diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index dfac095..81865e4 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -1,5 +1,5 @@ name: 'ci' -on: pull_request +on: pull_request_target jobs: integration: @@ -13,7 +13,6 @@ jobs: run: docker login docker.pkg.github.com -u x -p ${{ secrets.GPR_TOKEN }} - name: GRP pull run: docker pull docker.pkg.github.com/dependabot/dependabot-updater:latest - - run: | - npm ci + - run: npm ci - name: Run integration test files - run: npm test "integration" + run: npm run test-integration diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index f87041f..e60df01 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -11,10 +11,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - - run: | - npm ci - - run: | - SKIP_INTEGRATION_TESTS=true npm run all + - run: npm ci + - run: npm run all test: # make sure the action works on a clean machine without building runs-on: ubuntu-latest steps: diff --git a/README.md b/README.md index 10598a4..6ac4db3 100644 --- a/README.md +++ b/README.md @@ -1,18 +1,17 @@ ## Setup -> First, you'll need to have a reasonably modern version of `node` handy. This won't work with versions older than 9, for instance. +### Prerequisites -Install the dependencies +**node**: v14 LTS and up +**docker**: current release + +### Project dependencies ```bash $ npm install ``` -Build the typescript and package it for distribution - -```bash -$ npm run package -``` +## Tests Run the tests :heavy_check_mark: @@ -27,37 +26,33 @@ $ npm test ... ``` -## Change action.yml +### Running integration tests -The action.yml contains defines the inputs and output for your action. - -Update the action.yml with your name, description, inputs and outputs for your action. +```bash +$ npm run test-integration +``` -See the [documentation](https://help.github.com/en/articles/metadata-syntax-for-github-actions) +The integration test will time out if you don't already have the docker image on +your local machine. -## Change the Code +You'll need to create a [GitHub PAT](https://github.com/settings/tokens/new) +(Personal Access Token) to access the updater image hosted on [GitHub +Packages](https://github.com/dependabot/dependabot-updater/pkgs/container/dependabot-updater%2Fdependabot-updater). -Most toolkit and CI/CD operations involve async operations so the action is run in an async function. +Create the PAT with `read:packages` permissions checked and export it: -```javascript -import * as core from '@actions/core'; -... +```bash +export GPR_TOKEN=_pat_with_read_packages_ +``` -async function run() { - try { - ... - } - catch (error) { - core.setFailed(error.message); - } -} +Pull the updater image: -run() +```bash +docker login docker.pkg.github.com -u x -p $GPR_TOKEN +docker pull docker.pkg.github.com/dependabot/dependabot-updater:latest ``` -See the [toolkit documentation](https://github.com/actions/toolkit/blob/master/README.md#packages) for the various packages. - -## Publish to a distribution branch +## Releasing a new version of the action Actions are run from GitHub repos so we will checkin the packed dist folder. @@ -70,24 +65,16 @@ $ git commit -a -m "prod dependencies" $ git push origin releases/v1 ``` -Note: We recommend using the `--license` option for ncc, which will create a license file for all of the production node modules used in your project. - Your action is now published! :rocket: See the [versioning documentation](https://github.com/actions/toolkit/blob/master/docs/action-versioning.md) -## Validate - -You can now validate the action by referencing `./` in a workflow in your repo (see [test.yml](.github/workflows/test.yml)) +After testing you can [create a v1 tag](https://github.com/actions/toolkit/blob/master/docs/action-versioning.md) to reference the stable and latest V1 action -```yaml -uses: ./ -with: - milliseconds: 1000 -``` +## Change action.yml -See the [actions tab](https://github.com/actions/typescript-action/actions) for runs of this action! :rocket: +The action.yml contains defines the inputs and output for your action. -## Usage: +Update the action.yml with your name, description, inputs and outputs for your action. -After testing you can [create a v1 tag](https://github.com/actions/toolkit/blob/master/docs/action-versioning.md) to reference the stable and latest V1 action +See the [documentation](https://help.github.com/en/articles/metadata-syntax-for-github-actions) diff --git a/action.yml b/action.yml index f4ee827..fc7e242 100644 --- a/action.yml +++ b/action.yml @@ -1,6 +1,6 @@ name: 'Updater Action' -description: 'Provide a description here' -author: 'Your name or organization here' +description: 'Runs dependabot-updater in Actions' +author: 'GitHub' runs: using: 'node12' main: 'dist/index.js' diff --git a/package.json b/package.json index 631a14a..5013546 100644 --- a/package.json +++ b/package.json @@ -8,7 +8,8 @@ "format": "prettier --write **/*.ts", "lint": "eslint --fix **/*.ts", "package": "rm -f ./output/output.json && ncc build --source-map --license licenses.txt", - "test": "jest --detectOpenHandles", + "test": "SKIP_INTEGRATION_TESTS=true jest --detectOpenHandles", + "test-integration": "jest --detectOpenHandles 'integration'", "prepare": "husky install", "all": "npm run format && npm run lint && npm run package && npm test" },