Initial commit

jhongturney · Nov 20, 2022 · 32be525 · 32be525
commit 32be525
Show file tree

Hide file tree

Showing 16 changed files with 720 additions and 0 deletions.
diff --git a/.github/dependabot.template.yml b/.github/dependabot.template.yml
@@ -0,0 +1,17 @@
+version: 2
+
+updates:
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: 'daily'
+
+  - package-ecosystem: 'docker'
+    directory: '/test/docker/*/Dockerfile*'
+    schedule:
+      interval: 'weekly'
+
+  - package-ecosystem: 'npm'
+    directory: '/test/npm/*/{package-lock.json,yarn.lock}'
+    schedule:
+      interval: 'daily'
diff --git a/.github/workflows/generate_dependabot.yml b/.github/workflows/generate_dependabot.yml
@@ -0,0 +1,19 @@
+name: Generate dependabot.yml
+
+on:
+  push:
+  repository_dispatch:
+  workflow_dispatch:
+
+jobs:
+  generate:
+    runs-on: ubuntu-latest
+    steps:
+
+      - uses: actions/checkout@v3
+
+      - name: Generate dependabot.yml
+        uses: ./
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v4
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+node_modules
diff --git a/Readme.md b/Readme.md
@@ -0,0 +1,100 @@
+# Generate Dependabot Glob Action
+
+This action creates a `dependabot.yml` file from a user-provided template by replacing instances of directory globs with an array of objects matching that glob, with all the other keys copied.
+
+For example, the following template:
+
+```yaml
+  - package-ecosystem: 'docker'
+    directory: '/test/docker/*/Dockerfile*'
+    schedule:
+      interval: 'daily'
+```
+
+Will result in:
+
+```yaml
+  - package-ecosystem: 'docker'
+    directory: '/test/docker/container_1/'
+    schedule:
+      interval: 'daily'
+  - package-ecosystem: 'docker'
+    directory: '/test/docker/container_2/'
+    schedule:
+      interval: 'daily'
+  - package-ecosystem: 'docker'
+    directory: '/test/docker/weird_dockerfile/'
+    schedule:
+      interval: 'daily'
+```
+
+Note that the basename of any matching directory is used as the value.
+
+This action uses the [glob](https://www.npmjs.com/package/glob) node module. Refer to its documentation for more information on the glob syntax.
+
+The default configuration for `glob` is as follows:
+
+```js
+const globOpts = {
+  root: process.cwd(),
+  mark: true,
+  matchBase: true,
+  nomount: true,
+  follow: core.getInput('follow-symbolic-links') === 'true' || true
+}
+```
+
+If these options are not sufficient, please open an issue and let me know.
+
+## Quickstart
+
+### Create a `.github/dependabot.template.yml` file
+
+  ```yaml
+version: 2
+
+updates:
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: 'daily'
+
+  - package-ecosystem: 'docker'
+    directory: '/test/docker/*/Dockerfile*'
+    schedule:
+      interval: 'weekly'
+
+  - package-ecosystem: 'npm'
+    directory: '/test/npm/*/{package-lock.json,yarn.lock}'
+    schedule:
+      interval: 'daily'
+
+  ```
+
+### Create a `.github/workflows/generate_dependabot.yml` file
+
+Note that this action does not create a PR or otherwise commit the generated file. You will need to do that yourself.
+
+```yaml
+name: Generate dependabot.yml
+
+on:
+  push:
+  repository_dispatch:
+  workflow_dispatch:
+
+jobs:
+  generate:
+    runs-on: ubuntu-latest
+    steps:
+      
+      - uses: actions/checkout@v3
+        
+      - name: Generate dependabot.yml
+        uses: Makeshift/generate-dependabot-glob-action@master
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v4
+```
+
+Done.
diff --git a/action.yml b/action.yml
@@ -0,0 +1,17 @@
+name: 'Generate Dependabot Glob'
+
+description:
+  'Creates a `dependabot.yml` file from a user-provided template by replacing instances of directory globs with an array of objects matching
+  that glob, with all the other keys copied.'
+inputs:
+  template-file:
+    description: 'Location of the file to use as template'
+    default: .github/dependabot.template.yml
+
+  follow-symbolic-links:
+    description: 'Indicates whether to follow symbolic links'
+    default: true
+
+runs:
+  using: 'node16'
+  main: 'src/index.js'
diff --git a/package.json b/package.json
@@ -0,0 +1,28 @@
+{
+  "name": "generate-dependabot-glob-action",
+  "version": "1.0.0",
+  "description": "This action creates a `dependabot.yml` file from a user-provided template by replacing instances of `directory: **/x` with an array of objects matching that glob, with the keys copied.",
+  "main": "index.js",
+  "directories": {
+    "test": "test"
+  },
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/Makeshift/generate-dependabot-action.git"
+  },
+  "author": "",
+  "license": "ISC",
+  "bugs": {
+    "url": "https://github.com/Makeshift/generate-dependabot-action/issues"
+  },
+  "homepage": "https://github.com/Makeshift/generate-dependabot-action#readme",
+  "dependencies": {
+    "@actions/core": "^1.10.0",
+    "@actions/github": "^5.1.1",
+    "glob": "^8.0.3",
+    "js-yaml": "^4.1.0"
+  }
+}
diff --git a/src/index.js b/src/index.js
@@ -0,0 +1,50 @@
+const core = require('@actions/core');
+const yaml = require('js-yaml');
+const fs = require('fs').promises;
+const util = require('util');
+const glob = util.promisify(require('glob'))
+const path = require('path')
+const github = require('@actions/github')
+
+const globOpts = {
+  root: process.cwd(),
+  mark: true,
+  matchBase: true,
+  nomount: true,
+  follow: core.getInput('follow-symbolic-links') === 'true' || true
+}
+
+const clone = obj => JSON.parse(JSON.stringify(obj))
+
+async function run() {
+  const templateFile = core.getInput('template-file') || '.github/dependabot.template.yml';
+  const template = yaml.load(await fs.readFile(templateFile, 'utf8'));
+
+  const newUpdates = []
+
+  for (let entry of template.updates) {
+    core.info(`Processing entry ${entry.directory} for ecosystem ${entry["package-ecosystem"]}`)
+    const baseUpdate = clone(entry)
+    const matchingFiles = await glob(entry.directory, globOpts)
+    core.info(`Found ${matchingFiles.length} files matching ${entry.directory}`)
+    const matchingDirs = new Set(matchingFiles.map(file => path.dirname(file)))
+    core.info(`Found ${matchingDirs.length} directories matching ${entry.directory}`)
+
+    for (let dir of matchingDirs) {
+      core.info(`Creating entry for ${dir} with ecosystem ${entry["package-ecosystem"]}`)
+      const newUpdate = clone(baseUpdate)
+      newUpdate.directory = dir
+      newUpdates.push(newUpdate)
+    }
+  }
+
+  core.info(`Here's the final config: ${JSON.stringify(newUpdates)}`)
+  template.updates = newUpdates
+  core.info("Writing config to .github/dependabot.yml")
+  await fs.writeFile('.github/dependabot.yml', yaml.dump(template))
+}
+
+run().catch(error => {
+  console.log(error)
+  core.setFailed(error.message)
+});
diff --git a/test/docker/container_1/Dockerfile b/test/docker/container_1/Dockerfile
@@ -0,0 +1 @@
+FROM alpine
diff --git a/test/docker/container_2/Dockerfile b/test/docker/container_2/Dockerfile
@@ -0,0 +1 @@
+FROM alpine
diff --git a/test/docker/no_dockerfile/intentionally_left_empty b/test/docker/no_dockerfile/intentionally_left_empty
@@ -0,0 +1 @@
+hi :)
diff --git a/test/docker/weird_dockerfile/Dockerfile.dev b/test/docker/weird_dockerfile/Dockerfile.dev
@@ -0,0 +1 @@
+FROM alpine