Skip to content
Permalink
a3d7673b30
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
View runs Go to file
 
 
Cannot retrieve contributors at this time
67 lines (59 sloc) 2.66 KB
name: Compile dependabot updates
on:
pull_request:
permissions:
pull-requests: write
contents: write
jobs:
fetch-dependabot-metadata:
runs-on: ubuntu-latest
# We only want to check the metadata on pull_request events from Dependabot itself,
# any subsequent pushes to the PR should just skip this step so we don't go into
# a loop on commits created by the `build-dependabot-changes` job
if: ${{ github.actor == 'dependabot[bot]' }}
# Map the step output to a job output for subsequent jobs
outputs:
dependency-type: ${{ steps.dependabot-metadata.outputs.dependency-type }}
package-ecosystem: ${{ steps.dependabot-metadata.outputs.package-ecosystem }}
steps:
- name: Fetch dependabot metadata
id: dependabot-metadata
uses: dependabot/fetch-metadata@v1.3.0
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
build-dependabot-changes:
runs-on: ubuntu-latest
needs: [fetch-dependabot-metadata]
# We only need to build the dist/ folder if the PR relates to Docker or a production npm dependency, otherwise we don't expect changes.
if: needs.fetch-dependabot-metadata.outputs.package-ecosystem == 'docker' || ( needs.fetch-dependabot-metadata.outputs.package-ecosystem == 'npm_and_yarn' && needs.fetch-dependabot-metadata.outputs.dependency-type == 'direct:production' )
steps:
# Check out using a PAT so any pushed changes will trigger checkruns
- uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.ref }}
token: ${{ secrets.DEPENDABOT_AUTOBUILD }}
- name: Read .nvmrc
id: nvm
run: echo ::set-output name=NVMRC::$(cat .nvmrc)
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: ${{ steps.nvm.outputs.NVMRC }}
- name: Install npm dependencies
run: npm clean-install
# If we're reacting to a Docker PR, we have on extra step to refresh and check in the container manifest,
# this **must** happen before rebuilding dist/ so it uses the new version of the manifest
- name: Rebuild docker/containers.json
if: needs.fetch-dependabot-metadata.output.package-ecosystem == 'docker'
run: |
npm run update-container-manifest
git add docker/containers.json
- name: Rebuild the dist/ directory
run: npm run package
- name: Check in any change to dist/
run: |
git add dist/
git config user.name github-actions
git config user.email github-actions@github.com
git commit -m "[dependabot skip] Update dist/ with build changes" || exit 0
git push