-
Notifications
You must be signed in to change notification settings - Fork 83
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #131 from Shopify/configure-dependabot
Configure dependabot
- Loading branch information
Showing
2 changed files
with
113 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
version: 2 | ||
registries: | ||
ruby-shopify: | ||
type: rubygems-server | ||
url: https://pkgs.shopify.io/basic/gems/ruby | ||
username: ${{secrets.RUBYGEMS_SERVER_PKGS_SHOPIFY_IO_USERNAME}} | ||
password: ${{secrets.RUBYGEMS_SERVER_PKGS_SHOPIFY_IO_PASSWORD}} | ||
github-com: | ||
type: git | ||
url: https://github.com | ||
username: ${{secrets.DEPENDENCIES_GITHUB_USER}} | ||
password: ${{secrets.DEPENDENCIES_GITHUB_TOKEN}} | ||
updates: | ||
- package-ecosystem: bundler | ||
directory: "/" | ||
schedule: | ||
interval: weekly | ||
open-pull-requests-limit: 100 | ||
insecure-external-code-execution: allow | ||
registries: "*" |
93 changes: 93 additions & 0 deletions
93
.github/workflows/.github/workflows/dependabot_auto_merge.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,93 @@ | ||
name: Dependabot auto-merge | ||
on: pull_request_target | ||
|
||
jobs: | ||
dependabot: | ||
runs-on: shopify-ubuntu-latest | ||
if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }} | ||
steps: | ||
- name: Dependabot metadata | ||
id: metadata | ||
uses: dependabot/[email protected] | ||
with: | ||
github-token: "${{ secrets.GITHUB_TOKEN }}" | ||
|
||
- name: Waiting for CI to finish | ||
id: check_ci_failure | ||
continue-on-error: true | ||
if: ${{ steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.dependency-group == 'auto_merge' }} | ||
uses: actions/github-script@v6 | ||
with: | ||
script: | | ||
function sleep(ms) { | ||
return new Promise(resolve => setTimeout(resolve, ms)) | ||
} | ||
const query = `query ($org: String!, $repo: String!, $pullRequestNumber: Int!) { | ||
organization(login: $org) { | ||
repository(name: $repo) { | ||
pullRequest(number: $pullRequestNumber) { | ||
commits(last: 1) { | ||
nodes { | ||
commit { | ||
status { | ||
state | ||
} | ||
} | ||
} | ||
} | ||
} | ||
} | ||
} | ||
}`; | ||
const variables = { | ||
org: context.repo.owner, | ||
repo: context.repo.repo, | ||
pullRequestNumber: context.issue.number | ||
} | ||
// Try for 30 minutes | ||
let attempts = 30 | ||
let ci_state = false | ||
for (let i = 1; i <= attempts; i++) { | ||
console.log(`Sleeping for 60 seconds`) | ||
await sleep(60000) | ||
const result = await github.graphql(query, variables) | ||
const state = result["organization"]["repository"]["pullRequest"]["commits"]["nodes"][0]["commit"]["status"]["state"] | ||
console.log(`Status is ${state} after ${i} attempts`) | ||
if (state === "SUCCESS") { | ||
ci_state = true | ||
console.log("Proceeding with workflow as CI succeed") | ||
break | ||
} | ||
} | ||
core.setOutput("ci_state", ci_state) | ||
- name: Send Slack notification if auto-merge failed | ||
if: ${{ steps.check_ci_failure.outputs.ci_state == 'false' }} | ||
uses: ruby/[email protected] | ||
with: | ||
payload: | | ||
{ | ||
"attachments": [{ | ||
"text": "Auto-merge failed for pull request <${{ github.event.pull_request.html_url }}|#${{ github.event.pull_request.number }}> in repository ${{ github.repository }}", | ||
"color": "danger" | ||
} | ||
] | ||
} | ||
env: | ||
SLACK_WEBHOOK_URL: ${{ secrets.METRICS_SLACK_WEBHOOK_URL }} | ||
|
||
- name: Approve and merge | ||
if: ${{ steps.check_ci_failure.outputs.ci_state == 'true' && (steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.dependency-group == 'auto_merge') }} | ||
uses: actions/github-script@v6 | ||
with: | ||
script: | | ||
await github.rest.pulls.createReview({ | ||
pull_number: context.issue.number, | ||
owner: context.repo.owner, | ||
repo: context.repo.repo, | ||
event: 'APPROVE', | ||
}) | ||
await github.rest.pulls.merge({ | ||
owner: context.repo.owner, | ||
repo: context.repo.repo, | ||
issue_number: context.issue.number, | ||
}) |