diff --git a/.github/workflows/dependabot-pr.yml b/.github/workflows/dependabot-pr.yml new file mode 100644 index 00000000000000..15b9ad4a49b283 --- /dev/null +++ b/.github/workflows/dependabot-pr.yml @@ -0,0 +1,48 @@ +name: Dependabot PR + +on: + pull_request: + branches: + - master + +jobs: + dependabot: + timeout-minutes: 10 + runs-on: ubuntu-latest + if: github.triggering_actor == 'dependabot[bot]' + steps: + - name: checkout + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.ref }} + token: ${{ secrets.PAT }} + + - name: update code + run: | + input="${{ github.event.pull_request.title }}" + + regex="[Bb]ump (.*) from (.*) to (.*)" + if [[ ! "$input" =~ $regex ]]; then + echo "unexpected pattern" + exit 1 + fi + + crate_name="${BASH_REMATCH[1]}" + old_version="${BASH_REMATCH[2]}" + new_version="${BASH_REMATCH[3]}" + echo "crate_name: $crate_name, old_version: $old_version, new_version: $new_version" + + ./scripts/cargo-for-all-lock-files.sh -- update -p $crate_name:$old_version --precise $new_version + ./scripts/cargo-for-all-lock-files.sh -- tree + + - name: push + run: | + if [ -z "$(git status --porcelain)" ]; then + echo "✅ Nothing to update" + else + git config user.email "49699333+dependabot[bot]@users.noreply.github.com" + git config user.name "dependabot[bot]" + git add **/Cargo.lock + git commit -am "update all Cargo files" + git push + fi diff --git a/ci/buildkite-pipeline-in-disk.sh b/ci/buildkite-pipeline-in-disk.sh index a25852a04ebe81..81b084ea75e82b 100755 --- a/ci/buildkite-pipeline-in-disk.sh +++ b/ci/buildkite-pipeline-in-disk.sh @@ -309,10 +309,6 @@ if [[ $BUILDKITE_BRANCH =~ ^pull ]]; then annotate --style info --context pr-backlink \ "Github Pull Request: https://github.com/anza-xyz/agave/$BUILDKITE_BRANCH" - if [[ $GITHUB_USER = "dependabot[bot]" ]]; then - command_step dependabot "ci/dependabot-pr.sh" 5 - wait_step - fi pull_or_push_steps exit 0 fi diff --git a/ci/buildkite-pipeline.sh b/ci/buildkite-pipeline.sh index de401381fd7137..7d19808ddb8f72 100755 --- a/ci/buildkite-pipeline.sh +++ b/ci/buildkite-pipeline.sh @@ -336,10 +336,6 @@ if [[ $BUILDKITE_BRANCH =~ ^pull ]]; then annotate --style info --context pr-backlink \ "Github Pull Request: https://github.com/anza-xyz/agave/$BUILDKITE_BRANCH" - if [[ $GITHUB_USER = "dependabot[bot]" ]]; then - command_step dependabot "ci/dependabot-pr.sh" 5 - wait_step - fi pull_or_push_steps exit 0 fi diff --git a/ci/buildkite-solana-private.sh b/ci/buildkite-solana-private.sh index 516ac0b3fb33c3..d514ac0ad25c65 100755 --- a/ci/buildkite-solana-private.sh +++ b/ci/buildkite-solana-private.sh @@ -289,10 +289,6 @@ if [[ $BUILDKITE_BRANCH =~ ^pull ]]; then annotate --style info --context pr-backlink \ "Github Pull Request: https://github.com/anza-xyz/agave/$BUILDKITE_BRANCH" - if [[ $GITHUB_USER = "dependabot[bot]" ]]; then - command_step dependabot "ci/dependabot-pr.sh" 5 - wait_step - fi pull_or_push_steps exit 0 fi diff --git a/ci/dependabot-pr.sh b/ci/dependabot-pr.sh deleted file mode 100755 index bb019001a0bcfa..00000000000000 --- a/ci/dependabot-pr.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/usr/bin/env bash - -set -ex - -cd "$(dirname "$0")/.." - -if ! echo "$BUILDKITE_BRANCH" | grep -E '^pull/[0-9]+/head$'; then - echo "not pull request!?" >&2 - exit 1 -fi - -source ci/rust-version.sh stable - -ci/docker-run-default-image.sh ci/dependabot-updater.sh - -if [[ $(git status --short :**/Cargo.lock | wc -l) -eq 0 ]]; then - echo --- ok - exit 0 -fi - -echo --- "(FAILING) Backpropagating dependabot-triggered Cargo.lock updates" - -name="dependabot-buildkite" -api_base="https://api.github.com/repos/anza-xyz/agave/pulls" -pr_num=$(echo "$BUILDKITE_BRANCH" | grep -Eo '[0-9]+') -branch=$(curl -s "$api_base/$pr_num" | python3 -c 'import json,sys;print(json.load(sys.stdin)["head"]["ref"])') - -git add :**/Cargo.lock -EMAIL="dependabot-buildkite@noreply.solana.com" \ - GIT_AUTHOR_NAME="$name" \ - GIT_COMMITTER_NAME="$name" \ - git commit -m "[auto-commit] Update all Cargo lock files" -git push origin "HEAD:$branch" - -echo "Source branch is updated; failing this build for the next" -exit 1 diff --git a/ci/dependabot-updater.sh b/ci/dependabot-updater.sh deleted file mode 100755 index 262c565d5b93c1..00000000000000 --- a/ci/dependabot-updater.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "$0")/.." -source ci/_ - -commit_range="$(git merge-base HEAD origin/master)..HEAD" -parsed_update_args="$( - git log "$commit_range" --author "dependabot\[bot\]" --oneline -n1 | - grep -o '[Bb]ump.*$' | - sed -r 's/[Bb]ump ([^ ]+) from ([^ ]+) to ([^ ]+)/-p \1:\2 --precise \3/' -)" -# relaxed_parsed_update_args is temporal measure... -relaxed_parsed_update_args="$( - git log "$commit_range" --author "dependabot\[bot\]" --oneline -n1 | - grep -o '[Bb]ump.*$' | - sed -r 's/[Bb]ump ([^ ]+) from [^ ]+ to ([^ ]+)/-p \1 --precise \2/' -)" -package=$(echo "$parsed_update_args" | awk '{print $2}' | grep -o "^[^:]*") -if [[ -n $parsed_update_args ]]; then - # find other Cargo.lock files and update them, excluding the default Cargo.lock - # shellcheck disable=SC2086 - for lock in $(git grep --files-with-matches '^name = "'$package'"$' :**/Cargo.lock); do - # it's possible our current versions are out of sync across lock files, - # in that case try to sync them up with $relaxed_parsed_update_args - _ scripts/cargo-for-all-lock-files.sh \ - "$lock" -- \ - update $parsed_update_args || - _ scripts/cargo-for-all-lock-files.sh \ - "$lock" -- \ - update $relaxed_parsed_update_args - done -fi - -echo --- ok