From 22e047e1ed2b6d2059fa2043878b4b70c4906ef5 Mon Sep 17 00:00:00 2001 From: Nick Evans <2616208+nickevansuk@users.noreply.github.com> Date: Fri, 22 Sep 2023 14:59:28 +0100 Subject: [PATCH 1/5] feat: Dependabot auto-update --- .github/dependabot.yml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..894b47d --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,26 @@ +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + time: "09:00" + timezone: "Europe/London" + groups: + production-dependencies: + dependency-type: "production" + exclude-patterns: + - "@openactive/*" + development-dependencies: + dependency-type: "development" + exclude-patterns: + - "eslint*" + - "jasmine*" + eslint: + dependency-type: "development" + patterns: + - "eslint*" + jasmine: + dependency-type: "development" + patterns: + - "jasmine*" From 2ba4d0dd3351044155d967cca249ce812360d70e Mon Sep 17 00:00:00 2001 From: Nick Evans <2616208+nickevansuk@users.noreply.github.com> Date: Fri, 22 Sep 2023 15:00:21 +0100 Subject: [PATCH 2/5] Create dependabot-automerge.yml --- .github/workflows/dependabot-automerge.yml | 24 ++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .github/workflows/dependabot-automerge.yml diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml new file mode 100644 index 0000000..8548c38 --- /dev/null +++ b/.github/workflows/dependabot-automerge.yml @@ -0,0 +1,24 @@ +name: Dependabot and CI auto-merge +on: pull_request + +permissions: + contents: write + pull-requests: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@v1 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + - name: Enable auto-merge for Dependabot PRs + run: gh pr merge "$PR_URL" --auto --body "" --squash + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} + - name: Auto-approve Dependabot PRs + uses: hmarr/auto-approve-action@v3 From 0c51ef013b9985436982283e1f00eaf918048b69 Mon Sep 17 00:00:00 2001 From: Nick Evans <2616208+nickevansuk@users.noreply.github.com> Date: Fri, 22 Sep 2023 15:00:51 +0100 Subject: [PATCH 3/5] Create eslint-auto-update.yml --- .github/workflows/eslint-auto-update.yml | 92 ++++++++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 .github/workflows/eslint-auto-update.yml diff --git a/.github/workflows/eslint-auto-update.yml b/.github/workflows/eslint-auto-update.yml new file mode 100644 index 0000000..df1095f --- /dev/null +++ b/.github/workflows/eslint-auto-update.yml @@ -0,0 +1,92 @@ +name: ESLint Fix +on: pull_request + +permissions: + contents: write + pull-requests: write + +jobs: + # Has dependabot created this PR? + dependabot-metadata: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + outputs: + dependency-group: ${{ steps.metadata.outputs.dependency-group }} + steps: + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@v1 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + # Is this PR an eslint upgrade? + lint-test: + runs-on: ubuntu-latest + needs: dependabot-metadata + if: ${{ needs.dependabot-metadata.outputs.dependency-group == 'eslint' }} + outputs: + outcome: ${{ steps.lint-test.outcome }} + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Use Node.js 14.x + uses: actions/setup-node@v1 + with: + node-version: 14 + - name: Install + run: npm ci + - name: Lint test + id: lint-test + run: npm run lint + # Has the eslint upgrade resulted in lint errors? If so, create a PR to attempt a lint --fix, in case they can be automatically resolved + create-pr: + runs-on: ubuntu-latest + needs: lint-test + if: ${{ always() && needs.lint-test.outputs.outcome == 'failure' }} + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + ref: ${{ github.event.pull_request.head.ref }} + - name: Use Node.js 14.x + uses: actions/setup-node@v1 + with: + node-version: 14 + - name: Install + run: npm ci + - name: Lint Fix + run: npm run lint-fix + - name: git reset to include the version bumps in the PR + run: git reset HEAD~1 + - name: Create Pull Request + id: cpr + uses: peter-evans/create-pull-request@v5 + with: + path: ./ + token: ${{ secrets.DEPENDABOT_PUBLIC_REPO_ACCESS_TOKEN }} + commit-message: ESLint --fix + committer: openactive-bot + author: openactive-bot + signoff: false + branch: ci/eslint + base: master + delete-branch: true + title: 'ESLint fix' + body: | + Lint fixes based on the latest version of ESLint. + labels: | + automated pr + draft: false + - name: Auto-approve PR + uses: hmarr/auto-approve-action@v3 + with: + pull-request-number: ${{ steps.cpr.outputs.pull-request-number }} + - name: Enable auto-merge for Dependabot PRs + run: gh pr merge "$PR_URL" --auto --body "" --squash + env: + PR_URL: ${{ steps.cpr.outputs.pull-request-url }} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} + - name: Check outputs + run: | + echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}" + echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}" From ea7f4a300590a8b66a5d1f2d7da07a4cea9f5849 Mon Sep 17 00:00:00 2001 From: Nick Evans <2616208+nickevansuk@users.noreply.github.com> Date: Fri, 22 Sep 2023 21:19:53 +0100 Subject: [PATCH 4/5] Better ignore --- .github/dependabot.yml | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 894b47d..7b40b1f 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -2,20 +2,14 @@ version: 2 updates: - package-ecosystem: "npm" directory: "/" + open-pull-requests-limit: 20 schedule: interval: "daily" time: "09:00" timezone: "Europe/London" + ignore: + - dependency-name: "@openactive/*" groups: - production-dependencies: - dependency-type: "production" - exclude-patterns: - - "@openactive/*" - development-dependencies: - dependency-type: "development" - exclude-patterns: - - "eslint*" - - "jasmine*" eslint: dependency-type: "development" patterns: From df530d0cfe2a39ad729d349d8261cfd92403ff30 Mon Sep 17 00:00:00 2001 From: Nick Evans <2616208+nickevansuk@users.noreply.github.com> Date: Fri, 22 Sep 2023 21:20:19 +0100 Subject: [PATCH 5/5] Removed as now global --- .github/workflows/dependabot-automerge.yml | 24 ---------------------- 1 file changed, 24 deletions(-) delete mode 100644 .github/workflows/dependabot-automerge.yml diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml deleted file mode 100644 index 8548c38..0000000 --- a/.github/workflows/dependabot-automerge.yml +++ /dev/null @@ -1,24 +0,0 @@ -name: Dependabot and CI auto-merge -on: pull_request - -permissions: - contents: write - pull-requests: write - -jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - name: Dependabot metadata - id: metadata - uses: dependabot/fetch-metadata@v1 - with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - - name: Enable auto-merge for Dependabot PRs - run: gh pr merge "$PR_URL" --auto --body "" --squash - env: - PR_URL: ${{github.event.pull_request.html_url}} - GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} - - name: Auto-approve Dependabot PRs - uses: hmarr/auto-approve-action@v3