Update dependencies #725
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Update dependencies | |
on: | |
schedule: | |
# Run daily (Monday-Friday) at 12:15 UTC (08:15 EDT/07:15 EST) | |
- cron: "15 12 * * 1-5" | |
workflow_dispatch: | |
# This workflow needs to leverage a GitHub Personal Access Token (PAT) in order | |
# to open the pull request. While the GitHub Actions token _could_ create the | |
# pull request if the `permissions` block were edited to allow that, the created | |
# PR would not actually trigger any status checks, which would be mostly useless. | |
# Therefore a PAT is used. Theoretically, any of the mechanisms listed in the | |
# peter-evans/create-pull-request Action's README could be used (and we may | |
# eventually switch to using the app). | |
permissions: | |
contents: read | |
jobs: | |
npm: | |
name: NPM Dependencies | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
ref: main | |
- name: Setup node | |
uses: actions/setup-node@v4 | |
with: | |
# The specific version of node itself isn't especially important | |
# to us. | |
node-version: "lts/*" | |
cache: npm | |
- name: Install latest npm and and npm-check-updates | |
run: npm install -g npm@latest npm-check-updates@latest lerna@latest | |
- name: Install the required project tooling | |
run: | | |
npm ci | |
- name: Update project dependencies | |
run: |- | |
# Only allow minor/patch versions of react (and tightly-couple packages) and | |
# upgrade all others to the newest version available. | |
# Upgrade packages in the root | |
ncu --deep --upgrade --filter "react* @testing-library/react typescript" --target minor | |
ncu --deep --upgrade --reject "react* @testing-library/react typescript" | |
# Upgrade packaes everyhwere (same as we just did but with lerna) | |
lerna exec --parallel ncu -- --deep --upgrade --filter "'react* @testing-library/react typescript'" --target minor | |
lerna exec --parallel ncu -- --deep --upgrade --reject "'react* @testing-library/react typescript'" | |
- name: Install updated dependencies | |
run: |- | |
npm install | |
npm update | |
- name: Login as the automation app | |
# This Action generates a token from the GitHub App and provides it as | |
# an output. It _does_ register that token as a secret so that it will be | |
# filtered from log output automatically | |
id: generate-token | |
# This maps to v1.6.0 https://github.com/tibdex/github-app-token/releases/tag/v1.6.0 | |
uses: tibdex/github-app-token@0914d50df753bbc42180d982a6550f195390069f | |
with: | |
app_id: ${{ secrets.APP_ID }} | |
private_key: ${{ secrets.APP_PRIVATE_KEY }} | |
permissions: >- | |
{ | |
"contents": "write", | |
"pull_requests": "write" | |
} | |
- name: Create update pull request | |
uses: peter-evans/create-pull-request@v5 | |
with: | |
commit-message: "chore(deps): update NPM dependencies" | |
title: "chore(deps): update NPM dependencies" | |
body: >- | |
This was generated by the "${{ github.workflow }}" workflow, primarily | |
by running `npm-check-updates` and `npm install`. | |
branch: automation/update-npm-dependencies | |
delete-branch: true | |
base: main | |
committer: Easy Dynamics Automation <[email protected]> | |
author: Easy Dynamics Automation <[email protected]> | |
token: "${{ steps.generate-token.outputs.token }}" |