From 93e9696d0c01b1f8c1d80aad3684d52bb14303b9 Mon Sep 17 00:00:00 2001 From: Jonathan Innis Date: Wed, 6 Dec 2023 10:12:09 -0800 Subject: [PATCH] ci: Auto-update composite actions automatically (#5248) --- .github/dependabot.yaml | 127 +++++++++++++++++++++++++++++++++++++- Makefile | 1 + hack/github/dependabot.sh | 15 +++++ 3 files changed, 142 insertions(+), 1 deletion(-) create mode 100755 hack/github/dependabot.sh diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml index deb229598c12..3c959ee00e42 100644 --- a/.github/dependabot.yaml +++ b/.github/dependabot.yaml @@ -44,4 +44,129 @@ updates: # xref: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups website-deps: patterns: - - "*" \ No newline at end of file + - "*" + # Everything under this line is currently auto-generated by hack/github/dependabot.sh + # This needs to be generated since composite actions are currently not supported for auto-updates + # through dependabot without explicitly setting their directory: https://github.com/dependabot/dependabot-core/issues/6704 + # If you need to make a change to this file, ensure that you make a change to hack/github/dependabot.sh first + # That script assumes that the number of elements above this line is static and bases the append operation on it + - package-ecosystem: github-actions + directory: .github/actions/authenticate-ghcr + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' + - package-ecosystem: github-actions + directory: .github/actions/commit-status/end + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' + - package-ecosystem: github-actions + directory: .github/actions/commit-status/start + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' + - package-ecosystem: github-actions + directory: .github/actions/download-artifact + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' + - package-ecosystem: github-actions + directory: .github/actions/e2e/cleanup + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' + - package-ecosystem: github-actions + directory: .github/actions/e2e/dump-logs + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' + - package-ecosystem: github-actions + directory: .github/actions/e2e/install-eksctl + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' + - package-ecosystem: github-actions + directory: .github/actions/e2e/install-helm + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' + - package-ecosystem: github-actions + directory: .github/actions/e2e/install-karpenter + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' + - package-ecosystem: github-actions + directory: .github/actions/e2e/install-prometheus + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' + - package-ecosystem: github-actions + directory: .github/actions/e2e/setup-cluster + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' + - package-ecosystem: github-actions + directory: .github/actions/e2e/slack/notify + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' + - package-ecosystem: github-actions + directory: .github/actions/e2e/slack/send-message + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' + - package-ecosystem: github-actions + directory: .github/actions/e2e/upgrade-crds + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' + - package-ecosystem: github-actions + directory: .github/actions/install-deps + schedule: + interval: weekly + groups: + action-deps: + patterns: + - '*' diff --git a/Makefile b/Makefile index b97e731b54fd..b69aaff99323 100644 --- a/Makefile +++ b/Makefile @@ -108,6 +108,7 @@ verify: tidy download ## Verify code. Includes dependencies, linting, formatting cp $(KARPENTER_CORE_DIR)/pkg/apis/crds/* pkg/apis/crds hack/validation/requirements.sh hack/validation/labels.sh + hack/github/dependabot.sh $(foreach dir,$(MOD_DIRS),cd $(dir) && golangci-lint run $(newline)) @git diff --quiet ||\ { echo "New file modification detected in the Git working tree. Please check in before commit."; git --no-pager diff --name-only | uniq | awk '{print " - " $$0}'; \ diff --git a/hack/github/dependabot.sh b/hack/github/dependabot.sh new file mode 100755 index 000000000000..df64904ddf12 --- /dev/null +++ b/hack/github/dependabot.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env bash +set -euo pipefail + +# This script ensures that we get all the directories that contain an "action.yaml" composite action +# and make sure that we have a dependabot entry for them. Currently, dependabot doesn't support wildcarding +# composite actions in a way that enables us to set a single entry for them. Instead, you need to grab all directories +# that contain actions that you want to auto-update and add an entry for each one in "dependabot.yaml" +# https://github.com/dependabot/dependabot-core/issues/6704 + +DIRS=($(find .github/actions -name "action.yaml" -type f -print0 | xargs -0 dirname | sort)) +i=3 # Set the index to the starting index after all of the manually configured dependabot entries +for DIR in "${DIRS[@]}"; do + i=$i dir=$DIR yq -i '.updates[env(i)] = {"package-ecosystem": "github-actions", "directory": env(dir), "schedule": {"interval": "weekly"}, "groups": {"action-deps": {"patterns": ["*"]}}}' .github/dependabot.yaml + i=$((i+1)) +done \ No newline at end of file