Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automatically run cargo update in a workflow #330

Merged
merged 4 commits into from
May 2, 2022
Merged

Automatically run cargo update in a workflow #330

merged 4 commits into from
May 2, 2022

Conversation

kylewillmon
Copy link
Contributor

@kylewillmon kylewillmon commented Apr 29, 2022
edited
Loading

This runs a basic cargo update in a Github Action and creates a PR
with any changes. Combined with limiting Dependabot to major version
updates, this should resolve concerns about too many PRs and being too
strict in our Cargo.toml files.

Ref: Discussion on #325

@kylewillmon kylewillmon requested a review from a team April 29, 2022 20:50
@kylewillmon kylewillmon requested a review from a team as a code owner April 29, 2022 20:50
cd-work
cd-work previously approved these changes Apr 29, 2022
View reviewed changes
Copy link
Contributor

@cd-work cd-work left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Combined with disabling Dependabot for major version
updates

Just to clarify your typo: Dependabot is disabled for everything but major versions. So major versions will still automatically get separate PRs.

I much prefer this over the previous state of things, though one thing that surprises me is that dependabot doesn't have the option to do this on its own? I feel like it should be capable of creating one PR to just bump all the minor stuff without having to define a separate action for it?

@kylewillmon
Copy link
Contributor Author

Just to clarify your typo: Dependabot is disabled for everything but major versions. So major versions will still automatically get separate PRs.

You are correct... I wrote it backwards. I'll amend to correct it.

I much prefer this over the previous state of things, though one thing that surprises me is that dependabot doesn't have the option to do this on its own? I feel like it should be capable of creating one PR to just bump all the minor stuff without having to define a separate action for it?

The feature was requested a full three years ago in dependabot/dependabot-core#2174, but there hasn't been much progress from what I can tell.

@kylewillmon
Automatically run cargo update in a workflow
14679da 
This runs a basic `cargo update` in a Github Action and creates a PR
with any changes. Combined with limiting Dependabot to major version
updates, this should resolve concerns about too many PRs and being too
strict in our Cargo.toml files.

Ref: Discussion on #325
@kylewillmon kylewillmon requested a review from cd-work April 29, 2022 21:00
cd-work
cd-work previously approved these changes Apr 29, 2022
View reviewed changes
maxrake
maxrake requested changes Apr 29, 2022
View reviewed changes
Copy link
Contributor

@maxrake maxrake left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The workflow name will need to change.

.github/workflows/cargo-update.yml Outdated Show resolved Hide resolved
.github/workflows/cargo-update.yml Show resolved Hide resolved
.github/workflows/cargo-update.yml Outdated Show resolved Hide resolved
@kylewillmon kylewillmon requested a review from maxrake May 2, 2022 19:56
maxrake
maxrake approved these changes May 2, 2022
View reviewed changes
Copy link
Contributor

@maxrake maxrake left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The output behavior can be observed and tweaked later, if desired.

LGTM

@kylewillmon kylewillmon merged commit 5ae4ae4 into main May 2, 2022
@kylewillmon kylewillmon deleted the cargo-update branch May 2, 2022 22:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maxrake maxrake maxrake approved these changes

@cd-work cd-work cd-work left review comments

@DanielJoyce DanielJoyce Awaiting requested review from DanielJoyce

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kylewillmon @maxrake @cd-work