Precommit support for update dependabot

Alfresco · Nov 14, 2023 · d9d6abe · d9d6abe
1 parent d03f745
commit d9d6abe
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 11 deletions.
diff --git a/.github/dependabot.template.yml b/.github/dependabot.template.yml
@@ -0,0 +1,13 @@
+# Documentation for all configuration options:
+# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+# Edit should be made in the dependabot.template.yml
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "pip"
+    directory: "/.github/actions/pipenv"
+    schedule:
+      interval: "monthly"
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -1,11 +1,16 @@
 # Documentation for all configuration options:
 # https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+# Edit should be made in the dependabot.template.yml
 version: 2
 updates:
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
       interval: "weekly"
+  - package-ecosystem: "pip"
+    directory: "/.github/actions/pipenv"
+    schedule:
+      interval: "monthly"
   - package-ecosystem: "github-actions"
     directory: "/.github/actions/automate-dependabot"
     schedule:
@@ -254,8 +259,3 @@ updates:
     directory: "/.github/actions/veracode"
     schedule:
       interval: "weekly"
-
-  - package-ecosystem: "pip"
-    directory: "/.github/actions/pipenv"
-    schedule:
-      interval: "monthly"
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -23,3 +23,10 @@ repos:
     rev: v0.32.2
     hooks:
     - id: markdownlint
+  - repo: local
+    hooks:
+      - id: generate-dependabot
+        name: Generate dependabot config for actions
+        language: system
+        entry: ./update-dependabot.sh
+        pass_filenames: false
diff --git a/update-dependabot.sh b/update-dependabot.sh
@@ -3,7 +3,10 @@
 # Directory containing composite actions
 actions_dir='.github/actions'
 
-# Dependabot config file
+# Dependabot source config file
+master_config='.github/dependabot.template.yml'
+
+# Dependabot target config file
 dependabot_config='.github/dependabot.yml'
 
 # Temp file for new Dependabot config section
@@ -12,16 +15,15 @@ temp_config='temp_dependabot.yml'
 # Function to generate Dependabot config section for a composite action
 generate_dependabot_section() {
     local action_dir=$1
-    local action_name=$(basename "$action_dir")
     echo "  - package-ecosystem: \"github-actions\""
     echo "    directory: \"/${action_dir}\""
     echo "    schedule:"
     echo "      interval: \"weekly\""
 }
 
 # Check if Dependabot config exists
-if [ ! -f "$dependabot_config" ]; then
-    echo "Dependabot config not found."
+if [ ! -f "$master_config" ]; then
+    echo "$master_config config not found."
     exit 1
 fi
 
@@ -30,12 +32,12 @@ echo "version: 2" > "$temp_config"
 echo "updates:" >> "$temp_config"
 
 # Loop through composite actions and append to temp config
-for action_dir in $(find "$actions_dir" -mindepth 1 -maxdepth 1 -type d -printf '%h\0%d\0%p\n' | sort -t '\0' -n | awk -F '\0' '{print $3}'); do
+for action_dir in $(find "$actions_dir" -mindepth 1 -maxdepth 1 -type d | sort -n); do
     generate_dependabot_section "$action_dir" >> "$temp_config"
 done
 
 # Merge new section with existing Dependabot config using yq
-yq -i "$dependabot_config" "$temp_config"
+yq eval-all '. as $item ireduce ({}; . *+ $item)' $master_config $temp_config > "$dependabot_config"
 
 # Clean up
 rm "$temp_config"