From 29f7b04f247a574b72deadda5c858b17d5121071 Mon Sep 17 00:00:00 2001 From: Nicolas Werner Date: Thu, 29 Oct 2020 18:29:44 +0100 Subject: [PATCH] ci: Add automatic dependency update This needs 2 special variables defined: - GITLAB_API_TOKEN, which has write permissions to the gitlab API (create in your account settings for example) - SSH_BOT_KEY, which is a private ssh key, that can be used to push to the repository. After that you can schedule a pipeline on main to update dependencies every week or so. --- .gitlab-ci.yml | 32 ++++++++++++++++++++++++++++++++ scripts/open-mr.sh | 37 +++++++++++++++++++++++++++++++++++++ 2 files changed, 69 insertions(+) create mode 100755 scripts/open-mr.sh diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 286f91dc..6440835b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -235,3 +235,35 @@ snap:publish: when: on_success expire_in: 1 week needs: [] + +update-dependencies: + stage: coverage + needs: [] + tags: + - docker + only: + - schedules + variables: + HOST: ${CI_PROJECT_URL} + UPDATE_BRANCH: ci-bot/dependency-updates + PRIVATE_TOKEN: ${GITLAB_API_TOKEN} + before_script: + - eval $(ssh-agent -s) + - echo "$SSH_PRIVATE_BOT_KEY" | tr -d '\r' | ssh-add - > /dev/null + + - mkdir -p ~/.ssh + - chmod 700 ~/.ssh + + - ssh-keyscan "https://gitlab.com" >> ~/.ssh/known_hosts + - chmod 644 ~/.ssh/known_hosts + + - git config --global user.email "bot@fluffy.chat" + - git config --global user.name "Dependency Update Bot" + - sudo apt-get update && sudo apt-get install -y curl + script: + - flutter pub get + - flutter pub pub run dapackages:dapackages.dart ./pubspec.yaml + - flutter pub get + - git remote set-url --push origin git@gitlab.com:$CI_PROJECT_PATH + - 'git diff --exit-code || (git checkout -B ${UPDATE_BRANCH} && git add . && git commit -m "chore: Update dependencies" && git push -f origin ${UPDATE_BRANCH} && ./scripts/open-mr.sh)' + diff --git a/scripts/open-mr.sh b/scripts/open-mr.sh new file mode 100755 index 00000000..d2d4b7d3 --- /dev/null +++ b/scripts/open-mr.sh @@ -0,0 +1,37 @@ +#!/usr/bin/env bash + +# source: https://about.gitlab.com/blog/2017/09/05/how-to-automatically-create-a-new-mr-on-gitlab-with-gitlab-ci/ + +# Extract the host where the server is running, and add the URL to the APIs +[[ $HOST =~ ^https?://[^/]+ ]] && HOST="${BASH_REMATCH[0]}/api/v4/projects/" + +# Look which is the default branch +TARGET_BRANCH=`curl --silent "${HOST}${CI_PROJECT_ID}" --header "PRIVATE-TOKEN:${PRIVATE_TOKEN}" | python3 -c "import sys, json; print(json.load(sys.stdin)['default_branch'])"`; + +# The description of our new MR, we want to remove the branch after the MR has +# been closed +BODY="{ + \"id\": ${CI_PROJECT_ID}, + \"source_branch\": \"${UPDATE_BRANCH}\", + \"target_branch\": \"${TARGET_BRANCH}\", + \"remove_source_branch\": true, + \"title\": \"chore: automated dependency update\" +}"; + +# Require a list of all the merge request and take a look if there is already +# one with the same source branch +LISTMR=`curl --silent "${HOST}${CI_PROJECT_ID}/merge_requests?state=opened" --header "PRIVATE-TOKEN:${PRIVATE_TOKEN}"`; +COUNTBRANCHES=`echo ${LISTMR} | grep -o "\"source_branch\":\"${UPDATE_BRANCH}\"" | wc -l`; + +# No MR found, let's create a new one +if [ ${COUNTBRANCHES} -eq "0" ]; then + curl -X POST "${HOST}${CI_PROJECT_ID}/merge_requests" \ + --header "PRIVATE-TOKEN:${PRIVATE_TOKEN}" \ + --header "Content-Type: application/json" \ + --data "${BODY}"; + + echo "Opened a new dependency update MR." + exit; +fi + +echo "No new merge request opened.";