Merge pull request #19 from saadmk11/support-commit-sha

Add Option to Use Commit SHA as a Version and FIx Latest Release Version Resolver
saadmk11 · Oct 17, 2022 · 0069675 · 0069675
2 parents c18e2a1 + 0c4b4e2
commit 0069675
Show file tree

Hide file tree

Showing 5 changed files with 266 additions and 95 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -52,4 +52,7 @@ repos:
   hooks:
   - id: mypy
     files: ^src/
-    additional_dependencies: [types-requests, types-PyYAML]
+    additional_dependencies:
+    - types-requests
+    - types-PyYAML
+    - types-setuptools
diff --git a/README.md b/README.md
@@ -6,7 +6,7 @@
 [![GitHub stars](https://img.shields.io/github/stars/saadmk11/github-actions-version-updater?color=success&style=flat-square)](https://github.com/saadmk11/github-actions-version-updater/stargazers)
 ![GitHub Workflow Status](https://img.shields.io/github/workflow/status/saadmk11/github-actions-version-updater/Changelog%20CI?label=Changelog%20CI&style=flat-square)
 
-**GitHub Actions Version Updater** is GitHub Action that is used to **Update All GitHub Actions** in a Repository
+**GitHub Actions Version Updater** is a GitHub Action that is used to **Update All GitHub Actions** in a Repository
 and create a **pull request** with the updates (if enabled).
 It is an automated dependency updater similar to GitHub's **Dependabot** but for GitHub Actions.
 
@@ -16,12 +16,20 @@ It is an automated dependency updater similar to GitHub's **Dependabot** but for
   in a repository and **checks for updates** for each of the action used in those workflows.
 
 * If an update is found and if that action is **not ignored** then the workflows are updated
-  with the **latest release** of the action being used.
+  with the **new version** of the action being used.
 
 * If at least one workflow file is updated then a new branch is created with the changes and pushed to GitHub. (If enabled)
 
 * Finally, a pull request is created with the newly created branch. (If enabled)
 
+### Supported Version Fetch Sources:
+
+- **`release-tag`** (default): Uses **specific version tag** from **the latest release** to update a GitHub Action. (e.g. `actions/[email protected]`)
+- **`release-commit-sha`**: Uses **the latest release** tag **commit SHA** to update a GitHub Action. (e.g. `actions/checkout@c18e2a1b1a95d0c5c63af210857e8718a479f56f`)
+- **`default-branch-sha`**: Uses **default branch** (e.g: `main`, `master`) **latest commit SHA** to update a GitHub Action. (e.g. `actions/checkout@c18e2a1b1a95d0c5c63af210857e8718a479f56f`)
+
+You can use `update_version_with` input option to select one of them. (e.g. `update_version_with: 'default-branch-sha'`)
+
 ### Usage:
 
 We recommend running this action on a [`schedule`](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#schedule)
@@ -54,25 +62,30 @@ jobs:
       - name: Run GitHub Actions Version Updater
         uses: saadmk11/[email protected]
         with:
-          # Optional, This will be used to configure git
+          # [Required] Access token with `workflow` scope.
+          token: ${{ secrets.WORKFLOW_SECRET }}
+          # [Optional] This will be used to configure git
           # defaults to `github-actions[bot]` if not provided
           committer_username: 'test'
           committer_email: '[email protected]'
-          # Optional, allows customizing the commit message and pull request title
-          # Both default to 'Update GitHub Action Versions'
+          # [Optional] Allows customizing the commit message
+          # defaults to 'Update GitHub Action Versions'
           commit_message: 'Commit Message'
+          # [Optional] Allows customizing the pull request title
+          # defaults to 'Update GitHub Action Versions'
           pull_request_title: 'Pull Request Title'
-          # Access token with `workflow` scope is required
-          token: ${{ secrets.WORKFLOW_SECRET }}
-          # Do not update these actions (Optional)
+          # [Optional] Do not update actions specified in this input
           # You need to add JSON array inside a string. e.g: '["actions/checkout@v2", "actions/cache@v2"]'
           # Or, add comma separated values. e.g: 'actions/checkout@v2, actions/cache@v2'
           ignore: 'actions/checkout@v2, actions/cache@v2'
-          # Optional, if set to 'true', the action will only check for updates and
+          # [Optional] If set to 'true', the action will only check for updates and
           # exit with a non-zero exit code if an update is found and update the build summary with the diff
           # otherwise it will create a pull request with the changes
-          # defaults to 'false'
-          skip_pull_request: 'true'
+          # options: 'false' (default), 'true'
+          skip_pull_request: 'false'
+          # [Optional] Use The Latest Release Tag/Commit SHA or Default Branch Commit SHA to update the actions
+          # options: "release-tag" (default), "release-commit-sha", "default-branch-sha"'
+          update_version_with: 'release-tag'
 ```
 
 ### Important Note:

diff --git a/action.yaml b/action.yaml
@@ -32,6 +32,10 @@ inputs:
     description: 'Skip Pull Request creation'
     required: false
     default: 'false'
+  update_version_with:
+    description: 'Use Latest Release Tag/Commit SHA or Default Branch Commit SHA to update. options: "release-tag" (default), "release-commit-sha", "default-branch-sha"'
+    required: false
+    default: 'release-tag'
 runs:
   using: 'docker'
   image: 'Dockerfile'
diff --git a/src/config.py b/src/config.py
@@ -4,6 +4,16 @@
 
 import github_action_utils as gha_utils  # type: ignore
 
+LATEST_RELEASE_TAG = "release-tag"
+LATEST_RELEASE_COMMIT_SHA = "release-commit-sha"
+DEFAULT_BRANCH_COMMIT_SHA = "default-branch-sha"
+
+UPDATE_VERSION_WITH_LIST = [
+    LATEST_RELEASE_TAG,
+    LATEST_RELEASE_COMMIT_SHA,
+    DEFAULT_BRANCH_COMMIT_SHA,
+]
+
 
 class ActionEnvironment(NamedTuple):
     repository: str
@@ -29,6 +39,7 @@ class Configuration(NamedTuple):
     pull_request_title: str = "Update GitHub Action Versions"
     commit_message: str = "Update GitHub Action Versions"
     ignore_actions: set[str] = set()
+    update_version_with: str = LATEST_RELEASE_TAG
 
     @property
     def git_commit_author(self) -> str:
@@ -58,6 +69,7 @@ def get_user_config(cls, env: Mapping[str, str | None]) -> dict[str, str | None]
             "pull_request_title": env.get("INPUT_PULL_REQUEST_TITLE"),
             "commit_message": env.get("INPUT_COMMIT_MESSAGE"),
             "ignore_actions": env.get("INPUT_IGNORE"),
+            "update_version_with": env.get("INPUT_UPDATE_VERSION_WITH"),
         }
         return user_config
 
@@ -89,13 +101,26 @@ def clean_ignore_actions(value: Any) -> set[str] | None:
                     f"expected JSON array of strings but got `{value}`"
                 )
                 raise SystemExit(1)
-        elif isinstance(value, str):
+        elif value and isinstance(value, str):
             return {s.strip() for s in value.split(",")}
         else:
             return None
 
     @staticmethod
-    def clean_skip_pull_request(value: Any) -> bool:
+    def clean_skip_pull_request(value: Any) -> bool | None:
         if value in [1, "1", True, "true", "True"]:
             return True
-        return False
+        return None
+
+    @staticmethod
+    def clean_update_version_with(value: Any) -> str | None:
+        if value and value not in UPDATE_VERSION_WITH_LIST:
+            gha_utils.error(
+                "Invalid input for `update_version_with` field, "
+                f"expected one of {UPDATE_VERSION_WITH_LIST} but got `{value}`"
+            )
+            raise SystemExit(1)
+        elif value:
+            return value
+        else:
+            return None