ci: Add automatic dependency update
This needs 2 special variables defined: - GITLAB_API_TOKEN, which has write permissions to the gitlab API (create in your account settings for example) - SSH_BOT_KEY, which is a private ssh key, that can be used to push to the repository. After that you can schedule a pipeline on main to update dependencies every week or so.
This commit is contained in:
Nicolas Werner
parent
fab1e1b980
commit
29f7b04f24
|
|
@ -235,3 +235,35 @@ snap:publish:
|
|||
when: on_success
|
||||
expire_in: 1 week
|
||||
needs: []
|
||||
|
||||
update-dependencies:
|
||||
stage: coverage
|
||||
needs: []
|
||||
tags:
|
||||
- docker
|
||||
only:
|
||||
- schedules
|
||||
variables:
|
||||
HOST: ${CI_PROJECT_URL}
|
||||
UPDATE_BRANCH: ci-bot/dependency-updates
|
||||
PRIVATE_TOKEN: ${GITLAB_API_TOKEN}
|
||||
before_script:
|
||||
- eval $(ssh-agent -s)
|
||||
- echo "$SSH_PRIVATE_BOT_KEY" | tr -d '\r' | ssh-add - > /dev/null
|
||||
|
||||
- mkdir -p ~/.ssh
|
||||
- chmod 700 ~/.ssh
|
||||
|
||||
- ssh-keyscan "https://gitlab.com" >> ~/.ssh/known_hosts
|
||||
- chmod 644 ~/.ssh/known_hosts
|
||||
|
||||
- git config --global user.email "bot@fluffy.chat"
|
||||
- git config --global user.name "Dependency Update Bot"
|
||||
- sudo apt-get update && sudo apt-get install -y curl
|
||||
script:
|
||||
- flutter pub get
|
||||
- flutter pub pub run dapackages:dapackages.dart ./pubspec.yaml
|
||||
- flutter pub get
|
||||
- git remote set-url --push origin git@gitlab.com:$CI_PROJECT_PATH
|
||||
- 'git diff --exit-code || (git checkout -B ${UPDATE_BRANCH} && git add . && git commit -m "chore: Update dependencies" && git push -f origin ${UPDATE_BRANCH} && ./scripts/open-mr.sh)'
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,37 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# source: https://about.gitlab.com/blog/2017/09/05/how-to-automatically-create-a-new-mr-on-gitlab-with-gitlab-ci/
|
||||
|
||||
# Extract the host where the server is running, and add the URL to the APIs
|
||||
[[ $HOST =~ ^https?://[^/]+ ]] && HOST="${BASH_REMATCH[0]}/api/v4/projects/"
|
||||
|
||||
# Look which is the default branch
|
||||
TARGET_BRANCH=`curl --silent "${HOST}${CI_PROJECT_ID}" --header "PRIVATE-TOKEN:${PRIVATE_TOKEN}" | python3 -c "import sys, json; print(json.load(sys.stdin)['default_branch'])"`;
|
||||
|
||||
# The description of our new MR, we want to remove the branch after the MR has
|
||||
# been closed
|
||||
BODY="{
|
||||
\"id\": ${CI_PROJECT_ID},
|
||||
\"source_branch\": \"${UPDATE_BRANCH}\",
|
||||
\"target_branch\": \"${TARGET_BRANCH}\",
|
||||
\"remove_source_branch\": true,
|
||||
\"title\": \"chore: automated dependency update\"
|
||||
}";
|
||||
|
||||
# Require a list of all the merge request and take a look if there is already
|
||||
# one with the same source branch
|
||||
LISTMR=`curl --silent "${HOST}${CI_PROJECT_ID}/merge_requests?state=opened" --header "PRIVATE-TOKEN:${PRIVATE_TOKEN}"`;
|
||||
COUNTBRANCHES=`echo ${LISTMR} | grep -o "\"source_branch\":\"${UPDATE_BRANCH}\"" | wc -l`;
|
||||
|
||||
# No MR found, let's create a new one
|
||||
if [ ${COUNTBRANCHES} -eq "0" ]; then
|
||||
curl -X POST "${HOST}${CI_PROJECT_ID}/merge_requests" \
|
||||
--header "PRIVATE-TOKEN:${PRIVATE_TOKEN}" \
|
||||
--header "Content-Type: application/json" \
|
||||
--data "${BODY}";
|
||||
|
||||
echo "Opened a new dependency update MR."
|
||||
exit;
|
||||
fi
|
||||
|
||||
echo "No new merge request opened.";
|
||||
Loading…
Reference in New Issue