upgrade-dependencies #37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: upgrade-dependencies | |
| on: | |
| schedule: | |
| - cron: 28 5 * * 0 | |
| workflow_dispatch: {} | |
| concurrency: ${{ github.workflow }}-${{ github.ref }} | |
| jobs: | |
| upgrade: | |
| name: Upgrade dependencies using yarn | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - name: Install | |
| run: yarn install | |
| - name: Run yarn outdated | |
| run: yarn outdated > outdated.txt | |
| continue-on-error: true | |
| # Took me way too much debugging to figure out: `yarn outdated` uses exit code 1 if outdated packages are present | |
| # See also: https://github.com/yarnpkg/yarn/issues/7573 | |
| - name: Save the output from yarn outdated in a variable to reference in the PR body | |
| id: yarn | |
| # See: https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings | |
| # See also https://github.com/github/docs/issues/21529 for more info on why this is not quite so simple | |
| run: | | |
| YARN_OUTDATED=$(cat outdated.txt) | |
| EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) | |
| echo "outdated<<$EOF" >> "$GITHUB_OUTPUT" | |
| echo "$YARN_OUTDATED" >> "$GITHUB_OUTPUT" | |
| echo "$EOF" >> "$GITHUB_OUTPUT" | |
| - name: Remove temporary file | |
| run: rm outdated.txt | |
| - name: Do the upgrade | |
| run: yarn upgrade | |
| - name: Create Pull Request | |
| uses: peter-evans/create-pull-request@d121e62763d8cc35b5fb1710e887d6e69a52d3a4 # v7.0.2 | |
| with: | |
| branch: auto/upgrade-dependencies | |
| base: main | |
| commit-message: "chore(deps): upgrade dependencies for this repo only" | |
| title: "chore(deps): upgrade dependencies for this repo only" | |
| body: | | |
| This PR upgrades dependencies used by this repo (`cdktf-repository-manager`) to their latest version based on the version range specified in the `package.json` file. | |
| For reference, here is the output from `yarn outdated` prior to running `yarn upgrade` which was used to produce this PR: | |
| ``` | |
| ${{ steps.yarn.outputs.outdated }} | |
| ``` | |
| Note that this auto-update process only stays within specified version ranges (typically minor or patch). If you want to upgrade to newer versions beyond those, you will need to manually check out this repository and run the command `yarn upgrade [package] --latest`. | |
| For future reference: the reason why we're not using Dependabot for this is because this repo has a tendency to run into rate limits, and Dependabot produces so many PRs and workflow runs that it'd be likely to hit those limits quickly. | |
| labels: automerge,auto-approve,dependencies | |
| token: ${{ secrets.GH_TOKEN_ACTIONS_UPDATER }} | |
| author: team-tf-cdk <[email protected]> | |
| committer: team-tf-cdk <[email protected]> | |
| signoff: true | |
| delete-branch: true |