From 40160e79927e489b1d54ce3bfa85635aeb65dba6 Mon Sep 17 00:00:00 2001 From: dependjinbot Date: Fri, 23 Dec 2022 14:14:13 +0000 Subject: [PATCH 1/2] Committing changes --- .github/workflows/auto_merge.yml | 68 ----------------- .github/workflows/auto_release.yml | 75 ++++++++++++------- .../dependabot_approve_and_label.yml | 53 +++++++------ 3 files changed, 78 insertions(+), 118 deletions(-) delete mode 100644 .github/workflows/auto_merge.yml diff --git a/.github/workflows/auto_merge.yml b/.github/workflows/auto_merge.yml deleted file mode 100644 index 9ef00ec..0000000 --- a/.github/workflows/auto_merge.yml +++ /dev/null @@ -1,68 +0,0 @@ -name: auto_merge -on: - check_run: - types: - # Check runs completing successfully can unblock the - # corresponding pull requests and make them mergeable. - - completed - pull_request: - types: - # A closed pull request makes the checks on the other - # pull request on the same base outdated. - - closed - # Adding the autosquash label to a pull request can - # trigger an update or a merge. - - labeled - - synchronize - pull_request_review: - types: - # Review approvals can unblock the pull request and - # make it mergeable. - - submitted - # Success statuses can unblock the corresponding - # pull requests and make them mergeable. - status: {} - workflow_run: - workflows: [approve_and_label] - types: - - completed - -permissions: - contents: write - pull-requests: write - issues: write - checks: read - -jobs: - - auto_merge: - name: Auto-squash the PR - runs-on: ubuntu-18.04 - steps: - # This may not be strictly required, but should keep unmerged, closed PRs cleaner - - name: Remove 'autosquash' label from closed PRs - id: remove_autosquash_label_from_closed_prs - uses: actions/github-script@v2 - with: - github-token: '${{ secrets.GITHUB_TOKEN }}' - script: | - const pulls = await github.search.issuesAndPullRequests({ - q: 'is:pr is:closed label:autosquash', - }); - core.info(`pulls: ${pulls.data.items}`) - const repoUrl = `https://api.github.com/repos/${context.payload.repository.owner.login}/${context.payload.repository.name}` - const prs_to_unlabel = pulls.data.items. - filter(function (x) { return x.repository_url == repoUrl; }). - map(p=>p.number); - for (const i of prs_to_unlabel) { - core.info(`Removing label 'autosquash' from issue #${i}`) - github.issues.removeLabel({ - owner: context.payload.repository.owner.login, - repo: context.payload.repository.name, - issue_number: i, - name: 'autosquash' - }); - } - - uses: endjin/autosquash@v2.4 - with: - github_token: '${{ secrets.GITHUB_TOKEN }}' \ No newline at end of file diff --git a/.github/workflows/auto_release.yml b/.github/workflows/auto_release.yml index 0add2f7..c31bdad 100644 --- a/.github/workflows/auto_release.yml +++ b/.github/workflows/auto_release.yml @@ -12,12 +12,12 @@ jobs: steps: - name: Lookup default branch name id: lookup_default_branch - uses: actions/github-script@v2 + uses: actions/github-script@v6 with: github-token: ${{ secrets.GITHUB_TOKEN }} result-encoding: string script: | - const repo = await github.repos.get({ + const repo = await github.rest.repos.get({ owner: context.payload.repository.owner.login, repo: context.payload.repository.name }); @@ -28,12 +28,12 @@ jobs: - name: Lookup HEAD commit on default branch id: lookup_default_branch_head - uses: actions/github-script@v2 + uses: actions/github-script@v6 with: github-token: ${{ secrets.GITHUB_TOKEN }} result-encoding: string script: | - const branch = await github.repos.getBranch({ + const branch = await github.rest.repos.getBranch({ owner: context.payload.repository.owner.login, repo: context.payload.repository.name, branch: '${{ steps.lookup_default_branch.outputs.result }}' @@ -50,11 +50,11 @@ jobs: steps: - name: Check for 'no_release' label on PR id: check_for_norelease_label - uses: actions/github-script@v2 + uses: actions/github-script@v6 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | - const labels = await github.issues.listLabelsOnIssue({ + const labels = await github.rest.issues.listLabelsOnIssue({ owner: context.payload.repository.owner.login, repo: context.payload.repository.name, issue_number: context.payload.number @@ -77,11 +77,11 @@ jobs: outputs: no_open_prs: ${{ steps.watch_dependabot_prs.outputs.is_complete }} pending_release_pr_list: ${{ steps.get_release_pending_pr_list.outputs.result }} - ready_to_release: ${{ steps.watch_dependabot_prs.outputs.is_complete == 'True' && steps.get_release_pending_pr_list.outputs.is_release_pending }} + ready_to_release: ${{ steps.set_ready_for_release.outputs.result }} steps: - name: Get Open PRs id: get_open_pr_list - uses: actions/github-script@v2 + uses: actions/github-script@v6 with: github-token: ${{ secrets.GITHUB_TOKEN }} # find all open PRs that are targetting the default branch (i.e. main/master) @@ -89,7 +89,7 @@ jobs: # Dependabot PRs and whether we should wait for them to be auto-merged before # allowing a release event. script: | - const pulls = await github.pulls.list({ + const pulls = await github.rest.pulls.list({ owner: context.payload.repository.owner.login, repo: context.payload.repository.name, state: 'open', @@ -103,34 +103,49 @@ jobs: - name: Get 'pending_release' PRs id: get_release_pending_pr_list - uses: actions/github-script@v2 + uses: actions/github-script@v6 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | - const pulls = await github.search.issuesAndPullRequests({ - q: 'is:pr is:merged label:pending_release', + const repoWithOwner = `${context.payload.repository.owner.login}/${context.payload.repository.name}`; + const pulls = await github.rest.search.issuesAndPullRequests({ + q: `is:pr repo:${repoWithOwner} is:merged`, }); - core.info(`pulls: ${pulls.data.items}`) - const repoUrl = `https://api.github.com/repos/${context.payload.repository.owner.login}/${context.payload.repository.name}` + allPrs = pulls.data.items.map(p=>`#${p.number} '${p.title}' in ${p.repository_url}`); + core.info(`allPrs: ${JSON.stringify(allPrs)}`); + + releasePendingPrDetails = pulls.data.items. + filter(function (x) { return x.labels.map(l=>l.name).includes('pending_release') }). + map(p=>`#${p.number} '${p.title}' in ${p.repository_url}`); + core.info(`releasePendingPrDetails: ${JSON.stringify(releasePendingPrDetails)}`); + const release_pending_prs = pulls.data.items. - filter(function (x) { return x.repository_url == repoUrl; }). + filter(function (x) { return x.labels.map(l=>l.name).includes('pending_release') }). map(p=>p.number); - core.info(`release_pending_prs: ${release_pending_prs}`) - core.setOutput('is_release_pending', (release_pending_prs.length > 0)) - return JSON.stringify(release_pending_prs) + core.info(`release_pending_prs: ${JSON.stringify(release_pending_prs)}`); + core.setOutput('is_release_pending', (release_pending_prs.length > 0)); + return JSON.stringify(release_pending_prs); result-encoding: string + - name: Display release_pending_pr_list run: | echo "release_pending_pr_list : ${{ steps.get_release_pending_pr_list.outputs.result }}" echo "is_release_pending : ${{ steps.get_release_pending_pr_list.outputs.is_release_pending }}" - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Read pr-autoflow configuration id: get_pr_autoflow_config uses: endjin/pr-autoflow/actions/read-configuration@v1 with: config_file: .github/config/pr-autoflow.json + - name: Check Human PR + id: is_human_pr + uses: actions/github-script@v6 + with: + script: | + return context.payload.pull_request.user.login != 'dependabot[bot]' && context.payload.pull_request.user.login != 'dependjinbot[bot]' + - name: Watch Dependabot PRs id: watch_dependabot_prs uses: endjin/pr-autoflow/actions/dependabot-pr-watcher@v1 @@ -140,11 +155,19 @@ jobs: max_semver_increment: minor verbose_mode: 'False' + - name: Set Ready for Release + id: set_ready_for_release + uses: actions/github-script@v6 + with: + script: | + return ( '${{ steps.is_human_pr.outputs.result }}' == 'True' || '${{ steps.watch_dependabot_prs.outputs.is_complete }}' == 'True') && '${{ steps.get_release_pending_pr_list.outputs.is_release_pending }}' == 'True' + - name: Display job outputs run: | echo "no_open_prs: ${{ steps.watch_dependabot_prs.outputs.is_complete }}" echo "pending_release_pr_list: ${{ steps.get_release_pending_pr_list.outputs.result }}" - echo "ready_to_release : ${{ steps.watch_dependabot_prs.outputs.is_complete == 'True' && steps.get_release_pending_pr_list.outputs.is_release_pending }}" + echo "is_human_pr: ${{ steps.is_human_pr.outputs.result }}" + echo "ready_to_release : ${{ steps.set_ready_for_release.outputs.result }}" tag_for_release: runs-on: ubuntu-latest @@ -154,9 +177,9 @@ jobs: steps: - uses: actions/setup-dotnet@v1 with: - dotnet-version: '3.1.x' + dotnet-version: '6.x' - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 with: # ensure we are creating the release tag on the default branch ref: ${{ needs.lookup_default_branch.outputs.branch_name }} @@ -164,7 +187,7 @@ jobs: - name: Install GitVersion run: | - dotnet tool install -g GitVersion.Tool --version 5.6.6 + dotnet tool install -g GitVersion.Tool --version 5.8.0 echo "/github/home/.dotnet/tools" >> $GITHUB_PATH - name: Run GitVersion id: run_gitversion @@ -180,7 +203,7 @@ jobs: private_key: ${{ secrets.ENDJIN_BOT_PRIVATE_KEY }} - name: Create SemVer tag - uses: actions/github-script@v2 + uses: actions/github-script@v6 with: github-token: ${{ steps.generate_token.outputs.token }} script: | @@ -194,7 +217,7 @@ jobs: - name: Remove 'release_pending' label from PRs id: remove_pending_release_labels - uses: actions/github-script@v2 + uses: actions/github-script@v6 with: github-token: '${{ steps.generate_token.outputs.token }}' script: | @@ -203,7 +226,7 @@ jobs: core.info(`pr_list: ${pr_list}`) for (const i of pr_list) { core.info(`Removing label 'pending_release' from issue #${i}`) - github.issues.removeLabel({ + github.rest.issues.removeLabel({ owner: context.payload.repository.owner.login, repo: context.payload.repository.name, issue_number: i, diff --git a/.github/workflows/dependabot_approve_and_label.yml b/.github/workflows/dependabot_approve_and_label.yml index 68d81f1..d41b3b5 100644 --- a/.github/workflows/dependabot_approve_and_label.yml +++ b/.github/workflows/dependabot_approve_and_label.yml @@ -4,7 +4,7 @@ on: types: [opened, reopened] permissions: - contents: read + contents: write issues: write pull-requests: write @@ -23,7 +23,7 @@ jobs: is_auto_release_candidate: ${{ steps.parse_dependabot_pr_autorelease.outputs.is_interesting_package }} semver_increment: ${{ steps.parse_dependabot_pr_automerge.outputs.semver_increment }} steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Read pr-autoflow configuration id: get_pr_autoflow_config uses: endjin/pr-autoflow/actions/read-configuration@v1 @@ -71,54 +71,59 @@ jobs: if: | needs.evaluate_dependabot_pr.outputs.is_auto_merge_candidate == 'True' && (needs.evaluate_dependabot_pr.outputs.semver_increment == 'minor' || needs.evaluate_dependabot_pr.outputs.semver_increment == 'patch') - uses: andrewmusgrave/automatic-pull-request-review@0.0.2 - with: - repo-token: '${{ secrets.GITHUB_TOKEN }}' - event: APPROVE - body: 'Thank you dependabot 🎊' + run: | + gh pr review "${{ github.event.pull_request.html_url }}" --approve -b "Thank you dependabot 🎊" + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: 'Update PR body' if: | needs.evaluate_dependabot_pr.outputs.is_auto_merge_candidate == 'True' && (needs.evaluate_dependabot_pr.outputs.semver_increment == 'minor' || needs.evaluate_dependabot_pr.outputs.semver_increment == 'patch') - uses: actions/github-script@v2 + uses: actions/github-script@v6 with: github-token: '${{ secrets.GITHUB_TOKEN }}' script: | - await github.pulls.update({ + await github.rest.pulls.update({ owner: context.payload.repository.owner.login, repo: context.payload.repository.name, pull_number: context.payload.pull_request.number, body: "Bumps '${{needs.evaluate_dependabot_pr.outputs.dependency_name}}' from ${{needs.evaluate_dependabot_pr.outputs.version_from}} to ${{needs.evaluate_dependabot_pr.outputs.version_to}}" }) - label: + + label_auto_merge: runs-on: ubuntu-latest needs: evaluate_dependabot_pr - name: Label + name: 'Automerge & Label' steps: - - name: 'Label auto-mergeable dependabot PRs with "autosquash"' + # Get a token for a different identity so any auto-merge that happens in the next step is + # able to trigger other workflows (i.e. our 'auto_release' workflow) + # NOTE: This requires the app details to be defined as 'Dependabot' secrets, rather than + # the usual 'Action' secrets as this workflow is triggered by Dependabot. + - name: Generate token + id: generate_token + uses: tibdex/github-app-token@v1 + with: + app_id: ${{ secrets.DEPENDJINBOT_APP_ID }} + private_key: ${{ secrets.DEPENDJINBOT_PRIVATE_KEY }} + # Run the auto-merge in the GitHub App context, so the event can trigger other workflows + - name: 'Set dependabot PR to auto-merge' if: | (github.actor == 'dependabot[bot]' || github.actor == 'dependjinbot[bot]' || github.actor == 'nektos/act') && needs.evaluate_dependabot_pr.outputs.is_auto_merge_candidate == 'True' && (needs.evaluate_dependabot_pr.outputs.semver_increment == 'minor' || needs.evaluate_dependabot_pr.outputs.semver_increment == 'patch') - uses: actions/github-script@v2 - with: - github-token: '${{ secrets.GITHUB_TOKEN }}' - script: | - await github.issues.addLabels({ - owner: context.payload.repository.owner.login, - repo: context.payload.repository.name, - issue_number: context.payload.pull_request.number, - labels: ['autosquash'] - }) + run: | + gh pr merge ${{ github.event.pull_request.number }} -R ${{ github.repository }} --auto --squash + env: + GITHUB_TOKEN: '${{ steps.generate_token.outputs.token }}' - name: 'Label non-dependabot PRs and auto-releasable dependabot PRs with "pending_release"' if: | (github.actor != 'dependabot[bot]' && github.actor != 'dependjinbot[bot]') || needs.evaluate_dependabot_pr.outputs.is_auto_release_candidate == 'True' - uses: actions/github-script@v2 + uses: actions/github-script@v6 with: github-token: '${{ secrets.GITHUB_TOKEN }}' script: | - await github.issues.addLabels({ + await github.rest.issues.addLabels({ owner: context.payload.repository.owner.login, repo: context.payload.repository.name, issue_number: context.payload.pull_request.number, From 14e6c2acda39add1388dcb367abceff5d63fe0f4 Mon Sep 17 00:00:00 2001 From: dependjinbot Date: Fri, 23 Dec 2022 17:01:45 +0000 Subject: [PATCH 2/2] Committing changes --- .github/workflows/auto_release.yml | 4 ++-- .github/workflows/dependabot_approve_and_label.yml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/auto_release.yml b/.github/workflows/auto_release.yml index c31bdad..c19abda 100644 --- a/.github/workflows/auto_release.yml +++ b/.github/workflows/auto_release.yml @@ -135,7 +135,7 @@ jobs: - uses: actions/checkout@v3 - name: Read pr-autoflow configuration id: get_pr_autoflow_config - uses: endjin/pr-autoflow/actions/read-configuration@v1 + uses: endjin/pr-autoflow/actions/read-configuration@v4 with: config_file: .github/config/pr-autoflow.json @@ -148,7 +148,7 @@ jobs: - name: Watch Dependabot PRs id: watch_dependabot_prs - uses: endjin/pr-autoflow/actions/dependabot-pr-watcher@v1 + uses: endjin/pr-autoflow/actions/dependabot-pr-watcher@v4 with: pr_titles: ${{ steps.get_open_pr_list.outputs.result }} package_wildcard_expressions: ${{ steps.get_pr_autoflow_config.outputs.AUTO_MERGE_PACKAGE_WILDCARD_EXPRESSIONS }} diff --git a/.github/workflows/dependabot_approve_and_label.yml b/.github/workflows/dependabot_approve_and_label.yml index d41b3b5..a6de80c 100644 --- a/.github/workflows/dependabot_approve_and_label.yml +++ b/.github/workflows/dependabot_approve_and_label.yml @@ -26,18 +26,18 @@ jobs: - uses: actions/checkout@v3 - name: Read pr-autoflow configuration id: get_pr_autoflow_config - uses: endjin/pr-autoflow/actions/read-configuration@v1 + uses: endjin/pr-autoflow/actions/read-configuration@v4 with: config_file: .github/config/pr-autoflow.json - name: Dependabot PR - AutoMerge Candidate id: parse_dependabot_pr_automerge - uses: endjin/pr-autoflow/actions/dependabot-pr-parser@v1 + uses: endjin/pr-autoflow/actions/dependabot-pr-parser@v4 with: pr_title: ${{ github.event.pull_request.title }} package_wildcard_expressions: ${{ steps.get_pr_autoflow_config.outputs.AUTO_MERGE_PACKAGE_WILDCARD_EXPRESSIONS }} - name: Dependabot PR - AutoRelease Candidate id: parse_dependabot_pr_autorelease - uses: endjin/pr-autoflow/actions/dependabot-pr-parser@v1 + uses: endjin/pr-autoflow/actions/dependabot-pr-parser@v4 with: pr_title: ${{ github.event.pull_request.title }} package_wildcard_expressions: ${{ steps.get_pr_autoflow_config.outputs.AUTO_RELEASE_PACKAGE_WILDCARD_EXPRESSIONS }}