From 3d70e50a4c8e32d9c7a4eea56be51903f99a92a7 Mon Sep 17 00:00:00 2001 From: Goddhi <68410146+Goddhi@users.noreply.github.com> Date: Sun, 23 Feb 2025 11:56:05 +0100 Subject: [PATCH 1/7] FIX:implemented depenabot implemented depenabot for both npm and github-action packages --- .github/dependabot.yml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..8d56ee5 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,27 @@ +version: 2 +updates: + - package-ecosystem: "npm" + directories: + - "/" + schedule: + interval: "daily" + time: "09:00" + timezone: "Europe/Berlin" + versioning-strategy: increase + commit-message: + prefix: "deps" + prefix-development: "deps(dev)" + reviewers: + - "bajtos" + - "juliangruber" + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + time: "09:00" + timezone: "Europe/Berlin" + commit-message: + prefix: "ci" + reviewers: + - "bajtos" + - "juliangruber" From 0a6112a7afeeff7f8a625f3c8d6f56a8f537ea8a Mon Sep 17 00:00:00 2001 From: Goddhi <68410146+Goddhi@users.noreply.github.com> Date: Mon, 24 Feb 2025 10:56:23 +0100 Subject: [PATCH 2/7] Added pyropy and NikolasHaimerl as reviewers --- .github/dependabot.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 8d56ee5..e5066ea 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -14,6 +14,8 @@ updates: reviewers: - "bajtos" - "juliangruber" + - "pyropy" + - "NikolasHaimerl" - package-ecosystem: "github-actions" directory: "/" schedule: @@ -25,3 +27,5 @@ updates: reviewers: - "bajtos" - "juliangruber" + - "pyropy" + - "NikolasHaimerl" From 246c4eae1416a9705f62e39c1ac12c3e55da80eb Mon Sep 17 00:00:00 2001 From: Goddhi <68410146+Goddhi@users.noreply.github.com> Date: Wed, 26 Feb 2025 00:43:34 +0100 Subject: [PATCH 3/7] FEAT: added Depenabot auto-approve updates --- .github/workflows/dependabot-auto-approve.yml | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 .github/workflows/dependabot-auto-approve.yml diff --git a/.github/workflows/dependabot-auto-approve.yml b/.github/workflows/dependabot-auto-approve.yml new file mode 100644 index 0000000..98aed08 --- /dev/null +++ b/.github/workflows/dependabot-auto-approve.yml @@ -0,0 +1,21 @@ +name: Dependabot auto-approve updates +on: pull_request + +permissions: + pull-requests: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@v1 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + - name: Approve a PR + run: gh pr review --approve "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} From e4afa8b08c1d76468c5d6e58c968639b62b7862a Mon Sep 17 00:00:00 2001 From: Goddhi <68410146+Goddhi@users.noreply.github.com> Date: Wed, 26 Feb 2025 00:47:57 +0100 Subject: [PATCH 4/7] FEAT: added a Depenabot auto-merge --- .github/workflows/dependabot-auto-merge.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 .github/workflows/dependabot-auto-merge.yml diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml new file mode 100644 index 0000000..5c3692a --- /dev/null +++ b/.github/workflows/dependabot-auto-merge.yml @@ -0,0 +1,18 @@ +name: Dependabot auto-merge +on: pull_request + +permissions: + contents: write + pull-requests: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - name: Authenticate cli with a PAT + run: echo "${{ secrets.DEPENDABOT_TOKEN }}" | gh auth login --with-token + - name: Enable auto-merge for Dependabot PRs + run: gh pr merge --auto --squash "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} From e4472dc8284cbc464cdd705fc68062d615333fe4 Mon Sep 17 00:00:00 2001 From: Goddhi <68410146+Goddhi@users.noreply.github.com> Date: Wed, 26 Feb 2025 00:54:59 +0100 Subject: [PATCH 5/7] FEAT: automatically merge Dependabot pull requests --- .github/workflows/deploy.yaml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 .github/workflows/deploy.yaml diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml new file mode 100644 index 0000000..521d26a --- /dev/null +++ b/.github/workflows/deploy.yaml @@ -0,0 +1,33 @@ +name: Deploy +on: + push: + branches: + - main +jobs: + stable: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: superfly/flyctl-actions/setup-flyctl@master + - run: cd stable && flyctl deploy --remote-only + env: + FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN_STABLE }} + - if: failure() + uses: slackapi/slack-github-action@v1.25.0 + with: + channel-id: alerts + payload: | + { + "text": "Deployment of `${{ github.event.repository.name }}` failed", + "blocks": [ + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": ":warning: *<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Deployment of `${{ github.event.repository.name }}` failed>*" + } + } + ] + } + env: + SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} From 9e7cf157007a88ce8816b486184dadffae07ad1d Mon Sep 17 00:00:00 2001 From: Goddhi <68410146+Goddhi@users.noreply.github.com> Date: Wed, 26 Feb 2025 10:53:46 +0100 Subject: [PATCH 6/7] FIX: delete .github/workflows/deploy.yaml --- .github/workflows/deploy.yaml | 33 --------------------------------- 1 file changed, 33 deletions(-) delete mode 100644 .github/workflows/deploy.yaml diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml deleted file mode 100644 index 521d26a..0000000 --- a/.github/workflows/deploy.yaml +++ /dev/null @@ -1,33 +0,0 @@ -name: Deploy -on: - push: - branches: - - main -jobs: - stable: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - uses: superfly/flyctl-actions/setup-flyctl@master - - run: cd stable && flyctl deploy --remote-only - env: - FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN_STABLE }} - - if: failure() - uses: slackapi/slack-github-action@v1.25.0 - with: - channel-id: alerts - payload: | - { - "text": "Deployment of `${{ github.event.repository.name }}` failed", - "blocks": [ - { - "type": "section", - "text": { - "type": "mrkdwn", - "text": ":warning: *<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Deployment of `${{ github.event.repository.name }}` failed>*" - } - } - ] - } - env: - SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} From 9968d369f78da0b401c204186c676d72b0097578 Mon Sep 17 00:00:00 2001 From: Goddhi <68410146+Goddhi@users.noreply.github.com> Date: Fri, 28 Feb 2025 18:02:47 +0100 Subject: [PATCH 7/7] FIX: updated script to auto-approve minor updates --- .../dependabot-auto-approve-minor.yml | 37 +++++++++++++++++++ .github/workflows/dependabot-auto-approve.yml | 21 ----------- 2 files changed, 37 insertions(+), 21 deletions(-) create mode 100644 .github/workflows/dependabot-auto-approve-minor.yml delete mode 100644 .github/workflows/dependabot-auto-approve.yml diff --git a/.github/workflows/dependabot-auto-approve-minor.yml b/.github/workflows/dependabot-auto-approve-minor.yml new file mode 100644 index 0000000..f2d73a3 --- /dev/null +++ b/.github/workflows/dependabot-auto-approve-minor.yml @@ -0,0 +1,37 @@ +name: Dependabot auto-approve minor updates +on: pull_request + +permissions: + pull-requests: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + strategy: + matrix: + dependencyStartsWith: + - '@sentry/' + - mocha + - pg + - debug + - ethers + - typescript + - postgrator + - '@types/' + - standard + - cross-spawn + - '@filecoin-station/spark-impact-evaluator' + - '@fastify/' + steps: + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@v2 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + - name: Approve a PR + if: ${{startsWith(steps.metadata.outputs.dependency-names, matrix.dependencyStartsWith) && (steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor')}} + run: gh pr review --approve "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} diff --git a/.github/workflows/dependabot-auto-approve.yml b/.github/workflows/dependabot-auto-approve.yml deleted file mode 100644 index 98aed08..0000000 --- a/.github/workflows/dependabot-auto-approve.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: Dependabot auto-approve updates -on: pull_request - -permissions: - pull-requests: write - -jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - name: Dependabot metadata - id: metadata - uses: dependabot/fetch-metadata@v1 - with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - - name: Approve a PR - run: gh pr review --approve "$PR_URL" - env: - PR_URL: ${{github.event.pull_request.html_url}} - GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}