8,37 @@ description: Branch protection policy for the msgraph-sdk-python repository
 resource: repository
 configuration:
   branchProtectionRules:
+    - branchNamePattern: main
+      # This branch pattern applies to the following branches as of 06/12/2023 10:31:18:
+      # main
 
-  - branchNamePattern: main
-    # This branch pattern applies to the following branches as of 06/12/2023 10:31:18:
-    # main
-
-    # Specifies whether this branch can be deleted. boolean
-    allowsDeletions: false
-    # Specifies whether forced pushes are allowed on this branch. boolean
-    allowsForcePushes: false
-    # Specifies whether new commits pushed to the matching branches dismiss pull request review approvals. boolean
-    dismissStaleReviews: true
-    # Specifies whether admins can overwrite branch protection. boolean
-    isAdminEnforced: false
-    # Indicates whether "Require a pull request before merging" is enabled. boolean
-    requiresPullRequestBeforeMerging: true
-    # Specifies the number of pull request reviews before merging. int (0-6). Should be null/empty if PRs are not required
-    requiredApprovingReviewsCount: 1
-    # Require review from Code Owners. Requires requiredApprovingReviewsCount. boolean
-    requireCodeOwnersReview: true
-    # Are commits required to be signed. boolean. TODO: all contributors must have commit signing on local machines.
-    requiresCommitSignatures: false
-    # Are conversations required to be resolved before merging? boolean
-    requiresConversationResolution: true
-    # Are merge commits prohibited from being pushed to this branch. boolean
-    requiresLinearHistory: false
-    # Required status checks to pass before merging. Values can be any string, but if the value does not correspond to any existing status check, the status check will be stuck on pending for status since nothing exists to push an actual status
-    requiredStatusChecks:
-    - CodeQL
-    - Validate code accuracy
-    # Require branches to be up to date before merging. Requires requiredStatusChecks. boolean
-    requiresStrictStatusChecks: true
-    # Indicates whether there are restrictions on who can push. boolean. Should be set with whoCanPush.
-    restrictsPushes: false
-    # Restrict who can dismiss pull request reviews. boolean
-    restrictsReviewDismissals: false
-
+      # Specifies whether this branch can be deleted. boolean
+      allowsDeletions: false
+      # Specifies whether forced pushes are allowed on this branch. boolean
+      allowsForcePushes: false
+      # Specifies whether new commits pushed to the matching branches dismiss pull request review approvals. boolean
+      dismissStaleReviews: true
+      # Specifies whether admins can overwrite branch protection. boolean
+      isAdminEnforced: false
+      # Indicates whether "Require a pull request before merging" is enabled. boolean
+      requiresPullRequestBeforeMerging: true
+      # Specifies the number of pull request reviews before merging. int (0-6). Should be null/empty if PRs are not required
+      requiredApprovingReviewsCount: 1
+      # Require review from Code Owners. Requires requiredApprovingReviewsCount. boolean
+      requireCodeOwnersReview: true
+      # Are commits required to be signed. boolean. TODO: all contributors must have commit signing on local machines.
+      requiresCommitSignatures: false
+      # Are conversations required to be resolved before merging? boolean
+      requiresConversationResolution: true
+      # Are merge commits prohibited from being pushed to this branch. boolean
+      requiresLinearHistory: false
+      # Required status checks to pass before merging. Values can be any string, but if the value does not correspond to any existing status check, the status check will be stuck on pending for status since nothing exists to push an actual status
+      requiredStatusChecks:
+        - CodeQL
+        - check-build-matrix
+      # Require branches to be up to date before merging. Requires requiredStatusChecks. boolean
+      requiresStrictStatusChecks: true
+      # Indicates whether there are restrictions on who can push. boolean. Should be set with whoCanPush.
+      restrictsPushes: false
+      # Restrict who can dismiss pull request reviews. boolean
+      restrictsReviewDismissals: false
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 6b935e96648..972140df1c3 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -12,12 +12,16 @@ jobs:
   validate:
     name: Validate code accuracy
     runs-on: ubuntu-latest
+    strategy:
+      max-parallel: 5
+      matrix:
+        python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"]
     steps:
     - uses: actions/checkout@v4
-    - name: Set up Python
+    - name: Set up Python ${{ matrix.python-version }}
       uses: actions/setup-python@v5
       with:
-        python-version: '3.12'
+        python-version: ${{ matrix.python-version }}
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip
@@ -25,3 +29,17 @@ jobs:
     - name: Lint with Pylint
       run: pylint msgraph --disable=W --rcfile=.pylintrc
 
+  # The check-build-matrix returns success if all matrix jobs in build are successful; otherwise, it returns a failure.
+  # Use this as a PR status check for GitHub Policy Service instead of individual matrix entry checks.
+  check-build-matrix:
+    runs-on: ubuntu-latest
+    needs: validate
+    if: always()
+    steps:
+      - name: All build matrix options are successful
+        if: ${{ !(contains(needs.*.result, 'failure')) }}
+        run: exit 0
+      - name: One or more build matrix options failed
+        if: ${{ contains(needs.*.result, 'failure') }}
+        run: exit 1
+

From bba3a3b74b0e0d53b3bdcfe1147b40486db58399 Mon Sep 17 00:00:00 2001
From: Vincent Biret <vibiret@microsoft.com>
Date: Wed, 4 Dec 2024 11:59:42 -0500
Subject: [PATCH 2/3] fix: downgrades doc-utils to match python supported
 versions

---
 requirements-dev.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements-dev.txt b/requirements-dev.txt
index 9e28d54a5fe..a224cc95477 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -16,7 +16,7 @@ colorama==0.4.6
 cryptography==43.0.1
 Deprecated==1.2.15
 dill==0.3.8
-docutils==0.21.2
+docutils==0.20.1
 flit==3.9.0
 flit_core==3.9.0
 frozenlist==1.4.1

From 8d8076168ad755e1d373190d06b5ae4fb2af2303 Mon Sep 17 00:00:00 2001
From: Vincent Biret <vibiret@microsoft.com>
Date: Wed, 4 Dec 2024 12:02:00 -0500
Subject: [PATCH 3/3] fix: downgrades time machine to match python supported
 versions

---
 requirements-dev.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements-dev.txt b/requirements-dev.txt
index a224cc95477..663e9f293ba 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -63,7 +63,7 @@ requests==2.32.3
 six==1.16.0
 sniffio==1.3.1
 std-uritemplate>=2.0.0
-time-machine==2.16.0
+time-machine==2.15.0
 toml==0.10.2
 tomli==2.2.1
 tomli_w==1.0.0