Skip to content

Commit

Permalink
chore: update dependabot and yarn-upgrade config (#19942)
Browse files Browse the repository at this point in the history
Closes cdklabs/cdk-ops#1942

The idea is to copy the configuration we already have for the default branch and target/checkout `v1-main` on June 1. 
It is a bit ugly but -- we are not likely to do this again to any other branch, and I can't think of a better way. I have tested the changes on my own forked repository and confirmed that we do indeed target/checkout a different branch under the new configuration.

Before this PR is merged, we should double-check and make sure that yarn-update has not diverged. Targeting `v2-main` as that will be the default branch when this PR gets merged (I assume the conflicts will be resolved when `v2-main` gets forward merged).

----

### All Submissions:

* [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md)

### Adding new Unconventional Dependencies:

* [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies)

### New Features

* [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)?
	* [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)?

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
  • Loading branch information
kaizencc authored Jun 1, 2022
1 parent 50fa150 commit cea1039
Show file tree
Hide file tree
Showing 2 changed files with 152 additions and 0 deletions.
18 changes: 18 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,24 @@ updates:
labels:
- "auto-approve"
open-pull-requests-limit: 5

# run same dependabot upgrades on v1-main
- package-ecosystem: "github-actions"
directory: "/"
target-branch: "v1-main"
schedule:
interval: "weekly"
labels:
- "auto-approve"
open-pull-requests-limit: 5
- package-ecosystem: "pip"
directory: "/packages/@aws-cdk/lambda-layer-awscli"
target-branch: "v1-main"
schedule:
interval: "weekly"
labels:
- "auto-approve"
open-pull-requests-limit: 5

# Non-TypeScript init template dependency updates
- package-ecosystem: "pip"
Expand Down
134 changes: 134 additions & 0 deletions .github/workflows/yarn-upgrade-v1main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,134 @@
name: Yarn Upgrade v1-main

on:
schedule:
# Every wednesday at 13:37 UTC
- cron: 37 13 * * 3
workflow_dispatch: {}

jobs:
upgrade:
name: Yarn Upgrade
permissions:
contents: read
runs-on: ubuntu-latest
steps:

- name: Check Out
uses: actions/checkout@v3
with:
ref: v1-main

- name: Set up Node
uses: actions/setup-node@v3
with:
node-version: 12

- name: Locate Yarn cache
id: yarn-cache
run: echo "::set-output name=dir::$(yarn cache dir)"

- name: Restore Yarn cache
uses: actions/cache@v3
with:
path: ${{ steps.yarn-cache.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |-
${{ runner.os }}-yarn-
- name: Yarn Install
run: yarn install --frozen-lockfile
- name: Install Tools
run: |-
npm -g install lerna npm-check-updates@^9.0.0
- name: Build CLI
run: cd packages/aws-cdk && ../../scripts/buildup
- name: Build Integ Runner
run: cd packages/@aws-cdk/integ-runner && ../../../scripts/buildup
- name: List Mono-Repo Packages
id: list-packages
# These need to be ignored from the `ncu` runs!
run: |-
echo -n "::set-output name=list::"
node -p "$(lerna ls --all --json 2>/dev/null).map(item => item.name).join(',')"
- name: Run "ncu -u"
# We special-case @types/node because we want to stay on the current major (minimum supported node release)
# We special-case @types/fs-extra because the current major (9.x) is broken with @types/node >= 10
# We special-case aws-sdk because of breaking changes with TS interface exports in recent minor versions - https://github.com/aws/aws-sdk-js/issues/3453
# We special-case typescript because it's not semantically versionned
# We special-case constructs because we want to stay in control of the minimum compatible version
# We special-case lerna because we have a patch on it that stops applying if Lerna upgrades. Remove this once https://github.com/lerna/lerna/pull/2874 releases.
# We special-case aws-sdk-mock because of breaking changes in type exports https://github.com/dwyl/aws-sdk-mock/pull/260. We are not respecting `@ts-ignore`
run: |-
# Upgrade dependencies at repository root
ncu --upgrade --filter=@types/node,@types/fs-extra --target=minor
ncu --upgrade --filter=typescript --target=patch
ncu --upgrade --reject=@types/node,@types/fs-extra,constructs,typescript,lerna --target=minor
# Upgrade all the packages
lerna exec --parallel ncu -- --upgrade --filter=@types/node,@types/fs-extra --target=minor
lerna exec --parallel ncu -- --upgrade --filter=typescript --target=patch
lerna exec --parallel ncu -- --upgrade --reject='@types/node,@types/fs-extra,constructs,typescript,aws-sdk,aws-sdk-mock,${{ steps.list-packages.outputs.list }}' --target=minor
# This will ensure the current lockfile is up-to-date with the dependency specifications (necessary for "yarn update" to run)
- name: Run "yarn install"
run: yarn install

- name: Run "yarn upgrade"
run: yarn upgrade

- name: Regenerate CLI attributions
run: cd packages/aws-cdk && yarn pkglint
- name: Regenerate Integ Runner attributions
run: cd packages/@aws-cdk/integ-runner && yarn pkglint

# Next, create and upload the changes as a patch file. This will later be downloaded to create a pull request
# Creating a pull request requires write permissions and it's best to keep write privileges isolated.
- name: Create Patch
run: |-
git add .
git diff --patch --staged > ${{ runner.temp }}/upgrade.patch
- name: Upload Patch
uses: actions/upload-artifact@v3
with:
name: upgrade.patch
path: ${{ runner.temp }}/upgrade.patch

pr:
name: Create Pull Request
needs: upgrade
permissions:
contents: write
pull-requests: write
runs-on: ubuntu-latest
steps:
- name: Check Out
uses: actions/checkout@v3
with:
ref: v1-main

- name: Download patch
uses: actions/download-artifact@v3
with:
name: upgrade.patch
path: ${{ runner.temp }}

- name: Apply patch
run: '[ -s ${{ runner.temp }}/upgrade.patch ] && git apply ${{ runner.temp
}}/upgrade.patch || echo "Empty patch. Skipping."'

- name: Make Pull Request
uses: peter-evans/create-pull-request@v4
with:
# Git commit details
branch: automation/yarn-upgrade
commit-message: |-
chore: npm-check-updates && yarn upgrade
Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
# Pull Request details
title: 'chore: npm-check-updates && yarn upgrade'
body: |-
Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
labels: contribution/core,dependencies,auto-approve
team-reviewers: aws-cdk-team
# Github prevents further Github actions to be run if the default Github token is used.
# Instead use a privileged token here, so further GH actions can be triggered on this PR.
token: ${{ secrets.PROJEN_GITHUB_TOKEN }}

0 comments on commit cea1039

Please sign in to comment.